This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WmaJm0jDrpyJX9Q-LqqqCt-uwIA.roa File: WmaJm0jDrpyJX9Q-LqqqCt-uwIA.roa (raw, json) Hash identifier: eCuLoI4rD6y1bR6VEKccwXQk5/tx5hypqNKOEMMl80A= Subject key identifier: 5A:66:89:9B:48:C3:AE:9C:89:5F:D4:3E:2E:AA:AA:0A:DF:AE:C0:80 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84F0F49EC5E7660F6712C46CFC779B Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WmaJm0jDrpyJX9Q-LqqqCt-uwIA.roa Signing time: Fri 02 Jan 2026 16:22:57 +0000 ROA not before: Fri 02 Jan 2026 16:22:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400529 IP address blocks: 88.209.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:f0:f4:9e:c5:e7:66:0f:67:12:c4:6c:fc:77:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5a66899b48c3ae9c895fd43e2eaaaa0adfaec080 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e3:8f:e9:17:4c:c8:2d:19:ee:03:6c:81:cb: 2b:49:7a:2b:fc:04:57:3c:6c:ec:81:ff:b0:ca:c7: d9:37:c5:8d:f6:9c:70:eb:8b:13:9b:84:8a:b5:4f: c6:a6:2c:3f:90:e3:1d:0d:bb:39:d2:86:44:54:a2: 29:04:2d:09:14:42:ca:88:e4:f2:ba:f5:23:a3:84: bf:b6:fe:ef:06:d7:14:81:30:80:8d:b7:dc:a3:1a: 3b:5b:52:f8:c0:71:fc:ce:97:0d:19:bf:0c:8b:73: d7:e6:a3:ef:ef:60:13:9c:f4:7e:2a:d2:e8:a7:d1: c5:27:5d:43:05:5b:2e:5e:5c:d9:d2:ae:43:de:b2: 06:c7:b7:2c:82:43:cb:31:3d:4f:44:0d:da:6a:5c: 4a:6a:d1:8b:c7:cf:a7:86:a0:61:2a:52:2b:f6:b8: f8:83:00:c0:2b:19:ad:e9:80:17:b8:57:47:5b:47: d8:06:b1:d5:fc:d4:3a:28:d1:c4:85:ca:60:11:67: 2c:44:38:b1:7a:30:e6:08:c6:28:04:bc:92:ce:3f: 8e:2e:4e:c2:3c:bf:bd:62:25:7f:7a:b7:46:53:9d: 2d:84:2c:73:28:cc:87:34:74:71:cc:59:17:ae:49: 3c:ea:00:39:c8:02:4e:52:3c:0f:88:9d:95:98:b9: 0d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:66:89:9B:48:C3:AE:9C:89:5F:D4:3E:2E:AA:AA:0A:DF:AE:C0:80 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/WmaJm0jDrpyJX9Q-LqqqCt-uwIA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.197.0/24 Signature Algorithm: sha256WithRSAEncryption 99:ca:09:f5:44:3f:e2:8d:2f:3c:de:6d:5d:66:9d:51:f4:ab: 58:f1:5f:7d:f2:bd:ec:b5:2e:57:67:26:bd:15:6c:3e:97:a2: b4:3b:26:c5:9e:56:85:c4:a1:af:13:41:b6:24:79:94:84:32: d3:fb:ed:3b:d6:1b:31:d4:bc:a9:a0:16:59:e6:b1:d5:43:da: 61:5c:2c:23:f8:b5:f7:06:a7:6d:d5:f3:52:65:56:ec:1c:02: e3:db:bf:d4:c5:f7:49:58:5e:3c:68:a0:56:1c:19:65:9c:0e: 3e:24:fc:de:09:45:9c:d7:dc:37:a3:3c:da:44:e4:c7:94:16: c9:a4:7e:69:b6:99:d1:9a:ac:55:17:58:52:f0:51:9a:68:cb: b6:df:c9:b7:5b:52:24:72:ca:f4:ff:43:0c:a3:f4:3e:1a:3f: 03:4a:d9:2f:ce:c8:49:4a:da:d4:0d:db:09:8f:c9:0d:6c:9f: d0:ff:fe:9f:00:4d:4f:85:ea:88:d6:e0:57:f0:d0:8e:67:9c: 1d:33:a3:d1:49:9e:e5:91:c1:92:29:b8:93:51:92:eb:07:06: 8f:c7:92:eb:d8:7a:0f:41:5b:7b:5c:d0:ac:4e:56:ab:29:49: 0c:d4:16:07:5b:aa:ba:6b:b6:27:d7:a7:a9:10:2e:52:d9:d2: 7c:d3:62:e3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hPD0nsXnZg9nEsRs/HebMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YTY2ODk5YjQ4YzNhZTljODk1ZmQ0M2UyZWFhYWEwYWRmYWVjMDgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweOP6RdMyC0Z7gNsgcsrSXor/ARX PGzsgf+wysfZN8WN9pxw64sTm4SKtU/Gpiw/kOMdDbs50oZEVKIpBC0JFELKiOTy uvUjo4S/tv7vBtcUgTCAjbfcoxo7W1L4wHH8zpcNGb8Mi3PX5qPv72ATnPR+KtLo p9HFJ11DBVsuXlzZ0q5D3rIGx7csgkPLMT1PRA3aalxKatGLx8+nhqBhKlIr9rj4 gwDAKxmt6YAXuFdHW0fYBrHV/NQ6KNHEhcpgEWcsRDixejDmCMYoBLySzj+OLk7C PL+9YiV/erdGU50thCxzKMyHNHRxzFkXrkk86gA5yAJOUjwPiJ2VmLkNHwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFpmiZtIw66ciV/UPi6qqgrfrsCAMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvV21hSm0wakRycHlKWDlRLUxxcXFDdC11d0lBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHFMA0G CSqGSIb3DQEBCwUAA4IBAQCZygn1RD/ijS883m1dZp1R9KtY8V998r3stS5XZya9 FWw+l6K0OybFnlaFxKGvE0G2JHmUhDLT++071hsx1LypoBZZ5rHVQ9phXCwj+LX3 Bqdt1fNSZVbsHALj27/UxfdJWF48aKBWHBllnA4+JPzeCUWc19w3ozzaROTHlBbJ pH5ptpnRmqxVF1hS8FGaaMu238m3W1Ikcsr0/0MMo/Q+Gj8DStkvzshJStrUDdsJ j8kNbJ/Q//6fAE1PheqI1uBX8NCOZ5wdM6PRSZ7lkcGSKbiTUZLrBwaPx5Lr2HoP QVt7XNCsTlarKUkM1BYHW6q6a7Yn16epEC5S2dJ802Lj -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:00 2026 by rpki-client