This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/cm67I6cgvldcfZuyxkkAFWq7fA8.roa File: cm67I6cgvldcfZuyxkkAFWq7fA8.roa (raw, json) Hash identifier: KeoSihcTZszgEOGDu5cMLsDEaj3J/GKvCjERELK00DQ= Subject key identifier: 72:6E:BB:23:A7:20:BE:57:5C:7D:9B:B2:C6:49:00:15:6A:BB:7C:0F Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B783488636D5628F61FE694FF0E37B561 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/cm67I6cgvldcfZuyxkkAFWq7fA8.roa Signing time: Thu 01 Jan 2026 06:17:47 +0000 ROA not before: Thu 01 Jan 2026 06:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207448 IP address blocks: 192.165.132.0/24 maxlen: 24 193.183.193.0/24 maxlen: 24 193.235.64.0/24 maxlen: 24 2a01:280:358::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:88:63:6d:56:28:f6:1f:e6:94:ff:0e:37:b5:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=726ebb23a720be575c7d9bb2c64900156abb7c0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:bb:5e:6d:c1:4d:28:11:90:10:fb:e1:34:bf: 9e:aa:4b:09:07:48:27:d4:c7:a1:de:28:f1:f0:a2: 62:4c:46:f7:fb:ab:43:df:8c:3f:ff:34:2e:a9:75: ae:25:81:8b:1c:1c:26:d6:61:08:ea:b6:2d:1d:ec: c7:d2:7e:ff:29:fd:8f:ab:26:e9:ef:da:76:b1:78: d7:af:65:6f:2b:bf:68:9f:e8:b9:02:75:6c:d8:1c: bd:f9:ea:6b:1c:ae:5c:69:08:b6:43:a1:c9:67:f3: d6:04:8e:0b:bb:51:84:45:fb:b3:ed:90:5f:63:19: 54:61:32:37:e4:d8:5b:f9:55:07:71:cc:f7:d9:ad: 26:48:4b:95:58:1f:3e:76:56:fd:6c:2c:73:b2:4b: 83:02:d2:00:0d:c6:66:df:7a:b7:c0:41:69:15:4f: d4:99:a3:f6:4b:9d:9d:a3:d7:8f:e7:54:96:1a:4e: 3d:eb:8f:b2:d2:60:a0:e2:bc:86:f8:c4:72:6c:2a: 1d:ae:49:a4:c4:e4:cb:3c:95:0f:38:c8:60:7d:22: d1:a0:9e:6a:e8:82:55:5f:e5:8f:3c:f3:8f:e0:75: df:fd:33:53:5b:b4:5a:84:95:8e:c0:d7:dc:16:0e: 23:02:7c:30:98:6b:bc:0a:46:f7:bd:36:d6:cc:83: 11:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:6E:BB:23:A7:20:BE:57:5C:7D:9B:B2:C6:49:00:15:6A:BB:7C:0F X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/cm67I6cgvldcfZuyxkkAFWq7fA8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.165.132.0/24 193.183.193.0/24 193.235.64.0/24 IPv6: 2a01:280:358::/48 Signature Algorithm: sha256WithRSAEncryption 08:2b:bb:f0:80:fc:d4:85:99:df:21:01:80:f5:6d:b5:6e:12: 28:32:7e:c6:9b:02:de:d4:6f:49:28:ad:fb:01:4f:62:5d:dd: 7c:03:5a:8e:01:31:80:fb:db:dc:d6:5c:dc:67:2d:d9:95:b5: 84:ba:77:29:91:d7:bf:3a:85:45:bf:a8:f0:59:1b:7a:63:73: ef:70:7f:b5:be:73:4c:ac:ee:67:38:9d:ea:d2:f5:8e:ba:57: 0c:5f:23:31:8e:64:e3:01:9f:ac:14:e7:57:b9:d5:ca:6c:49: 79:3d:9f:c5:b0:00:ad:77:89:63:84:d2:e2:43:b9:a2:86:64: 71:8c:e2:51:1c:73:cd:25:83:d9:82:ba:f0:31:6f:1f:3d:bb: d2:ff:a1:91:49:f3:af:7f:4b:8a:da:9d:d6:48:21:1f:f3:35: 4b:de:2d:85:e4:4d:50:96:11:37:86:47:30:29:d9:28:3f:08: a3:ca:19:00:4d:86:1b:6e:81:64:f1:84:a7:8e:4b:41:77:bf: 5d:65:d6:a7:fd:6b:93:4f:ec:8a:7d:0c:2d:40:14:cd:02:ed: 8d:c8:13:00:e6:50:46:a6:27:87:00:7b:56:47:eb:7a:39:b4: 10:f8:43:9b:92:af:66:8b:79:62:49:21:a1:81:3a:6d:bd:36: 5d:ed:62:be -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt4NIhjbVYo9h/mlP8ON7VhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjZlYmIyM2E3MjBiZTU3NWM3ZDliYjJjNjQ5MDAxNTZhYmI3YzBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbtebcFNKBGQEPvhNL+eqksJB0gn 1Meh3ijx8KJiTEb3+6tD34w//zQuqXWuJYGLHBwm1mEI6rYtHezH0n7/Kf2Pqybp 79p2sXjXr2VvK79on+i5AnVs2By9+eprHK5caQi2Q6HJZ/PWBI4Lu1GERfuz7ZBf YxlUYTI35Nhb+VUHccz32a0mSEuVWB8+dlb9bCxzskuDAtIADcZm33q3wEFpFU/U maP2S52do9eP51SWGk4964+y0mCg4ryG+MRybCodrkmkxOTLPJUPOMhgfSLRoJ5q 6IJVX+WPPPOP4HXf/TNTW7RahJWOwNfcFg4jAnwwmGu8Ckb3vTbWzIMROQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFHJuuyOnIL5XXH2bssZJABVqu3wPMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvY202N0k2Y2d2bGRjZlp1eXhra0FGV3E3ZkE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwKWEAwQA wbfBAwQAwetAMA8EAgACMAkDBwAqAQKAA1gwDQYJKoZIhvcNAQELBQADggEBAAgr u/CA/NSFmd8hAYD1bbVuEigyfsabAt7Ub0korfsBT2Jd3XwDWo4BMYD729zWXNxn LdmVtYS6dymR1786hUW/qPBZG3pjc+9wf7W+c0ys7mc4nerS9Y66VwxfIzGOZOMB n6wU51e51cpsSXk9n8WwAK13iWOE0uJDuaKGZHGM4lEcc80lg9mCuvAxbx89u9L/ oZFJ869/S4randZIIR/zNUveLYXkTVCWETeGRzAp2Sg/CKPKGQBNhhtugWTxhKeO S0F3v11l1qf9a5NP7Ip9DC1AFM0C7Y3IEwDmUEamJ4cAe1ZH63o5tBD4Q5uSr2aL eWJJIaGBOm29Nl3tYr4= -----END CERTIFICATE-----Generated at Sun Jan 25 13:43:38 2026 by rpki-client