This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/cefT8Znon0EMvLEa4jZbAItaX68.roa File: cefT8Znon0EMvLEa4jZbAItaX68.roa (raw, json) Hash identifier: zuUKY/0e1yWLD2162lMycJrs/wJncsLp3x6qIl7VWD4= Subject key identifier: 71:E7:D3:F1:99:E8:9F:41:0C:BC:B1:1A:E2:36:5B:00:8B:5A:5F:AF Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430 Certificate serial: 019BEAD69685F66ADF92358C04771ADD17BB Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/cefT8Znon0EMvLEa4jZbAItaX68.roa Signing time: Fri 23 Jan 2026 12:31:30 +0000 ROA not before: Fri 23 Jan 2026 12:31:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3188 IP address blocks: 5.2.80.0/24 maxlen: 24 5.2.81.0/24 maxlen: 24 5.2.82.0/24 maxlen: 24 5.2.83.0/24 maxlen: 24 5.2.84.0/24 maxlen: 24 5.2.85.0/24 maxlen: 24 5.2.86.0/24 maxlen: 24 5.2.87.0/24 maxlen: 24 185.8.32.0/24 maxlen: 24 185.8.33.0/24 maxlen: 24 185.8.34.0/24 maxlen: 24 185.8.35.0/24 maxlen: 24 185.8.128.0/24 maxlen: 24 185.8.129.0/24 maxlen: 24 185.8.130.0/24 maxlen: 24 185.8.131.0/24 maxlen: 24 185.67.121.0/24 maxlen: 24 185.150.129.0/24 maxlen: 24 185.150.130.0/24 maxlen: 24 185.150.131.0/24 maxlen: 24 193.31.118.0/24 maxlen: 24 2a02:d9c0::/29 maxlen: 29 2a04:b600::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.mft rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ea:d6:96:85:f6:6a:df:92:35:8c:04:77:1a:dd:17:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430 Validity Not Before: Jan 23 12:31:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71e7d3f199e89f410cbcb11ae2365b008b5a5faf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:37:a0:9d:4e:4e:e5:83:d7:67:6d:ef:0f:0e: 7f:2f:a0:a6:02:46:f9:e4:e3:36:7d:21:97:9e:fe: 39:3f:f0:27:34:43:4d:c6:6e:c9:a8:29:d7:d3:0e: b4:7e:32:42:ee:21:5b:6f:5a:86:a3:b7:8e:d6:b1: 4b:b8:e6:4f:3a:75:71:eb:81:93:a4:6d:02:ce:84: 1a:c4:ee:60:81:1e:1e:75:51:b8:78:5e:c8:fb:eb: 7d:d5:1f:80:e3:5a:6c:5b:a3:9a:a4:ee:db:39:8d: ba:32:7c:e6:b2:58:f1:d5:a4:db:e1:29:83:75:03: b3:98:d7:77:01:73:40:1a:fd:4f:33:23:44:d9:35: ca:f6:d4:d4:5a:8e:e6:ba:b4:8d:fe:7b:d4:db:45: 3a:f8:14:e3:af:ca:23:45:0c:bc:3f:b6:32:c8:3e: 7a:60:51:c7:be:97:9e:cb:19:cb:63:8e:0d:dc:40: a2:91:ad:ec:cc:b7:ef:30:77:91:a9:d4:7d:f8:54: a0:5b:be:9a:d5:c6:f2:60:19:61:fe:ad:1b:03:77: 68:49:2a:2e:91:c3:0b:54:04:6d:58:a1:21:db:16: f6:31:b9:65:c8:95:e3:8b:10:d6:11:d4:1f:73:92: 65:71:c8:93:95:72:8e:05:35:8b:ed:16:27:22:aa: aa:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:E7:D3:F1:99:E8:9F:41:0C:BC:B1:1A:E2:36:5B:00:8B:5A:5F:AF X509v3 Authority Key Identifier: keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/cefT8Znon0EMvLEa4jZbAItaX68.