This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/cIShs-dj-a-jUHC5O2QcH4JFtqE.roa File: cIShs-dj-a-jUHC5O2QcH4JFtqE.roa (raw, json) Hash identifier: sqvBQpMmwNFJ+qbqQywFjzcQM3kVnXmjI7ID549RLQI= Subject key identifier: 70:84:A1:B3:E7:63:F9:AF:A3:50:70:B9:3B:64:1C:1F:82:45:B6:A1 Certificate issuer: /CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34 Certificate serial: 019B7D5D0F5223682FB9373A39609C548CCB Authority key identifier: CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/cIShs-dj-a-jUHC5O2QcH4JFtqE.roa Signing time: Fri 02 Jan 2026 06:20:09 +0000 ROA not before: Fri 02 Jan 2026 06:20:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23764 IP address blocks: 147.78.133.0/24 maxlen: 24 147.78.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.mft rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:0f:52:23:68:2f:b9:37:3a:39:60:9c:54:8c:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbb7c20b55a470dab892f4c91ea0010bd1c39f34 Validity Not Before: Jan 2 06:20:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7084a1b3e763f9afa35070b93b641c1f8245b6a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:8d:70:7f:bb:25:6c:9a:47:f9:41:9b:a2:61: 21:35:1e:d0:e4:d2:ef:b9:78:d4:ca:85:ba:c2:e1: 5d:93:98:d8:5d:22:e8:db:3f:56:fb:d2:ba:24:03: 35:fb:69:88:a1:1b:5d:b3:94:f9:f4:83:79:db:12: 98:f2:d4:96:f0:e8:b4:aa:ac:41:36:5f:67:ab:f2: af:dc:0c:22:23:4c:f6:74:0a:84:b4:34:07:81:ce: 89:bd:f6:d9:28:96:ae:9d:d9:0a:4b:dd:49:18:04: b3:b5:e3:e1:48:c7:cb:13:ed:e5:b2:9f:b7:61:22: b6:69:0e:33:ad:80:92:e0:5f:db:37:11:51:67:fa: 44:d1:91:17:8b:fe:12:71:65:82:70:55:06:7b:12: 21:b7:c5:af:de:74:e0:5e:d5:e3:f4:fb:5f:a2:42: fe:d8:82:20:3e:71:1b:08:37:1e:3c:fe:a4:4e:60: 6a:76:b1:b4:d0:7f:bb:55:0e:ee:20:49:dd:8d:ac: 29:b1:59:54:40:6e:e4:79:50:8a:a7:6d:f3:1b:1c: 96:c2:a1:54:eb:79:53:c2:24:45:bb:53:32:bb:b8: 70:05:d4:1f:1f:a7:07:30:e9:7e:45:b5:a9:68:e3: 7c:7e:b8:cf:7e:a6:e4:3d:0d:eb:09:81:e3:b8:28: c6:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:84:A1:B3:E7:63:F9:AF:A3:50:70:B9:3B:64:1C:1F:82:45:B6:A1 X509v3 Authority Key Identifier: keyid:CB:B7:C2:0B:55:A4:70:DA:B8:92:F4:C9:1E:A0:01:0B:D1:C3:9F:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7fCC1WkcNq4kvTJHqABC9HDnzQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/cIShs-dj-a-jUHC5O2QcH4JFtqE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f0c24-440a-4ff7-a0c8-256339736c2b/1/y7fCC1WkcNq4kvTJHqABC9HDnzQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.78.133.0/24 