This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/87607e-5c9a-43a6-8d8a-38dfeaf2b710/1/CnF9cjlgaGUvfor-A11xEctTpak.roa File: CnF9cjlgaGUvfor-A11xEctTpak.roa (raw, json) Hash identifier: lSwL0usE/Gb/GkCss8GSY6ht7fo/KB8MqQdEL3prjBY= Subject key identifier: 0A:71:7D:72:39:60:68:65:2F:7E:8A:FE:03:5D:71:11:CB:53:A5:A9 Certificate issuer: /CN=875f4ce913962181cf7c9376dfab5a225d6e5aea Certificate serial: 019B7F15295302EB4940C5B33E1C7C24B0F1 Authority key identifier: 87:5F:4C:E9:13:96:21:81:CF:7C:93:76:DF:AB:5A:22:5D:6E:5A:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h19M6ROWIYHPfJN236taIl1uWuo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/87607e-5c9a-43a6-8d8a-38dfeaf2b710/1/CnF9cjlgaGUvfor-A11xEctTpak.roa Signing time: Fri 02 Jan 2026 14:20:51 +0000 ROA not before: Fri 02 Jan 2026 14:20:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42000 IP address blocks: 212.18.101.0/24 maxlen: 24 2a12:5c00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/87607e-5c9a-43a6-8d8a-38dfeaf2b710/1/h19M6ROWIYHPfJN236taIl1uWuo.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/87607e-5c9a-43a6-8d8a-38dfeaf2b710/1/h19M6ROWIYHPfJN236taIl1uWuo.mft rsync://rpki.ripe.net/repository/DEFAULT/h19M6ROWIYHPfJN236taIl1uWuo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:29:53:02:eb:49:40:c5:b3:3e:1c:7c:24:b0:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=875f4ce913962181cf7c9376dfab5a225d6e5aea Validity Not Before: Jan 2 14:20:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a717d72396068652f7e8afe035d7111cb53a5a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:1c:2d:82:24:4b:dd:44:ee:17:bc:66:ef:94: dc:10:f4:05:1e:9d:ed:7b:e6:ab:7c:65:9e:b3:02: 01:2c:7f:d4:ef:c5:c4:54:d5:db:72:07:75:70:44: e9:19:32:fe:f2:82:28:ee:bf:c3:d3:7d:9e:59:8c: c4:8d:a0:41:5c:7c:a7:5e:bd:cc:d7:1d:99:a5:29: e0:77:75:01:0d:b6:fc:eb:7a:f6:46:dd:5c:51:65: c5:e1:b4:79:22:82:dd:34:9b:2b:ac:27:42:99:45: f8:54:75:85:63:f1:08:0a:55:7b:05:ee:7b:c0:97: 25:01:dd:2a:cd:99:9f:c8:fd:39:84:ef:f5:ec:0b: 38:71:83:c1:84:4e:d7:94:aa:c1:85:39:b0:91:63: b2:26:e3:f4:33:fb:85:21:aa:65:8b:43:39:fe:e9: 92:2a:6b:ea:bb:84:ac:04:1f:e6:cc:19:c6:17:80: c2:a6:4d:2a:24:98:a2:17:31:9e:32:8f:2c:4b:90: 3a:e4:96:c0:3a:b1:bc:c6:cd:5d:02:26:ec:6d:66: df:2a:a8:69:55:d4:cb:10:1d:93:98:c3:8a:fe:34: a0:a4:60:39:2b:15:ea:54:39:a9:e2:f6:c9:6e:65: b3:56:15:5f:c2:43:ac:e6:aa:ba:f6:95:bf:60:33: 1d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:71:7D:72:39:60:68:65:2F:7E:8A:FE:03:5D:71:11:CB:53:A5:A9 X509v3 Authority Key Identifier: keyid:87:5F:4C:E9:13:96:21:81:CF:7C:93:76:DF:AB:5A:22:5D:6E:5A:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h19M6ROWIYHPfJN236taIl1uWuo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/87607e-5c9a-43a6-8d8a-38dfeaf2b710/1/CnF9cjlgaGUvfor-A11xEctTpak.