This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/edaefe-c870-4147-9e3b-c799d6d6144a/1/Wazx3LZDxhV9N5q9JPv8h2Qs-YE.roa File: Wazx3LZDxhV9N5q9JPv8h2Qs-YE.roa (raw, json) Hash identifier: KJ3tWSAQqQBPzmhSgtG5aN79Rwb62j6iubPkCvI++ds= Subject key identifier: 59:AC:F1:DC:B6:43:C6:15:7D:37:9A:BD:24:FB:FC:87:64:2C:F9:81 Certificate issuer: /CN=9029ad22579a6805c1ff8b1ee5d735290c01340b Certificate serial: 019B7758F8704ABD5B9D84C3EADA97A9C1F9 Authority key identifier: 90:29:AD:22:57:9A:68:05:C1:FF:8B:1E:E5:D7:35:29:0C:01:34:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kCmtIleaaAXB_4se5dc1KQwBNAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/edaefe-c870-4147-9e3b-c799d6d6144a/1/Wazx3LZDxhV9N5q9JPv8h2Qs-YE.roa Signing time: Thu 01 Jan 2026 02:17:58 +0000 ROA not before: Thu 01 Jan 2026 02:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210145 IP address blocks: 193.168.58.0/23 maxlen: 23 193.168.58.0/24 maxlen: 24 193.168.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/edaefe-c870-4147-9e3b-c799d6d6144a/1/kCmtIleaaAXB_4se5dc1KQwBNAs.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/edaefe-c870-4147-9e3b-c799d6d6144a/1/kCmtIleaaAXB_4se5dc1KQwBNAs.mft rsync://rpki.ripe.net/repository/DEFAULT/kCmtIleaaAXB_4se5dc1KQwBNAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:f8:70:4a:bd:5b:9d:84:c3:ea:da:97:a9:c1:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9029ad22579a6805c1ff8b1ee5d735290c01340b Validity Not Before: Jan 1 02:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=59acf1dcb643c6157d379abd24fbfc87642cf981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c0:31:9c:12:3d:ba:06:e7:b5:10:1d:ba:da: 45:9a:a5:81:ee:88:8f:9f:e6:38:76:9c:7c:d8:0b: bc:a9:c7:cb:6f:d5:cc:2f:22:d0:6a:5b:9a:33:45: e1:23:df:c6:12:71:10:c6:22:9d:33:8f:47:44:2f: 01:ea:47:71:02:67:47:ed:8a:de:31:ea:fc:ac:c3: d4:32:85:84:a8:dc:b0:c1:2c:3c:00:8a:64:09:54: 4e:f3:e9:2a:5c:f3:13:0e:e8:18:10:14:97:14:f0: 5c:82:74:b8:48:2e:3a:4d:b6:d9:aa:81:fd:aa:04: d2:1b:ab:bc:2d:b0:b9:e2:26:2e:0a:0f:85:9e:b4: 3e:34:17:09:e0:81:97:5c:61:c5:d5:d9:1b:62:5e: 46:80:9b:d0:5c:91:d4:cf:43:78:fa:7b:86:6f:d6: 5a:80:c4:0d:7d:1e:7f:a0:03:cf:11:b3:7f:f6:af: 00:67:5d:f2:d2:86:34:4b:2b:79:22:75:66:ac:25: aa:79:50:bd:cd:25:0f:55:0a:ca:80:8a:17:64:82: 3f:c5:16:32:13:2b:5a:8c:26:b8:a8:ed:75:5d:df: c5:b6:a1:81:b1:e0:e2:34:d0:26:90:5e:1b:4c:56: be:a0:34:02:f4:39:3f:d0:53:25:2a:2e:b4:60:50: f8:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:AC:F1:DC:B6:43:C6:15:7D:37:9A:BD:24:FB:FC:87:64:2C:F9:81 X509v3 Authority Key Identifier: keyid:90:29:AD:22:57:9A:68:05:C1:FF:8B:1E:E5:D7:35:29:0C:01:34:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kCmtIleaaAXB_4se5dc1KQwBNAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/edaefe-c870-4147-9e3b-c799d6d6144a/1/Wazx3LZDxhV9N5q9JPv8h2Qs-YE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/edaefe-c870-4147-9e3b-c799d6d6144a/1/kCmtIleaaAXB_4se5dc1KQwBNAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.168.58.