This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/M0Pr5fmTFziAbz4Cmi21hD1TiPI.roa File: M0Pr5fmTFziAbz4Cmi21hD1TiPI.roa (raw, json) Hash identifier: l9Juhfgu3WjVk/obQjcXeIWSQ3lFbrTgLJnfrvHnclQ= Subject key identifier: 33:43:EB:E5:F9:93:17:38:80:6F:3E:02:9A:2D:B5:84:3D:53:88:F2 Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16 Certificate serial: 019B7EA6EC7639E61E985D22B5B3B92808F9 Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/M0Pr5fmTFziAbz4Cmi21hD1TiPI.roa Signing time: Fri 02 Jan 2026 12:20:27 +0000 ROA not before: Fri 02 Jan 2026 12:20:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28964 IP address blocks: 5.172.32.0/24 maxlen: 24 89.23.64.0/24 maxlen: 24 89.23.73.0/24 maxlen: 24 89.23.95.0/24 maxlen: 24 109.111.241.0/24 maxlen: 24 109.111.242.0/24 maxlen: 24 109.111.251.0/24 maxlen: 24 178.254.160.0/23 maxlen: 23 178.254.162.0/24 maxlen: 24 178.254.164.0/24 maxlen: 24 178.254.166.0/24 maxlen: 24 178.254.167.0/24 maxlen: 24 178.254.173.0/24 maxlen: 24 178.254.174.0/24 maxlen: 24 178.254.185.0/24 maxlen: 24 185.157.45.0/24 maxlen: 24 185.157.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:ec:76:39:e6:1e:98:5d:22:b5:b3:b9:28:08:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16 Validity Not Before: Jan 2 12:20:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3343ebe5f9931738806f3e029a2db5843d5388f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:57:b8:a4:08:e4:77:8f:5d:cb:06:9e:65:66: 3f:de:6b:9a:e5:b8:05:a6:03:6e:a5:55:36:7e:e3: 6d:34:24:d4:b0:0d:40:fa:ac:03:5b:08:eb:1c:7d: 1a:12:ce:82:cb:c9:33:91:a2:07:06:ff:a0:c8:00: 9b:e1:9d:74:4b:54:43:68:d7:61:04:0a:03:35:e0: e2:3b:b5:44:1b:49:41:98:ce:8b:0b:95:bd:0b:23: e5:0a:d0:3f:fe:fd:15:31:29:ee:d7:f9:4a:27:8f: c7:a5:75:1c:42:ee:95:4e:b2:67:aa:bc:57:fc:4f: 10:a2:a0:7e:13:d8:89:9c:a9:f4:f4:db:bd:6f:cb: a3:85:e7:ab:38:7f:2a:96:6b:1b:ff:7b:e8:e2:aa: 76:e9:43:09:b7:24:06:b5:4d:75:98:f0:3d:12:9f: 71:d8:5b:a4:31:75:33:b6:7c:1d:d3:39:3f:1b:3d: ab:6e:1a:00:66:cd:93:35:cd:c6:87:5b:9e:7d:9c: 87:56:e8:cb:e0:99:30:b4:6a:39:66:64:4f:87:ee: 75:59:e9:35:80:a2:d5:5a:fa:12:94:75:df:a9:e1: 4b:06:bf:0f:96:c8:67:4e:71:45:dc:df:3e:b6:f8: dc:99:1d:5f:94:aa:03:b2:95:57:14:a6:7e:24:cc: a4:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:43:EB:E5:F9:93:17:38:80:6F:3E:02:9A:2D:B5:84:3D:53:88:F2 X509v3 Authority Key Identifier: keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/M0Pr5fmTFziAbz4Cmi21hD1TiPI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.172.32.0/24 89.23.64.0/24 89.23.73.0/24 89.23.95.0/24 109.111.241.0-109.111.242.255 109.111.251.0/24 178.254.160.0-178.254.162.255 178.254.164.0/24 178.254.166.0/23 178.254.173.0-178.254.174.255 178.254.185.0/24 185.157.45.0/24 185.157.47.