This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/Cgd5Jfm0z8iU211-uSATka8FEqw.roa File: Cgd5Jfm0z8iU211-uSATka8FEqw.roa (raw, json) Hash identifier: 6iFZepo1g13JI2QksLW8HVf91tLNVUbHxGnbKXKYWMo= Subject key identifier: 0A:07:79:25:F9:B4:CF:C8:94:DB:5D:7E:B9:20:13:91:AF:05:12:AC Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c Certificate serial: 019B791078F335CBD9C6B25E416A421E84D8 Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/Cgd5Jfm0z8iU211-uSATka8FEqw.roa Signing time: Thu 01 Jan 2026 10:18:01 +0000 ROA not before: Thu 01 Jan 2026 10:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15830 IP address blocks: 37.46.0.0/21 maxlen: 21 80.69.0.0/19 maxlen: 19 89.187.96.0/19 maxlen: 19 185.2.164.0/22 maxlen: 22 195.234.244.0/22 maxlen: 24 2001:1a08::/32 maxlen: 48 2001:1a0a::/32 maxlen: 32 2001:1a0b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.mft rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:78:f3:35:cb:d9:c6:b2:5e:41:6a:42:1e:84:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c Validity Not Before: Jan 1 10:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a077925f9b4cfc894db5d7eb9201391af0512ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:bc:31:65:e4:4f:8f:ad:e0:c7:3a:76:4d:01: d6:ab:69:ff:c2:a6:21:27:88:ad:14:db:95:c7:24: e1:bd:eb:8e:54:b9:8e:14:30:11:0f:34:d5:f6:f9: 1a:4d:79:ca:93:36:15:7a:82:e0:4f:6d:07:ab:76: 0e:67:5c:2b:18:3a:77:5d:20:23:8f:3c:9c:d7:58: d7:4c:e7:0a:d1:b7:09:f7:62:a7:ac:3d:52:03:08: 44:8d:f7:0c:94:20:30:f3:e3:10:f3:56:59:00:c6: ff:3b:40:2a:c6:59:9c:32:b9:39:1e:44:c3:84:15: 6b:a0:58:32:94:54:a3:2d:c0:70:5f:a3:f1:be:6f: 67:f4:0b:0c:15:53:fd:94:d4:8d:d9:fa:da:62:99: cf:04:82:7b:17:80:8e:d5:0c:a9:fb:c0:3a:40:ca: 2b:e3:b4:5c:e4:4b:fa:ab:3f:b2:c4:86:81:7b:51: 33:a6:26:17:0b:e4:90:71:8c:cc:96:95:e2:a6:3e: 4f:93:0d:63:ea:53:02:74:f2:06:32:e0:84:66:39: e7:b0:0d:65:bd:ea:35:ee:13:00:0c:a7:26:48:3c: ee:65:d5:e9:b1:4a:a1:06:6c:1c:37:50:6a:8b:0b: f6:39:34:d8:36:74:d3:34:a3:22:a3:8b:c5:0e:93: 74:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:07:79:25:F9:B4:CF:C8:94:DB:5D:7E:B9:20:13:91:AF:05:12:AC X509v3 Authority Key Identifier: keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/Cgd5Jfm0z8iU211-uSATka8FEqw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.46.0.0/21 80.69.0.0/19 89.187.96.0/19 185.2.164.0/22 195.234.244.0/22 IPv6: 2001:1a08::/32 2001:1a0a::/31 Signature