This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/cFxRCCQN4YXEL_mFbkEo5k1pnIo.roa File: cFxRCCQN4YXEL_mFbkEo5k1pnIo.roa (raw, json) Hash identifier: 3gOkanUhjfYhiX9/Lx+CjQ0DSnaWLj1dJ1oGqbwVrl8= Subject key identifier: 70:5C:51:08:24:0D:E1:85:C4:2F:F9:85:6E:41:28:E6:4D:69:9C:8A Certificate issuer: /CN=cc78bfceb41bafefc02f7952e1aa2480e986f037 Certificate serial: 019B7E385BA42FAD595341E154BA5531806D Authority key identifier: CC:78:BF:CE:B4:1B:AF:EF:C0:2F:79:52:E1:AA:24:80:E9:86:F0:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/cFxRCCQN4YXEL_mFbkEo5k1pnIo.roa Signing time: Fri 02 Jan 2026 10:19:41 +0000 ROA not before: Fri 02 Jan 2026 10:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50332 IP address blocks: 109.233.136.0/21 maxlen: 21 2a0c:6100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/zHi_zrQbr-_AL3lS4aokgOmG8Dc.crl rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/zHi_zrQbr-_AL3lS4aokgOmG8Dc.mft rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:5b:a4:2f:ad:59:53:41:e1:54:ba:55:31:80:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc78bfceb41bafefc02f7952e1aa2480e986f037 Validity Not Before: Jan 2 10:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=705c5108240de185c42ff9856e4128e64d699c8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:07:1f:2c:f0:79:8a:44:7c:24:ce:67:e1:4f: 60:3b:1e:a0:bf:3f:4e:a6:cc:41:e0:79:98:db:08: 36:47:7a:7f:18:96:83:22:4e:6d:02:28:1f:f4:d2: 13:17:4c:39:a5:dc:32:ff:d1:cb:73:d0:4e:22:97: 21:bb:c8:8b:e8:db:e5:3a:4c:69:78:7c:c3:0d:3d: 21:f7:d1:a6:7f:9b:6c:9d:b2:2b:82:cc:4a:82:09: d1:bb:eb:fe:9a:56:d8:f8:57:fa:7f:22:4a:f7:79: 4d:ae:df:8b:b1:ae:a1:81:89:b8:ef:c4:01:9c:36: 5c:06:77:5c:a3:9f:f8:53:22:b5:da:53:1c:61:93: 58:71:01:15:b3:8a:bf:5c:b4:6f:e4:c2:cd:48:c5: 94:87:60:92:08:0e:8f:f7:28:c2:8f:b2:ee:f9:bc: 0f:cf:bc:30:4d:9a:5a:8c:29:87:cf:be:7e:83:e5: 97:91:89:aa:df:3a:f2:a4:3c:26:2b:d3:06:52:5a: c6:7d:67:d3:0a:d2:51:08:f7:2a:dd:d6:33:cc:7f: 14:80:ae:71:c8:ee:ef:12:b7:67:bc:a5:d7:ee:a9: f3:21:3f:0f:01:82:13:a3:f0:8f:67:6e:98:f8:e0: 86:b2:82:76:e4:f0:a1:76:2b:cf:46:77:b3:36:6e: ab:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:5C:51:08:24:0D:E1:85:C4:2F:F9:85:6E:41:28:E6:4D:69:9C:8A X509v3 Authority Key Identifier: keyid:CC:78:BF:CE:B4:1B:AF:EF:C0:2F:79:52:E1:AA:24:80:E9:86:F0:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHi_zrQbr-_AL3lS4aokgOmG8Dc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/cFxRCCQN4YXEL_mFbkEo5k1pnIo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/215f47-1ce0-4ee5-aa4a-1272d2ab43d8/1/zHi_zrQbr-_AL3lS4aokgOmG8Dc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.233.136.0/21 