This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/cny5YunWoGOPcvtGZLymBoSxvc0.roa File: cny5YunWoGOPcvtGZLymBoSxvc0.roa (raw, json) Hash identifier: z2k+kuA2gEPwCUj1PQs/NjdvAeEDMEfFxUJYpvTthlg= Subject key identifier: 72:7C:B9:62:E9:D6:A0:63:8F:72:FB:46:64:BC:A6:06:84:B1:BD:CD Certificate issuer: /CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee Certificate serial: 019B79114359EC87E88D6EDC260EFB427633 Authority key identifier: DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/cny5YunWoGOPcvtGZLymBoSxvc0.roa Signing time: Thu 01 Jan 2026 10:18:52 +0000 ROA not before: Thu 01 Jan 2026 10:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43284 IP address blocks: 77.73.240.0/21 maxlen: 21 80.241.96.0/20 maxlen: 20 185.69.136.0/22 maxlen: 22 194.56.219.0/24 maxlen: 24 213.159.80.0/20 maxlen: 20 2a02:2108::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.mft rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:43:59:ec:87:e8:8d:6e:dc:26:0e:fb:42:76:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee Validity Not Before: Jan 1 10:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=727cb962e9d6a0638f72fb4664bca60684b1bdcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ea:dd:13:75:9a:5f:53:5c:ea:6c:3e:e7:96: 64:9f:0c:d3:a3:a0:8d:b5:12:b4:16:d2:ff:b9:ae: ad:c7:d1:92:79:ca:a3:af:97:e3:a0:0d:01:f7:22: 2e:2c:b7:d8:cd:96:54:f1:ba:52:1b:77:0a:be:9b: 8c:df:d5:4b:5b:1c:5d:4f:eb:3a:e2:18:78:83:b5: e5:19:0f:22:da:4a:36:17:2c:5b:98:06:2c:13:61: 18:69:93:6d:05:73:48:17:d6:5f:59:02:1c:23:77: 96:49:d3:3e:71:38:8d:b0:a8:a2:2a:1f:fd:8c:49: 04:fd:2e:e7:28:fa:2b:75:58:43:15:df:b3:68:eb: 70:9c:ea:48:cc:69:82:3d:82:48:59:e4:35:43:4d: 68:b1:f4:ee:a8:03:8e:9a:da:e5:49:9a:1e:0b:1d: 91:f9:ed:af:75:60:04:a4:1e:43:03:35:97:a8:f0: 98:b6:17:db:3d:b6:40:e8:2f:86:1a:0b:cb:99:58: 98:2b:2a:fa:80:10:97:af:c9:81:ee:51:75:fe:61: 10:36:de:94:ec:de:cd:e5:ca:6d:62:49:3b:f7:72: e6:f5:d9:18:0a:5d:46:7e:b1:c0:f4:ed:bd:a8:cb: 9a:8e:f2:8f:08:74:87:43:95:5e:1e:ae:fe:fb:07: 62:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:7C:B9:62:E9:D6:A0:63:8F:72:FB:46:64:BC:A6:06:84:B1:BD:CD X509v3 Authority Key Identifier: keyid:DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/cny5YunWoGOPcvtGZLymBoSxvc0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.73.240.0/21 80.241.96.0/20 185.69.136.0/22 194.56.219.0/24 213.159.80.0/20 IPv6: 2a02:2108::/32 Signature