This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/bc2d26-dcf7-4695-88ee-932bb4867c2b/1/ck2Hnx7YLqfCAwbXnmqrOBQQJXA.roa File: ck2Hnx7YLqfCAwbXnmqrOBQQJXA.roa (raw, json) Hash identifier: z68wCsgmx5LNuVEfhfzGMi/AVsIBR+cwgGs5Q7LfatQ= Subject key identifier: 72:4D:87:9F:1E:D8:2E:A7:C2:03:06:D7:9E:6A:AB:38:14:10:25:70 Certificate issuer: /CN=4557eadd0ddab146a0ab99c0aae578d278f0f47e Certificate serial: 019BA2F60D4C6F29BFC4B9469CF605EB3FB7 Authority key identifier: 45:57:EA:DD:0D:DA:B1:46:A0:AB:99:C0:AA:E5:78:D2:78:F0:F4:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RVfq3Q3asUagq5nAquV40njw9H4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/bc2d26-dcf7-4695-88ee-932bb4867c2b/1/ck2Hnx7YLqfCAwbXnmqrOBQQJXA.roa Signing time: Fri 09 Jan 2026 13:33:12 +0000 ROA not before: Fri 09 Jan 2026 13:33:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31027 IP address blocks: 37.28.136.0/21 maxlen: 21 2a01:ef80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/bc2d26-dcf7-4695-88ee-932bb4867c2b/1/RVfq3Q3asUagq5nAquV40njw9H4.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/bc2d26-dcf7-4695-88ee-932bb4867c2b/1/RVfq3Q3asUagq5nAquV40njw9H4.mft rsync://rpki.ripe.net/repository/DEFAULT/RVfq3Q3asUagq5nAquV40njw9H4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a2:f6:0d:4c:6f:29:bf:c4:b9:46:9c:f6:05:eb:3f:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4557eadd0ddab146a0ab99c0aae578d278f0f47e Validity Not Before: Jan 9 13:33:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=724d879f1ed82ea7c20306d79e6aab3814102570 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e5:db:98:e1:34:ba:ce:0d:ab:87:6b:9c:9c: 41:01:7e:20:42:e4:d7:88:bd:55:a4:9d:a3:af:d4: 8a:98:e9:12:11:99:bd:ee:ec:43:0b:ae:af:4f:47: fa:71:76:6f:e4:a5:b3:21:ca:0e:ab:10:eb:4f:fb: 99:66:90:40:38:cc:22:ef:c3:a6:8f:20:15:27:17: da:44:9c:93:94:c1:e9:d0:99:91:e4:8a:35:29:36: 30:67:0c:6f:83:6f:e2:ad:54:d1:6a:32:1b:92:f7: 3b:94:03:15:3f:0d:26:5b:f7:af:07:12:d6:10:a8: 06:a4:54:2b:a4:c2:39:4e:31:07:77:90:f1:14:61: 64:a6:a7:22:3d:2d:23:58:f9:2b:7a:01:47:cd:23: 49:d1:73:18:0a:01:4c:e3:87:01:60:e7:95:d1:80: 37:3a:15:b5:5a:9c:0a:86:4f:77:22:9f:df:5f:dd: b9:c3:88:2a:9c:0e:13:32:ec:db:b1:d5:ab:ad:83: 2b:83:df:0d:8e:24:98:f5:b1:80:1b:ae:4f:e3:03: 7e:5e:36:f6:97:d2:45:85:12:6c:69:fc:47:c0:cf: 72:35:cc:77:dd:1b:4a:bb:9b:93:45:ee:4c:da:a7: dc:ff:a5:3f:3a:0d:3d:8f:33:33:8c:3c:3e:13:06: ab:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:4D:87:9F:1E:D8:2E:A7:C2:03:06:D7:9E:6A:AB:38:14:10:25:70 X509v3 Authority Key Identifier: keyid:45:57:EA:DD:0D:DA:B1:46:A0:AB:99:C0:AA:E5:78:D2:78:F0:F4:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RVfq3Q3asUagq5nAquV40njw9H4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bc2d26-dcf7-4695-88ee-932bb4867c2b/1/ck2Hnx7YLqfCAwbXnmqrOBQQJXA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/bc2d26-dcf7-4695-88ee-932bb4867c2b/1/RVfq3Q3asUagq5nAquV40njw9H4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.28.136.0/21 