This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/CawyeYNcMjrLuvvbcUuS250xWNk.roa File: CawyeYNcMjrLuvvbcUuS250xWNk.roa (raw, json) Hash identifier: y+f/df2HILWWbPxsyDOlBpH7jfN1Enb/8oL5EPuvVoU= Subject key identifier: 09:AC:32:79:83:5C:32:3A:CB:BA:FB:DB:71:4B:92:DB:9D:31:58:D9 Certificate issuer: /CN=34921598b6a261aa4c3e67144ac876033253e0aa Certificate serial: 019B78A28FAB4D0606084957D8F9685028D9 Authority key identifier: 34:92:15:98:B6:A2:61:AA:4C:3E:67:14:4A:C8:76:03:32:53:E0:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/CawyeYNcMjrLuvvbcUuS250xWNk.roa Signing time: Thu 01 Jan 2026 08:17:58 +0000 ROA not before: Thu 01 Jan 2026 08:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39605 IP address blocks: 185.28.232.0/22 maxlen: 24 2a00:a320::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/NJIVmLaiYapMPmcUSsh2AzJT4Ko.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/NJIVmLaiYapMPmcUSsh2AzJT4Ko.mft rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:8f:ab:4d:06:06:08:49:57:d8:f9:68:50:28:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34921598b6a261aa4c3e67144ac876033253e0aa Validity Not Before: Jan 1 08:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=09ac3279835c323acbbafbdb714b92db9d3158d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:62:92:ba:ee:ed:92:58:21:00:d5:7e:66:30: 4e:14:c2:59:ca:8d:72:0d:0a:70:5c:fe:6e:38:a7: 02:19:68:2b:87:e5:c1:3c:39:90:42:7b:45:ac:e1: f5:40:14:d7:82:c7:30:bb:7a:18:c9:7d:b2:b4:6b: f1:79:66:fd:91:5d:59:19:8e:46:01:0f:55:ca:52: 55:31:da:e2:a5:47:d6:fd:dc:1f:f0:32:94:02:5e: 2d:c1:f6:44:93:3f:97:91:c5:cf:52:16:a6:4b:de: 61:a9:38:c7:a3:9a:8c:5a:4a:e5:fd:79:55:79:12: ce:d6:d6:dd:b1:7a:f1:58:d5:20:2a:2b:0f:c5:c4: c4:d0:75:e2:83:14:b1:dc:47:b0:0a:ee:a7:18:a0: 28:8a:3c:c7:e1:0d:36:89:f7:1c:3c:4d:d1:6c:bd: 6f:14:29:bc:e3:1d:7c:ec:f9:a9:d4:b6:e8:db:f6: bd:8d:7c:3a:b0:f7:7e:b8:56:7d:3d:38:1e:fb:77: dc:1e:fb:bd:c0:3e:f1:1a:41:44:64:59:d3:b6:53: 29:a5:6e:49:a0:31:5d:ce:d1:61:a0:26:00:35:18: a1:58:75:17:bb:38:09:bc:f8:26:86:f0:07:c8:e2: 2b:00:d3:22:bf:a0:2a:dd:08:fe:f8:d8:b1:c1:fe: 67:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:AC:32:79:83:5C:32:3A:CB:BA:FB:DB:71:4B:92:DB:9D:31:58:D9 X509v3 Authority Key Identifier: keyid:34:92:15:98:B6:A2:61:AA:4C:3E:67:14:4A:C8:76:03:32:53:E0:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJIVmLaiYapMPmcUSsh2AzJT4Ko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/CawyeYNcMjrLuvvbcUuS250xWNk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b000e2-67c3-46f7-8820-42e002dad9ae/1/NJIVmLaiYapMPmcUSsh2AzJT4Ko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.28.232.0/22 