This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/ClZipqAtGVJ2H4srpt_UxqUYg7k.roa File: ClZipqAtGVJ2H4srpt_UxqUYg7k.roa (raw, json) Hash identifier: gRSN7asX/fb1bF2/3SBjZi8n62BnbOxEncNI/Hx/1K0= Subject key identifier: 0A:56:62:A6:A0:2D:19:52:76:1F:8B:2B:A6:DF:D4:C6:A5:18:83:B9 Certificate issuer: /CN=853a1db50ab771dcb529367dd951a67cacc48527 Certificate serial: 019B78A360EE3BDD3FEBBF9EF6B799EF7923 Authority key identifier: 85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/ClZipqAtGVJ2H4srpt_UxqUYg7k.roa Signing time: Thu 01 Jan 2026 08:18:51 +0000 ROA not before: Thu 01 Jan 2026 08:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41332 IP address blocks: 194.127.252.0/23 maxlen: 24 194.145.112.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.mft rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:60:ee:3b:dd:3f:eb:bf:9e:f6:b7:99:ef:79:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=853a1db50ab771dcb529367dd951a67cacc48527 Validity Not Before: Jan 1 08:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a5662a6a02d1952761f8b2ba6dfd4c6a51883b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:6b:b5:69:5e:77:ad:c3:2d:94:f3:a5:f3:db: 23:36:19:61:01:e9:93:ae:60:7a:f1:6a:0b:7e:67: e5:67:2f:1d:73:59:da:8b:ce:b8:85:f6:87:77:16: cf:d6:2c:35:e8:7b:20:7a:d4:bb:ff:82:09:76:82: ab:63:72:b9:a7:55:ad:b2:4e:9e:ac:7c:5d:ac:e2: b6:75:7d:06:93:85:39:b7:68:46:20:08:be:3b:9f: 02:69:0f:8e:f9:94:81:43:93:9e:86:63:35:a0:44: f6:90:3c:b9:98:03:bf:bd:0d:da:f4:40:1a:90:d8: 2c:dd:06:cd:04:c9:06:74:52:d4:35:9a:65:a7:84: a9:c8:6f:8c:06:aa:bb:d3:75:3c:21:c2:dc:82:0b: e9:ca:8f:4e:ac:24:e7:e8:13:cb:dd:93:9e:d3:42: 1c:cd:46:ff:9a:5d:db:cf:07:93:fe:ca:90:a6:e3: 7d:21:35:c7:e1:fc:37:22:8a:30:12:45:c9:13:01: e2:1a:bf:5e:0e:52:b3:59:52:e3:df:24:19:16:0f: a5:4a:87:e3:c6:11:b0:a3:68:71:61:42:90:fe:5a: 73:31:f1:cd:3b:5f:97:c2:1e:ab:7e:d7:68:0a:e3: 6e:7c:90:1a:95:8a:b4:b9:98:99:d0:ed:b5:28:09: a7:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:56:62:A6:A0:2D:19:52:76:1F:8B:2B:A6:DF:D4:C6:A5:18:83:B9 X509v3 Authority Key Identifier: keyid:85:3A:1D:B5:0A:B7:71:DC:B5:29:36:7D:D9:51:A6:7C:AC:C4:85:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTodtQq3cdy1KTZ92VGmfKzEhSc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/ClZipqAtGVJ2H4srpt_UxqUYg7k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/dc66f3-8ac9-41b9-8eb8-77295c9ce866/1/hTodtQq3cdy1KTZ92VGmfKzEhSc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.127.252.0/23 