IPv6: 2a01:ef80::/32 Signature Algorithm: sha256WithRSAEncryption 28:5c:77:4c:66:c6:86:80:bd:49:88:ee:d4:22:a2:01:65:24: 29:6d:32:ed:08:88:13:2a:76:c5:56:10:be:a9:97:d9:3a:8e: 8f:65:45:e1:fc:ea:a4:b7:f3:fa:29:b7:6f:ea:e8:d5:74:07: 8d:e1:52:c8:18:13:21:86:b9:a0:77:c5:35:ec:ea:3c:5d:95: 69:50:67:aa:39:8e:31:83:53:55:6b:df:3a:5a:6a:8a:79:35: 03:f0:74:7e:ea:c5:45:cc:b9:c0:ea:f7:d2:00:af:31:1c:46: 7e:69:43:2e:c6:92:d6:55:bb:a7:4a:dd:5f:9f:7e:64:11:e9: a1:bc:ea:4e:80:85:76:a8:c6:3e:29:c4:44:22:79:77:0c:d8: 17:44:90:ca:4f:d8:1e:6d:93:6a:d2:a3:4e:5b:bb:6d:51:9f: 96:31:16:9e:ec:19:aa:9a:5b:5b:0f:0e:00:f7:c7:40:00:81: 9c:97:dd:60:ce:d2:74:c6:8d:97:ce:53:58:20:41:9d:54:9d: 67:ea:59:32:f0:3e:6a:f9:1b:d3:75:36:d3:6b:6d:51:7b:1b: 8f:4c:0f:81:50:65:2b:3d:8b:17:38:91:6f:f1:c1:69:1b:0e: 11:81:5d:55:8d:e3:0b:76:3e:ab:89:74:78:e3:2d:b1:15:13: 53:28:86:37 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZui9g1Mbym/xLlGnPYF6z+3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1NTdlYWRkMGRkYWIxNDZhMGFiOTljMGFhZTU3OGQyNzhm MGY0N2UwHhcNMjYwMTA5MTMzMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjRkODc5ZjFlZDgyZWE3YzIwMzA2ZDc5ZTZhYWIzODE0MTAyNTcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuXbmOE0us4Nq4drnJxBAX4gQuTX iL1VpJ2jr9SKmOkSEZm97uxDC66vT0f6cXZv5KWzIcoOqxDrT/uZZpBAOMwi78Om jyAVJxfaRJyTlMHp0JmR5Io1KTYwZwxvg2/irVTRajIbkvc7lAMVPw0mW/evBxLW EKgGpFQrpMI5TjEHd5DxFGFkpqciPS0jWPkregFHzSNJ0XMYCgFM44cBYOeV0YA3 OhW1WpwKhk93Ip/fX925w4gqnA4TMuzbsdWrrYMrg98NjiSY9bGAG65P4wN+Xjb2 l9JFhRJsafxHwM9yNcx33RtKu5uTRe5M2qfc/6U/Og09jzMzjDw+EwarHQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHJNh58e2C6nwgMG155qqzgUECVwMB8GA1UdIwQY MBaAFEVX6t0N2rFGoKuZwKrleNJ48PR+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlZmcTNRM2FzVWFncTVuQXF1VjQwbmp3OUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9iYzJkMjYtZGNmNy00Njk1LTg4ZWUt OTMyYmI0ODY3YzJiLzEvY2sySG54N1lMcWZDQXdiWG5tcXJPQlFRSlhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9iYzJkMjYtZGNmNy00Njk1LTg4ZWUtOTMyYmI0ODY3YzJi LzEvUlZmcTNRM2FzVWFncTVuQXF1VjQwbmp3OUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDJRyIMA0E AgACMAcDBQAqAe+AMA0GCSqGSIb3DQEBCwUAA4IBAQAoXHdMZsaGgL1JiO7UIqIB ZSQpbTLtCIgTKnbFVhC+qZfZOo6PZUXh/Oqkt/P6Kbdv6ujVdAeN4VLIGBMhhrmg d8U17Oo8XZVpUGeqOY4xg1NVa986WmqKeTUD8HR+6sVFzLnA6vfSAK8xHEZ+aUMu xpLWVbunSt1fn35kEemhvOpOgIV2qMY+KcREInl3DNgXRJDKT9gebZNq0qNOW7tt UZ+WMRae7BmqmltbDw4A98dAAIGcl91gztJ0xo2XzlNYIEGdVJ1n6lky8D5q+RvT dTbTa21RexuPTA+BUGUrPYsXOJFv8cFpGw4RgV1VjeMLdj6riXR44y2xFRNTKIY3 -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:36 2026 by rpki-client