Algorithm: sha256WithRSAEncryption 0c:2b:ae:0a:64:ad:a1:4b:06:31:fd:e4:bc:ce:1d:e7:5b:68: b5:db:6e:db:db:dd:20:cd:c4:54:81:c5:20:63:cd:fc:7a:f3: c1:17:db:d7:a5:21:e4:4f:68:c2:be:07:3c:a0:14:db:e8:71: 7c:b1:a8:2f:df:5a:60:6a:1e:c6:ea:c4:05:79:8a:0f:63:0c: fc:a9:9e:d1:60:38:25:52:3c:d8:e5:f9:61:fa:fe:65:a3:56: d4:f3:a9:bd:b3:7a:c2:0a:6c:f9:f0:11:e7:0d:3e:b0:ac:5b: 12:da:a3:23:9e:ee:70:b3:b2:45:b6:d1:b6:28:cc:5f:03:d7: ff:7b:b3:36:5c:74:80:d1:61:eb:48:22:40:5f:4b:28:6e:2a: d9:e5:50:40:4e:4f:df:3c:3d:e9:cd:e9:0c:13:59:22:88:bc: f0:88:a5:27:f1:de:e4:2f:ab:fe:c3:da:e0:66:aa:cf:ef:23: 25:7d:4f:ed:5b:00:1b:dd:ad:3d:02:1a:21:a9:7d:91:4b:ea: cb:37:c4:6a:d7:14:1b:77:6c:11:f8:ed:5c:18:03:11:c8:f6: 26:6a:ca:c4:4a:e6:66:53:dd:84:ff:f7:df:df:a4:4f:d0:43: ef:c0:95:ab:f8:51:96:07:d9:37:83:a1:1b:22:27:88:fa:bd: 96:89:98:f9 -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgISAZt5EHjzNcvZxrJeQWpCHoTYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzMzRhMzVhYmZhODJkNTQ5ZTQ5MDcwNGQ2OGJiZTY1ODAw NWQ2M2MwHhcNMjYwMTAxMTAxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTA3NzkyNWY5YjRjZmM4OTRkYjVkN2ViOTIwMTM5MWFmMDUxMmFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+7wxZeRPj63gxzp2TQHWq2n/wqYh J4itFNuVxyThveuOVLmOFDARDzTV9vkaTXnKkzYVeoLgT20Hq3YOZ1wrGDp3XSAj jzyc11jXTOcK0bcJ92KnrD1SAwhEjfcMlCAw8+MQ81ZZAMb/O0AqxlmcMrk5HkTD hBVroFgylFSjLcBwX6Pxvm9n9AsMFVP9lNSN2fraYpnPBIJ7F4CO1Qyp+8A6QMor 47Rc5Ev6qz+yxIaBe1EzpiYXC+SQcYzMlpXipj5Pkw1j6lMCdPIGMuCEZjnnsA1l veo17hMADKcmSDzuZdXpsUqhBmwcN1Bqiwv2OTTYNnTTNKMio4vFDpN0mQIDAQAB o4ICNzCCAjMwHQYDVR0OBBYEFAoHeSX5tM/IlNtdfrkgE5GvBRKsMB8GA1UdIwQY MBaAFMM0o1q/qC1UnkkHBNaLvmWABdY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMt MjczODg0YjUzYzZlLzEvQ2dkNUpmbTB6OGlVMjExLXVTQVRrYThGRXF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMtMjczODg0YjUzYzZl LzEvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJS4AAwQF UEUAAwQFWbtgAwQCuQKkAwQCw+r0MBQEAgACMA4DBQAgARoIAwUBIAEaCjANBgkq hkiG9w0BAQsFAAOCAQEADCuuCmStoUsGMf3kvM4d51totdtu29vdIM3EVIHFIGPN /HrzwRfb16Uh5E9owr4HPKAU2+hxfLGoL99aYGoexurEBXmKD2MM/Kme0WA4JVI8 2OX5Yfr+ZaNW1POpvbN6wgps+fAR5w0+sKxbEtqjI57ucLOyRbbRtijMXwPX/3uz Nlx0gNFh60giQF9LKG4q2eVQQE5P3zw96c3pDBNZIoi88IilJ/He5C+r/sPa4Gaq z+8jJX1P7VsAG92tPQIaIal9kUvqyzfEatcUG3dsEfjtXBgDEcj2JmrKxErmZlPd hP/339+kT9BD78CVq/hRlgfZN4OhGyIniPq9lomY+Q== -----END CERTIFICATE-----Generated at Sat Jan 3 04:59:30 2026 by rpki-client