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:ba:3e:df:60:62:1d:a3:8a:ae:b9:a4:45:c3:ea:3d:8a:64: f0:5d:f4:58:80:94:87:b0:72:67:40:9c:5a:e0:73:b9:1a:49: 45:cf:ed:97:d4:fb:c6:94:66:df:fd:14:91:6a:73:3b:d3:54: 6a:e8:f8:58:e1:86:97:ca:96:7c:12:f6:ec:e4:94:77:0b:b6: 13:49:71:c5:da:46:9a:7d:69:db:f7:8a:f3:13:dc:8b:e8:25: 1f:5b:09:81:f4:c6:4f:a7:2e:be:40:68:27:d9:22:17:b4:75: 43:d0:10:84:9c:05:c7:e0:ac:75:6c:5b:10:f9:b0:f9:98:c6: d8:db:7e:71:dc:e0:7f:c9:37:8f:31:84:39:81:34:b7:a7:4f: 07:6a:37:e9:f5:3c:97:de:9a:1b:03:ae:87:66:f2:c1:c1:81: 0a:7f:94:68:99:89:af:a3:5b:97:0d:56:58:b4:7f:8d:2d:76: 93:8c:b9:90:66:e5:90:96:f3:3c:cd:5d:63:66:f9:1e:a2:51: da:78:0d:ba:d5:97:6c:9a:fb:07:97:86:3f:70:7c:8b:6b:d2: 8c:ff:a5:fe:89:9c:34:9e:3a:f3:bd:23:e9:76:60:9a:b4:dc: b4:58:d1:b1:a9:97:41:be:83:31:40:36:b9:e2:8c:df:d6:76: eb:15:db:7b -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgISAZt+pux2OeYemF0itbO5KAj5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk OWNlMTYwHhcNMjYwMTAyMTIyMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzQzZWJlNWY5OTMxNzM4ODA2ZjNlMDI5YTJkYjU4NDNkNTM4OGYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91e4pAjkd49dywaeZWY/3mua5bgF pgNupVU2fuNtNCTUsA1A+qwDWwjrHH0aEs6Cy8kzkaIHBv+gyACb4Z10S1RDaNdh BAoDNeDiO7VEG0lBmM6LC5W9CyPlCtA//v0VMSnu1/lKJ4/HpXUcQu6VTrJnqrxX /E8QoqB+E9iJnKn09Nu9b8ujheerOH8qlmsb/3vo4qp26UMJtyQGtU11mPA9Ep9x 2FukMXUztnwd0zk/Gz2rbhoAZs2TNc3Gh1uefZyHVujL4JkwtGo5ZmRPh+51Wek1 gKLVWvoSlHXfqeFLBr8PlshnTnFF3N8+tvjcmR1flKoDspVXFKZ+JMykYwIDAQAB o4ICaTCCAmUwHQYDVR0OBBYEFDND6+X5kxc4gG8+ApottYQ9U4jyMB8GA1UdIwQY MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt MGY2NmMxODg3OTE2LzEvTTBQcjVmbVRGemlBYno0Q21pMjFoRDFUaVBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2 LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABawgAwQA WRdAAwQAWRdJAwQAWRdfMAwDBABtb/EDBABtb/IDBABtb/swDAMEBbL+oAMEALL+ ogMEALL+pAMEAbL+pjAMAwQAsv6tAwQAsv6uAwQAsv65AwQAuZ0tAwQAuZ0vMA0G CSqGSIb3DQEBCwUAA4IBAQBduj7fYGIdo4quuaRFw+o9imTwXfRYgJSHsHJnQJxa 4HO5GklFz+2X1PvGlGbf/RSRanM701Rq6PhY4YaXypZ8Evbs5JR3C7YTSXHF2kaa fWnb94rzE9yL6CUfWwmB9MZPpy6+QGgn2SIXtHVD0BCEnAXH4Kx1bFsQ+bD5mMbY 235x3OB/yTePMYQ5gTS3p08Hajfp9TyX3pobA66HZvLBwYEKf5RomYmvo1uXDVZY tH+NLXaTjLmQZuWQlvM8zV1jZvkeolHaeA261ZdsmvsHl4Y/cHyLa9KM/6X+iZw0 njrzvSPpdmCatNy0WNGxqZdBvoMxQDa54ozf1nbrFdt7 -----END CERTIFICATE-----Generated at Sun Jan 25 15:07:04 2026 by rpki-client