194.145.112.0/23 Signature Algorithm: sha256WithRSAEncryption 62:bd:c9:b0:dc:65:59:df:4e:2a:91:de:28:46:59:a4:c4:da: fe:48:2b:7c:7b:15:f5:9c:e1:04:c6:bb:0a:24:9d:6d:e4:d4: 62:ca:30:60:c7:42:b7:ae:b9:32:8f:b9:c9:9c:d8:67:95:69: 8e:9a:f0:ec:6c:7f:b7:17:f0:dd:4f:74:bf:a0:a0:93:b8:b3: 82:e6:6c:c2:87:a8:50:38:03:a9:32:06:c9:bd:6d:c8:ef:bb: d5:95:ea:99:59:6d:ba:50:10:bf:cc:ab:6b:0a:2f:d0:9c:a7: 6f:4a:35:71:d0:95:78:5b:d4:0d:dc:90:45:65:7a:27:fd:fa: 94:8a:49:8c:05:af:d9:00:9f:ac:8f:af:f9:e3:fb:f7:38:0d: 46:93:c7:7f:56:23:06:08:f9:5c:47:0c:b1:72:bb:46:ab:1e: 3a:84:0d:86:82:81:41:c0:6a:e8:d2:c7:59:fb:c5:f8:e1:99: 99:38:d1:30:10:31:e4:0e:6e:04:2f:d0:96:c9:54:30:b3:ba: 30:17:11:3a:e4:4c:cd:a0:82:12:87:c9:71:0b:9f:bd:dc:98: b1:e8:3c:82:03:49:6b:c9:fe:db:49:9d:27:72:0b:dd:ef:d3: 85:5a:aa:ca:f4:7e:cf:d5:5e:5d:98:e0:cd:45:bc:30:98:44: 7f:60:34:39 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4o2DuO90/67+e9reZ73kjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1M2ExZGI1MGFiNzcxZGNiNTI5MzY3ZGQ5NTFhNjdjYWNj NDg1MjcwHhcNMjYwMTAxMDgxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTU2NjJhNmEwMmQxOTUyNzYxZjhiMmJhNmRmZDRjNmE1MTg4M2I5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumu1aV53rcMtlPOl89sjNhlhAemT rmB68WoLfmflZy8dc1nai864hfaHdxbP1iw16HsgetS7/4IJdoKrY3K5p1Wtsk6e rHxdrOK2dX0Gk4U5t2hGIAi+O58CaQ+O+ZSBQ5OehmM1oET2kDy5mAO/vQ3a9EAa kNgs3QbNBMkGdFLUNZplp4SpyG+MBqq703U8IcLcggvpyo9OrCTn6BPL3ZOe00Ic zUb/ml3bzweT/sqQpuN9ITXH4fw3IoowEkXJEwHiGr9eDlKzWVLj3yQZFg+lSofj xhGwo2hxYUKQ/lpzMfHNO1+Xwh6rftdoCuNufJAalYq0uZiZ0O21KAmnmQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFApWYqagLRlSdh+LK6bf1MalGIO5MB8GA1UdIwQY MBaAFIU6HbUKt3HctSk2fdlRpnysxIUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgt NzcyOTVjOWNlODY2LzEvQ2xaaXBxQXRHVkoySDRzcnB0X1V4cVVZZzdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS9kYzY2ZjMtOGFjOS00MWI5LThlYjgtNzcyOTVjOWNlODY2 LzEvaFRvZHRRcTNjZHkxS1RaOTJWR21mS3pFaFNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwn/8AwQB wpFwMA0GCSqGSIb3DQEBCwUAA4IBAQBivcmw3GVZ304qkd4oRlmkxNr+SCt8exX1 nOEExrsKJJ1t5NRiyjBgx0K3rrkyj7nJnNhnlWmOmvDsbH+3F/DdT3S/oKCTuLOC 5mzCh6hQOAOpMgbJvW3I77vVleqZWW26UBC/zKtrCi/QnKdvSjVx0JV4W9QN3JBF ZXon/fqUikmMBa/ZAJ+sj6/54/v3OA1Gk8d/ViMGCPlcRwyxcrtGqx46hA2GgoFB wGro0sdZ+8X44ZmZONEwEDHkDm4EL9CWyVQws7owFxE65EzNoIISh8lxC5+93Jix 6DyCA0lryf7bSZ0ncgvd79OFWqrK9H7P1V5dmODNRbwwmER/YDQ5 -----END CERTIFICATE-----Generated at Mon Feb 9 19:39:14 2026 by rpki-client