This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/k3oQWjEIeVPI2gHJtzVM1tK_J8E.roa File: k3oQWjEIeVPI2gHJtzVM1tK_J8E.roa (raw, json) Hash identifier: hQugRIiAuKlyNTVoA/13HHrGoEN0gYUQuC+Bw05YFP8= Subject key identifier: 93:7A:10:5A:31:08:79:53:C8:DA:01:C9:B7:35:4C:D6:D2:BF:27:C1 Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e Certificate serial: 019BD5F06BBFFCFB6BEE00AF3B2B3AAFE278 Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/k3oQWjEIeVPI2gHJtzVM1tK_J8E.roa Signing time: Mon 19 Jan 2026 11:07:41 +0000 ROA not before: Mon 19 Jan 2026 11:07:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197706 IP address blocks: 31.171.152.0/24 maxlen: 24 31.171.153.0/24 maxlen: 24 31.171.154.0/24 maxlen: 24 31.171.155.0/24 maxlen: 24 45.142.25.0/24 maxlen: 24 45.142.26.0/24 maxlen: 24 45.142.27.0/24 maxlen: 24 103.124.165.0/24 maxlen: 24 103.124.167.0/24 maxlen: 24 109.104.140.0/24 maxlen: 24 109.104.141.0/24 maxlen: 24 144.48.52.0/24 maxlen: 24 144.48.53.0/24 maxlen: 24 144.48.54.0/24 maxlen: 24 144.48.55.0/24 maxlen: 24 185.53.100.0/24 maxlen: 24 185.53.101.0/24 maxlen: 24 185.153.125.0/24 maxlen: 24 185.153.126.0/24 maxlen: 24 185.153.127.0/24 maxlen: 24 199.168.120.0/24 maxlen: 24 199.168.121.0/24 maxlen: 24 199.168.122.0/24 maxlen: 24 199.168.123.0/24 maxlen: 24 209.23.44.0/24 maxlen: 24 209.23.45.0/24 maxlen: 24 209.23.46.0/24 maxlen: 24 209.23.47.0/24 maxlen: 24 2a04:27c0::/29 maxlen: 48 2a04:27c0:fffd::/48 maxlen: 48 2a04:27c0:fffe::/48 maxlen: 48 2a09:6e40::/29 maxlen: 48 2a09:6e47::/48 maxlen: 48 2a09:6ec0::/29 maxlen: 48 2a0d:27c0::/29 maxlen: 48 2a0d:27c4::/32 maxlen: 32 2a0d:42c0::/29 maxlen: 48 2a0d:4a40::/29 maxlen: 48 2a0d:4a46::/32 maxlen: 32 2a0e:3f00::/29 maxlen: 48 2a0e:3f01::/48 maxlen: 48 2a0e:4f00::/29 maxlen: 48 2a0e:4f05::/32 maxlen: 32 2a0e:d4c0::/29 maxlen: 48 2a0f:42c0::/29 maxlen: 48 2a0f:a880::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d5:f0:6b:bf:fc:fb:6b:ee:00:af:3b:2b:3a:af:e2:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e Validity Not Before: Jan 19 11:07:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=937a105a31087953c8da01c9b7354cd6d2bf27c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:bf:1f:61:a4:95:eb:0a:a2:2d:6a:b0:13:6a: 89:be:6e:43:5a:74:3e:89:b2:ae:0a:3b:5f:70:c3: 4b:da:51:05:c4:34:ec:ba:55:39:a5:e3:5d:96:b5: 34:70:a6:19:7b:75:50:68:fc:c1:7d:1d:9c:e1:e3: 2e:6e:c3:4b:bb:7f:04:96:11:4f:82:ab:a4:4a:71: 8a:69:f4:92:9a:39:cb:90:0e:f3:17:91:e7:4f:fb: 29:b4:3c:2d:2e:c8:1c:cd:55:18:49:49:61:1b:2c: 6c:36:04:ff:7f:34:42:92:25:5c:73:ea:8e:00:94: b7:2f:13:0e:9f:23:2a:63:0b:aa:78:a2:c0:86:f5: de:f8:5d:56:06:4e:da:89:fc:8d:87:63:22:41:67: db:e1:6b:74:0e:03:83:4d:2a:f9:fd:f5:a4:c9:2a: 33:62:34:bb:a2:98:cc:ea:40:d0:2e:c0:8c:3c:62: ac:b0:5b:7d:48:b4:f3:13:c3:cb:17:bc:bc:79:d5: 1c:2c:dd:93:e8:a3:90:80:af:8b:0b:15:36:28:1a: de:5b:b6:03:a7:ba:4e:6a:9c:3f:96:e6:0c:51:13: dd:8f:92:85:94:c6:6f:47:68:08:66:2d:7c:bc:7a: 0b:df:21:e6:43:cf:a7:e7:b2:f6:70:06:a6:4c:aa: b0:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:7A:10:5A:31:08:79:53:C8:DA:01:C9:B7:35:4C:D6:D2:BF:27:C1 X509v3 Authority Key Identifier: keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/k3oQWjEIeVPI2gHJtzVM1tK_J8E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.171.152.0/22 45.142.25.0-45.142.27.255 103.124.165.0/24 103.124.167.0/24 109.104.140.0/23 144.48.52.0/22 185.53.100.0/23 185.153.125.0-185.153.127.255 199.168.120.0/22 209.23.44.0/22 IPv6: 2a04:27c0::/29 2a09:6e40::/29 2a09:6ec0::/29 2a0d:27c0::/29 2a0d:42c0::/29 2a0d:4a40::/29 2a0e:3f00::/29 2a0e:4f00::/29 2a0e:d4c0::/29 2a0f:42c0::/29 2a0f:a880::/29 Signature Algorithm: sha256WithRSAEncryption 26:5e:50:a4:4d:cb:ca:60:d0:7a:79:64:37:de:ae:e1:2b:67: 13:92:e7:dd:3d:7c:87:68:b6:07:53:08:3b:a4:3a:c2:36:10: 48:6d:8b:76:3c:f4:13:b3:24:96:0c:e0:cc:77:d3:6f:b3:21: c7:f1:3d:5f:ce:af:49:57:96:37:1f:71:ed:f8:73:70:0d:e4: 03:b3:4f:97:1b:51:e4:2a:c7:27:7d:8e:73:6d:ae:eb:e8:8f: f1:10:ad:f4:34:0a:39:ec:14:8f:ac:7a:66:ae:54:4d:16:f7: c6:c0:8e:66:81:6f:cd:fc:e2:47:bc:e2:5a:1d:00:58:fb:4c: 30:91:38:6d:72:91:b3:33:b7:0c:0e:c1:60:a8:f5:be:60:d4: b9:4c:8c:f5:65:5e:20:43:f0:8e:da:0c:32:20:b7:b8:72:99: f6:17:e4:1d:15:a4:de:d4:41:a8:52:7d:25:28:ab:05:cb:f6: b5:f0:40:e1:0a:c8:da:97:a3:48:29:49:a3:63:57:60:e1:f3: 44:fb:31:8b:e2:3a:cd:6b:59:68:2e:0f:17:08:82:10:20:6c: a1:6d:c4:b3:23:78:2f:c9:74:a9:fe:5a:8c:43:d9:fc:32:09: 91:d6:5c:8b:5e:67:5a:e9:cd:dd:a9:24:a4:4b:66:e6:30:78: b0:b6:3f:80 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgISAZvV8Gu//Ptr7gCvOys6r+J4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh ZmU0NGUwHhcNMjYwMTE5MTEwNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzdhMTA1YTMxMDg3OTUzYzhkYTAxYzliNzM1NGNkNmQyYmYyN2MxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb8fYaSV6wqiLWqwE2qJvm5DWnQ+ ibKuCjtfcMNL2lEFxDTsulU5peNdlrU0cKYZe3VQaPzBfR2c4eMubsNLu38ElhFP gqukSnGKafSSmjnLkA7zF5HnT/sptDwtLsgczVUYSUlhGyxsNgT/fzRCkiVcc+qO AJS3LxMOnyMqYwuqeKLAhvXe+F1WBk7aifyNh2MiQWfb4Wt0DgODTSr5/fWkySoz YjS7opjM6kDQLsCMPGKssFt9SLTzE8PLF7y8edUcLN2T6KOQgK+LCxU2KBreW7YD p7pOapw/luYMURPdj5KFlMZvR2gIZi18vHoL3yHmQ8+n57L2cAamTKqwbQIDAQAB o4ICpzCCAqMwHQYDVR0OBBYEFJN6EFoxCHlTyNoBybc1TNbSvyfBMB8GA1UdIwQY MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct ZmI1OTQ5ODA4ZGRjLzEvazNvUVdqRUllVlBJMmdISnR6Vk0xdEtfSjhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTBSBAIAATBMAwQCH6uY MAwDBAAtjhkDBAItjhgDBABnfKUDBABnfKcDBAFtaIwDBAKQMDQDBAG5NWQwDAME ALmZfQMEB7mZAAMEAseoeAMEAtEXLDBTBAIAAjBNAwUDKgQnwAMFAyoJbkADBQMq CW7AAwUDKg0nwAMFAyoNQsADBQMqDUpAAwUDKg4/AAMFAyoOTwADBQMqDtTAAwUD Kg9CwAMFAyoPqIAwDQYJKoZIhvcNAQELBQADggEBACZeUKRNy8pg0Hp5ZDferuEr ZxOS5909fIdotgdTCDukOsI2EEhti3Y89BOzJJYM4Mx302+zIcfxPV/Or0lXljcf ce34c3AN5AOzT5cbUeQqxyd9jnNtruvoj/EQrfQ0CjnsFI+semauVE0W98bAjmaB b8384ke84lodAFj7TDCROG1ykbMztwwOwWCo9b5g1LlMjPVlXiBD8I7aDDIgt7hy mfYX5B0VpN7UQahSfSUoqwXL9rXwQOEKyNqXo0gpSaNjV2Dh80T7MYviOs1rWWgu DxcIghAgbKFtxLMjeC/JdKn+WoxD2fwyCZHWXIteZ1rpzd2pJKRLZuYweLC2P4A= -----END CERTIFICATE-----Generated at Sun Jan 25 16:28:36 2026 by rpki-client