This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/CMoH5Cyx1SfbFkp_AVi7WFSimSI.roa File: CMoH5Cyx1SfbFkp_AVi7WFSimSI.roa (raw, json) Hash identifier: UPKbCnfFUk0J12uscJpZ+uKcHazd2OTNHLlOMouWxhg= Subject key identifier: 08:CA:07:E4:2C:B1:D5:27:DB:16:4A:7F:01:58:BB:58:54:A2:99:22 Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf Certificate serial: 019B76EB7CBC641E4B0A27F850E58D766D14 Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/CMoH5Cyx1SfbFkp_AVi7WFSimSI.roa Signing time: Thu 01 Jan 2026 00:18:22 +0000 ROA not before: Thu 01 Jan 2026 00:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20875 IP address blocks: 5.133.128.0/19 maxlen: 24 37.8.128.0/20 maxlen: 24 37.19.24.0/21 maxlen: 24 46.35.128.0/19 maxlen: 24 62.113.0.0/19 maxlen: 24 85.94.128.0/19 maxlen: 24 92.240.32.0/19 maxlen: 24 95.156.128.0/18 maxlen: 24 159.20.16.0/21 maxlen: 24 185.17.44.0/22 maxlen: 24 185.24.160.0/22 maxlen: 24 185.38.144.0/22 maxlen: 24 212.39.96.0/19 maxlen: 24 212.125.144.0/20 maxlen: 24 2a02:28b8::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:7c:bc:64:1e:4b:0a:27:f8:50:e5:8d:76:6d:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf Validity Not Before: Jan 1 00:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08ca07e42cb1d527db164a7f0158bb5854a29922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:62:ad:20:c4:bc:3e:b7:04:05:99:7b:cd:8b: 8b:44:04:4e:86:ea:ca:d2:cd:f8:0e:e7:f8:d7:7e: c8:a9:16:96:60:7b:ed:8e:f6:f8:ac:0d:e2:50:1b: a0:3b:8b:1c:fd:9c:81:00:c7:2a:c0:50:92:93:77: d1:98:28:dd:d9:93:28:52:15:16:10:74:e7:80:0a: a3:0c:a5:57:b5:02:7f:b7:63:f5:d0:e3:1f:15:21: d2:72:aa:e1:df:08:5b:6d:74:83:90:b3:59:55:7c: cf:a7:cf:44:36:92:9e:30:ad:7e:26:c3:aa:10:4c: b9:3a:b7:b7:2d:46:7f:df:05:2b:54:55:99:5f:64: 09:35:a4:78:dc:bf:7b:72:97:e5:ac:82:d0:46:bf: 1c:57:b0:58:a1:34:f4:0b:df:90:ed:de:17:3e:8b: 08:bf:c1:3c:e4:2e:63:2f:c0:c5:fe:2d:46:57:df: 71:7a:4e:4b:ff:c5:b4:f7:ae:2c:df:45:b1:27:83: 18:5e:bf:41:25:52:d5:ed:1f:12:e6:85:56:0f:3f: 4d:a9:7e:dd:84:5e:cb:e9:ad:19:ab:ee:a4:67:6b: df:49:d4:48:be:1b:b9:68:8a:cd:08:bd:20:de:55: d1:19:6e:37:8f:50:96:1e:8b:7f:6f:15:af:c7:1d: 95:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:CA:07:E4:2C:B1:D5:27:DB:16:4A:7F:01:58:BB:58:54:A2:99:22 X509v3 Authority Key Identifier: keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/CMoH5Cyx1SfbFkp_AVi7WFSimSI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.128.0/19 37.8.128.0/20 37.19.24.0/21 46.35.128.0/19 62.113.0.0/19 