This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/cbzvxlYd2Sf5BPkKpVOxRrjDUx0.roa File: cbzvxlYd2Sf5BPkKpVOxRrjDUx0.roa (raw, json) Hash identifier: VqP2QOQPebJ1F3l2x635f2ND94zv4XuMIM8H7AehW9k= Subject key identifier: 71:BC:EF:C6:56:1D:D9:27:F9:04:F9:0A:A5:53:B1:46:B8:C3:53:1D Certificate issuer: /CN=58a86a6c71fb734c705b5e66e74ac1c56bb9605e Certificate serial: 019B7F800CB6C65CE0942E3784B5C1E58878 Authority key identifier: 58:A8:6A:6C:71:FB:73:4C:70:5B:5E:66:E7:4A:C1:C5:6B:B9:60:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WKhqbHH7c0xwW15m50rBxWu5YF4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/cbzvxlYd2Sf5BPkKpVOxRrjDUx0.roa Signing time: Fri 02 Jan 2026 16:17:36 +0000 ROA not before: Fri 02 Jan 2026 16:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57022 IP address blocks: 193.35.28.0/23 maxlen: 23 193.35.30.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/WKhqbHH7c0xwW15m50rBxWu5YF4.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/WKhqbHH7c0xwW15m50rBxWu5YF4.mft rsync://rpki.ripe.net/repository/DEFAULT/WKhqbHH7c0xwW15m50rBxWu5YF4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 15:35:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:80:0c:b6:c6:5c:e0:94:2e:37:84:b5:c1:e5:88:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58a86a6c71fb734c705b5e66e74ac1c56bb9605e Validity Not Before: Jan 2 16:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71bcefc6561dd927f904f90aa553b146b8c3531d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:50:83:b6:84:25:cc:b5:28:20:dd:da:d5:d4: ed:60:85:7a:e3:62:b0:d5:c4:22:35:ac:88:cb:34: 4f:05:d8:f5:60:06:a3:09:73:5a:06:33:4a:32:35: dd:0b:02:49:d5:17:26:c7:52:1c:19:de:0f:a5:93: 09:df:1a:37:27:96:23:ec:b2:32:a0:12:16:a9:31: 9c:de:f7:bf:ef:6e:a9:29:3a:4d:f7:ed:64:7d:60: cd:02:a6:7d:02:58:3e:4e:dc:d8:f4:63:b3:19:5d: 8c:7d:70:8c:e9:b0:42:27:a2:b5:6e:ab:72:0f:1f: fa:a0:6e:68:b8:18:ca:46:f4:1a:82:1d:f3:77:3c: 6b:cf:04:80:57:15:a4:a6:9b:6a:be:fe:20:20:ac: cf:0c:d9:18:4b:60:92:9f:55:6d:9c:9a:29:9b:4d: 3d:c2:a2:a5:b5:ae:91:ad:aa:5a:3b:cb:1e:d5:97: 7b:5c:0d:66:ce:cc:1d:32:33:09:7f:0a:20:3c:41: df:3f:dc:8b:87:e7:28:af:c9:f8:bb:86:10:f5:c1: 04:8f:41:50:e2:0b:d2:ab:2b:0f:8e:f6:45:dd:e7: d4:a2:84:ca:96:1a:cb:60:30:dd:d5:11:5a:7a:26: b3:3e:b7:be:b9:2f:27:e7:d4:5a:fc:a9:33:e5:3c: e5:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BC:EF:C6:56:1D:D9:27:F9:04:F9:0A:A5:53:B1:46:B8:C3:53:1D X509v3 Authority Key Identifier: keyid:58:A8:6A:6C:71:FB:73:4C:70:5B:5E:66:E7:4A:C1:C5:6B:B9:60:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKhqbHH7c0xwW15m50rBxWu5YF4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/cbzvxlYd2Sf5BPkKpVOxRrjDUx0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/9c4365-a98f-43fe-9950-a9b13c2800af/1/WKhqbHH7c0xwW15m50rBxWu5YF4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.35.28.0-193.35.30.255 