This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/cWuGeJ6gM-3ve4HkKVmEZUSc7S8.roa File: cWuGeJ6gM-3ve4HkKVmEZUSc7S8.roa (raw, json) Hash identifier: P0kghOMwSQUMU4gKXJ4ASB+7Zwvt3QGVEmH46AdBNrw= Subject key identifier: 71:6B:86:78:9E:A0:33:ED:EF:7B:81:E4:29:59:84:65:44:9C:ED:2F Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1 Certificate serial: 019B7E39153F44D6EB4C77A2CAB96799F882 Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/cWuGeJ6gM-3ve4HkKVmEZUSc7S8.roa Signing time: Fri 02 Jan 2026 10:20:28 +0000 ROA not before: Fri 02 Jan 2026 10:20:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19527 IP address blocks: 66.22.228.0/23 maxlen: 24 66.22.228.0/24 maxlen: 24 66.22.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.mft rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:15:3f:44:d6:eb:4c:77:a2:ca:b9:67:99:f8:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1 Validity Not Before: Jan 2 10:20:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=716b86789ea033edef7b81e429598465449ced2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:07:5e:26:68:d1:b0:10:7d:e7:db:75:21:5c: 67:c8:75:bd:31:0d:b2:b6:e1:19:ab:ac:c9:2a:43: f0:8d:c9:73:af:e5:a9:22:05:c0:41:bc:e2:ce:ad: 14:e8:4a:da:5a:5b:ad:2b:4d:7f:73:54:d7:b2:29: 15:7b:b2:b0:c0:cc:ee:af:a5:70:75:1a:2a:75:b8: 09:3f:ed:d5:58:4e:b2:d0:c4:4a:be:5a:18:90:a1: 6f:ce:cf:d9:91:56:20:f9:32:1b:a5:92:c0:74:16: f9:49:b3:03:84:4d:61:9b:be:82:69:b3:84:46:dc: ff:d2:66:ee:7a:13:42:06:ec:4e:09:c9:dd:c5:7b: d2:1f:b7:7b:cf:e1:a0:35:1f:ee:ca:61:90:08:a0: de:55:9c:73:9e:a8:db:30:dc:df:7b:53:22:d7:cd: 63:58:74:72:ea:4a:53:2f:b4:f7:54:66:76:4f:df: b6:25:69:cf:c5:a9:19:fa:ae:23:43:6d:e2:cc:f9: 16:4c:1a:3a:54:87:da:e6:a6:cd:62:f6:c5:e8:26: 52:63:3b:2b:9d:7f:27:59:0a:40:cb:56:47:19:20: 41:1c:90:7a:7a:70:f3:62:2a:52:ee:02:38:9c:e9: 87:11:a4:5c:20:d0:d5:08:8f:7d:85:b8:92:df:f5: 21:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:6B:86:78:9E:A0:33:ED:EF:7B:81:E4:29:59:84:65:44:9C:ED:2F X509v3 Authority Key Identifier: keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/cWuGeJ6gM-3ve4HkKVmEZUSc7S8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.22.228.0/23 Signature Algorithm: sha256WithRSAEncryption 6d:6c:c2:2f:27:a8:80:df:bc:be:7a:49:73:f4:4a:43:d9:f3: 49:0d:2b:e1:50:31:b0:e9:81:ae:7c:42:7f:d4:40:3d:71:97: 7b:5e:bd:9d:26:77:21:49:93:f9:0a:e0:1a:ff:a3:eb:9e:9e: 42:f2:02:40:c6:8b:7c:91:3a:fd:10:4c:93:e3:b1:86:6c:71: 6a:5a:a9:fd:ae:84:e3:6d:34:a9:8f:82:3d:95:19:e6:14:c9: 51:3e:64:9c:a5:e5:79:16:ba:35:d9:f2:24:7c:2f:2f:dd:c1: 89:3d:2e:3d:a5:c1:85:5b:32:a1:42:9f:74:cd:68:8e:39:7c: 8f:6b:24:65:04:7a:bc:ef:95:29:d7:42:17:4d:34:82:f8:67: af:e6:de:89:05:ce:8b:5a:ca:fc:ed:ed:08:28:de:90:f8:ec: 65:60:68:94:fe:d2:74:34:c8:95:c0:eb:78:25:7e:1c:a2:5f: 66:c7:02:4f:57:cd:da:8c:de:d8:e9:01:83:73:d1:85:5a:cc: 8c:04:00:e8:6a:c6:56:64:9c:c7:0b:5e:ed:7a:db:bf:c6:2b: d9:87:e3:d3:af:28:23:14:71:bb:5a:08:20:34:41:07:73:0b: 62:9d:72:06:96:51:42:76:07:48:7f:ae:f7:7c:53:17:40:d7: d8:b5:c8:02 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+ORU/RNbrTHeiyrlnmfiCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh ZjJiYjEwHhcNMjYwMTAyMTAyMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTZiODY3ODllYTAzM2VkZWY3YjgxZTQyOTU5ODQ2NTQ0OWNlZDJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgdeJmjRsBB959t1IVxnyHW9MQ2y tuEZq6zJKkPwjclzr+WpIgXAQbzizq0U6EraWlutK01/c1TXsikVe7KwwMzur6Vw dRoqdbgJP+3VWE6y0MRKvloYkKFvzs/ZkVYg+TIbpZLAdBb5SbMDhE1hm76CabOE Rtz/0mbuehNCBuxOCcndxXvSH7d7z+GgNR/uymGQCKDeVZxznqjbMNzfe1Mi181j WHRy6kpTL7T3VGZ2T9+2JWnPxakZ+q4jQ23izPkWTBo6VIfa5qbNYvbF6CZSYzsr nX8nWQpAy1ZHGSBBHJB6enDzYipS7gI4nOmHEaRcINDVCI99hbiS3/Uh5wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHFrhnieoDPt73uB5ClZhGVEnO0vMB8GA1UdIwQY MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt YjUwY2Y1ZjJhYTIyLzEvY1d1R2VKNmdNLTN2ZTRIa0tWbUVaVVNjN1M4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBQhbkMA0G CSqGSIb3DQEBCwUAA4IBAQBtbMIvJ6iA37y+eklz9EpD2fNJDSvhUDGw6YGufEJ/ 1EA9cZd7Xr2dJnchSZP5CuAa/6Prnp5C8gJAxot8kTr9EEyT47GGbHFqWqn9roTj bTSpj4I9lRnmFMlRPmScpeV5Fro12fIkfC8v3cGJPS49pcGFWzKhQp90zWiOOXyP ayRlBHq875Up10IXTTSC+Gev5t6JBc6LWsr87e0IKN6Q+OxlYGiU/tJ0NMiVwOt4 JX4col9mxwJPV83ajN7Y6QGDc9GFWsyMBADoasZWZJzHC17tetu/xivZh+PTrygj FHG7WgggNEEHcwtinXIGllFCdgdIf673fFMXQNfYtcgC -----END CERTIFICATE-----Generated at Sat Jan 3 03:52:50 2026 by rpki-client