This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/Citg7qmp5SFz0X_DakT70Agy58A.roa File: Citg7qmp5SFz0X_DakT70Agy58A.roa (raw, json) Hash identifier: suNo82Y9tPBibDI6nJIgvkFyxyp4RTbZM/6snuEOgFo= Subject key identifier: 0A:2B:60:EE:A9:A9:E5:21:73:D1:7F:C3:6A:44:FB:D0:08:32:E7:C0 Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161 Certificate serial: 019B78A288462121760AC7EA4EBCCC810573 Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/Citg7qmp5SFz0X_DakT70Agy58A.roa Signing time: Thu 01 Jan 2026 08:17:56 +0000 ROA not before: Thu 01 Jan 2026 08:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39855 IP address blocks: 185.21.104.0/24 maxlen: 24 185.21.105.0/24 maxlen: 24 185.21.106.0/24 maxlen: 24 185.21.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.mft rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 17:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:88:46:21:21:76:0a:c7:ea:4e:bc:cc:81:05:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161 Validity Not Before: Jan 1 08:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a2b60eea9a9e52173d17fc36a44fbd00832e7c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7b:95:4e:d7:08:11:81:73:ed:13:8a:12:2b: 59:33:9c:3c:b8:de:d5:0f:60:8f:fd:b9:df:a9:68: d7:e9:fe:01:fa:68:28:b2:6e:35:e6:9e:63:75:27: 53:24:b1:d2:53:d2:9b:a0:84:d8:f2:af:e9:54:05: a0:44:83:3d:e9:ea:7b:50:06:fd:32:35:45:35:cf: cd:b7:b6:8f:79:b1:50:89:dd:91:0e:4a:05:14:14: 8c:70:df:32:79:c0:6e:81:c3:ee:a7:27:42:6b:7d: 95:9a:77:22:a0:e0:0f:9d:a2:c3:77:9d:36:ab:d0: 19:7c:51:2d:1c:ae:34:fd:75:76:39:3e:97:96:36: 9f:93:cc:c0:7e:ac:e1:52:28:c0:fb:d9:dc:95:06: 28:6f:66:01:88:b9:e8:f9:ff:85:19:ef:fb:7e:b5: 29:18:b9:83:55:63:8c:29:e6:35:28:f6:8f:ff:d9: b3:73:b6:86:a4:1f:9b:61:ee:23:92:9a:5c:ed:c6: f0:2b:cc:99:52:a8:60:9e:cd:fa:3f:37:b7:a6:d6: 80:66:2d:7a:7d:e6:ad:4e:eb:34:52:7d:78:ed:4e: 20:ac:da:f9:62:3f:a1:4a:d6:03:5e:5c:ce:58:b1: 85:d6:13:87:da:0e:d5:96:3b:7b:0d:36:e3:54:b3: 92:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:2B:60:EE:A9:A9:E5:21:73:D1:7F:C3:6A:44:FB:D0:08:32:E7:C0 X509v3 Authority Key Identifier: keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/Citg7qmp5SFz0X_DakT70Agy58A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.21.104.0/22 Signature Algorithm: sha256WithRSAEncryption 1f:de:ac:11:03:84:28:5a:ac:c9:ab:35:e3:6e:a7:5b:23:8f: 60:02:a4:25:12:c7:40:c9:0a:66:3d:17:88:81:75:d4:20:5f: 10:47:fa:81:ae:6d:f9:d0:7a:4b:b4:61:8a:01:6b:14:58:fa: cc:e5:14:6c:7b:06:ae:05:c1:cf:01:47:ed:5f:84:6c:3c:cb: 6f:3f:54:07:e6:7c:73:c9:2d:da:31:44:1e:09:99:af:9b:5f: 35:04:98:a9:f6:08:9a:4b:4c:ad:f3:2e:f8:9a:26:43:a7:3f: e5:c5:61:ad:dd:e4:d7:15:87:7d:92:ba:25:a2:b4:62:9d:4b: 79:ca:d3:76:bc:22:db:4f:5b:3c:41:58:8c:a0:d6:0a:6a:0e: df:59:e8:87:8a:b2:5f:58:57:32:80:cb:fa:c2:82:ae:ca:b2: e0:07:9b:69:77:cd:ae:be:10:94:47:f8:89:5f:02:47:6f:00: 33:6e:c9:da:86:70:77:28:65:86:64:cc:cf:9b:b9:76:a5:5d: b4:25:52:83:0b:43:10:a2:ec:dc:1b:8f:45:ee:69:be:ea:f8: 74:a3:30:35:21:19:8b:8d:50:f5:4d:79:00:ce:45:85:9e:b2: de:b3:e0:8b:84:9b:ee:01:d4:75:73:e6:cf:ab:fa:5d:4b:04: c7:e5:a7:0b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4oohGISF2CsfqTrzMgQVzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ODU1NWY5YTUyNzI3ZjZiY2Y3MTVjYjQ3NTBhMmE0YTZj MzUxNjEwHhcNMjYwMTAxMDgxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTJiNjBlZWE5YTllNTIxNzNkMTdmYzM2YTQ0ZmJkMDA4MzJlN2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3uVTtcIEYFz7ROKEitZM5w8uN7V D2CP/bnfqWjX6f4B+mgosm415p5jdSdTJLHSU9KboITY8q/pVAWgRIM96ep7UAb9 MjVFNc/Nt7aPebFQid2RDkoFFBSMcN8yecBugcPupydCa32VmncioOAPnaLDd502 q9AZfFEtHK40/XV2OT6Xljafk8zAfqzhUijA+9nclQYob2YBiLno+f+FGe/7frUp GLmDVWOMKeY1KPaP/9mzc7aGpB+bYe4jkppc7cbwK8yZUqhgns36Pze3ptaAZi16 featTus0Un147U4grNr5Yj+hStYDXlzOWLGF1hOH2g7Vljt7DTbjVLOSaQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAorYO6pqeUhc9F/w2pE+9AIMufAMB8GA1UdIwQY MBaAFNSFVfmlJyf2vPcVy0dQoqSmw1FhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2Et MDJhYmY4NTcyZmNiLzEvQ2l0ZzdxbXA1U0Z6MFhfRGFrVDcwQWd5NThBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2EtMDJhYmY4NTcyZmNi LzEvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRVoMA0G CSqGSIb3DQEBCwUAA4IBAQAf3qwRA4QoWqzJqzXjbqdbI49gAqQlEsdAyQpmPReI gXXUIF8QR/qBrm350HpLtGGKAWsUWPrM5RRsewauBcHPAUftX4RsPMtvP1QH5nxz yS3aMUQeCZmvm181BJip9giaS0yt8y74miZDpz/lxWGt3eTXFYd9krolorRinUt5 ytN2vCLbT1s8QViMoNYKag7fWeiHirJfWFcygMv6woKuyrLgB5tpd82uvhCUR/iJ XwJHbwAzbsnahnB3KGWGZMzPm7l2pV20JVKDC0MQouzcG49F7mm+6vh0ozA1IRmL jVD1TXkAzkWFnrLes+CLhJvuAdR1c+bPq/pdSwTH5acL -----END CERTIFICATE-----Generated at Tue Jan 20 00:56:03 2026 by rpki-client