This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/CnCgZxqBwoZSj-sRCC6hjRMHYgE.roa File: CnCgZxqBwoZSj-sRCC6hjRMHYgE.roa (raw, json) Hash identifier: t0U8GxVmfi3P7WDV+ltBtv7fLFx6DgcsLhiMKqOEWho= Subject key identifier: 0A:70:A0:67:1A:81:C2:86:52:8F:EB:11:08:2E:A1:8D:13:07:62:01 Certificate issuer: /CN=a733bd111fd8cb76f4883bbbcbfda59db66ed2de Certificate serial: 019B78A2F65654AED7E1AAB3972E267B28D6 Authority key identifier: A7:33:BD:11:1F:D8:CB:76:F4:88:3B:BB:CB:FD:A5:9D:B6:6E:D2:DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/CnCgZxqBwoZSj-sRCC6hjRMHYgE.roa Signing time: Thu 01 Jan 2026 08:18:24 +0000 ROA not before: Thu 01 Jan 2026 08:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201010 IP address blocks: 185.89.24.0/22 maxlen: 24 2a05:d500::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.mft rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f6:56:54:ae:d7:e1:aa:b3:97:2e:26:7b:28:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a733bd111fd8cb76f4883bbbcbfda59db66ed2de Validity Not Before: Jan 1 08:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a70a0671a81c286528feb11082ea18d13076201 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:94:85:bd:96:93:ce:c3:26:4d:89:5a:5d:bb: 8c:b8:62:39:32:5b:24:00:5d:c4:4e:bf:e6:65:25: 16:70:2b:8c:8e:93:5e:f9:67:90:5c:9b:7c:63:3c: f0:64:47:73:cd:82:a0:3d:0d:6f:f2:32:32:fb:d5: ae:60:f1:96:f6:0b:52:f8:28:99:e3:02:0a:03:7c: 9b:ea:73:56:29:5d:b7:c1:94:67:6e:ab:9d:27:52: e4:8c:3a:0a:34:aa:d0:58:49:2d:ed:e1:63:c3:e2: e7:64:c8:8c:37:b2:f2:f9:a1:2d:67:d8:dc:f2:9f: 1f:88:99:44:75:19:71:4c:f7:aa:fb:47:1c:97:ec: b8:cb:48:ff:ff:6d:bc:44:cf:0f:4f:c5:d1:49:8a: d7:e5:26:d2:71:0c:75:bc:9e:ce:74:68:ac:a0:0b: 9d:5f:b7:55:db:a5:ce:6f:3b:a9:57:81:41:40:20: cb:31:f2:45:04:71:55:bf:7a:ae:3b:fd:1e:46:4a: 00:19:55:62:f2:14:7b:f2:f5:c2:ef:4a:af:65:6d: 7e:5d:99:05:6a:19:d2:5f:e8:9e:5f:c0:f5:ab:f9: 2d:ff:6e:99:93:58:e0:60:19:98:ed:0c:0b:36:67: 94:88:cf:1e:54:4d:73:41:da:ed:95:11:7c:4e:c6: aa:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:70:A0:67:1A:81:C2:86:52:8F:EB:11:08:2E:A1:8D:13:07:62:01 X509v3 Authority Key Identifier: keyid:A7:33:BD:11:1F:D8:CB:76:F4:88:3B:BB:CB:FD:A5:9D:B6:6E:D2:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/CnCgZxqBwoZSj-sRCC6hjRMHYgE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.89.24.0/22 IPv6: 2a05:d500::/29 Signature Algorithm: sha256WithRSAEncryption 34:13:1e:77:5b:30:01:79:80:4d:8a:b9:77:43:c1:8f:c0:a2: