This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/CpaLGPqoC3ALuNpOvxJg0iLjAg4.roa File: CpaLGPqoC3ALuNpOvxJg0iLjAg4.roa (raw, json) Hash identifier: 8fNPqMK8OnJde+EJvnY4Udrp0bY1V8qpd3moDPkcAok= Subject key identifier: 0A:96:8B:18:FA:A8:0B:70:0B:B8:DA:4E:BF:12:60:D2:22:E3:02:0E Certificate issuer: /CN=c285a1474e38627e301a551be34efa4582a5cf39 Certificate serial: 019B7EA4D0918F447CE47D5FBD12498DB1C5 Authority key identifier: C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/CpaLGPqoC3ALuNpOvxJg0iLjAg4.roa Signing time: Fri 02 Jan 2026 12:18:09 +0000 ROA not before: Fri 02 Jan 2026 12:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201419 IP address blocks: 81.173.43.0/24 maxlen: 24 185.62.162.0/23 maxlen: 23 2a03:522::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.mft rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:d0:91:8f:44:7c:e4:7d:5f:bd:12:49:8d:b1:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c285a1474e38627e301a551be34efa4582a5cf39 Validity Not Before: Jan 2 12:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a968b18faa80b700bb8da4ebf1260d222e3020e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:6c:1f:90:93:35:33:93:62:a8:2a:6f:68:ed: 0a:53:f6:c7:4b:6b:9d:dd:49:84:34:e6:1d:80:72: af:c8:37:56:84:26:5e:c9:7b:b4:79:92:4e:23:7d: b1:7e:56:dd:01:1e:fb:bc:ae:81:cc:c0:88:2c:95: f9:d0:ad:83:11:f6:1e:e7:52:51:65:b8:3d:0e:94: 98:58:c8:74:40:73:1c:7d:5d:84:4a:1f:b5:3a:97: b5:b7:1f:8b:82:df:5a:6e:24:bf:87:6e:1d:48:ac: 1b:a2:77:14:4d:ba:74:6e:5d:fd:e9:32:19:bf:0b: 62:27:53:74:8c:a6:d9:7e:e2:41:cd:3d:c7:4e:e8: 8f:bc:7f:d6:3a:67:e4:ac:1e:e9:b7:a7:23:52:89: 1a:15:06:71:a5:4a:1b:82:60:57:73:40:74:ce:a9: 1c:6d:fc:cf:18:de:4a:18:c9:7c:4f:c9:20:13:71: f7:17:da:1f:c1:9f:d1:5b:25:a9:ea:4f:c0:e7:52: 45:49:a2:7a:1b:2c:2b:0d:96:25:45:d2:34:d5:14: fd:36:78:4d:c8:6c:bb:fe:bb:4c:09:b9:f1:a9:ff: b7:bc:18:51:07:5d:4d:d1:3a:a4:24:16:94:8c:13: 54:8f:f3:6d:73:f5:ba:8f:6b:e5:9b:92:d4:9d:37: c8:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:96:8B:18:FA:A8:0B:70:0B:B8:DA:4E:BF:12:60:D2:22:E3:02:0E X509v3 Authority Key Identifier: keyid:C2:85:A1:47:4E:38:62:7E:30:1A:55:1B:E3:4E:FA:45:82:A5:CF:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/woWhR044Yn4wGlUb4076RYKlzzk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/CpaLGPqoC3ALuNpOvxJg0iLjAg4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/b49f81-8536-4a67-899f-d5e63856d55d/1/woWhR044Yn4wGlUb4076RYKlzzk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.173.43.0/24 