This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/CRM5mSymtN2fmfJMtjz04Gckvzk.roa File: CRM5mSymtN2fmfJMtjz04Gckvzk.roa (raw, json) Hash identifier: TXOd4GzB4/bkLIGxDhlpA2UqGnklr7Sxzjm/MLMkU3M= Subject key identifier: 09:13:39:99:2C:A6:B4:DD:9F:99:F2:4C:B6:3C:F4:E0:67:24:BF:39 Certificate issuer: /CN=3cbdce45c4882c8a3a257110c6b1f0d49b182a9c Certificate serial: 019B7A5AF3D0589E9D09B2140C9A203BA0CE Authority key identifier: 3C:BD:CE:45:C4:88:2C:8A:3A:25:71:10:C6:B1:F0:D4:9B:18:2A:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/CRM5mSymtN2fmfJMtjz04Gckvzk.roa Signing time: Thu 01 Jan 2026 16:18:59 +0000 ROA not before: Thu 01 Jan 2026 16:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211533 IP address blocks: 185.154.189.0/24 maxlen: 24 2a12:dac0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.mft rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:f3:d0:58:9e:9d:09:b2:14:0c:9a:20:3b:a0:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3cbdce45c4882c8a3a257110c6b1f0d49b182a9c Validity Not Before: Jan 1 16:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=091339992ca6b4dd9f99f24cb63cf4e06724bf39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:20:e1:b0:12:21:ce:46:71:79:b9:cc:77:94: 27:84:ad:f7:10:c9:85:76:c9:6a:5b:81:57:c7:79: d2:88:03:de:73:a6:22:da:11:43:20:e5:c4:1d:7a: 64:1c:c0:6a:f8:40:a2:58:37:dd:dd:c1:d9:f5:15: a3:f1:03:06:3d:f9:0e:33:62:f4:2f:07:06:fe:c4: 88:81:5d:0d:f0:f7:44:de:8b:59:0c:50:4a:38:98: ac:96:60:56:fb:db:c3:98:1b:b5:6a:e9:65:b6:5c: 26:04:44:32:dc:09:b5:ab:76:c6:7e:44:24:e7:1f: 56:8a:18:59:0d:94:8f:66:c3:48:be:96:10:4a:71: bc:c7:63:71:f8:44:22:37:9e:44:66:14:68:96:d7: 09:38:1b:5c:f2:aa:77:97:3e:db:80:2b:d7:14:27: 02:c5:74:79:98:da:05:4b:90:0c:bd:a0:6c:1b:b3: 45:a7:64:a1:fa:00:a0:54:5f:0c:65:c3:88:67:1b: f8:80:de:b4:fe:80:fd:54:3b:54:c3:e4:6a:69:17: 5f:09:cf:e8:67:3f:3b:c0:6b:ca:43:1c:d7:94:2e: 0a:c7:3b:d3:d8:67:d4:60:7e:8a:0d:1a:4a:c8:80: e1:6a:05:6a:5c:d9:12:66:1a:d4:ba:4a:3c:db:a8: eb:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:13:39:99:2C:A6:B4:DD:9F:99:F2:4C:B6:3C:F4:E0:67:24:BF:39 X509v3 Authority Key Identifier: keyid:3C:BD:CE:45:C4:88:2C:8A:3A:25:71:10:C6:B1:F0:D4:9B:18:2A:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/CRM5mSymtN2fmfJMtjz04Gckvzk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.189.0/24 IPv6: 2a12:dac0::/29 Signature Algorithm: sha256WithRSAEncryption 46:00:03:60:75:30:a5:ac:4f:68:b2:3a:1b:ea:a3:5a:29:5c: