This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/cyPt3U8MJxx2O8Gu_nAjxme3veM.roa File: cyPt3U8MJxx2O8Gu_nAjxme3veM.roa (raw, json) Hash identifier: dV2szaez9MAXq7GDDnq9o/U1fwaDRDnU84jID4xsjVg= Subject key identifier: 73:23:ED:DD:4F:0C:27:1C:76:3B:C1:AE:FE:70:23:C6:67:B7:BD:E3 Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e Certificate serial: 019B7A5BA0E23AC68F1E4E8B35E91BC7C992 Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/cyPt3U8MJxx2O8Gu_nAjxme3veM.roa Signing time: Thu 01 Jan 2026 16:19:43 +0000 ROA not before: Thu 01 Jan 2026 16:19:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29670 IP address blocks: 185.177.204.0/22 maxlen: 24 192.109.21.0/24 maxlen: 24 192.109.42.0/24 maxlen: 24 192.109.82.0/24 maxlen: 24 193.29.188.0/24 maxlen: 24 217.197.80.0/20 maxlen: 24 2001:67c:1400::/45 maxlen: 48 2a0a:4580::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.mft rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:a0:e2:3a:c6:8f:1e:4e:8b:35:e9:1b:c7:c9:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e Validity Not Before: Jan 1 16:19:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7323eddd4f0c271c763bc1aefe7023c667b7bde3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9b:0b:59:80:27:89:de:24:a9:31:0d:13:86: 3e:24:8d:bc:ad:f2:05:a2:06:db:f0:27:30:38:74: c2:c8:f5:ae:de:5e:5d:84:94:82:aa:04:32:21:57: 98:93:d4:b4:35:39:f3:5a:02:9a:2a:1b:0d:fe:44: a8:8b:6b:d9:76:ad:1f:5b:87:f4:eb:d7:f9:21:b8: 29:77:40:b6:86:5e:9d:0f:5f:5d:15:15:61:a7:c5: ae:31:82:10:19:04:7f:07:23:d3:77:c4:e7:0b:ee: 45:9c:cf:ce:f3:ac:fd:d7:1f:a4:ca:f6:bc:6a:99: ac:4e:4a:4c:3f:dd:65:77:94:23:9b:14:d7:04:2d: 2b:33:e2:46:1d:b2:90:97:89:5c:7b:24:4e:e2:9f: 9b:21:ea:a6:82:04:24:60:50:02:ad:5d:f0:8e:d1: 8a:59:24:05:68:6e:72:31:35:3d:cf:42:38:8e:48: ca:45:16:d0:cf:f0:06:04:07:06:c9:95:a8:f2:a2: 18:18:76:cc:61:30:d3:40:62:15:d4:49:04:e2:73: c0:3d:34:f3:f7:7f:05:c0:32:fd:45:2d:7c:96:d3: 2f:83:6e:59:77:d8:5d:46:05:8b:64:e6:d2:16:a9: d1:5f:70:12:0e:88:3e:ad:91:c0:30:61:1f:07:ea: ce:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:23:ED:DD:4F:0C:27:1C:76:3B:C1:AE:FE:70:23:C6:67:B7:BD:E3 X509v3 Authority Key Identifier: keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/cyPt3U8MJxx2O8Gu_nAjxme3veM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.177.204.0/22 192.109.21.0/24 192.109.42.0/24 192.109.82.0/24 