This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XDAChpSG-gOuEJTWb353xCsUXB0.roa File: XDAChpSG-gOuEJTWb353xCsUXB0.roa (raw, json) Hash identifier: FRVA6TGWdtEdEhdJsRukfcxhhPpGovJu+UlmDzo+0nc= Subject key identifier: 5C:30:02:86:94:86:FA:03:AE:10:94:D6:6F:7E:77:C4:2B:14:5C:1D Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Certificate serial: 019BE127576BB931D0053C63AACB49F266CF Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XDAChpSG-gOuEJTWb353xCsUXB0.roa Signing time: Wed 21 Jan 2026 15:23:30 +0000 ROA not before: Wed 21 Jan 2026 15:23:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2914 IP address blocks: 5.182.28.0/22 maxlen: 22 45.67.117.0/24 maxlen: 24 45.145.176.0/22 maxlen: 22 89.40.161.0/24 maxlen: 24 91.242.68.0/23 maxlen: 24 91.242.70.0/24 maxlen: 24 91.242.73.0/24 maxlen: 24 91.242.74.0/24 maxlen: 24 91.242.82.0/24 maxlen: 24 91.242.105.0/24 maxlen: 24 91.242.124.0/24 maxlen: 24 91.242.126.0/24 maxlen: 24 147.78.20.0/24 maxlen: 24 147.78.21.0/24 maxlen: 24 147.78.22.0/24 maxlen: 24 147.78.23.0/24 maxlen: 24 185.51.120.0/24 maxlen: 24 185.147.48.0/24 maxlen: 24 185.180.145.0/24 maxlen: 24 185.212.11.0/24 maxlen: 24 194.50.200.0/24 maxlen: 24 194.50.201.0/24 maxlen: 24 194.50.206.0/23 maxlen: 24 194.50.206.0/24 maxlen: 24 195.88.146.0/24 maxlen: 24 195.88.147.0/24 maxlen: 24 195.138.103.0/24 maxlen: 24 195.138.104.0/22 maxlen: 24 195.138.107.0/24 maxlen: 24 195.138.111.0/24 maxlen: 24 195.138.114.0/24 maxlen: 24 195.138.120.0/24 maxlen: 24 195.211.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e1:27:57:6b:b9:31:d0:05:3c:63:aa:cb:49:f2:66:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Validity Not Before: Jan 21 15:23:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c3002869486fa03ae1094d66f7e77c42b145c1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:9d:5b:bd:63:b2:41:13:26:a3:13:7c:70:d8: 59:f6:68:ec:97:5a:3f:a6:48:4f:57:fd:88:5a:50: e5:86:1b:ad:87:54:24:d9:49:cd:1d:9b:6c:80:1d: 95:67:a4:05:35:31:a1:36:c9:ef:9d:1c:4f:77:43: ec:e1:54:e0:0b:19:2e:5c:63:9d:4b:80:55:35:6e: 85:99:e2:d0:66:9d:54:bf:71:a2:b3:1c:00:24:6e: d8:ca:23:b9:4a:a1:2e:d4:17:dc:d1:30:4f:a8:8c: bb:df:1a:e7:fc:7b:79:fb:b7:47:28:b5:9c:5b:55: 42:52:ed:56:57:36:e7:a9:e8:47:b7:42:02:d9:57: 3f:5f:b6:dd:fa:1e:42:38:9e:a7:ac:dc:86:a5:f5: 0b:6f:a3:b7:53:bf:20:ed:c8:fe:30:f1:78:84:ec: 15:9b:e9:03:59:9a:f6:45:b3:04:72:cf:a8:26:d5: 65:d0:25:06:43:0d:cf:5c:3d:b8:11:e6:c8:df:a4: 16:3c:c3:dc:d6:87:36:66:cf:80:a0:f2:53:78:f2: 3f:41:5a:ce:f2:a8:d2:fd:df:41:dd:5c:32:c2:09: 47:50:7d:08:d3:6e:79:6c:46:62:1b:5b:82:d2:5d: 90:3f:88:7b:34:70:89:a5:a5:ba:49:42:51:bc:7f: 49:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:30:02:86:94:86:FA:03:AE:10:94:D6:6F:7E:77:C4:2B:14:5C:1D X509v3 Authority Key Identifier: keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XDAChpSG-gOuEJTWb353xCsUXB0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.28.0/22 