This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/cENwAzhw60-ikgeBP0Wk-X-TPRQ.roa File: cENwAzhw60-ikgeBP0Wk-X-TPRQ.roa (raw, json) Hash identifier: WKFy5CgMQiAy0y2WtEt+U7yH6EI/ABaKojXrx+8izJQ= Subject key identifier: 70:43:70:03:38:70:EB:4F:A2:92:07:81:3F:45:A4:F9:7F:93:3D:14 Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca Certificate serial: 019B78A244C2FCB7E6304132241D1850CD52 Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/cENwAzhw60-ikgeBP0Wk-X-TPRQ.roa Signing time: Thu 01 Jan 2026 08:17:38 +0000 ROA not before: Thu 01 Jan 2026 08:17:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60601 IP address blocks: 185.11.216.0/24 maxlen: 24 2a03:69c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 17:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:44:c2:fc:b7:e6:30:41:32:24:1d:18:50:cd:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca Validity Not Before: Jan 1 08:17:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=704370033870eb4fa29207813f45a4f97f933d14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:94:10:15:18:c0:82:c3:d4:43:37:d8:a0:c4: 29:5e:3d:0b:b3:3e:0a:6c:ee:b0:24:fe:90:9e:ac: 9a:d7:a4:8b:ce:b9:9b:e0:b9:29:54:54:c1:f3:1f: 22:dd:43:6f:33:15:1c:ed:b4:b1:ed:82:00:f1:30: 04:16:b3:c3:c7:f1:ec:c1:96:ed:75:44:95:dc:c3: 2c:5c:af:e6:a8:aa:8b:8d:c7:99:d9:d4:23:27:f3: 1b:b7:4f:a1:de:a8:e8:10:70:d4:91:bf:f1:85:e6: 24:01:b2:87:5f:49:05:bc:02:32:45:43:23:3d:e8: 7e:ed:67:65:3a:bd:1a:ce:f6:0a:60:52:a5:ea:0c: 84:04:ec:ef:97:17:61:6f:ad:21:3f:c1:eb:df:06: 21:39:f4:06:2f:7b:28:3c:c2:e4:e5:c8:16:bb:54: 70:a4:74:88:b5:b7:bf:3c:49:b3:79:bd:39:2d:8e: 93:8a:ff:f7:d0:32:c7:c4:18:a7:d6:06:03:27:05: 0e:94:7e:29:0d:ae:37:d4:73:bc:60:25:fa:cf:4b: 69:62:b5:91:cb:98:b4:0e:f7:ac:22:83:7e:88:50: b8:fd:93:18:f0:59:b6:0c:fe:62:d5:1e:60:89:04: ea:07:f7:3c:da:57:35:88:a7:b1:f7:87:f0:89:8a: b6:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:43:70:03:38:70:EB:4F:A2:92:07:81:3F:45:A4:F9:7F:93:3D:14 X509v3 Authority Key Identifier: keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/cENwAzhw60-ikgeBP0Wk-X-TPRQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.11.216.0/24 IPv6: 2a03:69c0::/48 Signature Algorithm: sha256WithRSAEncryption 3a:43:18:1d:04:e9:d5:58:61:e8:7d:b9:6c:55:69:7d:23:02: 7d:e6:74:68:24:04:ba:24:0a:99:b1:5d:e7:7f:f6:16:0b:12: 38:c6:e6:dd:f0:29:be:7a:c8:65:2c:2e:b8:6d:47:8c:55:ef: 46:00:6f:15:05:0d:1f:b0:04:bb:8b:54:13:62:2d:a5:f3:e0: 90:bc:32:c6:5a:d6:2a:51:17:fd:33:3a:5f:9e:ee:ba:7b:6f: a6:6d:d9:2f:ff:ac:32:e1:6e:7c:bf:f0:13:51:94:7e:26:08: ec:b5:5a:d4:b8:b4:65:c2:e6:47:a9:77:94:36:81:ee:3d:a2: 0d:57:85:07:42:ef:c4:80:00:49:60:13:3e:b7:0d:20:26:a6: 05:1e:a6:36:45:bb:77:a1:a9:02:fc:00:40:08:32:fe:96:99: 22:da:d2:a7:f1:dc:e5:95:33:7a:87:a2:10:c6:fd:6a:fb:a5: e1:30:bb:48:d9:f9:d1:bc:33:5f:65:d9:8a:44:c2:b2:46:8f: 35:c3:c6:e9:84:c0:a5:76:7d:b9:75:33:c4:35:7d:18:ec:fa: fb:48:f7:cc:e4:b6:06:32:18:8c:93:f7:93:4f:72:5f:de:87: 4e:ab:77:a6:f7:75:e8:5c:8d:a2:b1:00:0e:fc:fe:c7:57:cf: 72:d3:97:80 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4okTC/LfmMEEyJB0YUM1SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk MzE2Y2EwHhcNMjYwMTAxMDgxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDQzNzAwMzM4NzBlYjRmYTI5MjA3ODEzZjQ1YTRmOTdmOTMzZDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5QQFRjAgsPUQzfYoMQpXj0Lsz4K bO6wJP6Qnqya16SLzrmb4LkpVFTB8x8i3UNvMxUc7bSx7YIA8TAEFrPDx/HswZbt dUSV3MMsXK/mqKqLjceZ2dQjJ/Mbt0+h3qjoEHDUkb/xheYkAbKHX0kFvAIyRUMj Peh+7WdlOr0azvYKYFKl6gyEBOzvlxdhb60hP8Hr3wYhOfQGL3soPMLk5cgWu1Rw pHSItbe/PEmzeb05LY6Tiv/30DLHxBin1gYDJwUOlH4pDa431HO8YCX6z0tpYrWR y5i0DvesIoN+iFC4/ZMY8Fm2DP5i1R5giQTqB/c82lc1iKex94fwiYq2xQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFHBDcAM4cOtPopIHgT9FpPl/kz0UMB8GA1UdIwQY MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt MzMyZWU1NDI1YzdhLzEvY0VOd0F6aHc2MC1pa2dlQlAwV2stWC1UUFJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQvYMA8E AgACMAkDBwAqA2nAAAAwDQYJKoZIhvcNAQELBQADggEBADpDGB0E6dVYYeh9uWxV aX0jAn3mdGgkBLokCpmxXed/9hYLEjjG5t3wKb56yGUsLrhtR4xV70YAbxUFDR+w BLuLVBNiLaXz4JC8MsZa1ipRF/0zOl+e7rp7b6Zt2S//rDLhbny/8BNRlH4mCOy1 WtS4tGXC5kepd5Q2ge49og1XhQdC78SAAElgEz63DSAmpgUepjZFu3ehqQL8AEAI Mv6WmSLa0qfx3OWVM3qHohDG/Wr7peEwu0jZ+dG8M19l2YpEwrJGjzXDxumEwKV2 fbl1M8Q1fRjs+vtI98zktgYyGIyT95NPcl/eh06rd6b3dehcjaKxAA78/sdXz3LT l4A= -----END CERTIFICATE-----Generated at Mon Jan 19 20:36:08 2026 by rpki-client