Signature Algorithm: sha256WithRSAEncryption 3e:25:c3:01:04:5f:7a:f8:d4:ff:fc:b2:54:96:07:5e:5a:0c: d2:3e:73:76:d6:f4:0f:ae:88:b3:11:35:de:bb:1f:bc:0e:04: 73:bf:64:d9:c7:91:86:d3:a2:9f:77:94:63:ea:06:3d:b6:a4: ae:d9:d1:37:26:5c:76:fe:c4:76:f6:de:13:01:27:bc:48:22: e0:f9:b7:b1:76:63:3c:95:d9:ed:90:6e:26:ed:cb:4b:da:38: 93:13:bf:25:62:16:86:bd:48:e5:78:d9:98:16:ac:27:5b:95: 72:40:33:d9:05:7d:ea:a7:a5:b7:2e:44:8e:89:ba:84:6d:d3: 52:48:0b:ab:66:0d:05:44:65:4b:62:57:23:5b:50:9a:24:e3: d9:ff:fc:ee:db:81:91:4e:2b:69:21:be:ce:70:b6:5b:01:be: 2a:81:19:25:0b:6d:91:51:0b:e2:c5:80:f9:08:de:0d:b0:b0: 5b:e1:51:1e:52:65:70:71:31:e7:63:41:cd:59:3a:61:bd:f7: 15:d6:93:c6:2d:a3:12:9c:e4:be:08:ce:02:4d:36:76:1b:00: 7e:ac:ac:b5:c7:a7:eb:dc:e1:06:53:ba:99:80:b2:aa:59:09: bb:b1:33:44:c3:8a:c3:10:03:f6:0e:52:17:ef:e2:06:49:f6: 05:0b:f5:1c -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/gAy2xlzglC43hLXB5Yh4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4YTg2YTZjNzFmYjczNGM3MDViNWU2NmU3NGFjMWM1NmJi OTYwNWUwHhcNMjYwMTAyMTYxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWJjZWZjNjU2MWRkOTI3ZjkwNGY5MGFhNTUzYjE0NmI4YzM1MzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklCDtoQlzLUoIN3a1dTtYIV642Kw 1cQiNayIyzRPBdj1YAajCXNaBjNKMjXdCwJJ1Rcmx1IcGd4PpZMJ3xo3J5Yj7LIy oBIWqTGc3ve/726pKTpN9+1kfWDNAqZ9Alg+TtzY9GOzGV2MfXCM6bBCJ6K1bqty Dx/6oG5ouBjKRvQagh3zdzxrzwSAVxWkpptqvv4gIKzPDNkYS2CSn1VtnJopm009 wqKlta6RrapaO8se1Zd7XA1mzswdMjMJfwogPEHfP9yLh+cor8n4u4YQ9cEEj0FQ 4gvSqysPjvZF3efUooTKlhrLYDDd1RFaeiazPre+uS8n59Ra/Kkz5TzlrwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFHG878ZWHdkn+QT5CqVTsUa4w1MdMB8GA1UdIwQY MBaAFFioamxx+3NMcFteZudKwcVruWBeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0tocWJISDdjMHh3VzE1bTUwckJ4V3U1WUY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85YzQzNjUtYTk4Zi00M2ZlLTk5NTAt YTliMTNjMjgwMGFmLzEvY2J6dnhsWWQyU2Y1QlBrS3BWT3hScmpEVXgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS85YzQzNjUtYTk4Zi00M2ZlLTk5NTAtYTliMTNjMjgwMGFm LzEvV0tocWJISDdjMHh3VzE1bTUwckJ4V3U1WUY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALBIxwD BADBIx4wDQYJKoZIhvcNAQELBQADggEBAD4lwwEEX3r41P/8slSWB15aDNI+c3bW 9A+uiLMRNd67H7wOBHO/ZNnHkYbTop93lGPqBj22pK7Z0TcmXHb+xHb23hMBJ7xI IuD5t7F2YzyV2e2Qbibty0vaOJMTvyViFoa9SOV42ZgWrCdblXJAM9kFfeqnpbcu RI6JuoRt01JIC6tmDQVEZUtiVyNbUJok49n//O7bgZFOK2khvs5wtlsBviqBGSUL bZFRC+LFgPkI3g2wsFvhUR5SZXBxMedjQc1ZOmG99xXWk8YtoxKc5L4IzgJNNnYb AH6srLXHp+vc4QZTupmAsqpZCbuxM0TDisMQA/YOUhfv4gZJ9gUL9Rw= -----END CERTIFICATE-----Generated at Tue Feb 3 00:07:56 2026 by rpki-client