45.67.117.0/24 45.145.176.0/22 89.40.161.0/24 91.242.68.0-91.242.70.255 91.242.73.0-91.242.74.255 91.242.82.0/24 91.242.105.0/24 91.242.124.0/24 91.242.126.0/24 147.78.20.0/22 185.51.120.0/24 185.147.48.0/24 185.180.145.0/24 185.212.11.0/24 194.50.200.0/23 194.50.206.0/23 195.88.146.0/23 195.138.103.0-195.138.107.255 195.138.111.0/24 195.138.114.0/24 195.138.120.0/24 195.211.48.0/24 Signature Algorithm: sha256WithRSAEncryption 30:7d:04:00:19:3b:ff:8a:fe:16:35:0b:0a:fd:84:2a:03:60: 8c:9e:15:94:d6:c5:27:44:d0:51:96:7e:26:0f:0e:b1:c4:32: c7:c6:72:67:b9:5c:de:63:eb:a3:e4:b8:dd:64:37:d3:ea:ee: 3e:ec:cb:c5:83:a7:a0:da:f4:37:7a:ae:e2:37:b3:95:a0:c5: 4c:35:9d:16:d5:2f:ad:f2:e9:1c:d9:cf:02:4b:01:31:80:c0: 56:67:da:be:08:7c:34:c3:65:41:57:ac:79:48:0b:63:b9:23: 11:96:28:59:08:16:74:42:1f:f8:31:f9:08:9e:72:7e:a0:85: 43:d0:10:1d:a7:98:2e:3e:55:6d:2e:a9:d0:32:5c:ad:35:d8: 52:4a:de:ca:40:17:34:cb:17:e8:d5:b5:c1:f5:84:33:f6:b0: aa:ce:a1:a7:77:47:1e:ef:84:0a:1f:7f:99:0b:c8:a9:b2:e4: ba:75:01:b6:e1:ae:7c:73:8d:57:8a:79:7b:af:aa:10:f5:e6: ac:ad:20:01:66:e5:df:f0:27:fc:dc:e0:ed:e9:2c:a4:2e:ab: 55:04:d5:ca:24:0c:6b:2c:d5:21:8e:3d:9c:94:67:1f:92:57: e6:38:6e:ea:9e:33:4b:29:54:c2:0e:01:6a:4f:9c:9f:37:2e: 3b:57:95:30 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgISAZvhJ1druTHQBTxjqstJ8mbPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3 MWE5YTgwHhcNMjYwMTIxMTUyMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzMwMDI4Njk0ODZmYTAzYWUxMDk0ZDY2ZjdlNzdjNDJiMTQ1YzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp1bvWOyQRMmoxN8cNhZ9mjsl1o/ pkhPV/2IWlDlhhuth1Qk2UnNHZtsgB2VZ6QFNTGhNsnvnRxPd0Ps4VTgCxkuXGOd S4BVNW6FmeLQZp1Uv3GisxwAJG7YyiO5SqEu1Bfc0TBPqIy73xrn/Ht5+7dHKLWc W1VCUu1WVzbnqehHt0IC2Vc/X7bd+h5COJ6nrNyGpfULb6O3U78g7cj+MPF4hOwV m+kDWZr2RbMEcs+oJtVl0CUGQw3PXD24EebI36QWPMPc1oc2Zs+AoPJTePI/QVrO 8qjS/d9B3VwywglHUH0I0255bEZiG1uC0l2QP4h7NHCJpaW6SUJRvH9JeQIDAQAB o4ICqjCCAqYwHQYDVR0OBBYEFFwwAoaUhvoDrhCU1m9+d8QrFFwdMB8GA1UdIwQY MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt M2FjOWU1NmMzMDg5LzEvWERBQ2hwU0ctZ091RUpUV2IzNTN4Q3NVWEIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5 LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAIF thwDBAAtQ3UDBAItkbADBABZKKEwDAMEAlvyRAMEAFvyRjAMAwQAW/JJAwQAW/JK AwQAW/JSAwQAW/JpAwQAW/J8AwQAW/J+AwQCk04UAwQAuTN4AwQAuZMwAwQAubSR AwQAudQLAwQBwjLIAwQBwjLOAwQBw1iSMAwDBADDimcDBALDimgDBADDim8DBADD inIDBADDingDBADD0zAwDQYJKoZIhvcNAQELBQADggEBADB9BAAZO/+K/hY1Cwr9 hCoDYIyeFZTWxSdE0FGWfiYPDrHEMsfGcme5XN5j66PkuN1kN9Pq7j7sy8WDp6Da 9Dd6ruI3s5WgxUw1nRbVL63y6RzZzwJLATGAwFZn2r4IfDTDZUFXrHlIC2O5IxGW KFkIFnRCH/gx+Qiecn6ghUPQEB2nmC4+VW0uqdAyXK012FJK3spAFzTLF+jVtcH1 hDP2sKrOoad3Rx7vhAoff5kLyKmy5Lp1AbbhrnxzjVeKeXuvqhD15qytIAFm5d/w J/zc4O3pLKQuq1UE1cokDGss1SGOPZyUZx+SV+Y4buqeM0spVMIOAWpPnJ83LjtX lTA= -----END CERTIFICATE-----Generated at Sun Jan 25 03:58:31 2026 by rpki-client