This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/esKqO8BYhBEBTmMBHqFeLfnifk0.roa File: esKqO8BYhBEBTmMBHqFeLfnifk0.roa (raw, json) Hash identifier: vP9Ymiwt9PD54e5jiYQZJmQ5Ilcp3al9yl8UXkwBN+8= Subject key identifier: 7A:C2:AA:3B:C0:58:84:11:01:4E:63:01:1E:A1:5E:2D:F9:E2:7E:4D Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e Certificate serial: 019B7CED58C4DC921377992ABF902A964750 Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/esKqO8BYhBEBTmMBHqFeLfnifk0.roa Signing time: Fri 02 Jan 2026 04:18:08 +0000 ROA not before: Fri 02 Jan 2026 04:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34471 IP address blocks: 2.59.108.0/22 maxlen: 24 2.59.111.0/24 maxlen: 24 31.25.176.0/21 maxlen: 24 37.122.219.0/24 maxlen: 24 45.92.132.0/22 maxlen: 24 46.28.160.0/21 maxlen: 24 46.28.163.0/24 maxlen: 24 89.40.84.0/22 maxlen: 24 89.44.36.0/22 maxlen: 24 91.242.148.0/22 maxlen: 24 109.235.16.0/21 maxlen: 24 176.56.64.0/19 maxlen: 24 185.4.32.0/22 maxlen: 24 185.5.84.0/22 maxlen: 24 185.70.152.0/22 maxlen: 24 185.85.255.0/24 maxlen: 24 185.102.204.0/22 maxlen: 24 185.103.148.0/22 maxlen: 24 185.110.212.0/22 maxlen: 24 185.153.16.0/22 maxlen: 24 185.176.104.0/22 maxlen: 24 185.205.253.0/24 maxlen: 24 185.205.254.0/24 maxlen: 24 185.223.216.0/22 maxlen: 24 185.228.124.0/22 maxlen: 24 185.239.160.0/22 maxlen: 24 185.243.136.0/22 maxlen: 24 193.108.206.0/23 maxlen: 24 193.108.230.0/23 maxlen: 24 193.246.156.0/23 maxlen: 24 194.156.72.0/22 maxlen: 24 2a02:5dc0::/32 maxlen: 32 2a02:5fc0::/32 maxlen: 48 2a03:440::/32 maxlen: 32 2a05:9b00::/29 maxlen: 29 2a05:a800::/29 maxlen: 29 2a06:3c00::/29 maxlen: 29 2a09:eac0::/29 maxlen: 29 2a0a:1280::/29 maxlen: 29 2a0b:c40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.mft rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:58:c4:dc:92:13:77:99:2a:bf:90:2a:96:47:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e Validity Not Before: Jan 2 04:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7ac2aa3bc0588411014e63011ea15e2df9e27e4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a5:10:55:d6:0b:03:57:fa:34:20:5c:de:06: 59:30:3c:1f:f0:4d:a0:4a:cc:df:0f:84:00:79:a3: d7:59:11:26:e7:f8:6a:25:dc:5f:ae:92:16:0a:7c: e5:24:ab:d1:bc:c2:35:8e:6f:16:a1:ad:02:76:8b: 9c:5e:e6:a9:d5:7c:a2:b4:e5:b5:61:ce:ed:d8:31: d5:48:56:38:78:d1:43:72:7b:03:3e:bd:9b:c4:d2: 10:32:d8:70:d1:7e:ee:71:7c:86:9b:42:bc:ba:7f: 5a:b8:c7:fd:33:e2:52:6c:17:d0:ac:c4:ce:5b:c5: b0:84:03:bc:95:7c:71:31:81:27:b8:bc:50:f3:3a: 87:4a:96:8b:5a:eb:52:14:fb:a4:cd:4d:cf:4d:f3: db:f7:39:07:cd:d6:9e:9d:1f:05:ef:6f:c5:90:aa: 44:18:17:cb:94:cc:f4:b2:3b:5b:c9:a8:78:2a:d6: 94:3f:e0:48:cd:b8:f6:d7:ba:db:3c:e8:75:1e:36: 73:41:13:05:d9:16:79:96:b2:9e:e6:76:c4:81:a5: c6:39:2e:80:81:fb:9e:e3:8d:67:33:b4:5a:a6:cc: 48:eb:2b:40:94:55:8c:ba:65:4d:64:d4:40:b9:6a: 3b:0d:40:a8:ee:c3:eb:39:45:42:e5:b0:4b:2a:e9: 93:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:C2:AA:3B:C0:58:84:11:01:4E:63:01:1E:A1:5E:2D:F9:E2:7E:4D X509v3 Authority Key Identifier: keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/esKqO8BYhBEBTmMBHqFeLfnifk0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.108.0/22 