e1:46:bf:9c:49:55:3f:53:84:cc:81:53:11:4d:3f:c1:28:d1: d7:fc:24:6a:e8:90:97:f3:45:ab:7e:c5:90:96:a8:0a:83:dc: 75:c2:84:bf:96:54:2b:6d:4b:68:95:0d:f2:66:16:48:1a:18: 71:5d:b8:c4:65:cc:42:61:7b:2a:a7:76:9f:0e:9e:0d:85:4e: 23:ce:84:33:51:78:0b:75:e1:96:d3:df:7d:53:26:52:f6:d5: 14:45:54:9e:a1:bd:46:7b:54:7b:e5:d3:ce:76:18:f6:0d:0c: 3f:35:78:23:ba:6c:6f:1d:ab:00:c6:29:1f:ee:70:bc:8c:b5: 83:f3:1d:16:f6:9b:51:67:cf:6c:3f:a5:ed:17:6f:1b:e6:57: ea:c6:00:c4:c5:de:e5:26:4d:5b:a4:cd:d1:43:d3:af:9b:52: 1b:75:0e:15:be:51:f9:e4:2e:b6:05:18:4f:df:0f:cc:b9:b7: 31:b4:91:9c:d0:b2:73:7c:7d:aa:cd:9b:a2:cc:09:f1:5a:1d: fa:04:15:db:0f:74:eb:54:2d:3b:18:91:37:89:43:49:15:94: 63:e1:ac:4a:c5:8f:be:0e:2b:cb:cc:36:5c:ed:75:c5:75:12: 56:04:59:ff -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6WvPQWJ6dCbIUDJogO6DOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjYmRjZTQ1YzQ4ODJjOGEzYTI1NzExMGM2YjFmMGQ0OWIx ODJhOWMwHhcNMjYwMTAxMTYxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTEzMzk5OTJjYTZiNGRkOWY5OWYyNGNiNjNjZjRlMDY3MjRiZjM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyDhsBIhzkZxebnMd5QnhK33EMmF dslqW4FXx3nSiAPec6Yi2hFDIOXEHXpkHMBq+ECiWDfd3cHZ9RWj8QMGPfkOM2L0 LwcG/sSIgV0N8PdE3otZDFBKOJislmBW+9vDmBu1aulltlwmBEQy3Am1q3bGfkQk 5x9WihhZDZSPZsNIvpYQSnG8x2Nx+EQiN55EZhRoltcJOBtc8qp3lz7bgCvXFCcC xXR5mNoFS5AMvaBsG7NFp2Sh+gCgVF8MZcOIZxv4gN60/oD9VDtUw+RqaRdfCc/o Zz87wGvKQxzXlC4KxzvT2GfUYH6KDRpKyIDhagVqXNkSZhrUuko826jrJwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAkTOZksprTdn5nyTLY89OBnJL85MB8GA1UdIwQY MBaAFDy9zkXEiCyKOiVxEMax8NSbGCqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEwzT1JjU0lMSW82SlhFUXhySHcxSnNZS3B3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYzk0NjktMTZmZS00ZTdiLTg4MjMt NWRiNDM5YjRjY2VlLzEvQ1JNNW1TeW10TjJmbWZKTXRqejA0R2NrdnprLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS8xYzk0NjktMTZmZS00ZTdiLTg4MjMtNWRiNDM5YjRjY2Vl LzEvUEwzT1JjU0lMSW82SlhFUXhySHcxSnNZS3B3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZq9MA0E AgACMAcDBQMqEtrAMA0GCSqGSIb3DQEBCwUAA4IBAQBGAANgdTClrE9osjob6qNa KVzhRr+cSVU/U4TMgVMRTT/BKNHX/CRq6JCX80WrfsWQlqgKg9x1woS/llQrbUto lQ3yZhZIGhhxXbjEZcxCYXsqp3afDp4NhU4jzoQzUXgLdeGW0999UyZS9tUURVSe ob1Ge1R75dPOdhj2DQw/NXgjumxvHasAxikf7nC8jLWD8x0W9ptRZ89sP6XtF28b 5lfqxgDExd7lJk1bpM3RQ9Ovm1IbdQ4VvlH55C62BRhP3w/MubcxtJGc0LJzfH2q zZuizAnxWh36BBXbD3TrVC07GJE3iUNJFZRj4axKxY++DivLzDZc7XXFdRJWBFn/ -----END CERTIFICATE-----Generated at Mon Jan 26 06:27:51 2026 by rpki-client