This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/cvU7MkfetULx5kv_IarJahryhlg.roa File: cvU7MkfetULx5kv_IarJahryhlg.roa (raw, json) Hash identifier: p5quF2qOZPdmbe7Adsu9A/9ZytXzA8MG8H5I1geEROA= Subject key identifier: 72:F5:3B:32:47:DE:B5:42:F1:E6:4B:FF:21:AA:C9:6A:1A:F2:86:58 Certificate issuer: /CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4 Certificate serial: 019B76EADE14340042844ADDC36DAF5C6197 Authority key identifier: B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/cvU7MkfetULx5kv_IarJahryhlg.roa Signing time: Thu 01 Jan 2026 00:17:42 +0000 ROA not before: Thu 01 Jan 2026 00:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209030 IP address blocks: 82.202.186.0/24 maxlen: 24 82.202.187.0/24 maxlen: 24 82.202.188.0/24 maxlen: 24 82.202.189.0/24 maxlen: 24 82.202.190.0/24 maxlen: 24 82.202.191.0/24 maxlen: 24 2a13:c80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:de:14:34:00:42:84:4a:dd:c3:6d:af:5c:61:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5afa37bd0ddadeb7fea2b9be64b1108e20de9b4 Validity Not Before: Jan 1 00:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72f53b3247deb542f1e64bff21aac96a1af28658 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a1:6b:05:4e:cd:fa:a7:d3:07:74:35:0e:bf: 2a:0a:51:79:8e:c5:74:12:ed:7f:25:7a:00:94:7a: 5b:5f:54:4b:41:fb:74:fb:cc:99:65:41:38:5b:31: bc:a2:fb:4f:d3:c8:77:e2:cb:fd:3e:b1:95:66:6a: 2c:a1:62:04:fd:6e:35:cc:24:bc:1f:64:8a:0f:40: d0:5f:60:63:6e:42:97:df:2c:fe:6c:44:f3:02:6b: 11:57:d7:48:00:62:11:25:f6:ea:51:6d:65:cc:44: c2:1a:96:4b:0a:ed:ad:4c:9b:5c:27:fb:0c:a2:ae: f6:1c:8b:84:d7:7b:93:f0:58:52:ff:39:19:eb:f2: dd:2b:6b:ef:99:ea:71:a1:b2:b6:1c:47:7b:78:b5: 20:ea:a2:c4:8e:58:c2:e0:96:3f:f6:34:21:99:98: 2e:f3:4f:b5:2c:b3:a0:dc:42:13:6c:81:7a:b2:b7: 5c:ea:a6:b3:af:83:13:b4:cd:4e:be:14:42:d7:f3: 48:da:f5:09:38:94:b5:c9:98:e2:58:6f:06:d5:a5: 8f:85:1c:46:7a:95:65:64:cc:2d:8d:92:34:2e:27: f3:ef:45:e1:2f:d6:0b:b1:96:db:a9:05:e6:09:06: a7:71:4f:40:05:db:65:03:a3:af:bf:f4:d3:33:80: 66:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:F5:3B:32:47:DE:B5:42:F1:E6:4B:FF:21:AA:C9:6A:1A:F2:86:58 X509v3 Authority Key Identifier: keyid:B5:AF:A3:7B:D0:DD:AD:EB:7F:EA:2B:9B:E6:4B:11:08:E2:0D:E9:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta-je9Ddret_6iub5ksRCOIN6bQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/cvU7MkfetULx5kv_IarJahryhlg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8baa9c-0ef2-42fb-b3d6-5a95cc80cd1b/1/ta-je9Ddret_6iub5ksRCOIN6bQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.202.186.0-82.202.191.255 