IPv6: 2a00:a320::/32 Signature Algorithm: sha256WithRSAEncryption 27:c9:5f:3c:1f:2a:f2:dc:3e:01:bd:e2:03:19:6c:20:7a:0b: 5a:95:45:c8:92:20:a2:ac:8a:b3:fc:2a:2e:5b:fc:41:c4:5d: b9:6b:ea:5a:42:67:f8:22:9a:7d:f3:37:8c:77:4e:23:fa:28: ce:26:9d:7e:81:de:33:9f:a3:97:dd:80:a8:08:52:a3:41:7e: 21:a3:27:e3:1e:49:02:22:a8:79:ac:98:4b:17:7f:2e:57:35: ef:87:8a:ef:ea:6c:7f:95:e2:e4:d2:6a:b1:42:8b:84:af:fa: 45:31:84:6d:f1:bf:6f:8b:10:e7:b6:3a:27:c1:64:7a:52:f3: 90:d8:98:b4:a8:bc:c8:76:ad:0e:23:7f:42:0d:63:73:86:70: ca:fd:3b:96:59:42:6e:f1:8b:fd:cf:e1:6b:cf:f2:6b:7f:b3: b6:8a:a9:b9:72:51:aa:28:ba:2b:75:57:55:1d:76:50:9f:86: 4e:ad:51:60:e3:4c:f8:fb:41:55:f6:96:32:c3:36:a9:fa:fd: 3d:f6:fb:46:7f:82:8b:5c:5c:0a:ff:43:3d:88:af:28:b9:d9: 61:48:1d:a8:6e:04:57:af:9c:56:c8:53:4a:29:f2:86:8f:c9: 9a:ee:87:18:eb:ab:0e:ff:a5:7a:84:2a:6c:bd:de:71:5d:33: 6c:ca:f9:7c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4oo+rTQYGCElX2PloUCjZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OTIxNTk4YjZhMjYxYWE0YzNlNjcxNDRhYzg3NjAzMzI1 M2UwYWEwHhcNMjYwMTAxMDgxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOWFjMzI3OTgzNWMzMjNhY2JiYWZiZGI3MTRiOTJkYjlkMzE1OGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2KSuu7tklghANV+ZjBOFMJZyo1y DQpwXP5uOKcCGWgrh+XBPDmQQntFrOH1QBTXgscwu3oYyX2ytGvxeWb9kV1ZGY5G AQ9VylJVMdripUfW/dwf8DKUAl4twfZEkz+XkcXPUhamS95hqTjHo5qMWkrl/XlV eRLO1tbdsXrxWNUgKisPxcTE0HXigxSx3EewCu6nGKAoijzH4Q02ifccPE3RbL1v FCm84x187Pmp1Lbo2/a9jXw6sPd+uFZ9PTge+3fcHvu9wD7xGkFEZFnTtlMppW5J oDFdztFhoCYANRihWHUXuzgJvPgmhvAHyOIrANMiv6Aq3Qj++Nixwf5nAQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAmsMnmDXDI6y7r723FLktudMVjZMB8GA1UdIwQY MBaAFDSSFZi2omGqTD5nFErIdgMyU+CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkpJVm1MYWlZYXBNUG1jVVNzaDJBekpUNEtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iMDAwZTItNjdjMy00NmY3LTg4MjAt NDJlMDAyZGFkOWFlLzEvQ2F3eWVZTmNNanJMdXZ2YmNVdVMyNTB4V05rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9iMDAwZTItNjdjMy00NmY3LTg4MjAtNDJlMDAyZGFkOWFl LzEvTkpJVm1MYWlZYXBNUG1jVVNzaDJBekpUNEtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRzoMA0E AgACMAcDBQAqAKMgMA0GCSqGSIb3DQEBCwUAA4IBAQAnyV88Hyry3D4BveIDGWwg egtalUXIkiCirIqz/CouW/xBxF25a+paQmf4Ipp98zeMd04j+ijOJp1+gd4zn6OX 3YCoCFKjQX4hoyfjHkkCIqh5rJhLF38uVzXvh4rv6mx/leLk0mqxQouEr/pFMYRt 8b9vixDntjonwWR6UvOQ2Ji0qLzIdq0OI39CDWNzhnDK/TuWWUJu8Yv9z+Frz/Jr f7O2iqm5clGqKLordVdVHXZQn4ZOrVFg40z4+0FV9pYywzap+v099vtGf4KLXFwK /0M9iK8oudlhSB2obgRXr5xWyFNKKfKGj8ma7ocY66sO/6V6hCpsvd5xXTNsyvl8 -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:48 2026 by rpki-client