This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/4gMZHAMR_BPbuB338y_IXIZ-TwM.roa File: 4gMZHAMR_BPbuB338y_IXIZ-TwM.roa (raw, json) Hash identifier: MHqCRr2lDvvzcvSPmVEPyLmMZGnIpXWk6fvIlYc+tgE= Subject key identifier: E2:03:19:1C:03:11:FC:13:DB:B8:1D:F7:F3:2F:C8:5C:86:7E:4F:03 Certificate issuer: /CN=fc4d06978969a8bdab6d6359062d7781e03449ca Certificate serial: 019B7C80CC9015DEBABBFF36F159CD8F83D0 Authority key identifier: FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/4gMZHAMR_BPbuB338y_IXIZ-TwM.roa Signing time: Fri 02 Jan 2026 02:19:34 +0000 ROA not before: Fri 02 Jan 2026 02:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21412 IP address blocks: 5.20.0.0/20 maxlen: 21 5.20.0.0/21 maxlen: 32 5.20.8.0/21 maxlen: 21 5.20.16.0/20 maxlen: 20 5.20.32.0/19 maxlen: 19 5.20.64.0/19 maxlen: 19 5.20.96.0/21 maxlen: 21 5.20.104.0/21 maxlen: 21 5.20.112.0/21 maxlen: 21 5.20.120.0/21 maxlen: 21 5.20.128.0/19 maxlen: 19 5.20.160.0/19 maxlen: 19 5.20.192.0/19 maxlen: 19 5.20.224.0/21 maxlen: 21 5.20.232.0/21 maxlen: 21 5.20.240.0/20 maxlen: 20 37.157.144.0/21 maxlen: 21 46.251.32.0/19 maxlen: 19 77.87.8.0/21 maxlen: 21 77.221.64.0/19 maxlen: 19 79.133.224.0/19 maxlen: 19 80.240.0.0/20 maxlen: 20 81.29.16.0/20 maxlen: 20 87.239.112.0/21 maxlen: 21 87.247.64.0/18 maxlen: 18 91.187.160.0/19 maxlen: 19 178.16.32.0/20 maxlen: 20 178.250.32.0/21 maxlen: 21 185.26.132.0/22 maxlen: 22 185.198.32.0/22 maxlen: 22 212.52.32.0/19 maxlen: 19 212.117.0.0/19 maxlen: 19 217.17.80.0/20 maxlen: 20 2a00:7600::/32 maxlen: 32 2a01:a1c0::/32 maxlen: 32 2a04:ce00::/29 maxlen: 29 2a04:eb00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.mft rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:cc:90:15:de:ba:bb:ff:36:f1:59:cd:8f:83:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fc4d06978969a8bdab6d6359062d7781e03449ca Validity Not Before: Jan 2 02:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e203191c0311fc13dbb81df7f32fc85c867e4f03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:f1:5a:c7:fc:34:51:23:17:de:63:2e:31:91: c8:25:00:8f:c3:33:a5:f4:40:11:86:09:ac:ee:f9: 12:51:43:f7:95:fe:6d:13:48:bd:ff:e1:fe:7c:df: 72:4d:d8:dc:09:8a:15:5c:f7:8b:c8:19:96:4c:2b: a2:ae:3b:15:3f:eb:ca:a6:66:cb:2d:5f:1e:eb:ce: 82:7c:03:22:e2:3c:f2:ba:21:df:59:5b:69:ca:d9: 96:5a:fe:02:8d:5b:2d:3d:ba:95:28:2f:71:3d:95: 97:66:c5:b5:d1:e1:36:48:04:9d:23:aa:fa:d4:23: 95:ae:00:d6:86:77:a2:a6:39:2a:0f:c0:5c:25:94: b0:af:f8:08:36:cc:27:6a:50:14:2a:d4:bd:46:4b: d4:6d:02:1f:d4:82:fd:26:81:24:03:88:bd:5b:a7: 92:6f:2c:c2:27:90:6d:b6:ce:38:85:e4:22:5c:0c: 60:b0:4f:4d:9a:47:78:c1:04:74:6a:20:df:cf:b8: 9a:b8:1a:67:b6:9d:9b:5e:af:98:ef:f7:c4:b6:27: 6d:00:b0:bc:84:67:58:d1:7e:76:d0:39:96:9b:9d: a7:3b:41:56:ae:42:f4:d3:de:18:e1:dc:e9:a2:44: aa:4d:39:a1:28:9a:c5:f1:03:61:d2:87:65:f5:47: 8f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:03:19:1C:03:11:FC:13:DB:B8:1D:F7:F3:2F:C8:5C:86:7E:4F:03 X509v3 Authority Key Identifier: keyid:FC:4D:06:97:89:69:A8:BD:AB:6D:63:59:06:2D:77:81:E0:34:49:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_E0Gl4lpqL2rbWNZBi13geA0Sco.