IPv6: 2a13:c80::/32 Signature Algorithm: sha256WithRSAEncryption 35:e8:4c:2a:10:44:a8:bd:04:91:af:fd:35:dc:df:fb:69:91: 58:61:0d:f9:1a:f3:0b:7b:5b:7b:36:49:2b:02:30:68:44:21: 81:ce:44:3d:ba:48:c7:eb:1d:e4:9b:59:67:56:c6:96:55:44: 07:79:3c:a9:f4:ac:c4:c5:7b:ae:7d:b6:62:c4:97:43:cd:c9: 4c:12:82:3a:c9:e3:d9:70:bc:d2:9f:62:11:98:66:29:84:a5: de:58:f1:04:cc:d2:99:d6:4e:d3:24:6b:8f:08:04:c5:08:5c: c9:0e:50:3c:df:6d:96:37:d7:14:09:d8:e5:cb:e0:21:14:9e: 97:eb:d5:24:e4:86:db:3d:8f:fc:1b:17:69:11:8b:b1:46:bb: 32:46:a2:8b:aa:bb:cc:53:21:3b:e9:b5:c4:27:e5:32:c3:4e: fb:24:a3:7d:4d:3d:1a:40:01:c6:dd:dc:98:00:e6:40:db:b5: 3d:c3:b5:8d:69:ae:48:d3:ad:85:f8:d8:dd:be:ad:03:1b:92: 52:75:dc:75:7d:eb:84:35:f6:55:5d:f8:03:e0:7f:ed:74:ba: 16:06:d8:d8:29:45:1a:6e:59:0b:f4:d2:9b:21:a8:ba:94:04: 72:55:bd:17:de:5a:eb:ae:95:c6:51:a9:15:dc:76:c5:b8:1c: 8c:77:9e:3b -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt26t4UNABChErdw22vXGGXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1YWZhMzdiZDBkZGFkZWI3ZmVhMmI5YmU2NGIxMTA4ZTIw ZGU5YjQwHhcNMjYwMTAxMDAxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmY1M2IzMjQ3ZGViNTQyZjFlNjRiZmYyMWFhYzk2YTFhZjI4NjU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqFrBU7N+qfTB3Q1Dr8qClF5jsV0 Eu1/JXoAlHpbX1RLQft0+8yZZUE4WzG8ovtP08h34sv9PrGVZmosoWIE/W41zCS8 H2SKD0DQX2BjbkKX3yz+bETzAmsRV9dIAGIRJfbqUW1lzETCGpZLCu2tTJtcJ/sM oq72HIuE13uT8FhS/zkZ6/LdK2vvmepxobK2HEd7eLUg6qLEjljC4JY/9jQhmZgu 80+1LLOg3EITbIF6srdc6qazr4MTtM1OvhRC1/NI2vUJOJS1yZjiWG8G1aWPhRxG epVlZMwtjZI0Lifz70XhL9YLsZbbqQXmCQancU9ABdtlA6Ovv/TTM4BmkQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFHL1OzJH3rVC8eZL/yGqyWoa8oZYMB8GA1UdIwQY MBaAFLWvo3vQ3a3rf+orm+ZLEQjiDem0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYt NWE5NWNjODBjZDFiLzEvY3ZVN01rZmV0VUx4NWt2X0lhckphaHJ5aGxnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC84YmFhOWMtMGVmMi00MmZiLWIzZDYtNWE5NWNjODBjZDFi LzEvdGEtamU5RGRyZXRfNml1YjVrc1JDT0lONmJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAFSyroD BAZSyoAwDQQCAAIwBwMFACoTDIAwDQYJKoZIhvcNAQELBQADggEBADXoTCoQRKi9 BJGv/TXc3/tpkVhhDfka8wt7W3s2SSsCMGhEIYHORD26SMfrHeSbWWdWxpZVRAd5 PKn0rMTFe659tmLEl0PNyUwSgjrJ49lwvNKfYhGYZimEpd5Y8QTM0pnWTtMka48I BMUIXMkOUDzfbZY31xQJ2OXL4CEUnpfr1STkhts9j/wbF2kRi7FGuzJGoouqu8xT ITvptcQn5TLDTvsko31NPRpAAcbd3JgA5kDbtT3DtY1prkjTrYX42N2+rQMbklJ1 3HV964Q19lVd+APgf+10uhYG2NgpRRpuWQv00pshqLqUBHJVvRfeWuuulcZRqRXc dsW4HIx3njs= -----END CERTIFICATE-----Generated at Tue Feb 10 04:32:00 2026 by rpki-client