147.78.135.0/24 Signature Algorithm: sha256WithRSAEncryption a0:57:18:8b:95:23:56:4e:bb:e5:74:ef:20:fc:53:de:61:84: ca:8f:3c:5c:a5:7b:ab:18:52:08:1e:bd:b6:09:5b:e0:63:b0: 90:8e:13:b6:ab:6c:f6:0a:7b:3a:4d:3c:c4:2a:62:72:7f:3f: 68:43:4c:ae:37:71:89:e0:f7:d8:d4:de:8f:46:d8:67:87:25: c1:18:70:84:7e:33:64:01:24:67:06:fd:c9:0f:e7:ed:0f:32: d6:42:fa:43:bc:be:34:a3:48:44:3e:1a:04:a2:85:3b:4e:69: 12:7e:8b:ff:f4:7d:b2:34:c9:dc:c9:ed:94:f8:1c:3d:55:18: 4d:c6:db:a8:62:e0:e4:95:d7:67:8d:ac:ac:74:6c:00:e2:9f: 75:e4:a8:9f:99:d5:56:10:90:14:5a:45:12:20:6d:96:b0:de: d1:73:1a:31:93:b7:2e:14:8f:cb:20:9c:d0:c9:ea:bc:15:ff: fc:6c:bf:8a:c8:fa:60:6f:a1:df:fe:ff:e2:b6:23:81:9d:66: e4:30:0a:7e:b6:06:3e:e6:08:cd:86:f7:fb:8c:49:90:2b:5c: 77:7c:dc:e7:08:0d:36:d3:3c:81:41:58:06:32:6d:68:aa:c9: de:f8:ed:62:bf:4e:2a:99:0b:8c:9b:76:69:ca:4f:fb:6a:67: 8f:f8:0a:8f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XQ9SI2gvuTc6OWCcVIzLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiYjdjMjBiNTVhNDcwZGFiODkyZjRjOTFlYTAwMTBiZDFj MzlmMzQwHhcNMjYwMTAyMDYyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDg0YTFiM2U3NjNmOWFmYTM1MDcwYjkzYjY0MWMxZjgyNDViNmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo1wf7slbJpH+UGbomEhNR7Q5NLv uXjUyoW6wuFdk5jYXSLo2z9W+9K6JAM1+2mIoRtds5T59IN52xKY8tSW8Oi0qqxB Nl9nq/Kv3AwiI0z2dAqEtDQHgc6JvfbZKJaundkKS91JGASztePhSMfLE+3lsp+3 YSK2aQ4zrYCS4F/bNxFRZ/pE0ZEXi/4ScWWCcFUGexIht8Wv3nTgXtXj9PtfokL+ 2IIgPnEbCDcePP6kTmBqdrG00H+7VQ7uIEndjawpsVlUQG7keVCKp23zGxyWwqFU 63lTwiRFu1Myu7hwBdQfH6cHMOl+RbWpaON8frjPfqbkPQ3rCYHjuCjGIQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHCEobPnY/mvo1BwuTtkHB+CRbahMB8GA1UdIwQY MBaAFMu3wgtVpHDauJL0yR6gAQvRw580MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgt MjU2MzM5NzM2YzJiLzEvY0lTaHMtZGotYS1qVUhDNU8yUWNINEpGdHFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi83ZjBjMjQtNDQwYS00ZmY3LWEwYzgtMjU2MzM5NzM2YzJi LzEveTdmQ0MxV2tjTnE0a3ZUSkhxQUJDOUhEbnpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk06FAwQA k06HMA0GCSqGSIb3DQEBCwUAA4IBAQCgVxiLlSNWTrvldO8g/FPeYYTKjzxcpXur GFIIHr22CVvgY7CQjhO2q2z2Cns6TTzEKmJyfz9oQ0yuN3GJ4PfY1N6PRthnhyXB GHCEfjNkASRnBv3JD+ftDzLWQvpDvL40o0hEPhoEooU7TmkSfov/9H2yNMncye2U +Bw9VRhNxtuoYuDklddnjaysdGwA4p915KifmdVWEJAUWkUSIG2WsN7Rcxoxk7cu FI/LIJzQyeq8Ff/8bL+KyPpgb6Hf/v/itiOBnWbkMAp+tgY+5gjNhvf7jEmQK1x3 fNznCA020zyBQVgGMm1oqsne+O1iv04qmQuMm3Zpyk/7ameP+AqP -----END CERTIFICATE-----Generated at Sun Jan 18 04:08:32 2026 by rpki-client