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/4gMZHAMR_BPbuB338y_IXIZ-TwM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/082c31-f4ef-4acb-90f1-da03bf7a2ec2/1/_E0Gl4lpqL2rbWNZBi13geA0Sco.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.20.0.0/16 37.157.144.0/21 46.251.32.0/19 77.87.8.0/21 77.221.64.0/19 79.133.224.0/19 80.240.0.0/20 81.29.16.0/20 87.239.112.0/21 87.247.64.0/18 91.187.160.0/19 178.16.32.0/20 178.250.32.0/21 185.26.132.0/22 185.198.32.0/22 212.52.32.0/19 212.117.0.0/19 217.17.80.0/20 IPv6: 2a00:7600::/32 2a01:a1c0::/32 2a04:ce00::/29 2a04:eb00::/29 Signature Algorithm: sha256WithRSAEncryption c8:e6:5f:e4:dd:45:0e:84:67:4a:41:57:b2:2f:82:58:6b:eb: 6e:4a:72:39:ec:88:41:0b:6c:65:10:92:d9:eb:9c:37:04:07: ae:85:a9:9a:f2:a5:3e:07:7e:d9:5f:11:0a:4c:ce:7c:03:a0: 72:90:f9:a2:2e:17:b2:13:cb:52:48:ba:37:78:92:36:58:89: ad:ab:a4:32:1c:80:ba:6e:c0:cc:09:fc:b5:da:c4:15:9d:da: c6:18:2a:4d:19:3a:35:37:ca:fc:a6:f3:a2:88:05:fd:61:dc: d9:84:6b:84:20:15:cc:14:b2:b5:02:0d:56:ff:e9:01:6c:70: cc:e4:db:35:f9:35:2c:bb:e8:b9:f0:ca:91:3e:88:06:b0:70: d4:4e:20:87:ff:7f:5e:d8:a6:68:40:56:f8:e1:54:f9:50:83: ee:c5:7b:c1:49:12:d6:c7:02:02:b9:97:af:13:f8:ea:3c:6a: 6c:2a:ee:c7:ba:9a:df:4c:b7:de:43:4a:7b:76:10:5f:c2:9a: 11:d0:19:01:5b:c4:78:f4:d3:69:0d:10:a8:dd:31:21:d5:48: a1:81:ad:e6:29:fa:50:83:f0:16:aa:bc:59:15:47:01:7a:da: 7e:09:4c:33:98:57:83:61:ff:c6:10:89:d4:25:50:b8:13:1a: cd:74:a8:bb -----BEGIN CERTIFICATE----- MIIFiTCCBHGgAwIBAgISAZt8gMyQFd66u/828VnNj4PQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjNGQwNjk3ODk2OWE4YmRhYjZkNjM1OTA2MmQ3NzgxZTAz NDQ5Y2EwHhcNMjYwMTAyMDIxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjAzMTkxYzAzMTFmYzEzZGJiODFkZjdmMzJmYzg1Yzg2N2U0ZjAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofFax/w0USMX3mMuMZHIJQCPwzOl 9EARhgms7vkSUUP3lf5tE0i9/+H+fN9yTdjcCYoVXPeLyBmWTCuirjsVP+vKpmbL LV8e686CfAMi4jzyuiHfWVtpytmWWv4CjVstPbqVKC9xPZWXZsW10eE2SASdI6r6 1COVrgDWhneipjkqD8BcJZSwr/gINswnalAUKtS9RkvUbQIf1IL9JoEkA4i9W6eS byzCJ5Btts44heQiXAxgsE9Nmkd4wQR0aiDfz7iauBpntp2bXq+Y7/fEtidtALC8 hGdY0X520DmWm52nO0FWrkL0094Y4dzpokSqTTmhKJrF8QNh0odl9UePrQIDAQAB o4IClTCCApEwHQYDVR0OBBYEFOIDGRwDEfwT27gd9/MvyFyGfk8DMB8GA1UdIwQY MBaAFPxNBpeJaai9q21jWQYtd4HgNEnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEt ZGEwM2JmN2EyZWMyLzEvNGdNWkhBTVJfQlBidUIzMzh5X0lYSVotVHdNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8wODJjMzEtZjRlZi00YWNiLTkwZjEtZGEwM2JmN2EyZWMy LzEvX0UwR2w0bHBxTDJyYldOWkJpMTNnZUEwU2NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzBxBAIAATBrAwMABRQD BAMlnZADBAUu+yADBANNVwgDBAVN3UADBAVPheADBARQ8AADBARRHRADBANX73AD BAZX90ADBAVbu6ADBASyECADBAOy+iADBAK5GoQDBAK5xiADBAXUNCADBAXUdQAD BATZEVAwIgQCAAIwHAMFACoAdgADBQAqAaHAAwUDKgTOAAMFAyoE6wAwDQYJKoZI hvcNAQELBQADggEBAMjmX+TdRQ6EZ0pBV7Ivglhr625KcjnsiEELbGUQktnrnDcE B66FqZrypT4HftlfEQpMznwDoHKQ+aIuF7ITy1JIujd4kjZYia2rpDIcgLpuwMwJ /LXaxBWd2sYYKk0ZOjU3yvym86KIBf1h3NmEa4QgFcwUsrUCDVb/6QFscMzk2zX5 NSy76LnwypE+iAawcNROIIf/f17YpmhAVvjhVPlQg+7Fe8FJEtbHAgK5l68T+Oo8 amwq7se6mt9Mt95DSnt2EF/CmhHQGQFbxHj002kNEKjdMSHVSKGBreYp+lCD8Baq vFkVRwF62n4JTDOYV4Nh/8YQidQlULgTGs10qLs= -----END CERTIFICATE-----Generated at Sun Jan 25 19:58:58 2026 by rpki-client