This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/cbu2nsq0_E-KnigNEJpP4D0mZdA.roa File: cbu2nsq0_E-KnigNEJpP4D0mZdA.roa (raw, json) Hash identifier: atZeFfSMWx6yJCaBl0p4VHQ5do/K238XneHi5TYWvrI= Subject key identifier: 71:BB:B6:9E:CA:B4:FC:4F:8A:9E:28:0D:10:9A:4F:E0:3D:26:65:D0 Certificate issuer: /CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee Certificate serial: 019B797F2F424FAC23CAD3BF64A7C3482804 Authority key identifier: 2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/cbu2nsq0_E-KnigNEJpP4D0mZdA.roa Signing time: Thu 01 Jan 2026 12:18:56 +0000 ROA not before: Thu 01 Jan 2026 12:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44530 IP address blocks: 5.198.192.0/24 maxlen: 24 37.77.32.0/20 maxlen: 20 2a02:e5c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.mft rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:2f:42:4f:ac:23:ca:d3:bf:64:a7:c3:48:28:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2d9e31c9029ee44bd681b515330335c6a1cfdeee Validity Not Before: Jan 1 12:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71bbb69ecab4fc4f8a9e280d109a4fe03d2665d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:11:90:3b:92:e1:3e:3c:98:17:a0:d5:fc:b2: f5:f5:95:06:04:4d:28:ee:1a:62:bd:01:e5:e5:0a: 92:c0:b9:f8:44:c5:1f:ca:0e:6c:c1:57:97:a1:8a: 80:9d:34:7b:5f:96:b3:fc:85:06:27:79:3a:48:ba: b9:ef:01:ff:2c:62:23:e5:0b:f5:53:cb:bc:10:a1: f0:fe:41:97:a3:52:0d:b1:db:91:21:70:32:30:ff: 9a:1b:4c:ee:36:6e:53:9f:cc:ce:1d:72:69:73:b2: 19:0c:ff:de:11:7a:dd:1f:5d:89:2a:66:1b:c8:ee: 8a:c5:2b:46:20:0c:1a:a9:59:b5:d4:51:40:eb:fd: ee:b9:ca:f0:30:f7:d9:b0:ba:bd:ae:3f:00:1c:91: 56:42:c3:97:c1:cc:31:55:8d:10:d5:62:95:77:74: 29:aa:f8:24:13:f8:e6:75:94:42:58:d4:34:20:18: 1b:59:89:52:80:08:17:e7:15:91:14:25:6d:ce:60: 00:e1:30:bc:8e:c8:b0:f2:f9:59:24:4b:85:95:b5: 87:6a:cf:2e:f2:35:c1:03:67:2a:27:1b:5c:c9:b6: bb:7e:fc:b9:6c:76:d6:53:06:ad:5c:fa:1d:44:0c: 8e:4f:f8:ec:1b:3e:4a:65:52:ff:97:79:05:95:93: 7c:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BB:B6:9E:CA:B4:FC:4F:8A:9E:28:0D:10:9A:4F:E0:3D:26:65:D0 X509v3 Authority Key Identifier: keyid:2D:9E:31:C9:02:9E:E4:4B:D6:81:B5:15:33:03:35:C6:A1:CF:DE:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/cbu2nsq0_E-KnigNEJpP4D0mZdA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/15d896-2f69-4697-a6fc-08da6652a867/1/LZ4xyQKe5EvWgbUVMwM1xqHP3u4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.198.192.0/24 37.77.32.0/20 IPv6: 