This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/CHly21F90uK3t1PTfGR7rzZwk_E.roa File: CHly21F90uK3t1PTfGR7rzZwk_E.roa (raw, json) Hash identifier: mWrqsrt9qgm67LUNBZ/tu5yn1dKMTJD4Xe31GCUEOfc= Subject key identifier: 08:79:72:DB:51:7D:D2:E2:B7:B7:53:D3:7C:64:7B:AF:36:70:93:F1 Certificate issuer: /CN=ac0cd1a338ebf5c7952eb9a1f0060549f9340ad6 Certificate serial: 019B7BA4F1C6BC6168231034BC1941BBAC91 Authority key identifier: AC:0C:D1:A3:38:EB:F5:C7:95:2E:B9:A1:F0:06:05:49:F9:34:0A:D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/CHly21F90uK3t1PTfGR7rzZwk_E.roa Signing time: Thu 01 Jan 2026 22:19:25 +0000 ROA not before: Thu 01 Jan 2026 22:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28757 IP address blocks: 185.27.196.0/22 maxlen: 22 185.27.196.0/23 maxlen: 23 185.27.198.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/rAzRozjr9ceVLrmh8AYFSfk0CtY.crl rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/rAzRozjr9ceVLrmh8AYFSfk0CtY.mft rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:f1:c6:bc:61:68:23:10:34:bc:19:41:bb:ac:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac0cd1a338ebf5c7952eb9a1f0060549f9340ad6 Validity Not Before: Jan 1 22:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=087972db517dd2e2b7b753d37c647baf367093f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:13:76:e3:fa:13:78:38:85:d5:92:8d:44:bb: 6f:dc:7c:44:17:66:b3:0b:f8:5e:b1:4b:7b:22:4d: 96:0c:27:7d:7c:b9:4d:47:fb:a8:b6:34:e8:2a:70: 60:52:cc:e7:e3:91:d1:14:ca:4f:01:33:03:16:04: 38:68:98:a1:8d:af:b4:82:22:71:34:49:fd:1d:ea: 7e:84:ea:4e:8e:76:15:4b:ab:9f:b1:94:c5:cc:b2: bc:38:0e:63:9a:26:f1:3f:29:ea:65:a9:50:e7:e8: 5a:57:aa:5b:04:6e:9e:ae:8a:35:aa:1b:40:d9:39: 3c:96:22:ce:b9:77:4e:12:44:83:25:f3:78:13:3d: 4b:a5:17:50:b4:a5:23:70:10:79:23:31:1c:2b:ec: a2:03:bb:4f:28:b5:93:18:ac:5b:8a:e8:a1:30:27: 18:c5:b0:5d:37:44:64:87:5b:70:c9:0c:b8:4d:dd: f3:4f:66:0d:f7:3f:25:fa:13:3f:65:7e:f8:0c:9a: 05:ce:b1:3b:69:e6:45:00:11:8c:8f:68:83:db:0e: c7:91:78:dc:ea:d0:2d:66:11:df:57:7a:b0:1d:99: ea:86:63:4f:4a:75:35:84:23:26:9f:80:02:00:03: 63:8b:59:d7:19:88:f1:89:a6:28:d9:16:cb:55:fd: 03:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:79:72:DB:51:7D:D2:E2:B7:B7:53:D3:7C:64:7B:AF:36:70:93:F1 X509v3 Authority Key Identifier: keyid:AC:0C:D1:A3:38:EB:F5:C7:95:2E:B9:A1:F0:06:05:49:F9:34:0A:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAzRozjr9ceVLrmh8AYFSfk0CtY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/CHly21F90uK3t1PTfGR7rzZwk_E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0c5ec1-9c3d-4162-9804-a33518bdd8fe/1/rAzRozjr9ceVLrmh8AYFSfk0CtY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.27.196.0/22 