Algorithm: sha256WithRSAEncryption 98:12:f1:03:38:20:cb:16:28:2a:97:75:94:f2:bc:19:fc:6d: 18:0c:0a:0d:3e:d0:31:4d:28:66:73:8a:fd:28:21:87:d9:01: 08:2d:a5:e8:1b:98:a9:d8:17:a6:c5:01:e7:01:ad:e6:bf:29: 04:64:c0:6f:3b:16:7d:f5:f5:37:e6:59:63:a7:56:31:d3:c1: 5d:46:97:db:d8:de:37:cc:41:5a:01:a3:b6:fd:7d:41:9e:20: 6a:57:cc:b6:84:29:2c:09:c6:70:9d:7e:c4:bc:fe:75:84:47: 91:9e:84:cc:d2:d5:6e:dd:08:cb:76:6b:48:c4:c8:35:62:40: 59:f2:1b:c6:51:76:51:f0:5c:25:59:5f:93:b4:eb:d1:1b:f7: 2b:cf:22:75:85:cd:7b:e3:9f:a0:f2:09:18:1c:5e:82:6e:90: 9d:52:3b:a4:88:4d:b7:c9:5c:3c:50:ea:86:3c:6e:db:cf:76: c4:d4:0c:fa:25:f3:db:51:bc:98:04:3d:4b:19:2a:7a:28:fa: 1c:13:c8:98:f4:35:20:ea:46:25:c3:13:3d:8f:1e:03:7f:8b: bf:9e:9a:65:dc:a3:d1:73:4d:34:8a:69:8d:1b:12:61:8d:29: de:64:f4:b0:9d:10:8c:a8:3a:4f:0b:aa:2f:4e:9c:f4:ae:68: fb:21:6d:ba -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt5EUNZ7IfojW7cJg77QnYzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNmEzNzQyZjBmMGZiMTIwOTIyYjMzOWVmMDFjZWNmODdm NGQxZWUwHhcNMjYwMTAxMTAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjdjYjk2MmU5ZDZhMDYzOGY3MmZiNDY2NGJjYTYwNjg0YjFiZGNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmerdE3WaX1Nc6mw+55ZknwzTo6CN tRK0FtL/ua6tx9GSecqjr5fjoA0B9yIuLLfYzZZU8bpSG3cKvpuM39VLWxxdT+s6 4hh4g7XlGQ8i2ko2FyxbmAYsE2EYaZNtBXNIF9ZfWQIcI3eWSdM+cTiNsKiiKh/9 jEkE/S7nKPordVhDFd+zaOtwnOpIzGmCPYJIWeQ1Q01osfTuqAOOmtrlSZoeCx2R +e2vdWAEpB5DAzWXqPCYthfbPbZA6C+GGgvLmViYKyr6gBCXr8mB7lF1/mEQNt6U 7N7N5cptYkk793Lm9dkYCl1GfrHA9O29qMuajvKPCHSHQ5VeHq7++wdiEQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFHJ8uWLp1qBjj3L7RmS8pgaEsb3NMB8GA1UdIwQY MBaAFNxqN0Lw8PsSCSKzOe8Bzs+H9NHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgt Y2MxZDJjNWUxYjMxLzEvY255NVl1bldvR09QY3Z0R1pMeW1Cb1N4dmMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgtY2MxZDJjNWUxYjMx LzEvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUnwAwQE UPFgAwQCuUWIAwQAwjjbAwQE1Z9QMA0EAgACMAcDBQAqAiEIMA0GCSqGSIb3DQEB CwUAA4IBAQCYEvEDOCDLFigql3WU8rwZ/G0YDAoNPtAxTShmc4r9KCGH2QEILaXo G5ip2BemxQHnAa3mvykEZMBvOxZ99fU35lljp1Yx08FdRpfb2N43zEFaAaO2/X1B niBqV8y2hCksCcZwnX7EvP51hEeRnoTM0tVu3QjLdmtIxMg1YkBZ8hvGUXZR8Fwl WV+TtOvRG/crzyJ1hc1745+g8gkYHF6CbpCdUjukiE23yVw8UOqGPG7bz3bE1Az6 JfPbUbyYBD1LGSp6KPocE8iY9DUg6kYlwxM9jx4Df4u/nppl3KPRc000immNGxJh jSneZPSwnRCMqDpPC6ovTpz0rmj7IW26 -----END CERTIFICATE-----Generated at Mon Feb 9 18:23:24 2026 by rpki-client