This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa File: ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa (raw, json) Hash identifier: gOfRKf6V+xV3ZsFtbBW86oarsiPBo5VFvmb0v2OnPU0= Subject key identifier: 0A:55:CB:E1:D4:F8:19:29:5D:F2:51:1F:01:6C:82:62:BE:5C:23:76 Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672 Certificate serial: 019B7A5B548E3FE372A50A234E1BA12BF9C1 Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa Signing time: Thu 01 Jan 2026 16:19:24 +0000 ROA not before: Thu 01 Jan 2026 16:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205925 IP address blocks: 185.197.212.0/22 maxlen: 22 185.197.212.0/24 maxlen: 24 185.197.213.0/24 maxlen: 24 185.197.214.0/24 maxlen: 24 2a0a:7c40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.mft rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:54:8e:3f:e3:72:a5:0a:23:4e:1b:a1:2b:f9:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672 Validity Not Before: Jan 1 16:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a55cbe1d4f819295df2511f016c8262be5c2376 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c4:72:91:b9:c8:ed:dc:a6:1f:86:8f:6e:5f: 0b:e7:0f:1d:48:8d:9c:b5:86:7d:0b:a0:4f:31:67: 54:e6:35:97:b0:92:77:e3:08:41:9b:fa:3f:0c:bd: 36:4e:6b:91:4a:72:d9:54:fe:ee:3b:45:c3:d3:e2: b8:8a:4b:f5:b7:41:f6:2d:c0:1a:53:51:22:f9:8a: cf:24:0f:6e:79:ec:bb:81:18:ba:02:2e:bd:74:36: 86:af:5b:86:bd:df:39:ee:96:70:81:19:a2:fc:58: da:21:10:9d:01:f5:84:8b:38:3b:f2:39:5b:af:43: a9:4e:54:11:6c:9e:11:7f:a2:5e:a3:84:4d:f9:2c: 99:d7:18:fa:cd:f9:83:dd:44:09:d4:4e:a4:25:c3: 41:ae:2a:c1:54:17:cf:af:73:af:ec:13:a0:e2:ef: 45:05:8b:e0:0c:96:d9:bc:04:ff:a3:7b:92:ae:34: 79:12:6e:9e:1c:a9:b1:a6:84:14:e7:ce:24:07:84: 84:32:fd:5b:fe:13:a9:49:6f:95:c8:de:f9:60:c8: a2:7d:a4:53:78:79:07:e1:1e:81:86:24:dc:95:e2: 5e:42:9f:80:cb:12:ec:53:6d:d6:19:5c:c6:a0:dc: db:4d:13:04:db:ea:80:d3:50:72:ed:77:95:d5:b0: 91:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:55:CB:E1:D4:F8:19:29:5D:F2:51:1F:01:6C:82:62:BE:5C:23:76 X509v3 Authority Key Identifier: keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/ClXL4dT4GSld8lEfAWyCYr5cI3Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.197.212.0/22 IPv6: 2a0a:7c40::/32 Signature Algorithm: sha256WithRSAEncryption 18:ee:7f:b1:52:a7:bb:e2:96:d4:4f:67:97:2c:be:91:aa:20: 43:b2:41:61:b7:4b:05:d3:e2:b1:63:c0:fa:90:7b:e6:8a:05: 3a:c0:d5:e5:14:47:7e:ab:86:c4:b4:a8:99:ce:84:bb:85:b2: 17:e4:93:f0:a5:77:15:1b:23:c4:fa:a2:4d:53:cf:35:7b:5a: 2b:de:b6:91:a0:70:fe:62:50:cd:d3:26:bb:aa:cc:8b:87:4e: 86:aa:7a:64:b5:63:1a:e3:78:34:94:64:f6:57:ea:72:0e:49: 99:cf:de:95:89:8a:18:80:a5:99:91:df:9b:47:ff:49:ed:ef: 55:85:2f:22:cd:f9:a2:5e:62:6f:68:a0:2e:f7:c9:f2:f8:a4: 45:dd:56:6c:cd:da:46:43:50:3c:5d:36:cb:c8:38:9c:4a:32: fd:c9:35:85:74:74:b8:2e:56:7c:7f:87:2c:8f:23:6e:78:38: 0f:55:5f:8d:c5:7b:cc:b9:64:af:d7:7d:5d:a0:75:8a:aa:94: 89:14:c0:ec:0d:b0:69:9b:fe:73:7f:2d:79:1b:65:07:16:7c: 3f:69:f6:ec:0b:80:4b:e1:2b:60:72:43:af:98:80:74:6c:d1: c6:29:8a:df:41:42:e2:e1:90:30:64:63:de:a3:48:89:cc:01: 0b:56:37:53 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6W1SOP+NypQojThuhK/nBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj ZWE2NzIwHhcNMjYwMTAxMTYxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTU1Y2JlMWQ0ZjgxOTI5NWRmMjUxMWYwMTZjODI2MmJlNWMyMzc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28RykbnI7dymH4aPbl8L5w8dSI2c tYZ9C6BPMWdU5jWXsJJ34whBm/o/DL02TmuRSnLZVP7uO0XD0+K4ikv1t0H2LcAa U1Ei+YrPJA9ueey7gRi6Ai69dDaGr1uGvd857pZwgRmi/FjaIRCdAfWEizg78jlb r0OpTlQRbJ4Rf6Jeo4RN+SyZ1xj6zfmD3UQJ1E6kJcNBrirBVBfPr3Ov7BOg4u9F BYvgDJbZvAT/o3uSrjR5Em6eHKmxpoQU584kB4SEMv1b/hOpSW+VyN75YMiifaRT eHkH4R6BhiTcleJeQp+AyxLsU23WGVzGoNzbTRME2+qA01By7XeV1bCR/wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFApVy+HU+BkpXfJRHwFsgmK+XCN2MB8GA1UdIwQY MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct N2IyMWJmMzAzY2NjLzEvQ2xYTDRkVDRHU2xkOGxFZkFXeUNZcjVjSTNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucXUMA0E AgACMAcDBQAqCnxAMA0GCSqGSIb3DQEBCwUAA4IBAQAY7n+xUqe74pbUT2eXLL6R qiBDskFht0sF0+KxY8D6kHvmigU6wNXlFEd+q4bEtKiZzoS7hbIX5JPwpXcVGyPE +qJNU881e1or3raRoHD+YlDN0ya7qsyLh06GqnpktWMa43g0lGT2V+pyDkmZz96V iYoYgKWZkd+bR/9J7e9VhS8izfmiXmJvaKAu98ny+KRF3VZszdpGQ1A8XTbLyDic SjL9yTWFdHS4LlZ8f4csjyNueDgPVV+NxXvMuWSv131doHWKqpSJFMDsDbBpm/5z fy15G2UHFnw/afbsC4BL4StgckOvmIB0bNHGKYrfQULi4ZAwZGPeo0iJzAELVjdT -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:16 2026 by rpki-client