85.94.128.0/19 92.240.32.0/19 95.156.128.0/18 159.20.16.0/21 185.17.44.0/22 185.24.160.0/22 185.38.144.0/22 212.39.96.0/19 212.125.144.0/20 IPv6: 2a02:28b8::/29 Signature Algorithm: sha256WithRSAEncryption 78:e0:50:51:09:ab:d0:c0:a1:bd:de:a1:e6:36:9a:94:59:19: 95:a2:78:c9:38:a3:4f:39:59:9f:d3:03:38:b5:4d:35:c0:ea: e9:05:b4:e0:64:67:58:2e:47:f9:93:fd:ca:f2:69:5d:12:9e: c8:f7:6b:e9:2d:f4:95:2d:c3:73:3c:9f:b4:f7:19:5f:a8:f4: 74:11:41:69:bf:41:31:a7:00:e4:4d:7c:86:b3:0a:d6:26:e7: a3:62:f6:29:e4:e1:f5:b3:3f:4d:b9:04:8a:e6:1b:d2:5e:52: bb:db:ec:1f:41:b2:48:ba:0c:90:7f:cb:6f:8f:9b:3d:ac:f7: ce:f8:ea:1b:99:20:79:fa:de:1c:33:ab:eb:35:20:c5:f3:4a: 90:46:bb:f4:c7:d1:fc:86:69:cd:55:44:5d:f5:66:17:91:1e: 42:57:4d:99:48:95:da:e2:08:c1:9c:9a:5e:cf:f2:f3:91:83: f0:67:9a:05:65:23:d2:13:42:62:9d:93:ca:13:e2:3b:23:7a: fc:8f:f1:dc:61:e2:9c:e2:81:74:4c:8c:b4:14:40:6e:e8:15: 71:4e:3d:4b:53:81:44:64:c0:39:51:e9:09:a8:e1:c2:e6:9c: 5a:51:73:81:4c:21:9a:50:ea:c4:76:17:52:59:41:9f:08:89: 2f:b2:27:38 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISAZt263y8ZB5LCif4UOWNdm0UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi NmRlYmYwHhcNMjYwMTAxMDAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGNhMDdlNDJjYjFkNTI3ZGIxNjRhN2YwMTU4YmI1ODU0YTI5OTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWKtIMS8PrcEBZl7zYuLRAROhurK 0s34Duf4137IqRaWYHvtjvb4rA3iUBugO4sc/ZyBAMcqwFCSk3fRmCjd2ZMoUhUW EHTngAqjDKVXtQJ/t2P10OMfFSHScqrh3whbbXSDkLNZVXzPp89ENpKeMK1+JsOq EEy5Ore3LUZ/3wUrVFWZX2QJNaR43L97cpflrILQRr8cV7BYoTT0C9+Q7d4XPosI v8E85C5jL8DF/i1GV99xek5L/8W0964s30WxJ4MYXr9BJVLV7R8S5oVWDz9NqX7d hF7L6a0Zq+6kZ2vfSdRIvhu5aIrNCL0g3lXRGW43j1CWHot/bxWvxx2VtQIDAQAB o4ICZjCCAmIwHQYDVR0OBBYEFAjKB+QssdUn2xZKfwFYu1hUopkiMB8GA1UdIwQY MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct NzUyODM1MGQ0YzEzLzEvQ01vSDVDeXgxU2ZiRmtwX0FWaTdXRlNpbVNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQFBYWAAwQE JQiAAwQDJRMYAwQFLiOAAwQFPnEAAwQFVV6AAwQFXPAgAwQGX5yAAwQDnxQQAwQC uREsAwQCuRigAwQCuSaQAwQF1CdgAwQE1H2QMA0EAgACMAcDBQMqAii4MA0GCSqG SIb3DQEBCwUAA4IBAQB44FBRCavQwKG93qHmNpqUWRmVonjJOKNPOVmf0wM4tU01 wOrpBbTgZGdYLkf5k/3K8mldEp7I92vpLfSVLcNzPJ+09xlfqPR0EUFpv0ExpwDk TXyGswrWJuejYvYp5OH1sz9NuQSK5hvSXlK72+wfQbJIugyQf8tvj5s9rPfO+Oob mSB5+t4cM6vrNSDF80qQRrv0x9H8hmnNVURd9WYXkR5CV02ZSJXa4gjBnJpez/Lz kYPwZ5oFZSPSE0JinZPKE+I7I3r8j/HcYeKc4oF0TIy0FEBu6BVxTj1LU4FEZMA5 UekJqOHC5pxaUXOBTCGaUOrEdhdSWUGfCIkvsic4 -----END CERTIFICATE-----Generated at Tue Feb 10 00:02:50 2026 by rpki-client