This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/Caiwf_QYVrjuMQk3SKwJbOdkL1I.roa File: Caiwf_QYVrjuMQk3SKwJbOdkL1I.roa (raw, json) Hash identifier: 5fx/cD2u1bFDALyIAFqy2QpBhB4xdpPsEpLHocGA9Q4= Subject key identifier: 09:A8:B0:7F:F4:18:56:B8:EE:31:09:37:48:AC:09:6C:E7:64:2F:52 Certificate issuer: /CN=747aae5d24b0c97a42031f3510a14e2f95bbd838 Certificate serial: 019B7BA3845CCAF7FF6945D850DF5CE01AD0 Authority key identifier: 74:7A:AE:5D:24:B0:C9:7A:42:03:1F:35:10:A1:4E:2F:95:BB:D8:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHquXSSwyXpCAx81EKFOL5W72Dg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/Caiwf_QYVrjuMQk3SKwJbOdkL1I.roa Signing time: Thu 01 Jan 2026 22:17:52 +0000 ROA not before: Thu 01 Jan 2026 22:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51395 IP address blocks: 185.78.124.0/22 maxlen: 22 2a05:6a00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/dHquXSSwyXpCAx81EKFOL5W72Dg.crl rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/dHquXSSwyXpCAx81EKFOL5W72Dg.mft rsync://rpki.ripe.net/repository/DEFAULT/dHquXSSwyXpCAx81EKFOL5W72Dg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:84:5c:ca:f7:ff:69:45:d8:50:df:5c:e0:1a:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=747aae5d24b0c97a42031f3510a14e2f95bbd838 Validity Not Before: Jan 1 22:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=09a8b07ff41856b8ee31093748ac096ce7642f52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:aa:aa:b1:ed:e4:02:5d:f9:40:95:a9:a8:1b: f0:aa:2e:f6:e9:32:08:49:de:7b:18:1d:de:54:4b: c6:89:d6:95:c0:af:ea:1a:38:9d:f4:57:ee:b9:b4: e0:33:dc:7b:07:45:6f:57:67:16:95:01:e3:4a:8d: 5f:3f:9a:5e:4d:be:54:d9:38:aa:60:cb:ec:e8:9e: 34:63:05:f6:76:50:d4:19:a9:87:d6:38:fa:51:83: 47:1d:cc:3c:eb:ff:4a:bf:3d:32:ea:4b:7d:50:0b: c2:dc:fc:70:65:a3:31:f7:65:92:16:e3:cd:a1:ef: 74:78:4d:f7:99:ff:92:71:69:0c:52:1d:fb:9e:d4: 83:df:f0:d2:38:d7:93:b8:77:8b:b3:6e:47:c3:75: 72:42:97:c4:a4:fd:04:d7:45:3b:ce:aa:84:73:ff: 00:c6:63:ad:bd:f6:05:4e:08:af:4d:c3:8e:99:cf: 9d:49:f6:1a:b3:c2:ff:9e:5f:68:68:bf:40:67:6b: a9:22:a0:28:8b:58:a9:63:b0:d3:64:36:3f:dd:a8: 6b:e9:ae:35:33:51:e1:4e:33:66:90:22:ef:36:e5: 19:24:fe:0d:c4:a7:62:0f:12:0d:10:0c:d3:ba:58: 10:41:79:4b:7f:ae:4b:97:61:a7:20:16:81:33:05: 7d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:A8:B0:7F:F4:18:56:B8:EE:31:09:37:48:AC:09:6C:E7:64:2F:52 X509v3 Authority Key Identifier: keyid:74:7A:AE:5D:24:B0:C9:7A:42:03:1F:35:10:A1:4E:2F:95:BB:D8:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHquXSSwyXpCAx81EKFOL5W72Dg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/Caiwf_QYVrjuMQk3SKwJbOdkL1I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f41fbf-4e8d-4aaa-9db1-626bbfee0b31/1/dHquXSSwyXpCAx81EKFOL5W72Dg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.78.124.0/22 