This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/CANUIzLfJR4qYVodzcMnNDXdUDE.roa File: CANUIzLfJR4qYVodzcMnNDXdUDE.roa (raw, json) Hash identifier: w932Ollir53g5y+ieb37C38JTybDNf6UCpclagO7ofc= Subject key identifier: 08:03:54:23:32:DF:25:1E:2A:61:5A:1D:CD:C3:27:34:35:DD:50:31 Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590 Certificate serial: 019B7B36B5CCE3B837111EDF32CFBBC440BA Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/CANUIzLfJR4qYVodzcMnNDXdUDE.roa Signing time: Thu 01 Jan 2026 20:19:01 +0000 ROA not before: Thu 01 Jan 2026 20:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201178 IP address blocks: 37.75.8.0/21 maxlen: 24 185.28.0.0/22 maxlen: 24 185.28.0.0/24 maxlen: 24 185.40.72.0/22 maxlen: 24 185.81.236.0/22 maxlen: 24 185.81.236.0/24 maxlen: 24 185.81.237.0/24 maxlen: 24 185.81.238.0/24 maxlen: 24 185.81.239.0/24 maxlen: 24 185.153.248.0/22 maxlen: 24 185.155.148.0/22 maxlen: 24 185.155.148.0/24 maxlen: 24 185.155.149.0/24 maxlen: 24 185.155.150.0/24 maxlen: 24 185.155.151.0/24 maxlen: 24 195.142.0.0/22 maxlen: 24 195.142.104.0/21 maxlen: 24 195.142.105.0/24 maxlen: 24 195.142.108.0/24 maxlen: 24 195.142.132.0/22 maxlen: 24 195.142.152.0/22 maxlen: 24 195.142.184.0/22 maxlen: 24 195.142.192.0/22 maxlen: 24 195.142.192.0/24 maxlen: 24 195.155.96.0/22 maxlen: 24 2a05:8a00::/29 maxlen: 48 2a05:8a00:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.mft rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:b5:cc:e3:b8:37:11:1e:df:32:cf:bb:c4:40:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b467367967dc763349fd0b50e31f75b823028590 Validity Not Before: Jan 1 20:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0803542332df251e2a615a1dcdc3273435dd5031 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:d3:de:04:25:85:3c:be:f3:c7:82:0f:ff:01: 10:2d:6e:ca:b0:8b:5e:b2:0c:98:66:92:8f:a7:cd: 99:ce:e7:a2:69:a5:18:a2:33:85:aa:8b:7d:f5:fc: 2c:8c:11:f9:ab:02:40:a1:5e:b0:69:f1:94:7f:e5: 80:52:3d:53:2f:97:b7:de:da:32:e6:79:d1:40:a2: 68:35:1f:8d:47:54:6d:a6:c2:c5:0b:bf:ea:9b:49: 02:bf:70:09:c8:41:1a:8f:58:94:62:88:76:44:3d: 95:4c:d9:35:0f:3c:a1:16:e1:ab:66:00:ad:6b:3b: eb:9d:06:08:c6:2c:bb:3f:c9:12:8a:6e:22:87:fe: 97:bc:e8:1e:b7:3e:b1:78:1e:a4:44:bd:bb:01:c2: 94:b5:c7:58:16:e8:03:fb:88:4f:7e:ea:89:2d:b5: a3:3f:36:9f:9b:77:86:fe:48:2b:4a:fa:e2:5d:bf: a9:ce:dd:4b:3e:e2:c6:df:67:9f:4b:88:2c:94:a2: 37:a6:fc:d8:7a:42:a9:ca:98:8e:cc:fa:5d:79:bc: f3:f9:79:53:55:55:ef:98:51:e5:4a:a8:d9:a0:8c: 04:b3:0e:d6:7c:c6:9d:7e:74:f3:61:d4:fa:7c:5e: 60:6a:d7:5e:ef:e2:3a:80:2f:92:06:2c:4a:8e:02: 0f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:03:54:23:32:DF:25:1E:2A:61:5A:1D:CD:C3:27:34:35:DD:50:31 X509v3 Authority Key Identifier: keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/CANUIzLfJR4qYVodzcMnNDXdUDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.75.8.0/21 185.28.0.0/22 185.40.72.0/22 185.81.236.0/22 185.153.248.0/22 185.155.148.0/22 195.142.0.0/22 195.142.104.0/21 195.142.132.0/22 195.142.152.0/22 195.142.184.0/22 195.142.192.0/22 195.155.96.0/22 IPv6: 2a05:8a00::/29 Signature Algorithm: sha256WithRSAEncryption 4c:d8:3a:d4:2c:bb:53:68:d6:70:c1:be:3d:de:00:f0:fb:7f: 11:90:e7:35:d3:7a:a5:d0:e2:b5:36:20:3f:c3:32:2e:f3:b3: c3:38:c8:aa:ba:68:0a:31:09:1c:18:0a:6d:a7:a7:c4:7b:ee: 15:df:81:6e:ba:56:86:62:40:d1:f6:cd:c3:f0:22:f5:38:82: 4d:cf:7d:3f:6b:4f:f7:f7:c2:61:05:51:eb:55:54:48:17:52: d5:3a:63:e9:db:8d:80:2c:fe:7d:93:ea:20:80:e8:b8:89:8e: d2:df:bc:6a:da:19:70:73:d2:dd:b8:f5:4c:1c:80:ad:99:94: d9:40:ce:e8:0c:a7:eb:b5:6d:0c:07:7f:05:7b:9a:93:f2:c3: 1c:e9:d3:8f:98:1d:15:3d:99:42:60:ef:a9:e2:78:c8:f1:6f: d1:9d:06:74:9f:34:5e:47:a3:cf:d7:19:13:09:be:b5:b7:f2: 22:91:83:5d:22:f6:f9:7b:c6:de:3a:94:9e:4a:74:a8:44:29: 0b:6e:fa:b8:ad:c9:9e:55:75:8e:aa:df:1e:a1:3b:fe:ee:c7: 03:3f:80:c2:f3:9c:f3:9e:8d:52:fc:f9:47:23:04:a0:72:b1: 73:5c:67:7e:5e:06:86:c1:21:8f:9c:5a:66:1d:71:1f:83:31: d3:d7:3f:10 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgISAZt7NrXM47g3ER7fMs+7xEC6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw Mjg1OTAwHhcNMjYwMTAxMjAxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODAzNTQyMzMyZGYyNTFlMmE2MTVhMWRjZGMzMjczNDM1ZGQ1MDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9PeBCWFPL7zx4IP/wEQLW7KsIte sgyYZpKPp82ZzueiaaUYojOFqot99fwsjBH5qwJAoV6wafGUf+WAUj1TL5e33toy 5nnRQKJoNR+NR1RtpsLFC7/qm0kCv3AJyEEaj1iUYoh2RD2VTNk1DzyhFuGrZgCt azvrnQYIxiy7P8kSim4ih/6XvOgetz6xeB6kRL27AcKUtcdYFugD+4hPfuqJLbWj Pzafm3eG/kgrSvriXb+pzt1LPuLG32efS4gslKI3pvzYekKpypiOzPpdebzz+XlT VVXvmFHlSqjZoIwEsw7WfMadfnTzYdT6fF5gatde7+I6gC+SBixKjgIPKQIDAQAB o4ICYDCCAlwwHQYDVR0OBBYEFAgDVCMy3yUeKmFaHc3DJzQ13VAxMB8GA1UdIwQY MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt YjgxMzczYzQwZGM5LzEvQ0FOVUl6TGZKUjRxWVZvZHpjTW5ORFhkVURFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5 LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDJUsIAwQC uRwAAwQCuShIAwQCuVHsAwQCuZn4AwQCuZuUAwQCw44AAwQDw45oAwQCw46EAwQC w46YAwQCw464AwQCw47AAwQCw5tgMA0EAgACMAcDBQMqBYoAMA0GCSqGSIb3DQEB CwUAA4IBAQBM2DrULLtTaNZwwb493gDw+38RkOc103ql0OK1NiA/wzIu87PDOMiq umgKMQkcGAptp6fEe+4V34FuulaGYkDR9s3D8CL1OIJNz30/a0/398JhBVHrVVRI F1LVOmPp242ALP59k+oggOi4iY7S37xq2hlwc9LduPVMHICtmZTZQM7oDKfrtW0M B38Fe5qT8sMc6dOPmB0VPZlCYO+p4njI8W/RnQZ0nzReR6PP1xkTCb61t/IikYNd Ivb5e8beOpSeSnSoRCkLbvq4rcmeVXWOqt8eoTv+7scDP4DC85zzno1S/PlHIwSg crFzXGd+XgaGwSGPnFpmHXEfgzHT1z8Q -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:15 2026 by rpki-client