This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CW7I84w-3CNcgsbXNu7X05Te43I.roa File: CW7I84w-3CNcgsbXNu7X05Te43I.roa (raw, json) Hash identifier: 5XW02C0/9UlbEGf2UHJUyRtqoHwVTjDflHnNI8oHEXI= Subject key identifier: 09:6E:C8:F3:8C:3E:DC:23:5C:82:C6:D7:36:EE:D7:D3:94:DE:E3:72 Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA774D5DCA07B1697F3A0343804AA12 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CW7I84w-3CNcgsbXNu7X05Te43I.roa Signing time: Fri 02 Jan 2026 12:21:02 +0000 ROA not before: Fri 02 Jan 2026 12:21:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42362 IP address blocks: 78.111.240.0/23 maxlen: 23 83.239.192.0/21 maxlen: 21 83.239.208.0/20 maxlen: 20 85.172.128.0/19 maxlen: 19 85.172.192.0/21 maxlen: 21 85.172.200.0/22 maxlen: 22 85.172.208.0/20 maxlen: 20 85.172.224.0/20 maxlen: 20 85.172.240.0/20 maxlen: 20 85.173.32.0/19 maxlen: 19 85.173.224.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:74:d5:dc:a0:7b:16:97:f3:a0:34:38:04:aa:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=096ec8f38c3edc235c82c6d736eed7d394dee372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:54:bf:54:05:11:aa:63:f3:bf:00:af:29:3d: 92:d0:9a:e1:90:7c:98:9b:1f:c8:7a:f2:89:ed:6a: 30:03:48:63:bb:a7:d7:bd:ab:2a:42:79:c6:9d:40: 7d:24:42:48:1d:05:78:88:d0:57:f4:47:19:f7:1f: 77:88:9c:e8:f9:9e:30:8c:10:a3:07:9b:aa:2b:0f: 37:08:90:6b:4a:ff:43:64:5e:d5:94:97:d1:18:3b: 0c:56:c6:7b:5a:58:a1:f8:25:2a:41:55:e6:b0:c7: e2:8d:be:20:e5:a9:1e:1f:b2:66:98:fc:10:3d:55: 45:6e:99:bd:0b:45:1d:98:9c:40:5f:79:a7:9e:27: 15:16:df:d6:95:24:b3:40:a8:40:84:23:74:77:cd: 8a:0f:11:d9:da:8f:52:a0:2f:87:72:a9:e9:39:f0: 6d:43:c0:28:ec:1f:fb:7e:69:3f:aa:ac:28:6d:c1: f3:35:49:8e:3c:52:6b:56:00:a2:c8:28:ec:a7:97: 21:32:e7:f4:87:98:1e:46:21:d8:ca:ab:73:6f:2f: dd:72:dd:ed:3d:f1:8a:85:8d:a0:96:4f:f5:e4:de: c9:82:47:82:e6:c3:ff:0e:09:f1:fb:64:03:66:37: ab:89:a8:36:b6:cd:94:58:1a:cf:13:33:a9:b7:c1: ed:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:6E:C8:F3:8C:3E:DC:23:5C:82:C6:D7:36:EE:D7:D3:94:DE:E3:72 X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/CW7I84w-3CNcgsbXNu7X05Te43I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.111.240.0/23 83.239.192.0/21 83.239.208.0/20 85.172.128.0/19 85.172.192.0-85.172.203.255 85.172.208.0-85.172.255.255 85.173.32.0/19 85.173.224.0/19 Signature Algorithm: sha256WithRSAEncryption 44:45:43:66:b1:a7:fe:68:a5:9f:80:fb:b8:7b:09:51:a0:f2: 68:a5:1b:32:be:47:e4:6a:4a:bf:27:cc:78:ff:ac:c9:43:6b: d5:2a:aa:dd:e5:12:28:0d:1e:36:13:22:11:8c:7e:e5:b9:b6: 8c:c4:60:e6:28:5f:f2:de:28:84:51:2f:bd:08:c6:89:fa:71: ef:ca:72:dc:9e:80:e8:94:3c:5d:c4:00:38:8a:6f:be:ef:f2: 8b:67:68:84:98:2b:38:04:41:20:b6:14:88:ae:7a:0d:b1:05: e7:e4:b9:00:52:9d:2e:a5:8d:43:07:bc:81:8f:d2:78:8a:36: 8d:b9:48:76:13:f3:e3:a9:a2:43:74:d1:62:8d:b3:e5:77:92: 7f:42:d5:8a:d4:91:7b:0a:68:84:7d:60:52:42:b4:24:36:42: 35:5d:58:01:6c:80:dd:e0:84:91:5b:20:37:ae:38:d4:cd:21: 5d:2e:41:c0:d7:19:74:f1:a0:ec:28:a4:1a:2a:97:e4:54:81: c2:b0:6a:22:57:de:0b:6d:4e:bc:31:dd:f2:bf:dc:12:dc:c8: d3:ed:3b:dd:5c:f8:ec:6e:49:fe:28:f7:f0:ff:39:7c:36:13: 94:be:2b:80:ab:1e:e1:bc:d4:0c:6c:c2:1b:ad:0d:c8:63:57: 1a:71:d2:31 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt+p3TV3KB7FpfzoDQ4BKoSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTZlYzhmMzhjM2VkYzIzNWM4MmM2ZDczNmVlZDdkMzk0ZGVlMzcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlS/VAURqmPzvwCvKT2S0JrhkHyY mx/IevKJ7WowA0hju6fXvasqQnnGnUB9JEJIHQV4iNBX9EcZ9x93iJzo+Z4wjBCj B5uqKw83CJBrSv9DZF7VlJfRGDsMVsZ7Wlih+CUqQVXmsMfijb4g5akeH7JmmPwQ PVVFbpm9C0UdmJxAX3mnnicVFt/WlSSzQKhAhCN0d82KDxHZ2o9SoC+HcqnpOfBt Q8Ao7B/7fmk/qqwobcHzNUmOPFJrVgCiyCjsp5chMuf0h5geRiHYyqtzby/dct3t PfGKhY2glk/15N7JgkeC5sP/Dgnx+2QDZjeriag2ts2UWBrPEzOpt8HttQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFAluyPOMPtwjXILG1zbu19OU3uNyMB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvQ1c3STg0dy0zQ05jZ3NiWE51N1gwNVRlNDNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAATA/AwQBTm/wAwQD U+/AAwQEU+/QAwQFVayAMAwDBAZVrMADBAJVrMgwCwMEBFWs0AMDAFWsAwQFVa0g AwQFVa3gMA0GCSqGSIb3DQEBCwUAA4IBAQBERUNmsaf+aKWfgPu4ewlRoPJopRsy vkfkakq/J8x4/6zJQ2vVKqrd5RIoDR42EyIRjH7lubaMxGDmKF/y3iiEUS+9CMaJ +nHvynLcnoDolDxdxAA4im++7/KLZ2iEmCs4BEEgthSIrnoNsQXn5LkAUp0upY1D B7yBj9J4ijaNuUh2E/PjqaJDdNFijbPld5J/QtWK1JF7CmiEfWBSQrQkNkI1XVgB bIDd4ISRWyA3rjjUzSFdLkHA1xl08aDsKKQaKpfkVIHCsGoiV94LbU68Md3yv9wS 3MjT7TvdXPjsbkn+KPfw/zl8NhOUviuAqx7hvNQMbMIbrQ3IY1cacdIx -----END CERTIFICATE-----Generated at Mon Jan 26 01:42:03 2026 by rpki-client