This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/aQNb-FqJ24XdWhT_swKdwi6zjfo.roa File: aQNb-FqJ24XdWhT_swKdwi6zjfo.roa (raw, json) Hash identifier: OZW1x0BW+Z3FS3TLXrrEiad6eP2zWg5FoTORYNZrouA= Subject key identifier: 69:03:5B:F8:5A:89:DB:85:DD:5A:14:FF:B3:02:9D:C2:2E:B3:8D:FA Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d Certificate serial: 019B78A220FE8AD211177737D9499984F42C Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/aQNb-FqJ24XdWhT_swKdwi6zjfo.roa Signing time: Thu 01 Jan 2026 08:17:29 +0000 ROA not before: Thu 01 Jan 2026 08:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48551 IP address blocks: 5.253.225.0/24 maxlen: 24 31.193.186.0/24 maxlen: 24 45.94.252.0/24 maxlen: 24 45.94.254.0/24 maxlen: 24 45.94.255.0/24 maxlen: 24 45.150.150.0/24 maxlen: 24 45.159.196.0/24 maxlen: 24 45.159.197.0/24 maxlen: 24 45.159.198.0/24 maxlen: 24 45.159.199.0/24 maxlen: 24 91.217.177.0/24 maxlen: 24 103.216.60.0/24 maxlen: 24 103.216.61.0/24 maxlen: 24 103.216.62.0/24 maxlen: 24 103.216.63.0/24 maxlen: 24 157.119.188.0/24 maxlen: 24 157.119.190.0/24 maxlen: 24 157.119.191.0/24 maxlen: 24 185.63.114.0/24 maxlen: 24 185.74.221.0/24 maxlen: 24 185.86.180.0/24 maxlen: 24 185.86.181.0/24 maxlen: 24 185.128.40.0/24 maxlen: 24 185.149.192.0/24 maxlen: 24 185.159.189.0/24 maxlen: 24 185.228.58.0/24 maxlen: 24 185.229.135.0/24 maxlen: 24 185.236.36.0/24 maxlen: 24 185.236.37.0/24 maxlen: 24 185.236.38.0/24 maxlen: 24 185.236.39.0/24 maxlen: 24 185.238.143.0/24 maxlen: 24 185.252.84.0/24 maxlen: 24 193.27.9.0/24 maxlen: 24 194.147.212.0/24 maxlen: 24 194.147.222.0/24 maxlen: 24 195.114.4.0/24 maxlen: 24 195.114.5.0/24 maxlen: 24 195.114.8.0/24 maxlen: 24 195.114.9.0/24 maxlen: 24 2a0d:9500::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.mft rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:20:fe:8a:d2:11:17:77:37:d9:49:99:84:f4:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d Validity Not Before: Jan 1 08:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69035bf85a89db85dd5a14ffb3029dc22eb38dfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:9f:17:e5:2b:51:df:e7:0f:ef:a6:0e:78:d8: 25:34:d4:37:40:42:f0:20:11:46:47:c9:e8:ae:77: b1:bc:89:1a:7b:1d:32:d8:0f:ac:ee:f8:99:b1:9e: 48:58:ea:68:8e:6a:bb:b8:92:c5:d4:59:70:be:1d: 4e:aa:d3:a0:b3:61:c4:46:dc:47:02:be:4b:86:fb: 57:ac:a4:eb:c5:db:58:4d:d0:8f:11:a1:df:af:b8: f7:2b:e4:8f:52:05:05:ff:f5:f3:a5:00:c5:e9:fe: 99:27:c4:74:66:c5:12:01:1c:cd:92:bb:c7:64:9e: df:e0:71:50:f1:70:8e:73:5a:cc:2f:df:a7:7b:a6: ad:01:86:1e:cf:73:b3:1f:d5:02:a3:64:f1:31:42: 89:35:49:b2:5f:91:78:47:64:7e:3c:f1:3b:8d:35: 23:3b:0c:f2:84:12:40:a5:9b:eb:9d:ca:41:df:10: 14:20:36:02:86:c7:89:62:48:01:18:fa:0c:bf:b6: 0b:ee:ef:3e:c3:09:24:ff:2e:2e:c9:ce:3a:32:3d: 6e:da:2c:60:0c:8c:36:97:cc:e8:bb:c6:73:1a:20: c6:02:a6:db:6b:8e:1f:e0:af:e4:9d:f9:df:df:11: 1b:b1:47:f9:dc:7d:1b:cb:be:00:80:f4:f2:b1:c3: 34:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:03:5B:F8:5A:89:DB:85:DD:5A:14:FF:B3:02:9D:C2:2E:B3:8D:FA X509v3 Authority Key Identifier: keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/aQNb-FqJ24XdWhT_swKdwi6zjfo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.253.225.0/24 31.193.186.0/24 45.94.252.0/24 45.94.254.0/23 45.150.150.0/24 45.159.196.0/22 91.217.177.0/24 103.216.60.0/22 157.119.188.0/24 157.119.190.0/23 185.63.114.0/24 185.74.221.0/24 185.86.180.0/23 185.128.40.0/24 185.149.192.0/24 185.159.189.0/24 185.228.58.0/24 185.229.135.0/24 185.236.36.0/22 185.238.143.0/24 185.252.84.0/24 193.27.9.0/24 194.147.212.0/24 194.147.222.0/24 195.114.4.0/23 195.114.8.0/23 IPv6: 2a0d:9500::/29 Signature Algorithm: sha256WithRSAEncryption 31:f1:f6:e1:aa:bc:d1:14:67:14:cf:46:8a:31:18:8c:b9:02: 24:5f:41:df:cf:0c:54:2f:18:f3:e1:5c:0c:83:c0:2d:66:34: 13:57:9b:36:9c:3a:da:8d:05:8c:34:3b:e9:10:68:dd:b7:70: 06:6f:cb:1a:8c:22:ed:2d:4b:24:c4:81:53:a7:78:03:5b:ce: 66:2a:5c:0a:a3:b2:a5:f7:0c:a1:eb:b4:23:71:7c:d4:04:b1: 96:91:f3:d4:d3:3e:e9:86:70:64:86:e1:51:75:b0:68:9f:00: d2:94:37:38:80:6c:0e:0c:fa:4f:3b:03:e5:a8:e5:b6:65:34: d2:ba:9d:2f:10:f9:71:66:72:b0:ca:29:74:14:20:73:b1:db: 0d:5b:b0:e4:6f:f2:02:06:72:1b:9c:54:b9:0d:63:d9:75:e1: ed:07:83:03:38:43:e0:d5:5c:57:c1:11:3f:9f:3c:70:e8:61: 23:15:e7:4e:a1:de:c1:83:84:65:fc:85:85:45:b2:53:31:9b: 0b:a3:7e:5d:86:61:99:0a:03:e7:c9:37:4e:05:32:90:e0:4a: 90:d4:41:f6:08:49:62:00:43:38:a5:9f:c0:3b:ab:18:8d:e3: 82:38:6b:c3:7f:43:8e:5c:2b:12:df:a7:4f:f7:8c:48:b8:ac: 9f:28:2d:08 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgISAZt4oiD+itIRF3c32UmZhPQsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4 NGU1NWQwHhcNMjYwMTAxMDgxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTAzNWJmODVhODlkYjg1ZGQ1YTE0ZmZiMzAyOWRjMjJlYjM4ZGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp8X5StR3+cP76YOeNglNNQ3QELw IBFGR8nornexvIkaex0y2A+s7viZsZ5IWOpojmq7uJLF1Flwvh1OqtOgs2HERtxH Ar5LhvtXrKTrxdtYTdCPEaHfr7j3K+SPUgUF//XzpQDF6f6ZJ8R0ZsUSARzNkrvH ZJ7f4HFQ8XCOc1rML9+ne6atAYYez3OzH9UCo2TxMUKJNUmyX5F4R2R+PPE7jTUj OwzyhBJApZvrncpB3xAUIDYChseJYkgBGPoMv7YL7u8+wwkk/y4uyc46Mj1u2ixg DIw2l8zou8ZzGiDGAqbba44f4K/knfnf3xEbsUf53H0by74AgPTyscM0GwIDAQAB o4ICszCCAq8wHQYDVR0OBBYEFGkDW/haiduF3VoU/7MCncIus436MB8GA1UdIwQY MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt NTAwMTUzOWQ3MTg1LzEvYVFOYi1GcUoyNFhkV2hUX3N3S2R3aTZ6amZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1 LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwDBAAF /eEDBAAfwboDBAAtXvwDBAEtXv4DBAAtlpYDBAItn8QDBABb2bEDBAJn2DwDBACd d7wDBAGdd74DBAC5P3IDBAC5St0DBAG5VrQDBAC5gCgDBAC5lcADBAC5n70DBAC5 5DoDBAC55YcDBAK57CQDBAC57o8DBAC5/FQDBADBGwkDBADCk9QDBADCk94DBAHD cgQDBAHDcggwDQQCAAIwBwMFAyoNlQAwDQYJKoZIhvcNAQELBQADggEBADHx9uGq vNEUZxTPRooxGIy5AiRfQd/PDFQvGPPhXAyDwC1mNBNXmzacOtqNBYw0O+kQaN23 cAZvyxqMIu0tSyTEgVOneANbzmYqXAqjsqX3DKHrtCNxfNQEsZaR89TTPumGcGSG 4VF1sGifANKUNziAbA4M+k87A+Wo5bZlNNK6nS8Q+XFmcrDKKXQUIHOx2w1bsORv 8gIGchucVLkNY9l14e0HgwM4Q+DVXFfBET+fPHDoYSMV506h3sGDhGX8hYVFslMx mwujfl2GYZkKA+fJN04FMpDgSpDUQfYISWIAQziln8A7qxiN44I4a8N/Q45cKxLf p0/3jEi4rJ8oLQg= -----END CERTIFICATE-----Generated at Mon Jan 26 05:39:34 2026 by rpki-client