Signature Algorithm: sha256WithRSAEncryption 32:b4:3c:4c:05:36:9c:72:96:5a:72:3b:77:8e:f1:55:ad:fc: f7:40:c8:72:d4:51:42:5c:cc:b2:6d:f0:69:b2:79:a0:3f:f9: 86:40:8f:9e:ea:e7:24:ef:7a:44:ea:9c:7b:32:f2:44:b9:5c: e8:4a:cf:76:e4:03:1b:4d:3a:7a:9f:78:84:13:7f:03:59:15: d8:b0:8d:7a:64:06:06:60:a4:58:9b:28:3f:18:07:1d:b8:0e: f8:41:e3:85:b5:98:72:ce:5b:06:f2:56:40:84:6f:1b:ac:92: 05:ab:6d:e5:6c:06:82:6e:75:a3:19:71:ca:de:9e:d8:cc:ef: 00:6b:95:9a:a9:dc:91:ee:7c:f5:89:e7:bd:9b:b7:6a:d4:d7: 18:8e:c7:ff:de:8f:25:73:38:65:f1:14:bd:73:b9:f8:66:25: 44:cf:43:f9:8f:09:8b:25:52:66:88:63:fa:48:89:e0:e4:98: 7c:6b:f7:24:f8:0f:b8:a0:89:3c:b6:26:b7:73:77:3f:e9:50: c9:dd:a3:b2:8c:5f:2a:37:05:fa:32:aa:64:e2:1a:2c:b0:43: 58:c6:2c:10:c8:32:18:3a:61:5b:fb:04:70:f0:33:a4:fb:63: 38:bb:8c:ae:89:bf:7b:8d:9d:93:e9:cb:db:8c:13:7a:1c:93: e6:16:0d:80 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pPHGvGFoIxA0vBlBu6yRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMGNkMWEzMzhlYmY1Yzc5NTJlYjlhMWYwMDYwNTQ5Zjkz NDBhZDYwHhcNMjYwMTAxMjIxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODc5NzJkYjUxN2RkMmUyYjdiNzUzZDM3YzY0N2JhZjM2NzA5M2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRN24/oTeDiF1ZKNRLtv3HxEF2az C/hesUt7Ik2WDCd9fLlNR/uotjToKnBgUszn45HRFMpPATMDFgQ4aJihja+0giJx NEn9Hep+hOpOjnYVS6ufsZTFzLK8OA5jmibxPynqZalQ5+haV6pbBG6eroo1qhtA 2Tk8liLOuXdOEkSDJfN4Ez1LpRdQtKUjcBB5IzEcK+yiA7tPKLWTGKxbiuihMCcY xbBdN0Rkh1twyQy4Td3zT2YN9z8l+hM/ZX74DJoFzrE7aeZFABGMj2iD2w7HkXjc 6tAtZhHfV3qwHZnqhmNPSnU1hCMmn4ACAANji1nXGYjxiaYo2RbLVf0DBQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAh5cttRfdLit7dT03xke682cJPxMB8GA1UdIwQY MBaAFKwM0aM46/XHlS65ofAGBUn5NArWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckF6Um96anI5Y2VWTHJtaDhBWUZTZmswQ3RZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wYzVlYzEtOWMzZC00MTYyLTk4MDQt YTMzNTE4YmRkOGZlLzEvQ0hseTIxRjkwdUszdDFQVGZHUjdyelp3a19FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8wYzVlYzEtOWMzZC00MTYyLTk4MDQtYTMzNTE4YmRkOGZl LzEvckF6Um96anI5Y2VWTHJtaDhBWUZTZmswQ3RZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRvEMA0G CSqGSIb3DQEBCwUAA4IBAQAytDxMBTaccpZacjt3jvFVrfz3QMhy1FFCXMyybfBp snmgP/mGQI+e6uck73pE6px7MvJEuVzoSs925AMbTTp6n3iEE38DWRXYsI16ZAYG YKRYmyg/GAcduA74QeOFtZhyzlsG8lZAhG8brJIFq23lbAaCbnWjGXHK3p7YzO8A a5WaqdyR7nz1iee9m7dq1NcYjsf/3o8lczhl8RS9c7n4ZiVEz0P5jwmLJVJmiGP6 SIng5Jh8a/ck+A+4oIk8tia3c3c/6VDJ3aOyjF8qNwX6Mqpk4hossENYxiwQyDIY OmFb+wRw8DOk+2M4u4yuib97jZ2T6cvbjBN6HJPmFg2A -----END CERTIFICATE-----Generated at Sun Jan 25 12:17:08 2026 by rpki-client