This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/CO_VzBu4gFZGQo6TZVLREcCwUwY.roa File: CO_VzBu4gFZGQo6TZVLREcCwUwY.roa (raw, json) Hash identifier: LG1jfCe3GnKEfOBNBBGC9FiXFKQ/e+HVoB0Wq69YJpQ= Subject key identifier: 08:EF:D5:CC:1B:B8:80:56:46:42:8E:93:65:52:D1:11:C0:B0:53:06 Certificate issuer: /CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159 Certificate serial: 019B7EA4A3E3A6F8CCF20EE599D3470C8CE0 Authority key identifier: A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/CO_VzBu4gFZGQo6TZVLREcCwUwY.roa Signing time: Fri 02 Jan 2026 12:17:57 +0000 ROA not before: Fri 02 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47724 IP address blocks: 94.124.200.0/21 maxlen: 21 94.124.200.0/22 maxlen: 24 94.124.206.0/23 maxlen: 24 2a0d:bd80::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/o6qN0Rh2au07Ce1p8uR9wdLBYVk.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/o6qN0Rh2au07Ce1p8uR9wdLBYVk.mft rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 15:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:a3:e3:a6:f8:cc:f2:0e:e5:99:d3:47:0c:8c:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159 Validity Not Before: Jan 2 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08efd5cc1bb8805646428e936552d111c0b05306 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:88:f2:45:43:61:22:26:8b:b0:38:e3:4c:8f: bb:a6:41:35:d9:05:c4:41:d3:51:66:14:a9:49:4f: 76:bf:77:17:ae:a0:3e:32:40:4c:3f:25:6f:d9:f5: 26:94:45:df:d2:f8:87:75:17:b3:79:5d:74:10:4f: 88:71:1b:a8:fe:10:50:f4:4b:53:6a:4a:6f:26:35: a4:f5:82:a2:99:e4:e9:88:22:7c:0f:78:93:41:44: 7a:cf:87:d6:54:e0:1d:e6:6c:fc:9c:fb:ac:79:0e: 6f:77:b4:01:8b:01:90:58:91:69:71:a2:cd:f2:0a: 38:6b:c1:3d:9f:f1:8c:37:23:29:e6:70:f5:c4:d2: 1b:21:04:82:2c:f6:41:ee:ce:f4:f0:d4:0e:c6:87: f8:e1:d0:f7:1d:04:60:56:a2:4a:db:86:39:a8:77: bd:6e:da:41:99:85:4c:83:d3:8b:5a:11:32:1c:76: 37:36:f7:4e:6a:45:2f:64:cd:ce:aa:bd:48:dd:ad: cc:95:96:21:40:e7:b6:c0:ba:bd:83:17:75:35:54: 87:ee:2b:f8:c8:37:02:56:be:b5:16:8c:38:27:73: 1a:51:07:0c:15:f0:9d:1f:13:e3:a0:9d:f0:65:55: a2:28:ae:5e:02:a3:3f:1e:5e:39:eb:0f:e1:ef:69: 4f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:EF:D5:CC:1B:B8:80:56:46:42:8E:93:65:52:D1:11:C0:B0:53:06 X509v3 Authority Key Identifier: keyid:A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/CO_VzBu4gFZGQo6TZVLREcCwUwY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/o6qN0Rh2au07Ce1p8uR9wdLBYVk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.124.200.0/21 IPv6: 2a0d:bd80::/29 Signature Algorithm: sha256WithRSAEncryption 44:a9:64:3c:69:82:25:e6:0b:80:c6:ed:0b:39:6c:8a:33:ff: 76:31:8b:7a:03:b2:19:7e:6d:1f:18:03:85:f2:25:51:19:77: ef:76:9d:12:ab:15:72:ac:bc:db:8f:07:0f:cc:2f:31:aa:2b: 62:9f:5f:0e:b8:71:3d:8b:44:53:7c:e7:ba:81:c0:f6:ab:82: c8:85:b2:fb:77:7a:f1:1c:27:d9:cd:3b:b9:6b:db:f9:ef:f8: e4:0f:14:ce:41:c0:ae:d4:05:97:c3:16:f3:87:83:a5:0d:b1: e9:47:5b:2a:fc:53:f3:94:2e:03:aa:b8:cc:fc:12:a5:9c:26: e5:aa:09:ea:4f:56:eb:9c:8a:1c:06:f5:8b:7d:bc:6b:9f:b0: 32:60:bc:01:f0:88:ae:31:82:31:68:49:3a:80:b5:f8:f9:bb: 10:84:9d:15:9f:b4:62:c9:9a:83:5d:de:9a:4c:f1:24:44:b9: f6:b8:ae:fc:c0:c4:41:43:37:f0:92:30:e2:49:d9:fa:d7:40: 5a:1a:fb:f1:7e:5c:68:e4:83:54:63:98:db:3c:67:34:52:25: d8:02:75:5b:ab:31:f5:54:55:9e:5a:27:5e:94:ab:89:2b:65: c3:6b:e8:31:27:c9:c1:d4:40:f7:aa:42:da:06:97:1c:67:27: d2:66:bf:e2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+pKPjpvjM8g7lmdNHDIzgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzYWE4ZGQxMTg3NjZhZWQzYjA5ZWQ2OWYyZTQ3ZGMxZDJj MTYxNTkwHhcNMjYwMTAyMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGVmZDVjYzFiYjg4MDU2NDY0MjhlOTM2NTUyZDExMWMwYjA1MzA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04jyRUNhIiaLsDjjTI+7pkE12QXE QdNRZhSpSU92v3cXrqA+MkBMPyVv2fUmlEXf0viHdRezeV10EE+IcRuo/hBQ9EtT akpvJjWk9YKimeTpiCJ8D3iTQUR6z4fWVOAd5mz8nPuseQ5vd7QBiwGQWJFpcaLN 8go4a8E9n/GMNyMp5nD1xNIbIQSCLPZB7s708NQOxof44dD3HQRgVqJK24Y5qHe9 btpBmYVMg9OLWhEyHHY3NvdOakUvZM3Oqr1I3a3MlZYhQOe2wLq9gxd1NVSH7iv4 yDcCVr61Fow4J3MaUQcMFfCdHxPjoJ3wZVWiKK5eAqM/Hl456w/h72lPUQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAjv1cwbuIBWRkKOk2VS0RHAsFMGMB8GA1UdIwQY MBaAFKOqjdEYdmrtOwntafLkfcHSwWFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzZxTjBSaDJhdTA3Q2UxcDh1Ujl3ZExCWVZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zOTFlNTQtYzIxYS00MDVhLTg4YWEt NjA3OTc4OTEwMGNhLzEvQ09fVnpCdTRnRlpHUW82VFpWTFJFY0N3VXdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8zOTFlNTQtYzIxYS00MDVhLTg4YWEtNjA3OTc4OTEwMGNh LzEvbzZxTjBSaDJhdTA3Q2UxcDh1Ujl3ZExCWVZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXnzIMA0E AgACMAcDBQMqDb2AMA0GCSqGSIb3DQEBCwUAA4IBAQBEqWQ8aYIl5guAxu0LOWyK M/92MYt6A7IZfm0fGAOF8iVRGXfvdp0SqxVyrLzbjwcPzC8xqitin18OuHE9i0RT fOe6gcD2q4LIhbL7d3rxHCfZzTu5a9v57/jkDxTOQcCu1AWXwxbzh4OlDbHpR1sq /FPzlC4DqrjM/BKlnCblqgnqT1brnIocBvWLfbxrn7AyYLwB8IiuMYIxaEk6gLX4 +bsQhJ0Vn7RiyZqDXd6aTPEkRLn2uK78wMRBQzfwkjDiSdn610BaGvvxflxo5INU Y5jbPGc0UiXYAnVbqzH1VFWeWidelKuJK2XDa+gxJ8nB1ED3qkLaBpccZyfSZr/i -----END CERTIFICATE-----Generated at Mon Jan 12 23:48:27 2026 by rpki-client