This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/iM_ZBvtG32QBlHfVIn2ttPitF3A.roa File: iM_ZBvtG32QBlHfVIn2ttPitF3A.roa (raw, json) Hash identifier: n0U6ZQ9IjEu52Acx8IHWzTTmN0Tm9iyKYJwGHBgAhus= Subject key identifier: 88:CF:D9:06:FB:46:DF:64:01:94:77:D5:22:7D:AD:B4:F8:AD:17:70 Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd Certificate serial: 019B79EC3A6540F7B7E8E5E5EA1D12C67BC5 Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/iM_ZBvtG32QBlHfVIn2ttPitF3A.roa Signing time: Thu 01 Jan 2026 14:18:03 +0000 ROA not before: Thu 01 Jan 2026 14:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 719 IP address blocks: 131.207.133.0/24 maxlen: 24 131.207.168.0/24 maxlen: 24 131.207.174.0/24 maxlen: 24 131.207.175.0/24 maxlen: 24 131.207.176.0/24 maxlen: 24 131.207.199.0/24 maxlen: 24 131.207.213.0/24 maxlen: 24 131.207.225.0/24 maxlen: 24 131.207.230.0/24 maxlen: 24 131.207.242.0/24 maxlen: 24 131.207.243.0/24 maxlen: 24 131.207.248.0/21 maxlen: 21 192.49.8.0/24 maxlen: 24 192.49.32.0/24 maxlen: 24 192.49.69.0/24 maxlen: 24 192.49.171.0/24 maxlen: 24 192.49.172.0/24 maxlen: 24 193.142.224.0/24 maxlen: 24 193.142.225.0/24 maxlen: 24 193.142.226.0/24 maxlen: 24 193.142.227.0/24 maxlen: 24 193.142.228.0/24 maxlen: 24 193.142.229.0/24 maxlen: 24 193.142.230.0/24 maxlen: 24 193.142.231.0/24 maxlen: 24 194.110.38.0/24 maxlen: 24 194.110.44.0/24 maxlen: 24 194.110.45.0/24 maxlen: 24 194.110.46.0/24 maxlen: 24 194.110.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:3a:65:40:f7:b7:e8:e5:e5:ea:1d:12:c6:7b:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd Validity Not Before: Jan 1 14:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=88cfd906fb46df64019477d5227dadb4f8ad1770 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b4:90:03:69:da:63:5e:f6:c6:d2:9a:37:0d: 27:eb:b6:02:b5:d4:52:c3:ce:78:6e:e2:9f:1b:50: bb:3f:ee:d2:46:e8:12:4b:3b:a0:6f:8f:ce:1d:0b: 43:5a:1d:48:3d:69:d4:9c:2f:80:66:aa:58:94:b1: 4c:bf:80:e3:3c:60:f4:45:13:13:3d:0a:5e:7e:a7: 1f:8c:79:eb:5f:0a:97:de:8e:6e:7d:74:b7:fb:c8: 7b:59:54:60:45:29:55:57:fc:e5:99:3d:28:17:e7: 72:3d:99:6f:98:d6:b1:54:31:1d:7d:29:2e:0b:51: 33:bd:51:40:11:64:97:8a:5d:c7:7e:a6:4d:a4:cb: d1:35:57:52:b2:d0:47:ed:42:a3:f0:6a:c6:94:c3: 6f:29:0d:9d:8f:0e:34:18:68:ba:86:f1:9f:69:6a: 95:7d:8d:9b:55:b7:79:8f:cb:22:b3:0a:45:65:e9: cc:8d:a3:d4:b2:f9:67:cd:71:96:cd:63:fc:81:51: 56:c9:6d:e4:f2:b2:ee:b1:2d:a3:63:a1:a5:32:4d: cb:0d:13:d8:bb:7f:50:8c:c8:fa:08:79:0a:6c:5d: 8e:96:7b:ef:ad:af:f2:13:61:95:91:ba:94:65:61: 42:c3:82:8e:7a:ed:a7:4a:36:54:8a:ec:73:5a:8b: 35:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:CF:D9:06:FB:46:DF:64:01:94:77:D5:22:7D:AD:B4:F8:AD:17:70 X509v3 Authority Key Identifier: keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/iM_ZBvtG32QBlHfVIn2ttPitF3A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.207.133.0/24 131.207.168.0/24 131.207.174.0-131.207.176.255 131.207.199.0/24 131.207.213.0/24 131.207.225.0/24 131.207.230.0/24 131.207.242.0/23 131.207.248.0/21 192.49.8.0/24 192.49.32.0/24 192.49.69.0/24 192.49.171.0-192.49.172.255 193.142.224.0/21 194.110.38.0/24 194.110.44.0/22 Signature Algorithm: sha256WithRSAEncryption 5c:5e:fe:0e:55:d7:04:f9:3e:2f:70:72:53:32:f8:ee:91:c6: e1:8c:58:35:c6:36:20:02:f6:78:0b:b4:f7:f8:b4:1d:06:2f: 43:55:81:3e:92:27:da:b5:7f:fa:b2:cd:c1:09:0c:ca:ef:37: 18:d1:50:a8:3f:40:37:e5:f5:99:5d:c6:f7:ee:bb:09:ef:eb: 2d:15:c2:a5:01:54:fc:2c:22:db:e5:01:2a:39:f9:37:33:54: 51:18:5c:53:86:c3:0e:9a:c3:eb:12:3d:8a:48:41:9e:c4:fc: 12:32:25:07:dd:b2:12:1b:e8:bb:d5:dc:7f:29:79:b8:80:b6: ac:9f:b1:87:85:a2:93:ca:89:63:3a:08:ab:33:78:29:50:98: f4:5b:1d:73:88:b7:72:eb:36:37:58:90:ae:25:44:9d:53:9b: 56:39:c7:86:35:12:6b:ab:e3:2c:b9:1d:86:7b:e5:71:3f:47: df:47:05:c3:9b:2d:18:b3:7d:23:46:f5:3d:66:a6:e5:11:c9: 58:df:db:0b:bb:ab:4b:4e:d9:44:d2:3d:ea:c6:6f:4e:5a:35: 83:9d:bb:f2:21:82:2c:29:a5:f9:d3:19:5f:d6:51:73:f6:91: 30:df:7e:ad:3b:e8:d4:18:1d:bb:81:f5:28:99:4e:b6:6b:bd: 5f:b5:8a:4b -----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgISAZt57DplQPe36OXl6h0SxnvFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk ZjQ5ZGQwHhcNMjYwMTAxMTQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OGNmZDkwNmZiNDZkZjY0MDE5NDc3ZDUyMjdkYWRiNGY4YWQxNzcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrSQA2naY172xtKaNw0n67YCtdRS w854buKfG1C7P+7SRugSSzugb4/OHQtDWh1IPWnUnC+AZqpYlLFMv4DjPGD0RRMT PQpefqcfjHnrXwqX3o5ufXS3+8h7WVRgRSlVV/zlmT0oF+dyPZlvmNaxVDEdfSku C1EzvVFAEWSXil3HfqZNpMvRNVdSstBH7UKj8GrGlMNvKQ2djw40GGi6hvGfaWqV fY2bVbd5j8siswpFZenMjaPUsvlnzXGWzWP8gVFWyW3k8rLusS2jY6GlMk3LDRPY u39QjMj6CHkKbF2Olnvvra/yE2GVkbqUZWFCw4KOeu2nSjZUiuxzWos1KQIDAQAB o4ICdDCCAnAwHQYDVR0OBBYEFIjP2Qb7Rt9kAZR31SJ9rbT4rRdwMB8GA1UdIwQY MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt OGQyM2FjNWNiNTAyLzEvaU1fWkJ2dEczMlFCbEhmVkluMnR0UGl0RjNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAIPPhQME AIPPqDAMAwQBg8+uAwQAg8+wAwQAg8/HAwQAg8/VAwQAg8/hAwQAg8/mAwQBg8/y AwQDg8/4AwQAwDEIAwQAwDEgAwQAwDFFMAwDBADAMasDBADAMawDBAPBjuADBADC biYDBALCbiwwDQYJKoZIhvcNAQELBQADggEBAFxe/g5V1wT5Pi9wclMy+O6RxuGM WDXGNiAC9ngLtPf4tB0GL0NVgT6SJ9q1f/qyzcEJDMrvNxjRUKg/QDfl9Zldxvfu uwnv6y0VwqUBVPwsItvlASo5+TczVFEYXFOGww6aw+sSPYpIQZ7E/BIyJQfdshIb 6LvV3H8pebiAtqyfsYeFopPKiWM6CKszeClQmPRbHXOIt3LrNjdYkK4lRJ1Tm1Y5 x4Y1Emur4yy5HYZ75XE/R99HBcObLRizfSNG9T1mpuURyVjf2wu7q0tO2UTSPerG b05aNYOdu/IhgiwppfnTGV/WUXP2kTDffq076NQYHbuB9SiZTrZrvV+1iks= -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:32 2026 by rpki-client