IPv6: 2a05:6a00::/29 Signature Algorithm: sha256WithRSAEncryption 4c:c7:e2:4c:c9:7f:5f:76:6b:c2:5b:7c:a6:06:0a:5c:68:95: 38:36:36:67:99:9e:76:bb:17:cf:3b:f4:ed:06:1f:77:b5:bc: c4:25:72:eb:41:ec:95:62:d9:87:08:a4:bb:16:ed:20:66:3e: a2:94:8b:44:78:59:10:97:08:f3:a0:71:27:2b:e1:d5:a2:04: e8:df:b8:80:42:5b:93:0a:b3:8b:a4:9f:e5:d2:62:f2:93:bb: 47:5c:d0:50:b9:0d:c0:1e:9b:10:5d:14:fc:e5:7e:18:93:25: e6:7e:4d:69:4a:89:35:5e:d2:85:cb:e6:6b:36:25:2e:1d:b0: 94:db:cd:b7:fe:42:50:1a:41:85:0e:61:9b:4d:07:94:19:f5: 82:43:f6:c2:84:2c:fc:87:0a:40:0b:6a:14:fc:73:31:e6:f2: e3:be:30:5e:da:01:bb:1c:6f:9c:95:e8:41:d0:c8:dc:56:7d: ec:e7:bb:7b:63:ca:98:8e:e7:52:49:52:55:1b:bf:fd:e0:4a: 25:36:d0:d1:c8:30:e8:a1:95:a5:65:d6:c1:62:aa:4f:ab:05: 3e:8f:31:c3:59:6e:f2:33:c5:b9:31:d3:6b:2d:d3:0f:5b:06: 93:a5:61:2d:21:b0:a7:97:e8:fd:48:45:0e:25:57:ad:32:6d: 28:58:9b:e2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7o4Rcyvf/aUXYUN9c4BrQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0N2FhZTVkMjRiMGM5N2E0MjAzMWYzNTEwYTE0ZTJmOTVi YmQ4MzgwHhcNMjYwMTAxMjIxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOWE4YjA3ZmY0MTg1NmI4ZWUzMTA5Mzc0OGFjMDk2Y2U3NjQyZjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqqqse3kAl35QJWpqBvwqi726TII Sd57GB3eVEvGidaVwK/qGjid9FfuubTgM9x7B0VvV2cWlQHjSo1fP5peTb5U2Tiq YMvs6J40YwX2dlDUGamH1jj6UYNHHcw86/9Kvz0y6kt9UAvC3PxwZaMx92WSFuPN oe90eE33mf+ScWkMUh37ntSD3/DSONeTuHeLs25Hw3VyQpfEpP0E10U7zqqEc/8A xmOtvfYFTgivTcOOmc+dSfYas8L/nl9oaL9AZ2upIqAoi1ipY7DTZDY/3ahr6a41 M1HhTjNmkCLvNuUZJP4NxKdiDxINEAzTulgQQXlLf65Ll2GnIBaBMwV9KwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAmosH/0GFa47jEJN0isCWznZC9SMB8GA1UdIwQY MBaAFHR6rl0ksMl6QgMfNRChTi+Vu9g4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEhxdVhTU3d5WHBDQXg4MUVLRk9MNVc3MkRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mNDFmYmYtNGU4ZC00YWFhLTlkYjEt NjI2YmJmZWUwYjMxLzEvQ2Fpd2ZfUVlWcmp1TVFrM1NLd0piT2RrTDFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS9mNDFmYmYtNGU4ZC00YWFhLTlkYjEtNjI2YmJmZWUwYjMx LzEvZEhxdVhTU3d5WHBDQXg4MUVLRk9MNVc3MkRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU58MA0E AgACMAcDBQMqBWoAMA0GCSqGSIb3DQEBCwUAA4IBAQBMx+JMyX9fdmvCW3ymBgpc aJU4NjZnmZ52uxfPO/TtBh93tbzEJXLrQeyVYtmHCKS7Fu0gZj6ilItEeFkQlwjz oHEnK+HVogTo37iAQluTCrOLpJ/l0mLyk7tHXNBQuQ3AHpsQXRT85X4YkyXmfk1p Sok1XtKFy+ZrNiUuHbCU2823/kJQGkGFDmGbTQeUGfWCQ/bChCz8hwpAC2oU/HMx 5vLjvjBe2gG7HG+clehB0MjcVn3s57t7Y8qYjudSSVJVG7/94EolNtDRyDDooZWl ZdbBYqpPqwU+jzHDWW7yM8W5MdNrLdMPWwaTpWEtIbCnl+j9SEUOJVetMm0oWJvi -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:23 2026 by rpki-client