This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Pot9sGjQ09uE0QJkmshSlnxcDEs.roa File: Pot9sGjQ09uE0QJkmshSlnxcDEs.roa (raw, json) Hash identifier: fPrzEPKp0VS5KGwAOadvcVPYu9gvZcvC3Al0vJwF1C8= Subject key identifier: 3E:8B:7D:B0:68:D0:D3:DB:84:D1:02:64:9A:C8:52:96:7C:5C:0C:4B Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Certificate serial: 019B76EB99901D073DCC60ED6C3731604B4A Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Pot9sGjQ09uE0QJkmshSlnxcDEs.roa Signing time: Thu 01 Jan 2026 00:18:30 +0000 ROA not before: Thu 01 Jan 2026 00:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209420 IP address blocks: 31.207.68.0/24 maxlen: 24 31.207.69.0/24 maxlen: 24 31.207.70.0/24 maxlen: 24 31.207.72.0/24 maxlen: 24 152.89.133.0/24 maxlen: 24 192.145.16.0/23 maxlen: 23 192.145.16.0/24 maxlen: 24 192.145.17.0/24 maxlen: 24 192.145.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:99:90:1d:07:3d:cc:60:ed:6c:37:31:60:4b:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Validity Not Before: Jan 1 00:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3e8b7db068d0d3db84d102649ac852967c5c0c4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:15:bd:88:03:3a:a9:5f:c4:83:33:0f:b1:ce: 4c:02:5b:9a:37:7a:bd:fc:0f:d3:00:9d:e2:62:9a: a7:e4:12:96:ec:7c:d0:74:a8:06:d7:4d:35:25:4a: 3b:07:a3:a6:29:34:bd:5a:78:1e:b7:68:4b:74:01: a8:b6:b1:81:69:d8:52:e5:c6:e8:87:1a:f3:7c:34: 5f:e7:96:3e:36:48:13:0d:9a:c8:c0:ef:42:1b:ff: 6e:9e:a2:a0:c4:27:ef:7e:b5:43:d4:40:b0:f7:3d: 30:79:52:08:6e:bd:3e:f3:30:4a:2a:df:40:d4:76: c2:ae:b6:e1:a9:ed:6e:d6:1c:d5:46:73:71:41:54: 71:0b:13:f9:39:15:bc:d2:ec:11:03:f2:d1:e9:59: d9:26:bf:3f:c1:01:c4:69:71:33:4d:fc:9c:cd:bd: e3:ce:fa:65:2d:e6:93:a5:08:8a:83:16:0e:d4:81: 16:3d:0d:57:a6:58:e1:b2:ec:42:4d:15:9a:14:c2: b2:55:fd:7e:92:ba:41:38:4d:ca:c0:73:19:c3:70: 57:dc:11:17:a2:ae:a4:94:86:a9:f5:5b:37:88:85: 64:93:7b:05:0c:7c:1b:d8:38:0e:e1:a4:c0:f0:18: c1:39:8d:b8:bc:11:9e:89:a4:de:5b:5f:be:de:7e: 62:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:8B:7D:B0:68:D0:D3:DB:84:D1:02:64:9A:C8:52:96:7C:5C:0C:4B X509v3 Authority Key Identifier: keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/Pot9sGjQ09uE0QJkmshSlnxcDEs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.207.68.0-31.207.70.255 31.207.72.0/24 152.89.133.0/24 192.145.16.0-192.145.18.255 Signature Algorithm: sha256WithRSAEncryption 2a:c1:44:02:ea:f3:df:3d:3d:10:d9:9e:31:3b:a3:79:26:d8: 63:d4:c1:ad:98:45:2b:75:cc:76:ef:46:60:30:0d:fe:c6:62: 3f:30:6f:af:3c:52:df:57:9c:a8:86:26:1a:91:8c:4c:e1:60: d7:52:4f:3c:6a:27:54:80:9d:15:18:ac:9e:c4:44:26:ad:c5: 01:05:55:ed:aa:21:48:52:15:e5:fc:3d:62:26:89:4a:7d:c3: 96:57:bb:61:84:8e:3c:49:67:24:7e:46:e8:48:7d:17:2d:e3: d8:33:a1:6a:19:8a:af:fc:55:91:10:11:c5:42:e4:ff:e3:30: f1:00:8d:2e:f0:82:60:3a:5a:74:1e:37:6a:e1:54:b0:c7:49: 64:cb:c4:ba:6d:16:75:88:61:f9:de:c2:9e:e5:8a:1d:1a:9a: 84:2c:ae:1b:e9:74:b4:0b:03:8a:75:e4:5e:a9:86:19:69:51: 5c:bf:43:9d:b4:c9:76:e7:75:c1:ad:0b:ed:66:79:11:27:de: 14:58:5e:53:f5:16:17:3d:b0:c1:60:bf:6e:9c:9d:f5:3e:48: 00:a8:c7:18:80:84:58:e1:2b:c1:24:db:4a:0b:72:90:41:89: 21:c2:cb:03:48:45:b9:31:26:f6:ce:ff:1a:a7:92:f1:73:17: b7:03:c8:85 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt265mQHQc9zGDtbDcxYEtKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj MGRmYWMwHhcNMjYwMTAxMDAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZThiN2RiMDY4ZDBkM2RiODRkMTAyNjQ5YWM4NTI5NjdjNWMwYzRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxW9iAM6qV/EgzMPsc5MAluaN3q9 /A/TAJ3iYpqn5BKW7HzQdKgG1001JUo7B6OmKTS9Wnget2hLdAGotrGBadhS5cbo hxrzfDRf55Y+NkgTDZrIwO9CG/9unqKgxCfvfrVD1ECw9z0weVIIbr0+8zBKKt9A 1HbCrrbhqe1u1hzVRnNxQVRxCxP5ORW80uwRA/LR6VnZJr8/wQHEaXEzTfyczb3j zvplLeaTpQiKgxYO1IEWPQ1XpljhsuxCTRWaFMKyVf1+krpBOE3KwHMZw3BX3BEX oq6klIap9Vs3iIVkk3sFDHwb2DgO4aTA8BjBOY24vBGeiaTeW1++3n5iGwIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFD6LfbBo0NPbhNECZJrIUpZ8XAxLMB8GA1UdIwQY MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt N2E0MTI1NGVhYWNhLzEvUG90OXNHalEwOXVFMFFKa21zaFNsbnhjREVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAIfz0QD BAAfz0YDBAAfz0gDBACYWYUwDAMEBMCREAMEAMCREjANBgkqhkiG9w0BAQsFAAOC AQEAKsFEAurz3z09ENmeMTujeSbYY9TBrZhFK3XMdu9GYDAN/sZiPzBvrzxS31ec qIYmGpGMTOFg11JPPGonVICdFRisnsREJq3FAQVV7aohSFIV5fw9YiaJSn3Dlle7 YYSOPElnJH5G6Eh9Fy3j2DOhahmKr/xVkRARxULk/+Mw8QCNLvCCYDpadB43auFU sMdJZMvEum0WdYhh+d7CnuWKHRqahCyuG+l0tAsDinXkXqmGGWlRXL9DnbTJdud1 wa0L7WZ5ESfeFFheU/UWFz2wwWC/bpyd9T5IAKjHGICEWOErwSTbSgtykEGJIcLL A0hFuTEm9s7/GqeS8XMXtwPIhQ== -----END CERTIFICATE-----Generated at Mon Jan 26 07:07:07 2026 by rpki-client