2a02:e5c::/32 Signature Algorithm: sha256WithRSAEncryption 4a:f1:3c:b7:ec:e0:af:c8:93:ac:21:85:35:5d:47:e3:0f:85: 28:ba:bb:46:4a:4b:e2:30:18:0e:15:4e:6a:70:bd:43:9e:4d: 3e:88:d4:22:5e:cc:da:c6:86:1c:cc:e8:d2:c0:85:48:28:26: 01:ca:b8:83:2b:bb:3d:93:d2:de:f2:b8:5b:53:87:f9:18:31: 9c:de:04:89:04:d5:63:62:9f:02:84:11:43:b3:93:df:88:d3: 6c:99:c1:4a:06:8d:bc:63:eb:4c:4a:6b:7a:7c:ee:96:5f:27: 1e:a9:81:e3:c4:49:fe:aa:4f:c7:25:64:e9:b8:f5:03:12:99: 77:80:be:a5:b5:5a:9f:fe:a0:da:80:5d:70:13:1c:59:5a:c1: 68:43:e4:3a:d2:10:52:4a:1d:06:0e:26:67:51:59:b4:89:4b: 28:e6:24:90:18:08:e8:37:b6:01:c3:aa:42:bc:79:4e:25:69: 99:0e:81:46:a7:80:9e:8f:46:c4:c2:27:76:99:b9:df:95:b2: e0:09:7d:f8:04:be:db:58:45:9d:7e:a8:90:6c:54:fd:ee:c3: cb:cb:95:8f:da:0a:01:4e:b6:e1:2b:82:e1:29:48:e7:81:1a: a7:4c:be:5d:1d:b8:67:79:32:12:2b:24:67:18:06:79:f3:1b: 32:be:3c:25 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fy9CT6wjytO/ZKfDSCgEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkOWUzMWM5MDI5ZWU0NGJkNjgxYjUxNTMzMDMzNWM2YTFj ZmRlZWUwHhcNMjYwMTAxMTIxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWJiYjY5ZWNhYjRmYzRmOGE5ZTI4MGQxMDlhNGZlMDNkMjY2NWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBGQO5LhPjyYF6DV/LL19ZUGBE0o 7hpivQHl5QqSwLn4RMUfyg5swVeXoYqAnTR7X5az/IUGJ3k6SLq57wH/LGIj5Qv1 U8u8EKHw/kGXo1INsduRIXAyMP+aG0zuNm5Tn8zOHXJpc7IZDP/eEXrdH12JKmYb yO6KxStGIAwaqVm11FFA6/3uucrwMPfZsLq9rj8AHJFWQsOXwcwxVY0Q1WKVd3Qp qvgkE/jmdZRCWNQ0IBgbWYlSgAgX5xWRFCVtzmAA4TC8jsiw8vlZJEuFlbWHas8u 8jXBA2cqJxtcyba7fvy5bHbWUwatXPodRAyOT/jsGz5KZVL/l3kFlZN8SQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFHG7tp7KtPxPip4oDRCaT+A9JmXQMB8GA1UdIwQY MBaAFC2eMckCnuRL1oG1FTMDNcahz97uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMt MDhkYTY2NTJhODY3LzEvY2J1Mm5zcTBfRS1LbmlnTkVKcFA0RDBtWmRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi8xNWQ4OTYtMmY2OS00Njk3LWE2ZmMtMDhkYTY2NTJhODY3 LzEvTFo0eHlRS2U1RXZXZ2JVVk13TTF4cUhQM3U0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABcbAAwQE JU0gMA0EAgACMAcDBQAqAg5cMA0GCSqGSIb3DQEBCwUAA4IBAQBK8Ty37OCvyJOs IYU1XUfjD4UourtGSkviMBgOFU5qcL1Dnk0+iNQiXszaxoYczOjSwIVIKCYByriD K7s9k9Le8rhbU4f5GDGc3gSJBNVjYp8ChBFDs5PfiNNsmcFKBo28Y+tMSmt6fO6W XyceqYHjxEn+qk/HJWTpuPUDEpl3gL6ltVqf/qDagF1wExxZWsFoQ+Q60hBSSh0G DiZnUVm0iUso5iSQGAjoN7YBw6pCvHlOJWmZDoFGp4Cej0bEwid2mbnflbLgCX34 BL7bWEWdfqiQbFT97sPLy5WP2goBTrbhK4LhKUjngRqnTL5dHbhneTISKyRnGAZ5 8xsyvjwl -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:58 2026 by rpki-client