This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/8-98EtSeBCLzHuY9teqeWzuL_OU.roa File: 8-98EtSeBCLzHuY9teqeWzuL_OU.roa (raw, json) Hash identifier: 8fiLqkX0Hfw0qEIsopfMgXlsC7twNkxV8E46FfFtRcU= Subject key identifier: F3:EF:7C:12:D4:9E:04:22:F3:1E:E6:3D:B5:EA:9E:5B:3B:8B:FC:E5 Certificate issuer: /CN=4ee1713e16b4fd8f3301887de6a111980449b29e Certificate serial: 019B7C12478FBB1B7D202F6A09DD6FA8B842 Authority key identifier: 4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/8-98EtSeBCLzHuY9teqeWzuL_OU.roa Signing time: Fri 02 Jan 2026 00:18:51 +0000 ROA not before: Fri 02 Jan 2026 00:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58321 IP address blocks: 5.104.248.0/21 maxlen: 24 81.161.192.0/20 maxlen: 20 81.161.192.0/21 maxlen: 21 81.161.192.0/24 maxlen: 24 81.161.193.0/24 maxlen: 24 81.161.194.0/24 maxlen: 24 81.161.195.0/24 maxlen: 24 81.161.196.0/24 maxlen: 24 81.161.197.0/24 maxlen: 24 81.161.198.0/24 maxlen: 24 81.161.199.0/24 maxlen: 24 81.161.200.0/21 maxlen: 21 81.161.200.0/24 maxlen: 24 81.161.201.0/24 maxlen: 24 81.161.202.0/24 maxlen: 24 81.161.203.0/24 maxlen: 24 81.161.204.0/24 maxlen: 24 81.161.205.0/24 maxlen: 24 81.161.206.0/24 maxlen: 24 91.232.44.0/23 maxlen: 24 109.199.0.0/19 maxlen: 24 109.207.48.0/20 maxlen: 24 176.227.160.0/21 maxlen: 24 178.249.88.0/21 maxlen: 24 185.34.76.0/22 maxlen: 24 185.73.88.0/22 maxlen: 22 185.80.212.0/22 maxlen: 22 193.242.168.0/23 maxlen: 23 193.242.168.0/24 maxlen: 24 193.242.169.0/24 maxlen: 24 195.3.232.0/22 maxlen: 22 2a04:4c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.mft rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:47:8f:bb:1b:7d:20:2f:6a:09:dd:6f:a8:b8:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ee1713e16b4fd8f3301887de6a111980449b29e Validity Not Before: Jan 2 00:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f3ef7c12d49e0422f31ee63db5ea9e5b3b8bfce5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:cd:91:a3:37:2b:97:0f:35:d9:b3:3a:93:19: d3:45:9c:d2:3d:fe:84:e5:da:dc:a7:76:4f:17:f4: 46:c0:c2:74:1d:94:67:4d:e8:0f:02:78:86:eb:91: 5e:b6:fe:fc:e3:e0:33:d0:66:23:1f:58:1a:8a:93: 50:dc:90:7e:91:44:60:69:f2:7f:f8:57:80:8b:93: 4d:18:9c:c4:67:e6:0e:bd:23:7f:ea:24:fd:06:cf: b6:f4:41:05:98:82:42:83:1e:2d:75:23:54:40:de: 91:4b:30:cd:91:5d:d6:08:7c:e9:a1:52:f7:17:88: 17:87:9c:32:7a:fd:36:e3:08:ae:8e:78:07:03:20: 97:a9:c9:49:80:b4:a8:a7:58:81:20:60:7a:2a:90: 1a:06:4c:5a:3c:e3:e8:18:5e:00:ef:ba:cb:3b:34: ab:a2:92:19:63:9f:94:84:52:62:d5:01:22:36:f1: 29:fe:a6:6f:31:ee:8e:76:2e:43:c0:4e:c5:e1:44: fb:d0:56:6b:ac:ae:cd:63:91:05:b0:5b:91:f9:55: 93:6f:8a:f9:f5:1f:e3:47:2e:8d:fa:11:a7:d3:ce: 6f:d4:2c:88:36:22:b6:f7:e9:29:d2:9e:70:20:84: 04:90:c8:7f:90:96:54:06:6e:8a:86:32:ab:63:72: b0:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:EF:7C:12:D4:9E:04:22:F3:1E:E6:3D:B5:EA:9E:5B:3B:8B:FC:E5 X509v3 Authority Key Identifier: keyid:4E:E1:71:3E:16:B4:FD:8F:33:01:88:7D:E6:A1:11:98:04:49:B2:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuFxPha0_Y8zAYh95qERmARJsp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/8-98EtSeBCLzHuY9teqeWzuL_OU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/48c9f6-5b5f-41d4-8e56-08e4b79387c0/1/TuFxPha0_Y8zAYh95qERmARJsp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.104.248.0/21 81.161.192.0/20 91.232.44.0/23 109.199.0.0/19 109.207.48.0/20 176.227.160.0/21 178.249.88.0/21 185.34.76.0/22 185.73.88.0/22 185.80.212.0/22 193.242.168.0/23 195.3.232.0/22 IPv6: 2a04:4c0::/29 Signature Algorithm: sha256WithRSAEncryption 66:dd:ac:4e:23:2e:44:3d:f6:5f:3a:d5:c4:75:b0:f3:77:86: 76:83:89:81:86:b1:b4:2a:54:fe:72:08:ab:ec:9c:a7:af:9d: 7b:00:c4:7c:26:0f:79:fc:ab:7c:eb:6e:67:cd:75:f4:e1:b0: 79:5b:df:7d:c5:a5:3c:cb:3b:6f:ba:2e:32:66:3b:55:79:de: 95:38:b9:8e:36:8e:ba:89:82:ad:f6:aa:65:b6:cb:fe:03:f7: 5a:ae:b8:d9:c3:7b:fd:a3:38:43:33:22:c5:df:ec:9e:af:d1: a3:f7:ac:c9:4a:a6:81:38:39:98:72:e2:82:3c:40:4a:67:24: 2e:c7:79:d7:86:8d:84:b4:b0:e1:cf:b3:82:75:aa:77:98:8e: 86:c5:ff:60:ed:3f:37:64:a5:db:bb:6f:79:cd:13:71:1b:87: aa:18:59:f0:a2:79:fb:8d:36:12:3d:01:71:80:2a:b0:b4:e9: 42:d0:31:d9:4d:53:79:2e:06:05:dd:fe:08:d0:78:04:bb:bb: ef:76:d8:dd:ba:ef:b6:2a:aa:d8:85:3c:3f:01:8f:a6:e0:e2: 70:8f:0d:4b:70:26:f5:15:fa:d0:6f:63:22:fb:6c:89:49:1d: 86:59:4a:1d:0f:6a:57:22:41:4c:a8:5b:67:5d:71:83:b7:f9: 08:35:58:a8 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgISAZt8EkePuxt9IC9qCd1vqLhCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlZTE3MTNlMTZiNGZkOGYzMzAxODg3ZGU2YTExMTk4MDQ0 OWIyOWUwHhcNMjYwMTAyMDAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmM2VmN2MxMmQ0OWUwNDIyZjMxZWU2M2RiNWVhOWU1YjNiOGJmY2U1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM2Rozcrlw812bM6kxnTRZzSPf6E 5drcp3ZPF/RGwMJ0HZRnTegPAniG65Fetv784+Az0GYjH1gaipNQ3JB+kURgafJ/ +FeAi5NNGJzEZ+YOvSN/6iT9Bs+29EEFmIJCgx4tdSNUQN6RSzDNkV3WCHzpoVL3 F4gXh5wyev024wiujngHAyCXqclJgLSop1iBIGB6KpAaBkxaPOPoGF4A77rLOzSr opIZY5+UhFJi1QEiNvEp/qZvMe6Odi5DwE7F4UT70FZrrK7NY5EFsFuR+VWTb4r5 9R/jRy6N+hGn085v1CyINiK29+kp0p5wIIQEkMh/kJZUBm6KhjKrY3KwkwIDAQAB o4ICWjCCAlYwHQYDVR0OBBYEFPPvfBLUngQi8x7mPbXqnls7i/zlMB8GA1UdIwQY MBaAFE7hcT4WtP2PMwGIfeahEZgESbKeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYt MDhlNGI3OTM4N2MwLzEvOC05OEV0U2VCQ0x6SHVZOXRlcWVXenVMX09VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC80OGM5ZjYtNWI1Zi00MWQ0LThlNTYtMDhlNGI3OTM4N2Mw LzEvVHVGeFBoYTBfWTh6QVloOTVxRVJtQVJKc3A0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBWj4AwQE UaHAAwQBW+gsAwQFbccAAwQEbc8wAwQDsOOgAwQDsvlYAwQCuSJMAwQCuUlYAwQC uVDUAwQBwfKoAwQCwwPoMA0EAgACMAcDBQMqBATAMA0GCSqGSIb3DQEBCwUAA4IB AQBm3axOIy5EPfZfOtXEdbDzd4Z2g4mBhrG0KlT+cgir7Jynr517AMR8Jg95/Kt8 625nzXX04bB5W999xaU8yztvui4yZjtVed6VOLmONo66iYKt9qpltsv+A/darrjZ w3v9ozhDMyLF3+yer9Gj96zJSqaBODmYcuKCPEBKZyQux3nXho2EtLDhz7OCdap3 mI6Gxf9g7T83ZKXbu295zRNxG4eqGFnwonn7jTYSPQFxgCqwtOlC0DHZTVN5LgYF 3f4I0HgEu7vvdtjduu+2KqrYhTw/AY+m4OJwjw1LcCb1FfrQb2Mi+2yJSR2GWUod D2pXIkFMqFtnXXGDt/kINVio -----END CERTIFICATE-----Generated at Mon Jan 26 07:57:41 2026 by rpki-client