This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/ckGyseiXClHPKvZc0nmqY19ttos.roa File: ckGyseiXClHPKvZc0nmqY19ttos.roa (raw, json) Hash identifier: Yi/gbRZzD3hzlnLpg0sfEHwVq1nYLL7ZQtIyu02d0kc= Subject key identifier: 72:41:B2:B1:E8:97:0A:51:CF:2A:F6:5C:D2:79:AA:63:5F:6D:B6:8B Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b Certificate serial: 019B775917220F53B0A6F5C8477AE74A7649 Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/ckGyseiXClHPKvZc0nmqY19ttos.roa Signing time: Thu 01 Jan 2026 02:18:05 +0000 ROA not before: Thu 01 Jan 2026 02:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206382 IP address blocks: 185.186.129.0/24 maxlen: 24 185.186.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:17:22:0f:53:b0:a6:f5:c8:47:7a:e7:4a:76:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b Validity Not Before: Jan 1 02:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7241b2b1e8970a51cf2af65cd279aa635f6db68b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:46:ca:e8:7a:fe:1d:23:35:e0:c7:01:e9:b5: b9:71:eb:ef:ef:c3:9c:41:4d:03:fe:38:63:75:be: 91:d4:a3:da:03:58:4c:df:dc:0b:a5:33:a5:0b:a7: 6d:79:f1:2a:32:82:3d:42:e6:ba:cb:7e:84:ff:7b: d4:af:e8:2d:70:9c:fd:bb:0f:4d:17:fc:8e:b4:bf: db:a3:fe:d8:0a:e2:24:88:e1:0c:c5:11:f6:cc:30: a5:7b:21:85:e5:32:8f:2c:c0:56:a0:44:75:d3:50: 8c:a2:ee:e2:81:e5:54:cd:b1:09:52:31:c7:b5:dd: db:ce:53:3a:76:c1:bb:7c:0c:d8:ba:35:e5:b3:ae: 17:ae:ce:6b:1a:95:03:1e:62:e4:80:00:84:07:cf: 99:fa:cc:64:fd:cf:78:31:e7:39:fd:4a:25:95:b1: 31:5f:e0:b9:f0:66:2b:32:ca:53:81:eb:a7:91:87: d3:14:3e:c0:06:5b:6c:48:7c:53:93:d3:53:3e:54: d6:eb:42:fe:56:58:d4:af:7a:6d:e7:32:48:47:3a: 75:eb:0f:ce:39:83:9a:fc:27:10:8d:7f:1d:02:97: af:f8:55:ea:c6:1b:14:bd:d3:8b:d5:81:f3:7a:57: 26:e2:c8:96:de:d1:6b:c9:c8:4c:c0:6e:18:79:f5: 7f:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:41:B2:B1:E8:97:0A:51:CF:2A:F6:5C:D2:79:AA:63:5F:6D:B6:8B X509v3 Authority Key Identifier: keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/ckGyseiXClHPKvZc0nmqY19ttos.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.186.129.0-185.186.131.255 Signature Algorithm: sha256WithRSAEncryption 87:a1:c9:aa:47:40:ad:0a:af:cb:9c:7e:33:33:f8:2e:ff:b0: 65:92:dc:8f:67:47:dc:31:ca:50:c4:3b:9a:b9:26:7f:07:32: 26:f9:d7:0a:d6:20:a7:32:b2:ce:dc:ee:5c:62:67:30:2e:47: a6:f8:d3:f3:57:9d:02:32:12:2b:03:72:02:04:00:90:97:ba: 5e:65:2a:ac:6c:10:36:96:e6:ec:df:c1:e8:ea:bb:d8:c0:04: fb:ca:29:8f:ab:2f:59:28:36:46:94:57:3f:ea:7b:c7:b3:aa: dd:2b:bd:22:7b:10:3b:22:ca:49:48:df:50:64:bb:3d:d5:ff: 82:fd:61:d5:ac:46:4a:61:21:79:77:0e:1e:e3:9e:26:2e:1d: fe:ea:d1:8f:5e:d0:8e:39:40:fc:40:62:84:f9:b0:3a:c4:0f: 97:4b:03:31:b2:e7:8b:4a:42:60:60:59:73:11:4a:f7:df:38: 6b:56:00:b7:17:9b:4b:67:50:d6:56:4b:60:0e:4c:b5:0f:f5: 49:8a:3b:96:c9:61:08:13:fb:0f:06:2a:18:91:cd:0a:ac:c5: 29:6f:80:33:1d:28:65:c2:5b:41:2a:19:0f:9a:79:1e:e5:01: cf:06:49:2e:73:f4:c7:1e:d9:28:29:9d:06:9d:b5:08:7c:87: 4b:e3:fb:e4 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt3WRciD1OwpvXIR3rnSnZJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk ODI0MGIwHhcNMjYwMTAxMDIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjQxYjJiMWU4OTcwYTUxY2YyYWY2NWNkMjc5YWE2MzVmNmRiNjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40bK6Hr+HSM14McB6bW5cevv78Oc QU0D/jhjdb6R1KPaA1hM39wLpTOlC6dtefEqMoI9Qua6y36E/3vUr+gtcJz9uw9N F/yOtL/bo/7YCuIkiOEMxRH2zDCleyGF5TKPLMBWoER101CMou7igeVUzbEJUjHH td3bzlM6dsG7fAzYujXls64Xrs5rGpUDHmLkgACEB8+Z+sxk/c94Mec5/UollbEx X+C58GYrMspTgeunkYfTFD7ABltsSHxTk9NTPlTW60L+VljUr3pt5zJIRzp16w/O OYOa/CcQjX8dApev+FXqxhsUvdOL1YHzelcm4siW3tFrychMwG4YefV/QQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFHJBsrHolwpRzyr2XNJ5qmNfbbaLMB8GA1UdIwQY MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt MWQ3MDNiNDk2NjM0LzEvY2tHeXNlaVhDbEhQS3ZaYzBubXFZMTl0dG9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0 LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5uoED BAK5uoAwDQYJKoZIhvcNAQELBQADggEBAIehyapHQK0Kr8ucfjMz+C7/sGWS3I9n R9wxylDEO5q5Jn8HMib51wrWIKcyss7c7lxiZzAuR6b40/NXnQIyEisDcgIEAJCX ul5lKqxsEDaW5uzfwejqu9jABPvKKY+rL1koNkaUVz/qe8ezqt0rvSJ7EDsiyklI 31Bkuz3V/4L9YdWsRkphIXl3Dh7jniYuHf7q0Y9e0I45QPxAYoT5sDrED5dLAzGy 54tKQmBgWXMRSvffOGtWALcXm0tnUNZWS2AOTLUP9UmKO5bJYQgT+w8GKhiRzQqs xSlvgDMdKGXCW0EqGQ+aeR7lAc8GSS5z9Mce2SgpnQadtQh8h0vj++Q= -----END CERTIFICATE-----Generated at Mon Jan 26 03:07:38 2026 by rpki-client