This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/CEmMiPUzJv8ra3rhxc7TeX483p4.roa File: CEmMiPUzJv8ra3rhxc7TeX483p4.roa (raw, json) Hash identifier: n6myg+0GCjckHUIb/SW7z/7LWJpqQywanjkUoR/K+nM= Subject key identifier: 08:49:8C:88:F5:33:26:FF:2B:6B:7A:E1:C5:CE:D3:79:7E:3C:DE:9E Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A36B1E019E65620C20EA1CF37E1EFF Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/CEmMiPUzJv8ra3rhxc7TeX483p4.roa Signing time: Thu 01 Jan 2026 08:18:54 +0000 ROA not before: Thu 01 Jan 2026 08:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7195 IP address blocks: 103.57.250.0/24 maxlen: 24 188.190.13.0/24 maxlen: 24 2a03:f80:57::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:6b:1e:01:9e:65:62:0c:20:ea:1c:f3:7e:1e:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08498c88f53326ff2b6b7ae1c5ced3797e3cde9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:df:6c:77:82:2d:3b:5c:a7:54:f6:2c:59:cb: 15:f9:74:b3:9c:8a:d6:00:5e:e0:53:0d:64:a9:45: 45:6e:18:68:77:4f:54:0d:35:7e:f6:85:01:1b:0a: f5:37:d0:50:21:93:48:53:9b:55:fa:31:22:1a:a2: cb:64:27:67:60:81:cc:42:d3:89:23:29:a7:29:84: 26:25:31:82:46:34:7e:ad:d3:6f:33:67:00:fa:bc: 6a:cb:6e:83:cc:1f:40:90:0f:98:a8:16:5c:ef:65: 48:85:2e:a9:83:aa:7c:07:61:25:00:e3:18:8c:8d: b7:2e:6f:0a:a5:70:03:c9:dc:b5:67:05:08:9f:62: a2:4b:c4:0d:3f:3d:fa:23:5a:4b:fa:2d:1f:7d:e5: 6a:e3:d8:06:91:f2:00:93:91:02:40:6d:4f:87:97: 30:f1:c4:5b:eb:57:6f:85:90:ff:0f:85:45:43:f6: 0d:99:24:0e:21:2d:a1:ac:39:bd:45:d5:5f:7d:55: 06:98:7d:ec:10:19:91:d8:2b:dc:d0:87:48:0b:c1: 8a:0e:5c:a4:97:f0:74:1b:bb:b5:83:5d:d2:a4:cb: 0d:71:0f:3b:a4:9a:24:52:a7:29:d2:c4:de:42:49: 67:59:a2:f0:ef:dd:5d:a4:b7:a0:b8:77:36:a5:8c: 1e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:49:8C:88:F5:33:26:FF:2B:6B:7A:E1:C5:CE:D3:79:7E:3C:DE:9E X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/CEmMiPUzJv8ra3rhxc7TeX483p4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.57.250.0/24 188.190.13.0/24 IPv6: 2a03:f80:57::/48 Signature Algorithm: sha256WithRSAEncryption 1e:69:bb:44:c2:f7:31:b3:11:60:4c:88:6b:a7:ba:b6:1f:3d: 51:43:ba:e1:fc:de:9e:52:1a:eb:36:e3:63:29:67:5c:01:5c: 6c:b0:a2:fb:09:96:ae:7e:ef:df:6f:c6:cb:63:8a:6c:2d:0f: 12:22:14:cd:a0:aa:72:12:fc:a6:44:46:25:cd:2b:aa:70:dd: 0a:ab:97:ce:33:ae:38:52:fa:f5:80:39:35:27:25:6a:1d:55: d7:62:64:95:49:d8:31:52:dc:06:cc:51:c2:37:77:f8:55:18: 37:26:61:b8:c2:45:64:98:79:5d:a6:16:ec:26:e1:92:2d:87: 1d:e0:26:ad:0d:8c:8c:e3:fb:a6:45:b7:1a:f7:07:ca:43:42: c2:e0:0f:75:51:4a:5c:c0:c7:96:70:60:1e:a8:2e:9a:a9:26: b1:6e:0a:15:91:a5:c8:6a:2a:f8:06:80:59:bc:4f:da:f4:86: 58:27:3e:3f:f3:4f:cf:44:b8:60:e8:0f:80:9c:7f:d7:86:f6: bf:4f:3d:18:ab:1e:57:fa:a2:49:1e:9e:43:9d:6c:17:98:fc: 1a:e9:5c:0d:be:55:d3:84:1c:fb:03:1d:ae:cb:b6:33:e5:72: 83:8d:74:fe:93:38:20:37:1a:e4:a3:a9:18:b3:ce:41:23:29: 9c:f0:c6:a6 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt4o2seAZ5lYgwg6hzzfh7/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODQ5OGM4OGY1MzMyNmZmMmI2YjdhZTFjNWNlZDM3OTdlM2NkZTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk99sd4ItO1ynVPYsWcsV+XSznIrW AF7gUw1kqUVFbhhod09UDTV+9oUBGwr1N9BQIZNIU5tV+jEiGqLLZCdnYIHMQtOJ IymnKYQmJTGCRjR+rdNvM2cA+rxqy26DzB9AkA+YqBZc72VIhS6pg6p8B2ElAOMY jI23Lm8KpXADydy1ZwUIn2KiS8QNPz36I1pL+i0ffeVq49gGkfIAk5ECQG1Ph5cw 8cRb61dvhZD/D4VFQ/YNmSQOIS2hrDm9RdVffVUGmH3sEBmR2Cvc0IdIC8GKDlyk l/B0G7u1g13SpMsNcQ87pJokUqcp0sTeQklnWaLw791dpLeguHc2pYwe7wIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFAhJjIj1Myb/K2t64cXO03l+PN6eMB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvQ0VtTWlQVXpKdjhyYTNyaHhjN1RlWDQ4M3A0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZzn6AwQA vL4NMA8EAgACMAkDBwAqAw+AAFcwDQYJKoZIhvcNAQELBQADggEBAB5pu0TC9zGz EWBMiGunurYfPVFDuuH83p5SGus242MpZ1wBXGywovsJlq5+799vxstjimwtDxIi FM2gqnIS/KZERiXNK6pw3Qqrl84zrjhS+vWAOTUnJWodVddiZJVJ2DFS3AbMUcI3 d/hVGDcmYbjCRWSYeV2mFuwm4ZIthx3gJq0NjIzj+6ZFtxr3B8pDQsLgD3VRSlzA x5ZwYB6oLpqpJrFuChWRpchqKvgGgFm8T9r0hlgnPj/zT89EuGDoD4Ccf9eG9r9P PRirHlf6okkenkOdbBeY/BrpXA2+VdOEHPsDHa7LtjPlcoONdP6TOCA3GuSjqRiz zkEjKZzwxqY= -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:15 2026 by rpki-client