31.25.176.0/21 37.122.219.0/24 45.92.132.0/22 46.28.160.0/21 89.40.84.0/22 89.44.36.0/22 91.242.148.0/22 109.235.16.0/21 176.56.64.0/19 185.4.32.0/22 185.5.84.0/22 185.70.152.0/22 185.85.255.0/24 185.102.204.0/22 185.103.148.0/22 185.110.212.0/22 185.153.16.0/22 185.176.104.0/22 185.205.253.0-185.205.254.255 185.223.216.0/22 185.228.124.0/22 185.239.160.0/22 185.243.136.0/22 193.108.206.0/23 193.108.230.0/23 193.246.156.0/23 194.156.72.0/22 IPv6: 2a02:5dc0::/32 2a02:5fc0::/32 2a03:440::/32 2a05:9b00::/29 2a05:a800::/29 2a06:3c00::/29 2a09:eac0::/29 2a0a:1280::/29 2a0b:c40::/29 Signature Algorithm: sha256WithRSAEncryption 38:f2:66:96:d1:e5:e0:29:fd:33:15:b1:01:ff:45:6f:0b:e0: 54:a5:45:28:fe:fb:2f:5f:d1:07:1e:7b:56:dd:0c:51:1b:52: 57:50:22:8b:d4:f5:59:19:5c:7d:de:a8:f9:76:28:93:77:f3: 05:55:3a:f2:a9:a0:4c:ca:ef:00:cb:ec:aa:a9:c0:cb:b0:f8: 01:38:88:75:11:f8:b8:7a:70:7f:42:c9:d0:3e:4c:a8:fb:a3: 27:36:a9:94:cb:93:89:31:36:a8:74:30:0e:d3:a6:11:2e:e2: b5:cd:cb:d4:90:f0:3a:ac:b4:a6:96:58:5a:b8:64:bd:97:30: 00:64:2d:d4:76:3e:bc:ca:59:46:1e:58:74:c9:50:b8:67:2d: 95:73:ff:a2:82:45:2e:06:b1:f8:e2:f0:37:59:48:2b:ca:c2: 28:20:1c:84:c1:ae:96:6c:4c:dc:c8:9a:ad:48:ad:77:52:9b: ff:c9:10:30:f6:47:c4:77:54:e2:a0:37:d8:8b:e0:c4:67:93: 4b:70:2d:5d:47:6d:ab:ff:1d:55:a3:11:2b:8f:ba:e8:81:3f: 74:5c:4f:d0:51:4f:cd:29:d6:94:35:ae:f0:ae:a6:35:13:0a: fb:55:93:bd:c7:8c:87:31:fc:92:20:9e:d1:5b:ff:e8:b2:1a: 47:59:55:0b -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgISAZt87VjE3JITd5kqv5AqlkdQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0 NjVjMmUwHhcNMjYwMTAyMDQxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YWMyYWEzYmMwNTg4NDExMDE0ZTYzMDExZWExNWUyZGY5ZTI3ZTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaUQVdYLA1f6NCBc3gZZMDwf8E2g SszfD4QAeaPXWREm5/hqJdxfrpIWCnzlJKvRvMI1jm8Woa0CdoucXuap1XyitOW1 Yc7t2DHVSFY4eNFDcnsDPr2bxNIQMthw0X7ucXyGm0K8un9auMf9M+JSbBfQrMTO W8WwhAO8lXxxMYEnuLxQ8zqHSpaLWutSFPukzU3PTfPb9zkHzdaenR8F72/FkKpE GBfLlMz0sjtbyah4KtaUP+BIzbj217rbPOh1HjZzQRMF2RZ5lrKe5nbEgaXGOS6A gfue441nM7RapsxI6ytAlFWMumVNZNRAuWo7DUCo7sPrOUVC5bBLKumTMQIDAQAB o4IDAjCCAv4wHQYDVR0OBBYEFHrCqjvAWIQRAU5jAR6hXi354n5NMB8GA1UdIwQY MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt OTE2NDZiZjAxNTNkLzEvZXNLcU84QlloQkVCVG1NQkhxRmVMZm5pZmswLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCBtwQCAAEwgbAD BAICO2wDBAMfGbADBAAletsDBAItXIQDBAMuHKADBAJZKFQDBAJZLCQDBAJb8pQD BANt6xADBAWwOEADBAK5BCADBAK5BVQDBAK5RpgDBAC5Vf8DBAK5ZswDBAK5Z5QD BAK5btQDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gMEArnf2AMEArnkfAMEArnv oAMEArnziAMEAcFszgMEAcFs5gMEAcH2nAMEAsKcSDBFBAIAAjA/AwUAKgJdwAMF ACoCX8ADBQAqAwRAAwUDKgWbAAMFAyoFqAADBQMqBjwAAwUDKgnqwAMFAyoKEoAD BQMqCwxAMA0GCSqGSIb3DQEBCwUAA4IBAQA48maW0eXgKf0zFbEB/0VvC+BUpUUo /vsvX9EHHntW3QxRG1JXUCKL1PVZGVx93qj5diiTd/MFVTryqaBMyu8Ay+yqqcDL sPgBOIh1Efi4enB/QsnQPkyo+6MnNqmUy5OJMTaodDAO06YRLuK1zcvUkPA6rLSm llhauGS9lzAAZC3Udj68yllGHlh0yVC4Zy2Vc/+igkUuBrH44vA3WUgrysIoIByE wa6WbEzcyJqtSK13Upv/yRAw9kfEd1TioDfYi+DEZ5NLcC1dR22r/x1VoxErj7ro gT90XE/QUU/NKdaUNa7wrqY1Ewr7VZO9x4yHMfySIJ7RW//oshpHWVUL -----END CERTIFICATE-----Generated at Sun Jan 25 17:47:39 2026 by rpki-client