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:30:ae:5c:2c:1c:9d:8b:83:61:bd:67:05:4a:1c:d7:15:3f: 68:4d:a2:3a:13:e4:01:ac:7e:b4:10:fc:e1:49:16:4f:71:80: b4:76:3b:69:fb:31:98:aa:0e:22:9f:9d:e5:46:85:8f:f3:95: 33:e4:63:48:90:0c:08:31:0f:2c:a6:5e:ed:d6:0a:45:91:a8: 85:84:10:71:2d:25:e9:ad:5b:aa:94:7e:fb:18:8e:6d:f1:b6: d5:4e:1b:cd:fa:4a:b4:ce:e8:45:bf:9f:fd:25:36:65:af:5f: a4:dc:00:ed:e2:78:7a:8c:71:52:a7:07:21:89:e6:f8:22:91: b5:af:24:06:20:ae:d6:a9:f4:dd:01:93:f4:1f:96:4f:78:f8: 6a:60:5a:1f:bf:df:77:b9:62:5b:fc:72:95:1e:e5:2d:4b:2b: 28:1d:42:be:7a:07:a8:2b:9b:79:fe:b4:93:1c:4e:24:2f:88: 60:98:6c:c9:b0:34:45:8b:2c:0d:f1:e7:5b:0a:b4:2e:78:b8: c6:b7:0d:4b:13:4a:5e:79:75:d0:0f:0e:2b:0d:86:96:41:22: 1b:6d:77:b8:cb:e5:52:cc:92:92:ae:14:f2:74:5c:ad:79:26: 6c:9c:9b:ab:a9:42:d5:66:66:5b:66:59:12:ed:23:05:e7:26: 76:58:31:1a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WPhwSr1bnYTD6tqXqcH5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwMjlhZDIyNTc5YTY4MDVjMWZmOGIxZWU1ZDczNTI5MGMw MTM0MGIwHhcNMjYwMTAxMDIxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1OWFjZjFkY2I2NDNjNjE1N2QzNzlhYmQyNGZiZmM4NzY0MmNmOTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8AxnBI9ugbntRAdutpFmqWB7oiP n+Y4dpx82Au8qcfLb9XMLyLQaluaM0XhI9/GEnEQxiKdM49HRC8B6kdxAmdH7Yre Mer8rMPUMoWEqNywwSw8AIpkCVRO8+kqXPMTDugYEBSXFPBcgnS4SC46TbbZqoH9 qgTSG6u8LbC54iYuCg+FnrQ+NBcJ4IGXXGHF1dkbYl5GgJvQXJHUz0N4+nuGb9Za gMQNfR5/oAPPEbN/9q8AZ13y0oY0Syt5InVmrCWqeVC9zSUPVQrKgIoXZII/xRYy EytajCa4qO11Xd/FtqGBseDiNNAmkF4bTFa+oDQC9Dk/0FMlKi60YFD4XQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFms8dy2Q8YVfTeavST7/IdkLPmBMB8GA1UdIwQY MBaAFJAprSJXmmgFwf+LHuXXNSkMATQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0NtdElsZWFhQVhCXzRzZTVkYzFLUXdCTkFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lZGFlZmUtYzg3MC00MTQ3LTllM2It Yzc5OWQ2ZDYxNDRhLzEvV2F6eDNMWkR4aFY5TjVxOUpQdjhoMlFzLVlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9lZGFlZmUtYzg3MC00MTQ3LTllM2ItYzc5OWQ2ZDYxNDRh LzEva0NtdElsZWFhQVhCXzRzZTVkYzFLUXdCTkFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwag6MA0G CSqGSIb3DQEBCwUAA4IBAQCMMK5cLBydi4NhvWcFShzXFT9oTaI6E+QBrH60EPzh SRZPcYC0djtp+zGYqg4in53lRoWP85Uz5GNIkAwIMQ8spl7t1gpFkaiFhBBxLSXp rVuqlH77GI5t8bbVThvN+kq0zuhFv5/9JTZlr1+k3ADt4nh6jHFSpwchieb4IpG1 ryQGIK7WqfTdAZP0H5ZPePhqYFofv993uWJb/HKVHuUtSysoHUK+egeoK5t5/rST HE4kL4hgmGzJsDRFiywN8edbCrQueLjGtw1LE0peeXXQDw4rDYaWQSIbbXe4y+VS zJKSrhTydFyteSZsnJurqULVZmZbZlkS7SMF5yZ2WDEa -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:07 2026 by rpki-client