This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/CmtFVtO9hzZe40i8krBc2erjmj0.roa File: CmtFVtO9hzZe40i8krBc2erjmj0.roa (raw, json) Hash identifier: zXgMe4Op7B660E2hvvLX+Q3KPKDasJwTTDrEF1VufuM= Subject key identifier: 0A:6B:45:56:D3:BD:87:36:5E:E3:48:BC:92:B0:5C:D9:EA:E3:9A:3D Certificate issuer: /CN=14b71800dddc497f60f9edb7833c94973ab7dc1c Certificate serial: 019B7F15E0C8E99407466216D08BD99C2CE3 Authority key identifier: 14:B7:18:00:DD:DC:49:7F:60:F9:ED:B7:83:3C:94:97:3A:B7:DC:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/CmtFVtO9hzZe40i8krBc2erjmj0.roa Signing time: Fri 02 Jan 2026 14:21:38 +0000 ROA not before: Fri 02 Jan 2026 14:21:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15576 IP address blocks: 31.132.8.0/22 maxlen: 22 2a06:6400::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.mft rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:e0:c8:e9:94:07:46:62:16:d0:8b:d9:9c:2c:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14b71800dddc497f60f9edb7833c94973ab7dc1c Validity Not Before: Jan 2 14:21:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a6b4556d3bd87365ee348bc92b05cd9eae39a3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:a0:7c:39:fe:0c:fe:8b:ec:bd:65:1b:8c:80: 6d:5c:a6:8b:c6:1d:4d:7a:aa:05:23:79:cf:47:16: 1d:e8:b8:6c:b2:fd:96:b6:e7:8c:7b:7d:a6:30:46: 25:4e:88:ec:f9:8a:9c:71:15:da:ae:34:c2:f1:9b: 31:8e:f5:43:c3:6e:2f:d8:8d:f8:cb:64:9f:4d:09: e2:c3:ec:28:c7:c0:51:6f:d9:18:4e:32:61:38:0d: bc:73:56:7d:26:3c:b7:91:fa:6d:a4:9a:cc:e5:0c: f7:9b:28:ed:00:f8:27:3c:8f:37:79:91:15:43:9c: db:6a:3b:9a:fd:57:a2:05:1a:31:50:1d:88:5b:aa: 47:65:2d:c4:01:38:f4:a7:2d:a3:3a:35:fc:cf:11: c0:13:04:a3:46:4c:eb:25:82:b7:5a:ef:ad:ed:0f: 69:33:32:b9:59:e7:98:51:d4:fc:0c:2b:c1:e1:0e: 7c:fe:c9:7a:80:44:38:90:f8:b2:d3:0b:86:37:34: 46:5b:b0:5a:ca:ac:14:96:b0:66:ab:8e:4e:3b:12: 71:56:16:83:38:70:5a:41:e3:ce:71:50:3b:14:e7: 17:e8:a7:86:e3:65:c3:fa:89:7c:64:18:43:ba:cd: 73:34:24:bd:19:20:05:a6:d2:91:29:1f:0e:da:62: 7a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:6B:45:56:D3:BD:87:36:5E:E3:48:BC:92:B0:5C:D9:EA:E3:9A:3D X509v3 Authority Key Identifier: keyid:14:B7:18:00:DD:DC:49:7F:60:F9:ED:B7:83:3C:94:97:3A:B7:DC:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FLcYAN3cSX9g-e23gzyUlzq33Bw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/CmtFVtO9hzZe40i8krBc2erjmj0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/415d4b-f7a6-49d6-a7ad-ddf0b8b09616/1/FLcYAN3cSX9g-e23gzyUlzq33Bw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.132.8.0/22 IPv6: 2a06:6400::/29 