This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Rcr1rF06ss6zsR-k7_lYhZLvbFA.roa File: Rcr1rF06ss6zsR-k7_lYhZLvbFA.roa (raw, json) Hash identifier: 5S/JlLF6tLEV2uH6cVuwpWmcaMewRgyHJdvM6XbNwdQ= Subject key identifier: 45:CA:F5:AC:5D:3A:B2:CE:B3:B1:1F:A4:EF:F9:58:85:92:EF:6C:50 Certificate issuer: /CN=21bfb9e219e15feda6add29639b8d73f5c2cd802 Certificate serial: 019B7F1527F5689E99A83C0E6ABB2D345454 Authority key identifier: 21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Rcr1rF06ss6zsR-k7_lYhZLvbFA.roa Signing time: Fri 02 Jan 2026 14:20:51 +0000 ROA not before: Fri 02 Jan 2026 14:20:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35378 IP address blocks: 37.123.200.0/21 maxlen: 21 77.91.0.0/18 maxlen: 18 89.150.50.0/24 maxlen: 24 95.171.96.0/19 maxlen: 19 176.241.72.0/21 maxlen: 21 185.14.112.0/22 maxlen: 22 194.164.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.mft rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:27:f5:68:9e:99:a8:3c:0e:6a:bb:2d:34:54:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21bfb9e219e15feda6add29639b8d73f5c2cd802 Validity Not Before: Jan 2 14:20:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=45caf5ac5d3ab2ceb3b11fa4eff9588592ef6c50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c4:20:6c:28:c9:f9:7a:94:0c:15:91:b9:0e: 8f:6e:0c:6b:dc:92:b5:a0:9e:b9:59:de:d2:29:2e: ef:09:fa:c9:0f:21:5a:ae:e2:91:99:f4:ad:7a:a3: 42:73:65:45:54:d2:dc:eb:1d:a2:83:40:65:ec:78: be:e4:13:01:8e:1f:d6:10:59:b2:37:dd:6f:6b:c5: 92:64:03:8b:47:ce:f3:d0:1e:e3:c0:87:67:03:c6: 79:f9:2e:3b:c4:71:c3:5b:1d:c0:e7:38:6a:e9:4d: 88:6d:88:4b:3b:7d:63:6e:7f:e0:a3:ae:a8:af:1a: 8e:5d:3a:d8:ae:2b:70:e7:c7:81:ae:df:e8:89:dc: 5d:17:32:08:9c:c7:96:c3:a5:d3:b4:5a:95:b5:25: cc:57:ac:81:a4:52:78:01:9b:45:1f:73:38:88:60: 9c:15:1b:a6:5e:21:fa:06:6a:92:9e:d0:82:8b:e8: f0:3f:03:dd:a7:6a:67:1c:4a:e1:21:b9:55:2a:58: 72:05:d2:ca:3b:df:3a:52:74:51:b3:a6:12:3a:58: a6:e1:ae:f1:0c:82:1e:12:7b:75:07:6a:52:9c:94: 2e:66:6b:f4:f7:cc:36:42:64:90:00:1b:17:ad:5b: e5:40:c8:c7:85:28:91:34:f0:68:02:6b:aa:5d:54: 8b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:CA:F5:AC:5D:3A:B2:CE:B3:B1:1F:A4:EF:F9:58:85:92:EF:6C:50 X509v3 Authority Key Identifier: keyid:21:BF:B9:E2:19:E1:5F:ED:A6:AD:D2:96:39:B8:D7:3F:5C:2C:D8:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-54hnhX-2mrdKWObjXP1ws2AI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Rcr1rF06ss6zsR-k7_lYhZLvbFA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/aaae38-1b28-449d-be82-73fd2c035eb5/1/Ib-54hnhX-2mrdKWObjXP1ws2AI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.123.200.0/21 77.91.0.0/18 89.150.50.0/24 95.171.96.0/19 176.241.72.0/21 185.14.112.0/22 194.164.13.