193.29.188.0/24 217.197.80.0/20 IPv6: 2001:67c:1400::/45 2a0a:4580::/29 Signature Algorithm: sha256WithRSAEncryption 41:58:49:1e:c5:f2:b2:ef:87:73:03:bd:ee:5c:d3:8a:4d:17: 2b:30:da:3b:6e:03:72:ad:48:db:8e:45:78:5f:1f:da:67:19: 6b:fc:72:ee:32:24:a4:25:8d:cc:c1:e2:ea:14:e6:01:46:fc: 9b:6a:0a:f7:f4:2a:c5:66:6c:db:2b:30:28:06:26:23:b2:11: 1c:ba:0b:a2:cd:eb:39:28:64:74:4b:d3:e8:8a:cc:ae:a3:4a: cc:c1:59:09:a8:fa:19:47:70:81:6d:b2:c1:9b:30:b1:86:af: 67:98:48:f2:b3:e2:c7:4c:22:fe:87:5e:51:29:13:9b:9a:09: 38:c9:c1:70:c3:b4:ad:93:6f:04:41:a2:41:6e:fc:ad:32:ab: 61:e3:1d:82:05:42:f8:75:7d:04:c5:a2:57:c4:86:c3:e5:f8: 3c:f6:ef:94:42:a4:0f:06:3f:1c:a9:47:5e:9d:b8:85:d1:d3: 0a:43:f1:f7:28:05:86:2f:07:c1:a5:d2:28:b0:9c:16:72:98: ba:15:42:67:4d:7e:3e:87:2a:16:f5:b1:aa:72:7e:04:55:ff: 25:da:23:3a:e4:df:10:76:f8:b1:4b:f5:bb:70:7b:23:c9:f2: 06:83:7b:3f:7d:cf:c2:39:5e:4c:81:9d:7d:4a:86:ea:2d:6c: 7f:e3:bd:e1 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgISAZt6W6DiOsaPHk6LNekbx8mSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl YzEwNWUwHhcNMjYwMTAxMTYxOTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzIzZWRkZDRmMGMyNzFjNzYzYmMxYWVmZTcwMjNjNjY3YjdiZGUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJsLWYAnid4kqTENE4Y+JI28rfIF ogbb8CcwOHTCyPWu3l5dhJSCqgQyIVeYk9S0NTnzWgKaKhsN/kSoi2vZdq0fW4f0 69f5Ibgpd0C2hl6dD19dFRVhp8WuMYIQGQR/ByPTd8TnC+5FnM/O86z91x+kyva8 apmsTkpMP91ld5QjmxTXBC0rM+JGHbKQl4lceyRO4p+bIeqmggQkYFACrV3wjtGK WSQFaG5yMTU9z0I4jkjKRRbQz/AGBAcGyZWo8qIYGHbMYTDTQGIV1EkE4nPAPTTz 938FwDL9RS18ltMvg25Zd9hdRgWLZObSFqnRX3ASDog+rZHAMGEfB+rONQIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFHMj7d1PDCccdjvBrv5wI8Znt73jMB8GA1UdIwQY MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1 LTM4MjM1NWZjMmZmMS8xL2N5UHQzVThNSnh4Mk84R3VfbkFqeG1lM3ZlTS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMCoEAgABMCQDBAK5scwD BADAbRUDBADAbSoDBADAbVIDBADBHbwDBATZxVAwFgQCAAIwEAMHAyABBnwUAAMF AyoKRYAwDQYJKoZIhvcNAQELBQADggEBAEFYSR7F8rLvh3MDve5c04pNFysw2jtu A3KtSNuORXhfH9pnGWv8cu4yJKQljczB4uoU5gFG/JtqCvf0KsVmbNsrMCgGJiOy ERy6C6LN6zkoZHRL0+iKzK6jSszBWQmo+hlHcIFtssGbMLGGr2eYSPKz4sdMIv6H XlEpE5uaCTjJwXDDtK2TbwRBokFu/K0yq2HjHYIFQvh1fQTFolfEhsPl+Dz275RC pA8GPxypR16duIXR0wpD8fcoBYYvB8Gl0iiwnBZymLoVQmdNfj6HKhb1sapyfgRV /yXaIzrk3xB2+LFL9btweyPJ8gaDez99z8I5XkyBnX1KhuotbH/jveE= -----END CERTIFICATE-----Generated at Mon Jan 26 05:55:35 2026 by rpki-client