Signature Algorithm: sha256WithRSAEncryption b3:5f:b1:46:0a:4c:94:d2:cf:c2:1b:79:c2:fc:50:5e:31:d9: a9:e9:53:1e:7d:fc:b7:71:1f:35:3b:1f:ae:45:d8:f7:f9:0e: 20:7b:a0:1d:2a:70:7a:99:a0:a1:de:a2:3e:c8:73:92:a1:ef: f7:b7:88:c0:c8:41:80:6b:66:48:e6:b2:25:66:9a:67:20:c8: 42:01:cb:ce:9c:67:01:ce:b5:5d:b6:a5:87:57:9d:b4:e1:34: e1:9c:92:8b:9d:f2:53:c2:15:0d:c9:45:af:ff:32:25:93:ff: 02:b7:d3:f1:85:c4:a3:68:51:53:1a:4b:00:4c:2c:23:1b:42: 23:69:3b:b5:95:77:b7:75:a2:ca:e0:29:2c:e1:2f:5d:99:5c: 6d:ea:32:14:f1:02:8c:90:d2:c1:59:4d:4b:3d:f0:b3:9b:f1: 8a:11:96:aa:c0:54:29:4f:21:d8:99:f0:34:09:f1:3d:a8:8f: 70:4f:aa:58:1c:c8:dc:f6:d0:2a:76:b8:1a:6c:22:68:e3:8f: 38:9b:70:ad:32:c8:eb:4c:1d:e7:ae:ce:63:92:35:d0:88:50: ad:2d:ba:40:bd:5f:c4:e9:f9:f3:1a:24:94:1b:2c:ae:7b:7d: 99:30:b3:fe:5a:c0:7f:20:ed:b9:93:2f:d9:95:08:0d:bd:37: 5c:0d:2f:34 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FeDI6ZQHRmIW0IvZnCzjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0YjcxODAwZGRkYzQ5N2Y2MGY5ZWRiNzgzM2M5NDk3M2Fi N2RjMWMwHhcNMjYwMTAyMTQyMTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTZiNDU1NmQzYmQ4NzM2NWVlMzQ4YmM5MmIwNWNkOWVhZTM5YTNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKB8Of4M/ovsvWUbjIBtXKaLxh1N eqoFI3nPRxYd6Lhssv2WtueMe32mMEYlTojs+YqccRXarjTC8ZsxjvVDw24v2I34 y2SfTQniw+wox8BRb9kYTjJhOA28c1Z9Jjy3kfptpJrM5Qz3myjtAPgnPI83eZEV Q5zbajua/VeiBRoxUB2IW6pHZS3EATj0py2jOjX8zxHAEwSjRkzrJYK3Wu+t7Q9p MzK5WeeYUdT8DCvB4Q58/sl6gEQ4kPiy0wuGNzRGW7BayqwUlrBmq45OOxJxVhaD OHBaQePOcVA7FOcX6KeG42XD+ol8ZBhDus1zNCS9GSAFptKRKR8O2mJ6yQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAprRVbTvYc2XuNIvJKwXNnq45o9MB8GA1UdIwQY MBaAFBS3GADd3El/YPntt4M8lJc6t9wcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRkxjWUFOM2NTWDlnLWUyM2d6eVVsenEzM0J3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80MTVkNGItZjdhNi00OWQ2LWE3YWQt ZGRmMGI4YjA5NjE2LzEvQ210RlZ0TzloelplNDBpOGtyQmMyZXJqbWowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy80MTVkNGItZjdhNi00OWQ2LWE3YWQtZGRmMGI4YjA5NjE2 LzEvRkxjWUFOM2NTWDlnLWUyM2d6eVVsenEzM0J3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCH4QIMA0E AgACMAcDBQMqBmQAMA0GCSqGSIb3DQEBCwUAA4IBAQCzX7FGCkyU0s/CG3nC/FBe Mdmp6VMeffy3cR81Ox+uRdj3+Q4ge6AdKnB6maCh3qI+yHOSoe/3t4jAyEGAa2ZI 5rIlZppnIMhCAcvOnGcBzrVdtqWHV5204TThnJKLnfJTwhUNyUWv/zIlk/8Ct9Px hcSjaFFTGksATCwjG0IjaTu1lXe3daLK4Cks4S9dmVxt6jIU8QKMkNLBWU1LPfCz m/GKEZaqwFQpTyHYmfA0CfE9qI9wT6pYHMjc9tAqdrgabCJo4484m3CtMsjrTB3n rs5jkjXQiFCtLbpAvV/E6fnzGiSUGyyue32ZMLP+WsB/IO25ky/ZlQgNvTdcDS80 -----END CERTIFICATE-----Generated at Mon Jan 26 19:20:44 2026 by rpki-client