This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/cNdUG1i54zJ-DiyzAbYp5hI1_Yw.roa File: cNdUG1i54zJ-DiyzAbYp5hI1_Yw.roa (raw, json) Hash identifier: Zs9p0r7/OlghiUl1YzqqCjoM6IGWezmYkoL5qYs5XiU= Subject key identifier: 70:D7:54:1B:58:B9:E3:32:7E:0E:2C:B3:01:B6:29:E6:12:35:FD:8C Certificate issuer: /CN=db641fc903d5b4cc971649324a4b34e4f82422c5 Certificate serial: 019BFA77173DD813DCCF526C165AFFEBF291 Authority key identifier: DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/cNdUG1i54zJ-DiyzAbYp5hI1_Yw.roa Signing time: Mon 26 Jan 2026 13:21:07 +0000 ROA not before: Mon 26 Jan 2026 13:21:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8426 IP address blocks: 77.91.200.0/21 maxlen: 21 80.172.0.0/16 maxlen: 18 188.93.224.0/21 maxlen: 21 194.62.240.0/22 maxlen: 22 195.22.0.0/19 maxlen: 19 195.35.66.0/24 maxlen: 24 195.72.136.0/22 maxlen: 22 2001:4cc0::/32 maxlen: 48 2a03:73c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.mft rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 08:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:fa:77:17:3d:d8:13:dc:cf:52:6c:16:5a:ff:eb:f2:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db641fc903d5b4cc971649324a4b34e4f82422c5 Validity Not Before: Jan 26 13:21:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70d7541b58b9e3327e0e2cb301b629e61235fd8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ce:00:09:46:9b:5c:4e:86:20:29:66:18:e4: b3:81:fc:ee:5c:43:94:00:18:f2:3e:3f:3f:9f:31: d1:a3:01:b5:e2:7f:9d:f6:eb:6a:89:cb:4d:eb:ed: 24:f9:1b:3c:64:52:84:b1:e0:0b:2f:a8:a5:61:aa: e0:33:87:5e:10:57:33:22:22:0f:a1:78:c0:4f:8f: 0f:d7:93:b7:84:48:63:92:fd:1d:61:c2:d8:24:f0: a8:ef:33:f0:0b:02:10:e9:2c:71:da:78:5f:c9:33: 16:e8:bf:ff:ca:0a:72:15:00:98:d1:65:b9:c3:29: 19:0e:9d:68:a0:b6:92:c6:ba:de:64:84:ca:fe:db: 6a:08:db:c1:35:02:e4:b1:47:13:c5:97:eb:9b:f9: 7b:56:cb:c4:0f:cd:54:e7:3a:bd:65:9c:96:9a:fa: 89:ce:41:d6:46:b7:63:35:a2:7c:a8:54:a6:2b:b1: 4b:c0:ec:01:cb:b9:84:3a:cd:25:7f:14:4b:fc:55: 0c:e2:4e:0b:c3:27:21:3c:2c:db:83:27:29:2f:33: 1c:28:df:34:ab:6b:c1:0c:f9:42:f6:84:23:0f:1e: 6b:2e:0d:7c:0c:0a:62:7f:1d:12:ea:84:ac:a5:32: 8d:71:2f:6f:ee:37:24:38:04:a9:fe:02:68:3f:84: 7d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:D7:54:1B:58:B9:E3:32:7E:0E:2C:B3:01:B6:29:E6:12:35:FD:8C X509v3 Authority Key Identifier: keyid:DB:64:1F:C9:03:D5:B4:CC:97:16:49:32:4A:4B:34:E4:F8:24:22:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/22QfyQPVtMyXFkkySks05PgkIsU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/cNdUG1i54zJ-DiyzAbYp5hI1_Yw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/10095f-fd35-4a06-8f39-7fee591a209c/1/22QfyQPVtMyXFkkySks05PgkIsU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.91.200.0/21 