This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/CjzHtNvvrNdiRI1Dxd8cleq0jTQ.roa File: CjzHtNvvrNdiRI1Dxd8cleq0jTQ.roa (raw, json) Hash identifier: KOlrkN8Kg94S2lCrg1rACPuzR81sIix9VIM8TWA2Q28= Subject key identifier: 0A:3C:C7:B4:DB:EF:AC:D7:62:44:8D:43:C5:DF:1C:95:EA:B4:8D:34 Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228 Certificate serial: 019B7CECC81451C800D30F02234C02040CCC Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/CjzHtNvvrNdiRI1Dxd8cleq0jTQ.roa Signing time: Fri 02 Jan 2026 04:17:31 +0000 ROA not before: Fri 02 Jan 2026 04:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57264 IP address blocks: 45.159.36.0/22 maxlen: 22 45.159.36.0/24 maxlen: 24 45.159.37.0/24 maxlen: 24 45.159.38.0/24 maxlen: 24 45.159.39.0/24 maxlen: 24 2a0f:7080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.mft rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:c8:14:51:c8:00:d3:0f:02:23:4c:02:04:0c:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228 Validity Not Before: Jan 2 04:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a3cc7b4dbefacd762448d43c5df1c95eab48d34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:f4:53:9d:db:75:d2:7c:bf:12:6f:7f:6c:40: 64:31:6e:46:00:c6:69:bf:02:d5:81:81:aa:43:60: e0:11:a0:8a:fb:c5:18:76:40:5e:7e:ee:c6:32:4b: 7f:53:cd:98:77:08:57:b9:e7:f1:c9:b6:27:ff:ff: ca:19:7b:84:23:10:e2:bc:93:ad:54:f5:bb:2e:9a: f7:37:41:f2:8d:0a:8e:24:2f:4b:69:1c:28:a8:a0: e0:c5:5b:7c:37:91:89:66:a2:ef:5a:2f:24:9f:1a: 47:5d:fb:a2:33:0a:9a:f8:80:69:dd:06:3b:40:cd: a9:ec:e9:10:49:f3:8c:8a:21:e5:f9:8a:20:c2:4c: 96:57:6a:f5:ea:79:92:80:20:13:03:7f:03:c8:dc: 20:5e:2f:9b:2f:73:42:6d:d7:cc:33:bd:32:ea:30: e0:60:3d:91:07:7f:5d:38:a4:77:f8:95:2b:b8:f0: ef:9f:c1:3e:eb:a4:e7:d9:ad:d6:21:af:63:8c:a0: fd:cc:d5:6f:f8:14:61:44:3f:23:9c:c9:20:28:c2: 5d:93:d6:bd:1a:e5:6c:a3:47:4c:a4:5a:59:fc:65: ce:1e:4e:3b:f0:2d:58:57:3f:39:72:97:67:63:8a: 4a:ea:98:f7:05:94:ed:62:ff:09:0d:33:55:41:33: e4:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:3C:C7:B4:DB:EF:AC:D7:62:44:8D:43:C5:DF:1C:95:EA:B4:8D:34 X509v3 Authority Key Identifier: keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/CjzHtNvvrNdiRI1Dxd8cleq0jTQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.159.36.0/22 IPv6: 2a0f:7080::/29 Signature Algorithm: sha256WithRSAEncryption 19:98:9d:91:90:32:13:25:6b:e1:15:2b:22:dc:e6:b9:5e:44: d9:36:6a:3d:9e:91:20:35:0b:e9:87:3b:9a:5b:e8:93:e6:6d: ad:21:fd:42:3f:be:fb:21:a5:e0:45:f2:df:8b:60:04:14:49: ec:d5:e1:ec:79:e7:89:de:48:58:34:a6:9e:33:17:21:14:19: 06:fe:57:4f:69:aa:37:5b:da:c8:d1:19:6a:b8:85:fd:7a:d6: b0:65:8a:76:34:fb:67:1c:e5:39:e8:6b:d9:48:4a:3d:0c:0e: 4c:ec:1d:ca:33:0b:34:8d:e1:10:f3:9c:2b:4e:d0:21:3f:5d: 87:1a:07:88:b9:12:fa:44:b7:7c:84:ce:38:9e:79:bc:1a:8f: b6:49:cd:f8:42:93:d1:a0:7a:a9:86:57:2b:3f:77:6b:f6:31: 07:9f:a8:1f:0c:98:34:13:a2:c2:00:22:2c:f7:cc:f4:2b:8b: 16:4b:a7:5c:79:8d:12:ac:63:0f:15:69:90:f9:7b:d8:dc:7f: 8d:0c:5a:d4:ca:d1:12:ff:ed:00:c4:f6:b4:f9:4e:ff:ce:2a: b8:5f:30:8a:52:f2:03:95:a6:5f:27:e5:2e:0c:af:02:9a:06: e0:c9:d7:f3:7b:6c:d5:0a:6a:ca:83:83:e7:53:3c:4d:4a:7f: a6:d9:4c:4e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87MgUUcgA0w8CI0wCBAzMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy MmMyMjgwHhcNMjYwMTAyMDQxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTNjYzdiNGRiZWZhY2Q3NjI0NDhkNDNjNWRmMWM5NWVhYjQ4ZDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufRTndt10ny/Em9/bEBkMW5GAMZp vwLVgYGqQ2DgEaCK+8UYdkBefu7GMkt/U82YdwhXuefxybYn///KGXuEIxDivJOt VPW7Lpr3N0HyjQqOJC9LaRwoqKDgxVt8N5GJZqLvWi8knxpHXfuiMwqa+IBp3QY7 QM2p7OkQSfOMiiHl+YogwkyWV2r16nmSgCATA38DyNwgXi+bL3NCbdfMM70y6jDg YD2RB39dOKR3+JUruPDvn8E+66Tn2a3WIa9jjKD9zNVv+BRhRD8jnMkgKMJdk9a9 GuVso0dMpFpZ/GXOHk478C1YVz85cpdnY4pK6pj3BZTtYv8JDTNVQTPkoQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAo8x7Tb76zXYkSNQ8XfHJXqtI00MB8GA1UdIwQY MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt MDc3YmM4YmExZTVkLzEvQ2p6SHROdnZyTmRpUkkxRHhkOGNsZXEwalRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ8kMA0E AgACMAcDBQMqD3CAMA0GCSqGSIb3DQEBCwUAA4IBAQAZmJ2RkDITJWvhFSsi3Oa5 XkTZNmo9npEgNQvphzuaW+iT5m2tIf1CP777IaXgRfLfi2AEFEns1eHseeeJ3khY NKaeMxchFBkG/ldPaao3W9rI0RlquIX9etawZYp2NPtnHOU56GvZSEo9DA5M7B3K Mws0jeEQ85wrTtAhP12HGgeIuRL6RLd8hM44nnm8Go+2Sc34QpPRoHqphlcrP3dr 9jEHn6gfDJg0E6LCACIs98z0K4sWS6dceY0SrGMPFWmQ+XvY3H+NDFrUytES/+0A xPa0+U7/ziq4XzCKUvIDlaZfJ+UuDK8Cmgbgydfze2zVCmrKg4PnUzxNSn+m2UxO -----END CERTIFICATE-----Generated at Mon Jan 26 20:25:45 2026 by rpki-client