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/87607e-5c9a-43a6-8d8a-38dfeaf2b710/1/h19M6ROWIYHPfJN236taIl1uWuo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.18.101.0/24 IPv6: 2a12:5c00::/32 Signature Algorithm: sha256WithRSAEncryption 5b:a9:09:4f:52:16:6e:c0:d7:5d:97:57:f2:b2:c5:29:4a:5f: dc:16:d5:7e:05:a1:4e:a6:15:6d:6b:8e:96:0b:cb:41:c7:d2: 51:e1:ff:21:df:36:a0:93:e1:31:e6:3e:03:de:e7:d7:f6:c3: c0:80:2a:2a:90:65:a0:cc:3e:8a:ff:53:21:a8:53:f6:bd:ad: f2:b4:e9:42:09:ce:79:48:36:a8:21:1b:57:34:fa:10:d9:f9: 19:9b:4b:d0:9f:28:9c:27:8a:8f:31:a4:50:09:10:1b:36:e8: ba:b0:83:de:39:b5:0c:f7:13:87:c6:dd:48:c0:1e:8b:cb:0c: 30:c7:43:6d:3e:75:a6:33:2e:b9:9d:c4:ab:46:ea:14:13:9a: 03:78:e1:f6:55:8d:55:e6:74:df:53:8a:86:8d:07:ee:4d:b0: a2:53:64:f6:12:3c:35:e4:63:24:14:d2:df:08:53:3f:92:e8: f3:56:37:8a:7e:29:33:2b:78:67:b3:46:ff:ac:47:9b:9f:db: 9e:d7:0e:e8:d3:36:c0:d8:39:7f:96:b4:d0:74:38:ea:68:78: 80:14:52:7a:80:b3:98:99:2c:0a:3c:67:47:4e:ec:2b:7a:8c: de:f9:69:10:be:45:d3:45:4b:2c:d1:73:42:04:c1:e8:af:a4: 14:b4:4a:39 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FSlTAutJQMWzPhx8JLDxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3NWY0Y2U5MTM5NjIxODFjZjdjOTM3NmRmYWI1YTIyNWQ2 ZTVhZWEwHhcNMjYwMTAyMTQyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTcxN2Q3MjM5NjA2ODY1MmY3ZThhZmUwMzVkNzExMWNiNTNhNWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hwtgiRL3UTuF7xm75TcEPQFHp3t e+arfGWeswIBLH/U78XEVNXbcgd1cETpGTL+8oIo7r/D032eWYzEjaBBXHynXr3M 1x2ZpSngd3UBDbb863r2Rt1cUWXF4bR5IoLdNJsrrCdCmUX4VHWFY/EIClV7Be57 wJclAd0qzZmfyP05hO/17As4cYPBhE7XlKrBhTmwkWOyJuP0M/uFIapli0M5/umS Kmvqu4SsBB/mzBnGF4DCpk0qJJiiFzGeMo8sS5A65JbAOrG8xs1dAibsbWbfKqhp VdTLEB2TmMOK/jSgpGA5KxXqVDmp4vbJbmWzVhVfwkOs5qq69pW/YDMdjwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFApxfXI5YGhlL36K/gNdcRHLU6WpMB8GA1UdIwQY MBaAFIdfTOkTliGBz3yTdt+rWiJdblrqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDE5TTZST1dJWUhQZkpOMjM2dGFJbDF1V3VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84NzYwN2UtNWM5YS00M2E2LThkOGEt MzhkZmVhZjJiNzEwLzEvQ25GOWNqbGdhR1V2Zm9yLUExMXhFY3RUcGFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS84NzYwN2UtNWM5YS00M2E2LThkOGEtMzhkZmVhZjJiNzEw LzEvaDE5TTZST1dJWUhQZkpOMjM2dGFJbDF1V3VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1BJlMA0E AgACMAcDBQAqElwAMA0GCSqGSIb3DQEBCwUAA4IBAQBbqQlPUhZuwNddl1fyssUp Sl/cFtV+BaFOphVta46WC8tBx9JR4f8h3zagk+Ex5j4D3ufX9sPAgCoqkGWgzD6K /1MhqFP2va3ytOlCCc55SDaoIRtXNPoQ2fkZm0vQnyicJ4qPMaRQCRAbNui6sIPe ObUM9xOHxt1IwB6Lywwwx0NtPnWmMy65ncSrRuoUE5oDeOH2VY1V5nTfU4qGjQfu TbCiU2T2Ejw15GMkFNLfCFM/kujzVjeKfikzK3hns0b/rEebn9ue1w7o0zbA2Dl/ lrTQdDjqaHiAFFJ6gLOYmSwKPGdHTuwreoze+WkQvkXTRUss0XNCBMHor6QUtEo5 -----END CERTIFICATE-----Generated at Sun Jan 25 21:57:42 2026 by rpki-client