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:29:75:53:78:18:fc:70:e9:09:49:55:5e:86:e5:5d:f3:46: f3:c5:f5:ac:52:3b:5b:e3:6a:00:f1:fe:8e:9a:f1:55:f5:e1: 89:54:ae:f4:b4:54:ee:68:f5:4a:aa:b1:bf:b2:8e:bc:62:40: 9d:41:7a:35:8a:fd:f2:57:cd:a9:dd:70:10:ff:44:47:2e:4f: 04:0b:13:1c:1a:65:2d:eb:58:bc:36:d5:c6:d5:75:94:10:a1: 0c:02:30:ee:aa:8e:70:83:ac:81:40:8f:16:7b:71:7e:79:6f: 13:0b:0e:89:2d:af:8d:0a:7d:f3:55:38:ad:99:f0:9e:0e:0a: 40:33:42:ff:2d:ee:55:77:f1:0d:ef:55:e8:9b:e7:dd:cd:fc: 47:89:20:b0:52:43:45:ae:ae:c5:f5:71:da:64:d1:76:6f:9e: 78:67:90:53:01:7b:a2:41:62:03:7d:d2:5c:86:74:88:85:64: e6:78:5f:90:3d:68:99:cc:81:7a:ae:6a:92:ee:10:e1:21:e9: e3:c9:ea:c1:27:5c:fd:b4:45:c4:bc:25:fc:f7:a8:06:f2:35: 1b:4c:6a:31:bf:b0:ac:6c:a0:ca:eb:a3:e4:2b:d3:9c:fa:b8: 28:15:76:a4:64:ec:e3:ab:9e:2a:e9:e2:a5:f5:95:99:fb:e4: 0a:bb:4d:80 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt/FSf1aJ6ZqDwOarstNFRUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxYmZiOWUyMTllMTVmZWRhNmFkZDI5NjM5YjhkNzNmNWMy Y2Q4MDIwHhcNMjYwMTAyMTQyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NWNhZjVhYzVkM2FiMmNlYjNiMTFmYTRlZmY5NTg4NTkyZWY2YzUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8QgbCjJ+XqUDBWRuQ6Pbgxr3JK1 oJ65Wd7SKS7vCfrJDyFaruKRmfSteqNCc2VFVNLc6x2ig0Bl7Hi+5BMBjh/WEFmy N91va8WSZAOLR87z0B7jwIdnA8Z5+S47xHHDWx3A5zhq6U2IbYhLO31jbn/go66o rxqOXTrYritw58eBrt/oidxdFzIInMeWw6XTtFqVtSXMV6yBpFJ4AZtFH3M4iGCc FRumXiH6BmqSntCCi+jwPwPdp2pnHErhIblVKlhyBdLKO986UnRRs6YSOlim4a7x DIIeEnt1B2pSnJQuZmv098w2QmSQABsXrVvlQMjHhSiRNPBoAmuqXVSLnwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFEXK9axdOrLOs7EfpO/5WIWS72xQMB8GA1UdIwQY MBaAFCG/ueIZ4V/tpq3Sljm41z9cLNgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODIt NzNmZDJjMDM1ZWI1LzEvUmNyMXJGMDZzczZ6c1ItazdfbFloWkx2YkZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9hYWFlMzgtMWIyOC00NDlkLWJlODItNzNmZDJjMDM1ZWI1 LzEvSWItNTRobmhYLTJtcmRLV09ialhQMXdzMkFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXvIAwQG TVsAAwQAWZYyAwQFX6tgAwQDsPFIAwQCuQ5wAwQAwqQNMA0GCSqGSIb3DQEBCwUA A4IBAQBdKXVTeBj8cOkJSVVehuVd80bzxfWsUjtb42oA8f6OmvFV9eGJVK70tFTu aPVKqrG/so68YkCdQXo1iv3yV82p3XAQ/0RHLk8ECxMcGmUt61i8NtXG1XWUEKEM AjDuqo5wg6yBQI8We3F+eW8TCw6JLa+NCn3zVTitmfCeDgpAM0L/Le5Vd/EN71Xo m+fdzfxHiSCwUkNFrq7F9XHaZNF2b554Z5BTAXuiQWIDfdJchnSIhWTmeF+QPWiZ zIF6rmqS7hDhIenjyerBJ1z9tEXEvCX896gG8jUbTGoxv7CsbKDK66PkK9Oc+rgo FXakZOzjq54q6eKl9ZWZ++QKu02A -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:33 2026 by rpki-client