This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/58ydFFoOvrTPYA8iOIAgZMf_cpo.roa File: 58ydFFoOvrTPYA8iOIAgZMf_cpo.roa (raw, json) Hash identifier: F/vDL/5heMjU5cUbUY7RNuovDGPBXC3rXD0ZADSlfk8= Subject key identifier: E7:CC:9D:14:5A:0E:BE:B4:CF:60:0F:22:38:80:20:64:C7:FF:72:9A Certificate issuer: /CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0 Certificate serial: 019B7C809F9F750416DC20D09FB3C19AEA89 Authority key identifier: B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/58ydFFoOvrTPYA8iOIAgZMf_cpo.roa Signing time: Fri 02 Jan 2026 02:19:22 +0000 ROA not before: Fri 02 Jan 2026 02:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44841 IP address blocks: 45.153.248.0/22 maxlen: 24 185.170.9.0/24 maxlen: 24 2a10:f9c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.mft rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:9f:9f:75:04:16:dc:20:d0:9f:b3:c1:9a:ea:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b520a204f4e09cc83a6258d7aa44f7d2f0fa44a0 Validity Not Before: Jan 2 02:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e7cc9d145a0ebeb4cf600f2238802064c7ff729a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:04:aa:81:04:0d:e7:db:10:e4:50:bb:3a:53: 50:4f:67:bf:af:3a:a6:ac:d0:c5:59:49:ea:fc:55: 9b:23:94:e1:ee:2f:90:8b:d0:df:bc:03:c1:08:ea: 75:3b:ce:3e:18:a4:8d:c1:c5:e7:43:54:74:95:f0: 81:65:1c:8b:82:0d:bb:25:5f:66:0f:1b:2d:d0:0f: a6:ae:4b:cd:3c:b4:bd:10:37:71:0e:7d:de:ca:23: 3c:1c:44:c3:0d:34:94:05:34:2f:17:ab:5e:0e:34: 53:25:15:d3:ff:b0:8a:91:b5:ca:ad:f3:58:8d:c0: 19:87:1c:c0:7d:69:e4:19:0a:19:23:d3:f7:ff:60: 6e:0b:e5:a1:f4:b0:8a:86:5b:e8:3f:6b:fc:62:d8: f8:fd:9c:d5:db:ee:7c:67:be:07:28:66:8e:26:1e: 9f:30:c2:4a:1c:5c:5d:cb:5f:4d:c5:47:85:2a:a5: 4d:c4:bf:db:1b:0e:70:2a:e5:4e:63:ab:56:de:30: 20:d7:40:55:ae:20:c6:3e:f8:a4:21:72:ea:bb:c7: 07:da:98:e6:0f:45:cc:0a:76:93:94:5e:e5:6c:30: 32:3b:e4:f7:33:82:7e:23:d6:bb:63:7c:5f:d0:8e: 6e:f5:f1:ee:5b:51:f9:5c:98:3d:90:48:db:ea:c9: d1:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:CC:9D:14:5A:0E:BE:B4:CF:60:0F:22:38:80:20:64:C7:FF:72:9A X509v3 Authority Key Identifier: keyid:B5:20:A2:04:F4:E0:9C:C8:3A:62:58:D7:AA:44:F7:D2:F0:FA:44:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSCiBPTgnMg6YljXqkT30vD6RKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/58ydFFoOvrTPYA8iOIAgZMf_cpo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/a5a6b3-3ec3-487e-aba0-b8b1e4b4ecb9/1/tSCiBPTgnMg6YljXqkT30vD6RKA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.248.0/22 