This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/cnRs0nFBKnPSwQ1F-1xOIce5la0.roa File: cnRs0nFBKnPSwQ1F-1xOIce5la0.roa (raw, json) Hash identifier: OKJospeoF5ncHQtQYt7c9nFDBBSFOmh/9wk/WbCnrEs= Subject key identifier: 72:74:6C:D2:71:41:2A:73:D2:C1:0D:45:FB:5C:4E:21:C7:B9:95:AD Certificate issuer: /CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582 Certificate serial: 019B7E39211681922FC666609C044C92DA63 Authority key identifier: FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/cnRs0nFBKnPSwQ1F-1xOIce5la0.roa Signing time: Fri 02 Jan 2026 10:20:31 +0000 ROA not before: Fri 02 Jan 2026 10:20:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208864 IP address blocks: 45.11.15.0/24 maxlen: 24 185.42.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.mft rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:21:16:81:92:2f:c6:66:60:9c:04:4c:92:da:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582 Validity Not Before: Jan 2 10:20:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72746cd271412a73d2c10d45fb5c4e21c7b995ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:83:e5:d1:dd:ae:0f:9c:40:59:e2:e7:44:c3: 6b:b3:60:d6:62:00:88:e3:0e:bf:f2:62:f6:a7:9f: 88:63:f0:e0:2b:e2:a1:a3:9a:57:2d:fc:fa:99:c5: fc:33:be:0e:08:bf:c1:46:8e:e7:ea:5a:b2:67:c7: 5c:50:fb:d5:52:6f:9a:44:79:d3:51:3f:15:66:c8: 68:4b:82:c7:ab:04:30:15:e2:24:93:eb:6e:bd:95: 9a:97:16:f6:60:66:c8:57:70:fa:ab:60:a3:f8:94: 8c:23:d0:81:bd:86:98:56:5f:bd:c5:fc:d1:61:35: b6:5f:df:ac:c5:3e:36:e1:02:69:1b:7d:e1:58:ba: 66:35:0f:20:4b:1d:74:d1:8a:31:d6:98:d8:c2:bc: 17:85:86:e4:53:d5:01:91:a2:ae:84:b4:5e:0e:bb: 1d:7b:90:ec:a2:0c:53:2e:23:d4:14:23:90:ce:3b: 16:6d:2f:0f:d6:61:3d:76:40:f0:c1:e7:17:19:73: 04:46:ee:80:32:93:d9:75:2d:7a:96:9e:56:77:25: ab:e0:aa:21:0d:82:3d:4c:c0:cb:3d:b7:1d:1a:c3: fa:da:94:34:8f:ac:78:cb:b5:82:11:6e:aa:6e:5d: 7b:84:34:7a:01:05:79:ba:23:62:45:cd:b8:3a:e2: 7e:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:74:6C:D2:71:41:2A:73:D2:C1:0D:45:FB:5C:4E:21:C7:B9:95:AD X509v3 Authority Key Identifier: keyid:FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/cnRs0nFBKnPSwQ1F-1xOIce5la0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.11.15.0/24 185.42.59.0/24 Signature Algorithm: sha256WithRSAEncryption 12:41:95:83:0b:96:02:3a:63:a4:d2:60:92:af:c7:02:9b:9c: 88:39:ee:97:08:de:5f:09:f6:da:0d:7e:71:f6:3a:fc:fb:48: 1e:ec:59:c0:9f:c4:b4:d1:fc:c0:ac:93:0e:66:62:61:96:77: ed:21:2a:ea:85:fc:82:ff:fa:53:a6:05:d6:5f:a9:a0:af:89: 9f:03:8c:e5:00:71:aa:64:ef:10:f5:4f:40:33:81:90:d3:b1: e4:c0:35:db:ce:03:13:c2:35:56:b5:07:5b:0b:0f:c8:02:0b: d0:1d:1f:58:73:bd:37:28:37:52:79:71:e7:cc:98:68:4e:4e: 69:96:60:f0:c2:35:81:8a:f2:5f:6f:31:03:3f:1a:ea:cd:8c: 95:e8:11:d7:4b:85:5b:5c:b5:0a:46:5a:db:06:cb:32:d9:d5: a4:1f:6e:71:d1:53:9e:3d:12:e4:75:b1:fb:f4:7f:09:c7:2f: fe:6d:77:f3:ed:f5:63:c6:0b:eb:49:41:ae:cb:e2:c2:7e:24: c2:0a:6e:d2:2c:15:42:a4:e2:5c:47:3f:a8:26:3f:1b:b2:b7: 4e:55:35:2e:7c:06:0b:d0:88:d8:cd:fc:cd:ba:58:6c:f1:62: 1f:8e:17:c0:d0:76:5e:c9:8d:81:6f:3b:09:b4:a7:b4:1c:a7: 13:68:55:63 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OSEWgZIvxmZgnARMktpjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjMzU4NzdjYzAzOGJmZmRiOTdiYjNkNmVhMjE2YWI1MmIz YTA1ODIwHhcNMjYwMTAyMTAyMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Mjc0NmNkMjcxNDEyYTczZDJjMTBkNDVmYjVjNGUyMWM3Yjk5NWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9oPl0d2uD5xAWeLnRMNrs2DWYgCI 4w6/8mL2p5+IY/DgK+Kho5pXLfz6mcX8M74OCL/BRo7n6lqyZ8dcUPvVUm+aRHnT UT8VZshoS4LHqwQwFeIkk+tuvZWalxb2YGbIV3D6q2Cj+JSMI9CBvYaYVl+9xfzR YTW2X9+sxT424QJpG33hWLpmNQ8gSx100Yox1pjYwrwXhYbkU9UBkaKuhLReDrsd e5DsogxTLiPUFCOQzjsWbS8P1mE9dkDwwecXGXMERu6AMpPZdS16lp5WdyWr4Koh DYI9TMDLPbcdGsP62pQ0j6x4y7WCEW6qbl17hDR6AQV5uiNiRc24OuJ+KQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHJ0bNJxQSpz0sENRftcTiHHuZWtMB8GA1UdIwQY MBaAFPw1h3zAOL/9uXuz1uoharUrOgWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMt OGU2NWIzNDdmMjE4LzEvY25SczBuRkJLblBTd1ExRi0xeE9JY2U1bGEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMtOGU2NWIzNDdmMjE4 LzEvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQsPAwQA uSo7MA0GCSqGSIb3DQEBCwUAA4IBAQASQZWDC5YCOmOk0mCSr8cCm5yIOe6XCN5f CfbaDX5x9jr8+0ge7FnAn8S00fzArJMOZmJhlnftISrqhfyC//pTpgXWX6mgr4mf A4zlAHGqZO8Q9U9AM4GQ07HkwDXbzgMTwjVWtQdbCw/IAgvQHR9Yc703KDdSeXHn zJhoTk5plmDwwjWBivJfbzEDPxrqzYyV6BHXS4VbXLUKRlrbBssy2dWkH25x0VOe PRLkdbH79H8Jxy/+bXfz7fVjxgvrSUGuy+LCfiTCCm7SLBVCpOJcRz+oJj8bsrdO VTUufAYL0IjYzfzNulhs8WIfjhfA0HZeyY2BbzsJtKe0HKcTaFVj -----END CERTIFICATE-----Generated at Sun Jan 25 22:50:13 2026 by rpki-client