185.62.162.0/23 IPv6: 2a03:522::/32 Signature Algorithm: sha256WithRSAEncryption 2a:4d:e2:c3:9b:25:a5:09:8b:be:48:6f:af:3f:77:03:bb:f9: b8:fd:43:53:4d:c6:c7:ae:10:50:0c:1f:b4:0f:d5:81:b0:55: b0:16:a5:4c:90:e8:f3:87:1f:c2:96:bf:a6:48:ad:bd:7b:49: 63:60:d7:7d:9d:02:7b:82:8c:c7:f1:d4:36:9f:42:d4:11:9e: a6:eb:ea:85:18:e7:5a:16:e9:b0:75:16:3c:96:1f:3e:e7:35: b4:08:26:d6:c9:9f:56:73:26:8b:a4:ff:f5:23:b6:5b:e3:9f: 56:bd:ea:4a:40:b4:fd:c6:cf:9c:f7:74:a6:ee:43:e7:53:1d: 46:8f:14:7d:4e:06:33:45:24:17:13:73:5f:7f:58:b9:8b:f9: 25:2a:14:bf:18:ca:9a:fb:1f:45:a5:28:4f:cb:ca:43:5c:5e: 9a:30:bd:eb:da:e8:b7:59:0d:ec:3c:fe:79:10:08:bc:b0:3b: b9:a1:74:e9:36:fc:52:66:f5:54:3c:76:08:62:3b:22:15:fb: fc:1e:50:52:80:5c:52:2e:76:7b:d2:44:97:60:84:b9:7c:1a: 02:1a:85:b5:e6:d4:cf:47:2d:a4:0e:cb:03:1d:26:d4:38:c2: 76:8c:9c:4d:1e:88:42:ca:05:4c:d8:6d:ff:5c:70:dc:7c:62: 53:da:3b:e8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+pNCRj0R85H1fvRJJjbHFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMyODVhMTQ3NGUzODYyN2UzMDFhNTUxYmUzNGVmYTQ1ODJh NWNmMzkwHhcNMjYwMTAyMTIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTk2OGIxOGZhYTgwYjcwMGJiOGRhNGViZjEyNjBkMjIyZTMwMjBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmwfkJM1M5NiqCpvaO0KU/bHS2ud 3UmENOYdgHKvyDdWhCZeyXu0eZJOI32xflbdAR77vK6BzMCILJX50K2DEfYe51JR Zbg9DpSYWMh0QHMcfV2ESh+1Ope1tx+Lgt9abiS/h24dSKwboncUTbp0bl396TIZ vwtiJ1N0jKbZfuJBzT3HTuiPvH/WOmfkrB7pt6cjUokaFQZxpUobgmBXc0B0zqkc bfzPGN5KGMl8T8kgE3H3F9ofwZ/RWyWp6k/A51JFSaJ6GywrDZYlRdI01RT9NnhN yGy7/rtMCbnxqf+3vBhRB11N0TqkJBaUjBNUj/Ntc/W6j2vlm5LUnTfICQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFAqWixj6qAtwC7jaTr8SYNIi4wIOMB8GA1UdIwQY MBaAFMKFoUdOOGJ+MBpVG+NO+kWCpc85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYt ZDVlNjM4NTZkNTVkLzEvQ3BhTEdQcW9DM0FMdU5wT3Z4SmcwaUxqQWc0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9iNDlmODEtODUzNi00YTY3LTg5OWYtZDVlNjM4NTZkNTVk LzEvd29XaFIwNDRZbjR3R2xVYjQwNzZSWUtsenprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUa0rAwQB uT6iMA0EAgACMAcDBQAqAwUiMA0GCSqGSIb3DQEBCwUAA4IBAQAqTeLDmyWlCYu+ SG+vP3cDu/m4/UNTTcbHrhBQDB+0D9WBsFWwFqVMkOjzhx/Clr+mSK29e0ljYNd9 nQJ7gozH8dQ2n0LUEZ6m6+qFGOdaFumwdRY8lh8+5zW0CCbWyZ9WcyaLpP/1I7Zb 459WvepKQLT9xs+c93Sm7kPnUx1GjxR9TgYzRSQXE3Nff1i5i/klKhS/GMqa+x9F pShPy8pDXF6aML3r2ui3WQ3sPP55EAi8sDu5oXTpNvxSZvVUPHYIYjsiFfv8HlBS gFxSLnZ70kSXYIS5fBoCGoW15tTPRy2kDssDHSbUOMJ2jJxNHohCygVM2G3/XHDc fGJT2jvo -----END CERTIFICATE-----Generated at Mon Feb 9 21:00:03 2026 by rpki-client