185.170.9.0/24 IPv6: 2a10:f9c0::/29 Signature Algorithm: sha256WithRSAEncryption 4c:ce:07:82:d2:aa:4b:28:87:00:cd:d4:40:a1:31:0b:77:0e: d8:42:10:08:8f:39:67:62:17:33:c0:f2:ab:8d:5a:84:c3:3e: a0:fc:fa:63:6b:c9:2b:bb:16:ad:84:c0:85:00:cd:36:3e:71: fc:51:99:3c:fd:ce:8b:17:04:c4:8c:4d:3d:6a:f3:f7:01:f0: 17:17:89:68:fd:60:d1:74:67:30:25:6c:4d:9b:f3:f7:8c:28: 5e:04:1d:e0:21:43:9e:af:dd:79:cd:cd:f1:d6:19:55:23:97: fb:8c:5d:23:ad:52:89:15:3b:14:55:c6:97:33:ca:93:2b:ac: 6f:40:a4:83:89:6d:f9:6b:39:ca:13:ff:3d:38:8c:4e:1d:34: fe:6e:93:77:89:2d:00:db:27:62:51:3b:ec:9b:a9:95:6c:23: 3e:41:b6:90:0a:3e:82:88:9f:b6:62:04:b2:1d:7b:e4:b4:20: b5:7f:15:75:d5:99:02:be:53:97:0d:9a:9c:a8:4d:40:87:cb: df:2c:4a:42:68:35:86:95:d0:33:a6:6f:49:85:da:10:13:96: ba:11:17:14:df:ce:53:e0:c3:7d:ce:18:68:95:d0:9a:0a:2e: 5e:3b:7d:0b:a0:16:aa:14:cc:61:96:09:f4:e2:d9:a2:55:b1: 29:1b:2f:94 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8gJ+fdQQW3CDQn7PBmuqJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MjBhMjA0ZjRlMDljYzgzYTYyNThkN2FhNDRmN2QyZjBm YTQ0YTAwHhcNMjYwMTAyMDIxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlN2NjOWQxNDVhMGViZWI0Y2Y2MDBmMjIzODgwMjA2NGM3ZmY3MjlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgSqgQQN59sQ5FC7OlNQT2e/rzqm rNDFWUnq/FWbI5Th7i+Qi9DfvAPBCOp1O84+GKSNwcXnQ1R0lfCBZRyLgg27JV9m Dxst0A+mrkvNPLS9EDdxDn3eyiM8HETDDTSUBTQvF6teDjRTJRXT/7CKkbXKrfNY jcAZhxzAfWnkGQoZI9P3/2BuC+Wh9LCKhlvoP2v8Ytj4/ZzV2+58Z74HKGaOJh6f MMJKHFxdy19NxUeFKqVNxL/bGw5wKuVOY6tW3jAg10BVriDGPvikIXLqu8cH2pjm D0XMCnaTlF7lbDAyO+T3M4J+I9a7Y3xf0I5u9fHuW1H5XJg9kEjb6snRiwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOfMnRRaDr60z2APIjiAIGTH/3KaMB8GA1UdIwQY MBaAFLUgogT04JzIOmJY16pE99Lw+kSgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAt YjhiMWU0YjRlY2I5LzEvNTh5ZEZGb092clRQWUE4aU9JQWdaTWZfY3BvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9hNWE2YjMtM2VjMy00ODdlLWFiYTAtYjhiMWU0YjRlY2I5 LzEvdFNDaUJQVGduTWc2WWxqWHFrVDMwdkQ2UktBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZn4AwQA uaoJMA0EAgACMAcDBQMqEPnAMA0GCSqGSIb3DQEBCwUAA4IBAQBMzgeC0qpLKIcA zdRAoTELdw7YQhAIjzlnYhczwPKrjVqEwz6g/Ppja8kruxathMCFAM02PnH8UZk8 /c6LFwTEjE09avP3AfAXF4lo/WDRdGcwJWxNm/P3jCheBB3gIUOer915zc3x1hlV I5f7jF0jrVKJFTsUVcaXM8qTK6xvQKSDiW35aznKE/89OIxOHTT+bpN3iS0A2ydi UTvsm6mVbCM+QbaQCj6CiJ+2YgSyHXvktCC1fxV11ZkCvlOXDZqcqE1Ah8vfLEpC aDWGldAzpm9JhdoQE5a6ERcU385T4MN9zhholdCaCi5eO30LoBaqFMxhlgn04tmi VbEpGy+U -----END CERTIFICATE-----Generated at Mon Jan 26 03:56:30 2026 by rpki-client