This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/5pguPhI0rFbakLhW6SkFbalknGQ.roa File: 5pguPhI0rFbakLhW6SkFbalknGQ.roa (raw, json) Hash identifier: Lus95KOZX81AaJ5QWx/HsOob7eg1M1IWrIuALpl2Ef0= Subject key identifier: E6:98:2E:3E:12:34:AC:56:DA:90:B8:56:E9:29:05:6D:A9:64:9C:64 Certificate issuer: /CN=2ace21090ee4d78677413423dcb2fe01a6e1c622 Certificate serial: 019B7C1290249E1090F30DCF8C338C7E56A7 Authority key identifier: 2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/5pguPhI0rFbakLhW6SkFbalknGQ.roa Signing time: Fri 02 Jan 2026 00:19:09 +0000 ROA not before: Fri 02 Jan 2026 00:19:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15742 IP address blocks: 87.238.152.0/24 maxlen: 24 87.238.153.0/24 maxlen: 24 87.238.154.0/24 maxlen: 24 87.238.155.0/24 maxlen: 24 87.238.156.0/24 maxlen: 24 87.238.157.0/24 maxlen: 24 87.238.158.0/24 maxlen: 24 87.238.159.0/24 maxlen: 24 217.117.64.0/24 maxlen: 24 217.117.65.0/24 maxlen: 24 217.117.66.0/24 maxlen: 24 217.117.67.0/24 maxlen: 24 217.117.68.0/24 maxlen: 24 217.117.69.0/24 maxlen: 24 217.117.70.0/24 maxlen: 24 217.117.71.0/24 maxlen: 24 217.117.72.0/24 maxlen: 24 217.117.73.0/24 maxlen: 24 217.117.74.0/24 maxlen: 24 217.117.75.0/24 maxlen: 24 217.117.76.0/24 maxlen: 24 217.117.77.0/24 maxlen: 24 217.117.78.0/24 maxlen: 24 217.117.79.0/24 maxlen: 24 2a03:9220::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.mft rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:90:24:9e:10:90:f3:0d:cf:8c:33:8c:7e:56:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ace21090ee4d78677413423dcb2fe01a6e1c622 Validity Not Before: Jan 2 00:19:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e6982e3e1234ac56da90b856e929056da9649c64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9f:24:67:22:ce:03:d1:7c:8b:5d:b3:52:91: 40:13:11:32:7a:8e:83:b6:61:09:c0:71:7c:bb:0d: b8:bd:82:c5:0c:7c:23:8c:af:bd:50:69:69:0f:86: ec:80:f9:89:28:2f:25:4a:83:f0:f5:ef:73:ef:33: 59:3c:06:af:4a:47:d9:1a:82:a6:cf:a2:fe:6c:d3: 1a:a7:db:75:7f:ed:59:ea:c3:e5:79:6e:e3:c7:f6: 1c:bb:2b:4f:e4:3e:51:b1:04:e3:a3:54:ed:71:92: f6:92:38:eb:c4:ac:9e:46:72:36:91:a8:8d:25:91: 5c:9f:75:ed:ca:72:de:24:15:0f:c9:53:e8:cf:c9: 03:e7:fb:0a:2c:79:4e:8f:6d:d1:f5:1a:96:e4:f7: bf:5c:c2:4e:4b:20:50:c9:38:ec:9e:7b:bd:d3:53: db:ab:29:f9:fb:44:e3:8a:76:68:bf:9e:e8:10:30: a4:e1:71:99:d0:ba:c9:5a:65:9f:5a:c4:4c:e8:9d: 0f:16:69:29:3c:61:56:73:81:8c:8f:4a:0c:f0:d0: bd:7c:07:74:fd:12:8b:ac:37:6f:34:2a:70:a2:d1: 1d:84:99:6d:5f:f8:f2:0e:38:6c:95:4f:9e:2f:ad: 1c:92:c7:b7:94:b6:7e:c1:65:61:54:cc:ae:ad:da: 33:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:98:2E:3E:12:34:AC:56:DA:90:B8:56:E9:29:05:6D:A9:64:9C:64 X509v3 Authority Key Identifier: keyid:2A:CE:21:09:0E:E4:D7:86:77:41:34:23:DC:B2:FE:01:A6:E1:C6:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/5pguPhI0rFbakLhW6SkFbalknGQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2915f1-87ba-4c18-aaf9-590a9813dddf/1/Ks4hCQ7k14Z3QTQj3LL-AabhxiI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.238.152.0/21 217.117.64.0/20 IPv6: 2a03:9220::/32 Signature Algorithm: sha256WithRSAEncryption a0:25:bf:76:9e:ec:bb:a4:1e:79:08:20:1f:21:cd:55:28:ca: c3:fe:4f:3a:ca:3d:33:6a:c5:96:b4:6e:fb:96:20:61:05:c5: 07:84:21:22:d8:97:1d:36:06:cf:51:fd:88:fb:01:58:4c:0a: c1:df:12:80:b4:ff:97:29:a4:7a:56:eb:dd:1a:45:08:1c:d2: 81:03:a2:4d:66:08:f4:14:d4:c0:dc:1c:cc:88:d9:ed:08:4a: d4:ea:0f:5a:06:ff:71:5b:51:c2:33:b6:2d:55:b5:05:39:b5: 66:1a:4f:bf:e8:17:60:ca:5a:01:33:42:9a:e8:c9:30:00:ef: 88:67:07:07:29:d7:f8:65:3d:1c:35:96:39:22:9f:5b:b2:bf: b8:18:d1:e8:a2:0d:f2:d1:0c:9d:ef:a0:28:51:0b:8d:83:51: 6b:ab:2f:80:72:d9:6b:5e:9c:13:2e:41:55:e5:ca:bf:dd:5a: 62:a1:6b:67:e5:ac:66:61:04:d7:a1:7d:d1:b9:28:07:32:a1: 62:e3:f7:e8:6f:ac:2b:f2:c9:e3:2b:f4:ca:e2:38:c7:8b:bc: 19:59:28:8d:69:04:56:d8:bb:3c:d6:ea:3d:ee:67:9c:2a:e8: e8:d6:97:0c:54:f0:36:28:bc:d4:95:6c:87:33:fa:5c:0b:2c: b2:e6:05:8f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8EpAknhCQ8w3PjDOMflanMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhY2UyMTA5MGVlNGQ3ODY3NzQxMzQyM2RjYjJmZTAxYTZl MWM2MjIwHhcNMjYwMTAyMDAxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNjk4MmUzZTEyMzRhYzU2ZGE5MGI4NTZlOTI5MDU2ZGE5NjQ5YzY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ8kZyLOA9F8i12zUpFAExEyeo6D tmEJwHF8uw24vYLFDHwjjK+9UGlpD4bsgPmJKC8lSoPw9e9z7zNZPAavSkfZGoKm z6L+bNMap9t1f+1Z6sPleW7jx/YcuytP5D5RsQTjo1TtcZL2kjjrxKyeRnI2kaiN JZFcn3XtynLeJBUPyVPoz8kD5/sKLHlOj23R9RqW5Pe/XMJOSyBQyTjsnnu901Pb qyn5+0TjinZov57oEDCk4XGZ0LrJWmWfWsRM6J0PFmkpPGFWc4GMj0oM8NC9fAd0 /RKLrDdvNCpwotEdhJltX/jyDjhslU+eL60ckse3lLZ+wWVhVMyurdozIwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOaYLj4SNKxW2pC4VukpBW2pZJxkMB8GA1UdIwQY MBaAFCrOIQkO5NeGd0E0I9yy/gGm4cYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjkt NTkwYTk4MTNkZGRmLzEvNXBndVBoSTByRmJha0xoVzZTa0ZiYWxrbkdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8yOTE1ZjEtODdiYS00YzE4LWFhZjktNTkwYTk4MTNkZGRm LzEvS3M0aENRN2sxNFozUVRRajNMTC1BYWJoeGlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDV+6YAwQE 2XVAMA0EAgACMAcDBQAqA5IgMA0GCSqGSIb3DQEBCwUAA4IBAQCgJb92nuy7pB55 CCAfIc1VKMrD/k86yj0zasWWtG77liBhBcUHhCEi2JcdNgbPUf2I+wFYTArB3xKA tP+XKaR6VuvdGkUIHNKBA6JNZgj0FNTA3BzMiNntCErU6g9aBv9xW1HCM7YtVbUF ObVmGk+/6BdgyloBM0Ka6MkwAO+IZwcHKdf4ZT0cNZY5Ip9bsr+4GNHoog3y0Qyd 76AoUQuNg1Frqy+ActlrXpwTLkFV5cq/3VpioWtn5axmYQTXoX3RuSgHMqFi4/fo b6wr8snjK/TK4jjHi7wZWSiNaQRW2Ls81uo97mecKujo1pcMVPA2KLzUlWyHM/pc Cyyy5gWP -----END CERTIFICATE-----Generated at Mon Jan 26 02:01:34 2026 by rpki-client