This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/x5dZH_p1jpQNmkzAGadQtc_NwNA.roa File: x5dZH_p1jpQNmkzAGadQtc_NwNA.roa (raw, json) Hash identifier: j7kE+HBT1mrUTqWPhu4yo406PYqylXV+5uj+qLftudY= Subject key identifier: C7:97:59:1F:FA:75:8E:94:0D:9A:4C:C0:19:A7:50:B5:CF:CD:C0:D0 Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba Certificate serial: 019B7CEDD578C1F6F173E01D2B69C8CC6E41 Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/x5dZH_p1jpQNmkzAGadQtc_NwNA.roa Signing time: Fri 02 Jan 2026 04:18:40 +0000 ROA not before: Fri 02 Jan 2026 04:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212301 IP address blocks: 5.252.204.0/24 maxlen: 24 5.252.205.0/24 maxlen: 24 5.252.206.0/24 maxlen: 24 5.252.207.0/24 maxlen: 24 45.67.232.0/24 maxlen: 24 45.67.233.0/24 maxlen: 24 45.67.234.0/24 maxlen: 24 45.67.235.0/24 maxlen: 24 91.230.149.0/24 maxlen: 24 185.122.200.0/24 maxlen: 24 185.122.201.0/24 maxlen: 24 185.122.202.0/24 maxlen: 24 185.122.203.0/24 maxlen: 24 185.130.56.0/24 maxlen: 24 185.130.57.0/24 maxlen: 24 185.130.58.0/24 maxlen: 24 185.130.59.0/24 maxlen: 24 185.198.72.0/24 maxlen: 24 185.198.73.0/24 maxlen: 24 185.198.74.0/24 maxlen: 24 185.198.75.0/24 maxlen: 24 2a07:cd00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.mft rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:d5:78:c1:f6:f1:73:e0:1d:2b:69:c8:cc:6e:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba Validity Not Before: Jan 2 04:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c797591ffa758e940d9a4cc019a750b5cfcdc0d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b1:c2:39:68:ec:d2:a0:e8:5a:c1:66:f4:50: 8e:fd:8e:98:93:00:3d:14:1f:87:c3:2a:92:d3:b2: a9:bd:60:57:35:90:4c:8c:ba:8a:18:15:14:ad:2a: 25:2f:01:51:85:96:91:38:8c:ba:e5:93:52:29:8d: 89:56:3f:d9:23:2b:26:49:dc:72:48:4a:7d:26:cb: bb:9e:3f:b7:7f:2d:c8:03:ec:6c:3f:72:1a:75:07: 0b:09:09:52:e7:69:3b:92:a5:45:29:4e:3b:93:43: 59:1c:aa:9b:21:64:32:87:40:f2:b0:ef:9d:8a:bd: 19:d6:6a:08:d1:df:ec:11:db:de:b6:ad:5d:c3:10: c1:52:f8:0d:b0:b3:0d:bd:30:e3:b0:37:9e:0f:1b: 46:33:a1:05:41:98:d1:70:d9:37:5d:ad:6e:ba:d3: 2a:af:81:42:87:a5:23:21:32:8d:90:28:dd:6d:89: 80:d2:1d:a4:ea:61:22:3e:c9:6c:c0:44:b3:54:a3: 00:34:cc:b7:e7:76:c9:b9:f5:ac:f5:1e:5a:bf:09: 9d:95:d0:9b:86:08:06:c0:59:1c:52:00:33:f5:a5: 4d:e8:0f:ed:9f:b8:04:30:a8:29:2c:15:53:d9:cc: 90:f2:74:76:78:7a:87:5f:44:fb:5a:f4:28:12:64: 25:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:97:59:1F:FA:75:8E:94:0D:9A:4C:C0:19:A7:50:B5:CF:CD:C0:D0 X509v3 Authority Key Identifier: keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/x5dZH_p1jpQNmkzAGadQtc_NwNA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.252.204.0/22 45.67.232.0/22 91.230.149.0/24 185.122.200.0/22 185.130.56.0/22 185.198.72.0/22 IPv6: 2a07:cd00::/48 Signature Algorithm: sha256WithRSAEncryption 57:e1:dc:bc:39:60:92:54:ed:ef:85:96:f1:25:a4:b7:42:c3: 38:7f:23:54:3d:8d:3c:01:ef:f2:dc:60:50:59:e4:7a:58:eb: 0d:e7:96:0e:ba:67:a9:d5:22:a8:d4:d6:5d:eb:4a:92:b4:97: e7:4b:56:c7:3c:73:cc:39:4b:f0:1c:f4:ee:c1:aa:f7:7d:7d: 44:dd:36:8a:bb:a5:83:c2:38:16:69:63:20:11:7e:0c:22:24: 04:cf:39:7c:56:59:d3:16:11:95:6a:ca:14:29:58:be:6f:5b: 84:d4:a7:ce:cf:46:cf:f1:e0:63:27:2e:33:2b:33:59:81:ed: 42:20:bb:e0:a1:2c:b0:c7:eb:21:7a:7e:ff:b9:d9:58:82:a0: f7:53:6d:94:f2:34:6d:ac:e7:02:1a:50:02:12:00:d4:1e:1a: db:da:1d:5e:05:02:a7:d1:dc:40:e0:21:fe:61:98:1c:3b:6d: 5f:56:67:5f:49:5d:82:6d:77:f5:12:75:df:fa:91:a8:9e:6a: fc:54:2f:e1:c0:0e:1b:cf:d8:7a:fd:02:b8:31:6e:5c:ac:85: 61:4a:f5:43:d4:dd:4c:f0:c5:8f:ba:e5:cd:2d:82:ae:61:71: 3a:8a:43:0c:bd:bd:45:2e:39:cc:df:f9:19:34:6a:6f:8d:b0: d3:34:f9:28 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt87dV4wfbxc+AdK2nIzG5BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm NDRmYmEwHhcNMjYwMTAyMDQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzk3NTkxZmZhNzU4ZTk0MGQ5YTRjYzAxOWE3NTBiNWNmY2RjMGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bHCOWjs0qDoWsFm9FCO/Y6YkwA9 FB+HwyqS07KpvWBXNZBMjLqKGBUUrSolLwFRhZaROIy65ZNSKY2JVj/ZIysmSdxy SEp9Jsu7nj+3fy3IA+xsP3IadQcLCQlS52k7kqVFKU47k0NZHKqbIWQyh0DysO+d ir0Z1moI0d/sEdvetq1dwxDBUvgNsLMNvTDjsDeeDxtGM6EFQZjRcNk3Xa1uutMq r4FCh6UjITKNkCjdbYmA0h2k6mEiPslswESzVKMANMy353bJufWs9R5avwmdldCb hggGwFkcUgAz9aVN6A/tn7gEMKgpLBVT2cyQ8nR2eHqHX0T7WvQoEmQlAwIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFMeXWR/6dY6UDZpMwBmnULXPzcDQMB8GA1UdIwQY MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt YWVhYzE2MjI3YzI1LzEveDVkWkhfcDFqcFFObWt6QUdhZFF0Y19Od05BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1 LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCBfzMAwQC LUPoAwQAW+aVAwQCuXrIAwQCuYI4AwQCucZIMA8EAgACMAkDBwAqB80AAAAwDQYJ KoZIhvcNAQELBQADggEBAFfh3Lw5YJJU7e+FlvElpLdCwzh/I1Q9jTwB7/LcYFBZ 5HpY6w3nlg66Z6nVIqjU1l3rSpK0l+dLVsc8c8w5S/Ac9O7Bqvd9fUTdNoq7pYPC OBZpYyARfgwiJATPOXxWWdMWEZVqyhQpWL5vW4TUp87PRs/x4GMnLjMrM1mB7UIg u+ChLLDH6yF6fv+52ViCoPdTbZTyNG2s5wIaUAISANQeGtvaHV4FAqfR3EDgIf5h mBw7bV9WZ19JXYJtd/USdd/6kaieavxUL+HADhvP2Hr9ArgxblyshWFK9UPU3Uzw xY+65c0tgq5hcTqKQwy9vUUuOczf+Rk0am+NsNM0+Sg= -----END CERTIFICATE-----Generated at Mon Jan 26 05:55:31 2026 by rpki-client