f1:90:cb:c6:52:ba:31:42:ce:2d:04:cd:bb:2a:b7:f2:f2:69: dd:22:be:1b:f9:43:01:68:a7:86:c0:48:2d:43:5b:4c:dc:d1: 87:15:73:77:77:68:cc:0d:9c:5f:4e:f5:ea:93:84:33:fd:18: 1f:a0:59:bc:99:48:fb:d5:79:86:f4:5f:53:fc:5b:1c:ab:8f: 11:bb:87:cb:f5:f4:92:2c:15:b9:4c:8a:6f:00:bb:c2:0d:57: d0:e5:ab:58:79:90:f8:d0:04:d8:03:c0:49:69:7f:2e:79:65: 17:75:f9:ad:6f:6c:af:50:47:e5:8a:02:ba:5b:d5:d4:84:df: 3b:24:d8:55:37:2d:38:c6:57:fd:14:82:49:fb:8e:4a:9f:92: bb:35:aa:d3:29:76:5c:9c:dc:db:55:b8:14:be:a7:43:89:d0: 57:8c:32:f4:37:11:d9:db:03:38:c2:a3:26:69:91:67:07:4e: 7b:5e:12:b3:d7:86:a1:3e:fd:e6:bc:89:29:a5:11:a3:69:13: 4e:a1:78:20:dc:ed:02:28:94:8b:d2:1c:68:9c:3d:a8:22:08: 0f:34:9c:75:1d:ca:a3:31:8e:7e:4e:6e:2a:17:89:ca:78:7b: 78:d2:2c:12 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4ovZWVK7X4aqzly4meyjWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MzNiZDExMWZkOGNiNzZmNDg4M2JiYmNiZmRhNTlkYjY2 ZWQyZGUwHhcNMjYwMTAxMDgxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTcwYTA2NzFhODFjMjg2NTI4ZmViMTEwODJlYTE4ZDEzMDc2MjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5SFvZaTzsMmTYlaXbuMuGI5Mlsk AF3ETr/mZSUWcCuMjpNe+WeQXJt8YzzwZEdzzYKgPQ1v8jIy+9WuYPGW9gtS+CiZ 4wIKA3yb6nNWKV23wZRnbqudJ1LkjDoKNKrQWEkt7eFjw+LnZMiMN7Ly+aEtZ9jc 8p8fiJlEdRlxTPeq+0ccl+y4y0j//228RM8PT8XRSYrX5SbScQx1vJ7OdGisoAud X7dV26XObzupV4FBQCDLMfJFBHFVv3quO/0eRkoAGVVi8hR78vXC70qvZW1+XZkF ahnSX+ieX8D1q/kt/26Zk1jgYBmY7QwLNmeUiM8eVE1zQdrtlRF8TsaqHwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFApwoGcagcKGUo/rEQguoY0TB2IBMB8GA1UdIwQY MBaAFKczvREf2Mt29Ig7u8v9pZ22btLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHpPOUVSX1l5M2IwaUR1N3lfMmxuYlp1MHQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wNzNiMTktMDgzOS00M2FjLThiNWIt MDhjZWQ5MmM5NzcwLzEvQ25DZ1p4cUJ3b1pTai1zUkNDNmhqUk1IWWdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi8wNzNiMTktMDgzOS00M2FjLThiNWItMDhjZWQ5MmM5Nzcw LzEvcHpPOUVSX1l5M2IwaUR1N3lfMmxuYlp1MHQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVkYMA0E AgACMAcDBQMqBdUAMA0GCSqGSIb3DQEBCwUAA4IBAQA0Ex53WzABeYBNirl3Q8GP wKLxkMvGUroxQs4tBM27Krfy8mndIr4b+UMBaKeGwEgtQ1tM3NGHFXN3d2jMDZxf TvXqk4Qz/RgfoFm8mUj71XmG9F9T/Fscq48Ru4fL9fSSLBW5TIpvALvCDVfQ5atY eZD40ATYA8BJaX8ueWUXdfmtb2yvUEfligK6W9XUhN87JNhVNy04xlf9FIJJ+45K n5K7NarTKXZcnNzbVbgUvqdDidBXjDL0NxHZ2wM4wqMmaZFnB057XhKz14ahPv3m vIkppRGjaRNOoXgg3O0CKJSL0hxonD2oIggPNJx1HcqjMY5+Tm4qF4nKeHt40iwS -----END CERTIFICATE-----Generated at Mon Feb 9 18:43:41 2026 by rpki-client