This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/CvuWIkRHjp5wftfGLU8vOGYCRbc.roa File: CvuWIkRHjp5wftfGLU8vOGYCRbc.roa (raw, json) Hash identifier: gj4Tk/zdN+anVbu8mIUIWBYC8RgYdvQOlOOsAUK8Sdk= Subject key identifier: 0A:FB:96:22:44:47:8E:9E:70:7E:D7:C6:2D:4F:2F:38:66:02:45:B7 Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a Certificate serial: 019B7F1512657BB4A6E01B21DACE7DAB0510 Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/CvuWIkRHjp5wftfGLU8vOGYCRbc.roa Signing time: Fri 02 Jan 2026 14:20:45 +0000 ROA not before: Fri 02 Jan 2026 14:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205669 IP address blocks: 89.234.160.0/21 maxlen: 24 2a00:5881:3040::/44 maxlen: 44 2a00:5881:3080::/44 maxlen: 44 2a00:5881:30c0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:12:65:7b:b4:a6:e0:1b:21:da:ce:7d:ab:05:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a Validity Not Before: Jan 2 14:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0afb962244478e9e707ed7c62d4f2f38660245b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:05:9c:0c:8f:f8:7e:55:59:0c:6f:f2:63:73: b1:2f:7d:9a:21:18:21:67:58:dd:98:ce:f5:66:ed: 38:32:87:8b:a3:fd:d8:0c:75:88:7e:89:8a:15:4b: dc:51:64:52:77:49:c3:0a:7d:cd:c9:26:68:68:a1: f0:31:cf:5d:3a:e2:61:78:fb:77:95:15:f4:88:1d: 84:98:92:ec:c8:ed:67:a9:62:1a:93:0b:53:ed:44: 5b:fb:f9:fd:25:da:05:e8:d6:43:6f:33:02:b0:c4: 33:ab:69:58:2d:27:40:37:fc:1a:12:d0:16:45:94: dc:36:ab:d7:d8:e2:4d:2f:62:35:b3:25:86:1b:2c: 36:3f:bd:27:e3:4f:d7:c6:ae:19:c5:35:ec:0b:33: ed:c4:1b:10:fd:0c:fc:d7:99:53:24:dd:b0:0f:d1: 50:9e:f0:26:ce:b4:5a:f2:53:de:06:18:89:36:1d: c6:d4:20:41:63:e0:32:0e:3c:2f:8f:e6:df:ce:ad: d4:4f:96:39:fa:1f:fa:d6:56:57:0f:6c:dc:61:1b: 09:a3:3e:4c:72:99:e6:66:a7:0e:40:31:41:24:0a: f7:73:15:77:b0:60:71:73:12:e8:93:58:44:e4:46: aa:ee:89:91:bc:66:1e:58:13:d2:40:fb:9d:01:2d: 1e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:FB:96:22:44:47:8E:9E:70:7E:D7:C6:2D:4F:2F:38:66:02:45:B7 X509v3 Authority Key Identifier: keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/CvuWIkRHjp5wftfGLU8vOGYCRbc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.234.160.0/21 IPv6: 2a00:5881:3040::/44 2a00:5881:3080::/44 2a00:5881:30c0::/44 Signature Algorithm: sha256WithRSAEncryption bf:38:d0:86:bf:43:67:2b:43:40:7a:a9:cd:67:bc:0c:92:d9: 07:e6:1c:30:1f:20:66:35:be:67:37:94:ac:ca:87:45:cf:8a: c8:cb:dd:77:3f:3f:f1:fd:74:7a:b0:45:da:6d:1c:b0:6f:0f: 19:66:6e:97:57:d8:19:9e:b2:0e:7e:01:38:01:17:f0:5c:8f: 73:f3:f8:ed:19:91:39:c1:43:56:96:6c:24:9c:a9:78:de:a8: d5:df:23:e1:9d:cc:5a:f1:a7:ae:d4:3f:be:16:95:c8:38:a5: 09:8b:b5:0a:b2:a0:51:d9:c3:93:91:68:04:dc:0d:53:b6:e1: fb:05:2e:65:90:7f:53:63:7a:8b:8a:3a:52:6f:dd:2b:54:11: ba:32:28:f5:8e:47:8c:df:ef:f3:68:54:b8:bf:b8:3f:0b:bf: e3:ce:f0:cd:c9:14:1d:30:85:7b:02:80:1f:37:d4:4e:29:da: 96:60:70:13:8e:99:a2:e3:a6:7a:24:62:91:2e:95:73:88:55: 05:71:0e:c1:65:9e:b3:99:26:de:bd:e1:5c:96:77:5e:db:1f: d4:24:5b:e8:59:d1:2b:3c:14:b1:5c:fc:f7:3d:a8:15:36:f7: 9f:16:8a:88:fe:cb:69:e6:ce:9a:40:6c:41:49:7b:bb:51:9c: 99:30:83:d5 -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgISAZt/FRJle7Sm4Bsh2s59qwUQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw OGNkNGEwHhcNMjYwMTAyMTQyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYWZiOTYyMjQ0NDc4ZTllNzA3ZWQ3YzYyZDRmMmYzODY2MDI0NWI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wWcDI/4flVZDG/yY3OxL32aIRgh Z1jdmM71Zu04MoeLo/3YDHWIfomKFUvcUWRSd0nDCn3NySZoaKHwMc9dOuJhePt3 lRX0iB2EmJLsyO1nqWIakwtT7URb+/n9JdoF6NZDbzMCsMQzq2lYLSdAN/waEtAW RZTcNqvX2OJNL2I1syWGGyw2P70n40/Xxq4ZxTXsCzPtxBsQ/Qz815lTJN2wD9FQ nvAmzrRa8lPeBhiJNh3G1CBBY+AyDjwvj+bfzq3UT5Y5+h/61lZXD2zcYRsJoz5M cpnmZqcOQDFBJAr3cxV3sGBxcxLok1hE5Eaq7omRvGYeWBPSQPudAS0e3wIDAQAB o4ICLjCCAiowHQYDVR0OBBYEFAr7liJER46ecH7Xxi1PLzhmAkW3MB8GA1UdIwQY MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm LTk2NWQ2ZDYwM2JmYS8xL0N2dVdJa1JIanA1d2Z0ZkdMVTh2T0dZQ1JiYy5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMAwEAgABMAYDBANZ6qAw IQQCAAIwGwMHBCoAWIEwQAMHBCoAWIEwgAMHBCoAWIEwwDANBgkqhkiG9w0BAQsF AAOCAQEAvzjQhr9DZytDQHqpzWe8DJLZB+YcMB8gZjW+ZzeUrMqHRc+KyMvddz8/ 8f10erBF2m0csG8PGWZul1fYGZ6yDn4BOAEX8FyPc/P47RmROcFDVpZsJJypeN6o 1d8j4Z3MWvGnrtQ/vhaVyDilCYu1CrKgUdnDk5FoBNwNU7bh+wUuZZB/U2N6i4o6 Um/dK1QRujIo9Y5HjN/v82hUuL+4Pwu/487wzckUHTCFewKAHzfUTinalmBwE46Z ouOmeiRikS6Vc4hVBXEOwWWes5km3r3hXJZ3Xtsf1CRb6FnRKzwUsVz89z2oFTb3 nxaKiP7LaebOmkBsQUl7u1GcmTCD1Q== -----END CERTIFICATE-----Generated at Mon Jan 26 04:39:05 2026 by rpki-client