IPv6: 2a0c:6100::/29 Signature Algorithm: sha256WithRSAEncryption a3:2a:b4:f0:66:10:ee:56:76:2f:37:37:3e:f1:4a:91:d1:86: 69:a5:2c:98:96:33:9a:5d:d1:3a:98:32:ec:e2:be:54:cc:3b: a2:6d:67:f9:2f:07:c3:a1:1b:d8:33:b0:bd:26:40:f5:b4:9d: 7d:4e:2e:ab:8f:e1:bc:05:04:e9:ae:1f:1f:6d:af:64:cb:e8: 91:22:3d:8e:18:cd:88:44:85:b2:8a:9d:05:fb:0a:4c:13:04: f5:e8:6b:ed:e8:35:72:c3:b3:e6:c0:8d:a7:4e:35:96:a6:93: 15:04:89:21:a4:fd:a6:7c:b6:88:2f:86:18:08:2d:e8:7e:93: 37:18:11:26:0c:53:db:40:59:1a:0d:08:d4:4d:92:07:bf:9a: 04:76:81:96:4e:82:21:68:3c:c1:12:87:55:ea:57:1d:f0:03: 97:37:d0:1a:55:3e:3b:91:89:d2:55:42:e3:4f:9d:da:4e:4e: f7:a0:9d:6d:77:04:ad:77:28:70:4b:ad:a1:f6:f3:17:55:9b: 75:1a:db:68:9f:41:52:16:4b:a4:f2:98:85:37:65:64:4b:81: bb:da:ce:ee:0d:46:36:3d:0e:54:8a:77:54:96:03:57:7d:79: 62:3c:dd:f4:ad:fe:28:5c:d6:26:18:94:2d:5d:23:db:34:da: 30:17:76:3c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OFukL61ZU0HhVLpVMYBtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjNzhiZmNlYjQxYmFmZWZjMDJmNzk1MmUxYWEyNDgwZTk4 NmYwMzcwHhcNMjYwMTAyMTAxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDVjNTEwODI0MGRlMTg1YzQyZmY5ODU2ZTQxMjhlNjRkNjk5YzhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQcfLPB5ikR8JM5n4U9gOx6gvz9O psxB4HmY2wg2R3p/GJaDIk5tAigf9NITF0w5pdwy/9HLc9BOIpchu8iL6NvlOkxp eHzDDT0h99Gmf5tsnbIrgsxKggnRu+v+mlbY+Ff6fyJK93lNrt+Lsa6hgYm478QB nDZcBndco5/4UyK12lMcYZNYcQEVs4q/XLRv5MLNSMWUh2CSCA6P9yjCj7Lu+bwP z7wwTZpajCmHz75+g+WXkYmq3zrypDwmK9MGUlrGfWfTCtJRCPcq3dYzzH8UgK5x yO7vErdnvKXX7qnzIT8PAYITo/CPZ26Y+OCGsoJ25PChdivPRnezNm6rSQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHBcUQgkDeGFxC/5hW5BKOZNaZyKMB8GA1UdIwQY MBaAFMx4v860G6/vwC95UuGqJIDphvA3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekhpX3pyUWJyLV9BTDNsUzRhb2tnT21HOERjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMTVmNDctMWNlMC00ZWU1LWFhNGEt MTI3MmQyYWI0M2Q4LzEvY0Z4UkNDUU40WVhFTF9tRmJrRW81azFwbklvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMTVmNDctMWNlMC00ZWU1LWFhNGEtMTI3MmQyYWI0M2Q4 LzEvekhpX3pyUWJyLV9BTDNsUzRhb2tnT21HOERjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDbemIMA0E AgACMAcDBQMqDGEAMA0GCSqGSIb3DQEBCwUAA4IBAQCjKrTwZhDuVnYvNzc+8UqR 0YZppSyYljOaXdE6mDLs4r5UzDuibWf5LwfDoRvYM7C9JkD1tJ19Ti6rj+G8BQTp rh8fba9ky+iRIj2OGM2IRIWyip0F+wpMEwT16Gvt6DVyw7PmwI2nTjWWppMVBIkh pP2mfLaIL4YYCC3ofpM3GBEmDFPbQFkaDQjUTZIHv5oEdoGWToIhaDzBEodV6lcd 8AOXN9AaVT47kYnSVULjT53aTk73oJ1tdwStdyhwS62h9vMXVZt1Gtton0FSFkuk 8piFN2VkS4G72s7uDUY2PQ5UindUlgNXfXliPN30rf4oXNYmGJQtXSPbNNowF3Y8 -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:01 2026 by rpki-client