80.172.0.0/16 188.93.224.0/21 194.62.240.0/22 195.22.0.0/19 195.35.66.0/24 195.72.136.0/22 IPv6: 2001:4cc0::/32 2a03:73c0::/48 Signature Algorithm: sha256WithRSAEncryption 4a:f6:d7:8e:bf:41:b0:6e:cf:66:9a:a8:6e:a7:de:8b:4c:00: 87:ae:c4:c8:ad:24:77:69:72:8d:82:07:e1:86:b7:56:6a:f1: d9:77:ac:83:4d:86:ef:7d:17:8a:d6:8d:ad:7b:06:b5:3e:1a: d1:dc:8a:74:98:ba:26:74:9d:21:4d:b7:16:e2:c3:a2:82:32: 50:34:f8:8d:79:fc:2d:57:76:9f:bf:da:9c:a0:5d:13:ec:e9: 47:ad:c4:ae:1c:fc:00:f8:46:3b:81:ee:46:0b:4c:c6:ef:a2: a0:4d:1b:ab:4d:7b:26:a7:78:0c:ab:3c:fd:da:4d:4b:ef:0f: 99:aa:7c:68:bd:11:3a:e2:f3:41:e5:65:06:01:b3:3e:33:33: 5c:dd:23:5b:99:19:c0:fd:88:ce:4c:59:25:65:cc:49:18:ba: 57:31:ce:7f:05:1b:40:51:17:05:59:63:40:3c:fc:07:0b:e6: 74:2a:52:3f:11:6b:62:be:4e:2b:09:fb:f0:bb:35:e4:ad:54: c9:cd:ed:99:45:d3:3f:41:6f:0f:de:de:18:fc:c7:49:08:5a: c6:ae:fe:1e:0e:75:28:9a:f6:9d:86:ff:fb:98:04:a3:ae:07: 8d:30:01:11:fc:fe:b4:57:c7:d3:c3:2e:3e:ce:74:21:31:83: 9c:ba:ca:bf -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZv6dxc92BPcz1JsFlr/6/KRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiNjQxZmM5MDNkNWI0Y2M5NzE2NDkzMjRhNGIzNGU0Zjgy NDIyYzUwHhcNMjYwMTI2MTMyMTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGQ3NTQxYjU4YjllMzMyN2UwZTJjYjMwMWI2MjllNjEyMzVmZDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM4ACUabXE6GIClmGOSzgfzuXEOU ABjyPj8/nzHRowG14n+d9utqictN6+0k+Rs8ZFKEseALL6ilYargM4deEFczIiIP oXjAT48P15O3hEhjkv0dYcLYJPCo7zPwCwIQ6Sxx2nhfyTMW6L//ygpyFQCY0WW5 wykZDp1ooLaSxrreZITK/ttqCNvBNQLksUcTxZfrm/l7VsvED81U5zq9ZZyWmvqJ zkHWRrdjNaJ8qFSmK7FLwOwBy7mEOs0lfxRL/FUM4k4LwychPCzbgycpLzMcKN80 q2vBDPlC9oQjDx5rLg18DApifx0S6oSspTKNcS9v7jckOASp/gJoP4R9JwIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFHDXVBtYueMyfg4sswG2KeYSNf2MMB8GA1UdIwQY MBaAFNtkH8kD1bTMlxZJMkpLNOT4JCLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzkt N2ZlZTU5MWEyMDljLzEvY05kVUcxaTU0ekotRGl5ekFiWXA1aEkxX1l3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC8xMDA5NWYtZmQzNS00YTA2LThmMzktN2ZlZTU5MWEyMDlj LzEvMjJRZnlRUFZ0TXlYRmtreVNrczA1UGdrSXNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAvBAIAATApAwQDTVvIAwMA UKwDBAO8XeADBALCPvADBAXDFgADBADDI0IDBALDSIgwFgQCAAIwEAMFACABTMAD BwAqA3PAAAAwDQYJKoZIhvcNAQELBQADggEBAEr2146/QbBuz2aaqG6n3otMAIeu xMitJHdpco2CB+GGt1Zq8dl3rINNhu99F4rWja17BrU+GtHcinSYuiZ0nSFNtxbi w6KCMlA0+I15/C1Xdp+/2pygXRPs6UetxK4c/AD4RjuB7kYLTMbvoqBNG6tNeyan eAyrPP3aTUvvD5mqfGi9ETri80HlZQYBsz4zM1zdI1uZGcD9iM5MWSVlzEkYulcx zn8FG0BRFwVZY0A8/AcL5nQqUj8Ra2K+TisJ+/C7NeStVMnN7ZlF0z9Bbw/e3hj8 x0kIWsau/h4OdSia9p2G//uYBKOuB40wARH8/rRXx9PDLj7OdCExg5y6yr8= -----END CERTIFICATE-----Generated at Tue Jan 27 14:59:25 2026 by rpki-client