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.2.80.0/21 185.8.32.0/22 185.8.128.0/22 185.67.121.0/24 185.150.129.0-185.150.131.255 193.31.118.0/24 IPv6: 2a02:d9c0::/29 2a04:b600::/29 Signature Algorithm: sha256WithRSAEncryption a9:5b:6c:fd:9c:77:90:69:8c:63:3c:5c:bd:4d:bc:58:06:6c: 96:5b:e1:6a:15:5f:5f:78:0c:f9:8a:c2:fe:a5:6c:c9:fb:86: 82:f7:38:78:93:24:35:b1:48:47:67:36:54:e8:c8:0a:d7:df: b1:40:c8:1e:ea:56:df:6f:59:07:99:38:74:f2:87:d9:e2:ea: 63:44:79:ad:0a:4b:e4:78:42:7e:16:05:48:41:a1:7b:ce:cb: 3e:32:e7:cf:ef:a2:e4:bb:20:a6:e8:84:4b:45:22:f6:75:10: d3:70:d0:ed:12:f8:2a:b8:ad:58:c5:28:30:04:c8:ae:06:2e: 60:2f:d4:85:6e:b3:7d:85:f7:63:4b:b5:c3:e3:58:68:69:dc: 69:23:33:0a:7e:96:e5:7d:f0:fc:6c:f9:47:9e:57:4e:46:36: 03:1b:dd:ad:77:cd:21:86:d0:a4:f5:98:ab:55:68:76:1a:65: 76:1c:1f:98:97:e0:06:21:d9:e1:f9:30:63:a1:e9:43:18:7b: 23:25:87:b2:91:b7:de:bd:ac:4b:40:42:fe:36:e8:ea:97:12: 7a:77:c1:7d:48:9a:e9:8d:88:ff:e3:da:27:77:0a:e2:86:37: e4:96:53:dd:c4:69:61:9c:8b:d8:1a:6b:ca:6d:a1:ea:1b:e6: ee:6f:17:d3 -----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgISAZvq1paF9mrfkjWMBHca3Re7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj MjY0MzAwHhcNMjYwMTIzMTIzMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWU3ZDNmMTk5ZTg5ZjQxMGNiY2IxMWFlMjM2NWIwMDhiNWE1ZmFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTegnU5O5YPXZ23vDw5/L6CmAkb5 5OM2fSGXnv45P/AnNENNxm7JqCnX0w60fjJC7iFbb1qGo7eO1rFLuOZPOnVx64GT pG0CzoQaxO5ggR4edVG4eF7I++t91R+A41psW6OapO7bOY26Mnzmsljx1aTb4SmD dQOzmNd3AXNAGv1PMyNE2TXK9tTUWo7murSN/nvU20U6+BTjr8ojRQy8P7YyyD56 YFHHvpeeyxnLY44N3ECika3szLfvMHeRqdR9+FSgW76a1cbyYBlh/q0bA3doSSou kcMLVARtWKEh2xb2MbllyJXjixDWEdQfc5JlcciTlXKOBTWL7RYnIqqq1wIDAQAB o4ICRTCCAkEwHQYDVR0OBBYEFHHn0/GZ6J9BDLyxGuI2WwCLWl+vMB8GA1UdIwQY MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt ZmY2MGUyMThlZDQxLzEvY2VmVDhabm9uMEVNdkxFYTRqWmJBSXRhWDY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsAwQDBQJQAwQC uQggAwQCuQiAAwQAuUN5MAwDBAC5loEDBAK5loADBADBH3YwFAQCAAIwDgMFAyoC 2cADBQMqBLYAMA0GCSqGSIb3DQEBCwUAA4IBAQCpW2z9nHeQaYxjPFy9TbxYBmyW W+FqFV9feAz5isL+pWzJ+4aC9zh4kyQ1sUhHZzZU6MgK19+xQMge6lbfb1kHmTh0 8ofZ4upjRHmtCkvkeEJ+FgVIQaF7zss+MufP76LkuyCm6IRLRSL2dRDTcNDtEvgq uK1YxSgwBMiuBi5gL9SFbrN9hfdjS7XD41hoadxpIzMKfpblffD8bPlHnldORjYD G92td80hhtCk9ZirVWh2GmV2HB+Yl+AGIdnh+TBjoelDGHsjJYeykbfevaxLQEL+ NujqlxJ6d8F9SJrpjYj/49ondwrihjfkllPdxGlhnIvYGmvKbaHqG+bubxfT -----END CERTIFICATE-----Generated at Mon Jan 26 12:26:02 2026 by rpki-client