This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/cWtnPd8ZvgFa7GRaqMfs10BE4qc.roa File: cWtnPd8ZvgFa7GRaqMfs10BE4qc.roa (raw, json) Hash identifier: jN/lGIzUOKHwZH6DyNIy+6o9b1TpGieuOJIXydb73lg= Subject key identifier: 71:6B:67:3D:DF:19:BE:01:5A:EC:64:5A:A8:C7:EC:D7:40:44:E2:A7 Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF27AD74E712E33B519219E4E3A3E84 Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/cWtnPd8ZvgFa7GRaqMfs10BE4qc.roa Signing time: Fri 02 Jan 2026 18:22:36 +0000 ROA not before: Fri 02 Jan 2026 18:22:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206796 IP address blocks: 85.14.46.0/24 maxlen: 24 185.92.133.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:7a:d7:4e:71:2e:33:b5:19:21:9e:4e:3a:3e:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=716b673ddf19be015aec645aa8c7ecd74044e2a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:22:0a:10:bc:07:b0:0b:7d:60:4b:0a:24:7d: b0:0e:2d:d1:dd:5e:60:f3:75:4e:98:9c:23:b3:e5: b8:e3:17:92:1a:d7:63:d4:21:40:85:58:d3:0b:da: 67:4a:14:1b:82:d0:de:2d:98:91:d6:ef:41:3b:a0: 39:78:ba:b6:a9:59:e0:8e:14:6d:ea:06:33:1d:9e: 5a:e8:8f:ff:92:29:05:4b:50:c8:4a:d2:05:c8:77: dd:24:ee:1e:36:a9:b9:9f:96:51:37:44:8c:f5:73: 3d:90:40:3e:f9:f4:39:d7:7d:0e:8f:98:fc:9f:84: bd:6e:41:13:37:d6:57:e3:98:07:3d:a5:21:a2:72: 32:4b:ef:b5:81:a9:ca:2a:8c:54:36:58:e8:c8:a3: 77:49:35:05:61:39:99:dc:e8:35:d4:d4:f4:a0:18: 48:d7:b8:91:c3:79:76:2b:dd:29:51:bf:e6:44:41: 72:6e:ce:44:db:ff:4f:1c:2e:3b:b7:3d:f9:71:c2: 7e:20:b5:59:3a:56:35:55:a0:51:50:1e:80:9c:19: ef:7c:5c:4c:6f:7d:07:9e:87:d0:b9:d0:92:e0:98: 6e:92:2d:27:8e:4c:ba:c5:82:38:b6:02:82:1b:d3: 64:50:04:e6:08:c0:39:11:e7:53:6a:5b:87:8a:bc: b8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:6B:67:3D:DF:19:BE:01:5A:EC:64:5A:A8:C7:EC:D7:40:44:E2:A7 X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/cWtnPd8ZvgFa7GRaqMfs10BE4qc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.14.46.0/24 185.92.133.0/24 Signature Algorithm: sha256WithRSAEncryption c4:fe:d7:c8:29:50:ed:5c:6e:ad:7b:8a:e4:6b:5d:72:f5:f8: 03:0a:8f:c7:27:c7:bf:03:0e:e0:29:f5:33:c5:d7:e2:47:da: d0:e6:33:88:8a:6d:3b:20:39:1c:6c:ad:65:77:91:27:ce:9f: 73:43:45:55:66:fe:66:6d:79:62:e1:a8:52:e5:1e:f1:35:77: 2f:84:b0:aa:0f:e5:52:24:4f:fb:ca:c7:1c:30:aa:6a:dc:d4: 39:a3:9a:0c:e2:38:d7:d2:45:24:32:04:00:b8:17:71:4b:fa: db:fe:ce:7b:76:c0:1b:c7:23:04:ae:7e:de:4a:62:7e:55:64: 26:2b:c5:c8:04:a1:f7:b5:58:5d:10:09:02:fa:33:c6:a2:43: 8f:3d:6d:83:ea:2e:a5:98:30:5a:df:69:92:94:48:95:77:ba: cc:24:b2:6d:03:1f:f7:43:9a:4b:74:9a:7c:f7:e9:73:29:da: 3b:1d:c7:b2:11:9e:f7:8e:4a:98:fe:c7:68:11:12:87:06:4d: 1a:6b:ab:ad:41:35:13:50:95:62:dd:e3:7e:5d:5a:55:cb:1b: 97:93:d7:44:13:1d:f0:95:fe:63:96:9f:80:27:0b:32:b5:88: 53:13:2d:e8:e0:f3:54:bc:2b:ec:26:2d:1e:28:d6:ce:ef:36: 57:60:9f:03 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/8nrXTnEuM7UZIZ5OOj6EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTZiNjczZGRmMTliZTAxNWFlYzY0NWFhOGM3ZWNkNzQwNDRlMmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSIKELwHsAt9YEsKJH2wDi3R3V5g 83VOmJwjs+W44xeSGtdj1CFAhVjTC9pnShQbgtDeLZiR1u9BO6A5eLq2qVngjhRt 6gYzHZ5a6I//kikFS1DIStIFyHfdJO4eNqm5n5ZRN0SM9XM9kEA++fQ5130Oj5j8 n4S9bkETN9ZX45gHPaUhonIyS++1ganKKoxUNljoyKN3STUFYTmZ3Og11NT0oBhI 17iRw3l2K90pUb/mREFybs5E2/9PHC47tz35ccJ+ILVZOlY1VaBRUB6AnBnvfFxM b30HnofQudCS4Jhuki0njky6xYI4tgKCG9NkUATmCMA5EedTaluHiry4QQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHFrZz3fGb4BWuxkWqjH7NdAROKnMB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEvY1d0blBkOFp2Z0ZhN0dSYXFNZnMxMEJFNHFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVQ4uAwQA uVyFMA0GCSqGSIb3DQEBCwUAA4IBAQDE/tfIKVDtXG6te4rka11y9fgDCo/HJ8e/ Aw7gKfUzxdfiR9rQ5jOIim07IDkcbK1ld5Enzp9zQ0VVZv5mbXli4ahS5R7xNXcv hLCqD+VSJE/7ysccMKpq3NQ5o5oM4jjX0kUkMgQAuBdxS/rb/s57dsAbxyMErn7e SmJ+VWQmK8XIBKH3tVhdEAkC+jPGokOPPW2D6i6lmDBa32mSlEiVd7rMJLJtAx/3 Q5pLdJp89+lzKdo7HceyEZ73jkqY/sdoERKHBk0aa6utQTUTUJVi3eN+XVpVyxuX k9dEEx3wlf5jlp+AJwsytYhTEy3o4PNUvCvsJi0eKNbO7zZXYJ8D -----END CERTIFICATE-----Generated at Sun Jan 25 23:16:32 2026 by rpki-client