This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/CmZeg0QZClyASLrlfEFcbEqzniE.roa File: CmZeg0QZClyASLrlfEFcbEqzniE.roa (raw, json) Hash identifier: hxAFIZw4RCC07UgvikV6JR0Y6MOvZuFKg3XrUhhJ604= Subject key identifier: 0A:66:5E:83:44:19:0A:5C:80:48:BA:E5:7C:41:5C:6C:4A:B3:9E:21 Certificate issuer: /CN=833e0e480411b9c88e916def90fc3a901026394a Certificate serial: 019BC268607D16420B2DE97E3254E6BD3BB9 Authority key identifier: 83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/CmZeg0QZClyASLrlfEFcbEqzniE.roa Signing time: Thu 15 Jan 2026 16:06:18 +0000 ROA not before: Thu 15 Jan 2026 16:06:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34173 IP address blocks: 185.7.72.0/22 maxlen: 24 185.7.72.0/24 maxlen: 24 185.7.73.0/24 maxlen: 24 185.7.74.0/24 maxlen: 24 185.7.75.0/24 maxlen: 24 2a03:1780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.mft rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c2:68:60:7d:16:42:0b:2d:e9:7e:32:54:e6:bd:3b:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=833e0e480411b9c88e916def90fc3a901026394a Validity Not Before: Jan 15 16:06:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a665e8344190a5c8048bae57c415c6c4ab39e21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:9f:24:32:58:88:3f:57:48:09:ba:4f:33:d0: de:14:72:5b:e5:16:c2:4b:a3:51:43:3a:48:01:a3: 2c:5b:67:b1:37:62:4f:1f:e2:3d:91:1e:f6:27:63: 29:ca:c1:e6:d4:0f:af:16:8d:da:1f:4b:f5:24:55: b8:12:1f:a0:45:e0:c4:02:c8:14:68:0e:ca:b1:de: df:2b:5a:91:11:b0:e0:8d:53:f6:a3:cf:08:83:e3: 4e:ef:78:94:0c:a1:94:82:2a:0b:3f:95:27:57:8f: 4a:d3:66:4e:96:c7:24:50:9b:9e:90:0a:27:75:97: 91:01:2a:df:34:29:bf:9d:5c:b3:7c:c2:31:d8:10: 93:85:22:67:c0:44:47:b3:60:f0:c7:ba:34:36:6b: cc:93:3e:ca:16:f2:74:42:ef:76:10:1c:30:bb:21: a2:e2:ab:10:c8:b9:93:11:91:d1:34:32:93:89:fb: e5:7b:46:3b:08:66:07:15:4d:d3:01:c3:1c:41:57: 3e:b0:c1:de:10:a7:a3:da:57:54:97:36:27:a5:0c: d2:0e:ec:00:54:dc:8b:6e:c4:6e:7b:44:52:70:ab: 97:5c:46:87:62:b3:fc:a8:4b:b7:d2:d3:ca:2c:f9: 92:20:40:b6:41:58:3d:3f:7b:16:75:d3:1f:74:fa: ad:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:66:5E:83:44:19:0A:5C:80:48:BA:E5:7C:41:5C:6C:4A:B3:9E:21 X509v3 Authority Key Identifier: keyid:83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/CmZeg0QZClyASLrlfEFcbEqzniE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.7.72.0/22 IPv6: 2a03:1780::/32 Signature Algorithm: sha256WithRSAEncryption 78:23:27:99:33:f2:fe:ff:ba:f0:da:4a:63:6f:72:99:85:34: 36:d1:e8:8e:e4:8b:41:52:fa:2b:5c:25:73:86:74:01:e4:5c: ee:99:52:ee:74:8d:78:6b:c4:c4:0c:eb:e0:8c:10:4f:9d:57: 91:80:4e:63:d9:86:b5:8e:8d:f9:d1:23:0d:24:3c:a2:7e:41: 48:2d:46:a7:98:21:4c:e8:f9:44:94:81:b8:da:c3:23:a2:54: 6a:5a:98:5a:11:41:de:c7:68:ca:53:6e:84:7e:06:5b:40:68: 40:04:89:ad:ef:a5:bf:5f:1c:9b:9f:a6:9a:a7:a2:48:40:db: 03:dc:c5:12:97:05:f2:2a:ba:9a:5c:7e:55:05:df:61:e5:a6: 11:44:a8:79:4f:64:a8:95:a5:f5:40:5b:d9:1b:dd:fe:5e:25: e9:e8:35:58:07:33:b7:47:ca:fc:7c:65:9f:74:46:31:14:e8: f1:da:4d:60:d2:04:e9:ff:ab:62:e5:2b:e2:c2:68:36:0b:94: c0:17:fc:f6:fd:34:46:0f:5b:6d:f9:88:86:19:a8:3e:02:fa: 19:77:e8:88:09:41:ef:5c:49:33:54:1c:1c:be:ca:09:8f:38: 5c:20:71:de:33:e9:7c:8f:a3:26:1d:4c:11:51:65:81:ed:5e: cf:d5:68:38 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZvCaGB9FkILLel+MlTmvTu5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzM2UwZTQ4MDQxMWI5Yzg4ZTkxNmRlZjkwZmMzYTkwMTAy NjM5NGEwHhcNMjYwMTE1MTYwNjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTY2NWU4MzQ0MTkwYTVjODA0OGJhZTU3YzQxNWM2YzRhYjM5ZTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ8kMliIP1dICbpPM9DeFHJb5RbC S6NRQzpIAaMsW2exN2JPH+I9kR72J2MpysHm1A+vFo3aH0v1JFW4Eh+gReDEAsgU aA7Ksd7fK1qREbDgjVP2o88Ig+NO73iUDKGUgioLP5UnV49K02ZOlsckUJuekAon dZeRASrfNCm/nVyzfMIx2BCThSJnwERHs2Dwx7o0NmvMkz7KFvJ0Qu92EBwwuyGi 4qsQyLmTEZHRNDKTifvle0Y7CGYHFU3TAcMcQVc+sMHeEKej2ldUlzYnpQzSDuwA VNyLbsRue0RScKuXXEaHYrP8qEu30tPKLPmSIEC2QVg9P3sWddMfdPqt9wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFApmXoNEGQpcgEi65XxBXGxKs54hMB8GA1UdIwQY MBaAFIM+DkgEEbnIjpFt75D8OpAQJjlKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMt NmMyMGViYWYzMGE5LzEvQ21aZWcwUVpDbHlBU0xybGZFRmNiRXF6bmlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMtNmMyMGViYWYzMGE5 LzEvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQdIMA0E AgACMAcDBQAqAxeAMA0GCSqGSIb3DQEBCwUAA4IBAQB4IyeZM/L+/7rw2kpjb3KZ hTQ20eiO5ItBUvorXCVzhnQB5FzumVLudI14a8TEDOvgjBBPnVeRgE5j2Ya1jo35 0SMNJDyifkFILUanmCFM6PlElIG42sMjolRqWphaEUHex2jKU26EfgZbQGhABImt 76W/Xxybn6aap6JIQNsD3MUSlwXyKrqaXH5VBd9h5aYRRKh5T2SolaX1QFvZG93+ XiXp6DVYBzO3R8r8fGWfdEYxFOjx2k1g0gTp/6ti5Sviwmg2C5TAF/z2/TRGD1tt +YiGGag+AvoZd+iICUHvXEkzVBwcvsoJjzhcIHHeM+l8j6MmHUwRUWWB7V7P1Wg4 -----END CERTIFICATE-----Generated at Mon Jan 26 04:50:31 2026 by rpki-client