This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/aHuFfSOUYXmTmBwxHlPwh-EVryM.roa File: aHuFfSOUYXmTmBwxHlPwh-EVryM.roa (raw, json) Hash identifier: 4h0lpb8Jw+MnXWrJAhTnOT+WFcvU+QMAmEsFwZdu5/k= Subject key identifier: 68:7B:85:7D:23:94:61:79:93:98:1C:31:1E:53:F0:87:E1:15:AF:23 Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Certificate serial: 019B78349B6BB266E3F7B0561522D7E01F89 Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/aHuFfSOUYXmTmBwxHlPwh-EVryM.roa Signing time: Thu 01 Jan 2026 06:17:52 +0000 ROA not before: Thu 01 Jan 2026 06:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41564 IP address blocks: 5.153.236.0/24 maxlen: 24 5.153.239.0/24 maxlen: 24 5.157.8.0/24 maxlen: 24 5.157.13.0/24 maxlen: 24 5.157.14.0/24 maxlen: 24 5.157.17.0/24 maxlen: 24 5.157.22.0/24 maxlen: 24 5.157.27.0/24 maxlen: 24 5.157.41.0/24 maxlen: 24 5.157.42.0/24 maxlen: 24 5.157.45.0/24 maxlen: 24 5.157.56.0/24 maxlen: 24 5.157.58.0/24 maxlen: 24 5.157.59.0/24 maxlen: 24 5.157.60.0/24 maxlen: 24 5.157.61.0/24 maxlen: 24 5.157.62.0/24 maxlen: 24 5.157.63.0/24 maxlen: 24 23.92.127.0/24 maxlen: 24 104.160.2.0/24 maxlen: 24 104.160.4.0/24 maxlen: 24 104.160.6.0/24 maxlen: 24 104.160.10.0/24 maxlen: 24 151.237.186.0/24 maxlen: 24 192.40.88.0/24 maxlen: 24 2a02:5740::/48 maxlen: 48 2a02:5740:1::/48 maxlen: 48 2a02:5740:11::/48 maxlen: 48 2a02:5740:18::/48 maxlen: 48 2a02:5740:21::/48 maxlen: 48 2a02:5740:22::/48 maxlen: 48 2a02:5740:180::/48 maxlen: 48 2a02:5741:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:9b:6b:b2:66:e3:f7:b0:56:15:22:d7:e0:1f:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Validity Not Before: Jan 1 06:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=687b857d2394617993981c311e53f087e115af23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:c5:3c:9c:53:8d:8b:fd:4f:53:0f:32:0e:6d: 5e:24:d2:93:c2:bf:53:4e:cc:d2:87:80:35:da:f9: 3a:c4:f9:74:98:a2:b0:91:03:4a:c7:f4:4f:0f:1c: 55:7a:91:20:a6:b6:6e:31:61:67:ed:9b:a8:5d:9b: ca:31:11:3d:ea:d9:83:a3:90:20:bc:64:8a:7d:ad: 00:2a:04:5b:9e:b1:08:f9:4e:95:21:f6:5e:8e:84: cb:5f:d0:8c:27:0f:a4:88:a8:05:f6:2a:e6:7e:e7: ec:ab:66:8d:28:dc:e7:53:36:85:98:96:65:01:96: 80:01:d3:76:01:66:a8:8b:a9:e3:67:16:5c:ff:77: 5b:91:c3:32:71:b4:83:f8:c6:53:12:b1:ab:56:22: f5:98:34:8b:77:60:3d:b3:79:18:22:5e:ba:a7:05: cb:67:fb:db:21:da:69:8d:e9:8c:4c:b7:7e:55:97: b2:56:05:46:f1:ac:9c:e6:ab:03:b7:88:ca:27:8e: cc:eb:89:8e:28:98:67:f6:e9:c5:16:a9:be:68:da: 2f:5a:e1:46:ef:dd:db:b7:29:26:d0:36:5e:95:d4: d2:38:ec:91:3e:9f:fb:c1:b8:ae:0c:a3:ec:9a:44: 4f:6b:87:e9:d6:40:26:63:a0:78:5b:f4:a3:8e:4c: 60:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7B:85:7D:23:94:61:79:93:98:1C:31:1E:53:F0:87:E1:15:AF:23 X509v3 Authority Key Identifier: keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/aHuFfSOUYXmTmBwxHlPwh-EVryM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.153.236.0/24 5.153.239.0/24 5.157.8.0/24 5.157.13.0-5.157.14.255 5.157.17.0/24 5.157.22.0/24 5.157.27.0/24 5.157.41.0-5.157.42.255 5.157.45.0/24 5.157.56.0/24 5.157.58.0-5.157.63.255 23.92.127.0/24 104.160.2.0/24 104.160.4.0/24 104.160.6.0/24 104.160.10.0/24 151.237.186.0/24 192.40.88.0/24 IPv6: 2a02:5740::/47 2a02:5740:11::/48 2a02:5740:18::/48 2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff 2a02:5740:180::/48 2a02:5741:6::/48 Signature Algorithm: sha256WithRSAEncryption 1e:40:4c:70:c8:2b:1e:34:24:67:d2:b2:46:1c:4d:b4:af:3c: 79:28:24:35:48:c4:3a:aa:ca:62:28:5c:0e:74:f5:7a:97:1f: 6e:ed:d8:6b:20:c0:24:bf:ef:f5:31:78:92:37:ce:f4:f7:45: 73:4d:8b:4b:3d:de:5e:16:75:82:4f:5e:43:d2:05:b6:62:0b: 10:52:ab:8d:00:37:63:2d:c7:8f:2c:77:31:03:0e:af:45:8f: 73:68:42:28:a7:f9:13:bd:1c:04:23:c0:d4:f7:b4:53:65:ca: 19:e1:43:24:27:ea:17:c7:bd:fb:22:aa:79:b4:5e:cd:1a:90: c5:1b:a4:f4:ee:cc:86:8a:4c:13:b2:78:82:07:7c:ee:49:04: 34:4b:fe:c6:ff:c3:02:a9:72:f2:16:df:58:f0:61:2a:8a:b5: d8:9a:dd:f9:d7:00:b8:42:21:b8:55:53:64:5b:b4:f1:86:e4: 67:01:95:0c:b1:bf:78:4a:9f:9d:68:3f:62:b6:49:13:c4:72: cb:ef:6d:b2:05:18:98:0f:13:22:8c:18:a6:e3:7e:e8:fb:fa: 4a:d4:e9:a9:e6:15:e0:47:ce:23:32:f1:17:93:92:69:45:a0: 65:5a:43:89:02:5e:91:18:c3:34:bf:fd:fc:5f:8c:9a:36:ee: 19:c0:99:ea -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgISAZt4NJtrsmbj97BWFSLX4B+JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy MDdmZDIwHhcNMjYwMTAxMDYxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODdiODU3ZDIzOTQ2MTc5OTM5ODFjMzExZTUzZjA4N2UxMTVhZjIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsU8nFONi/1PUw8yDm1eJNKTwr9T TszSh4A12vk6xPl0mKKwkQNKx/RPDxxVepEgprZuMWFn7ZuoXZvKMRE96tmDo5Ag vGSKfa0AKgRbnrEI+U6VIfZejoTLX9CMJw+kiKgF9irmfufsq2aNKNznUzaFmJZl AZaAAdN2AWaoi6njZxZc/3dbkcMycbSD+MZTErGrViL1mDSLd2A9s3kYIl66pwXL Z/vbIdppjemMTLd+VZeyVgVG8ayc5qsDt4jKJ47M64mOKJhn9unFFqm+aNovWuFG 793btykm0DZeldTSOOyRPp/7wbiuDKPsmkRPa4fp1kAmY6B4W/Sjjkxg1QIDAQAB o4IC1TCCAtEwHQYDVR0OBBYEFGh7hX0jlGF5k5gcMR5T8IfhFa8jMB8GA1UdIwQY MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt MTVmMTNlM2Y3ZDg1LzEvYUh1RmZTT1VZWG1UbUJ3eEhsUHdoLUVWcnlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1 LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBiwQCAAEwgYQDBAAF mewDBAAFme8DBAAFnQgwDAMEAAWdDQMEAAWdDgMEAAWdEQMEAAWdFgMEAAWdGzAM AwQABZ0pAwQABZ0qAwQABZ0tAwQABZ04MAwDBAEFnToDBAYFnQADBAAXXH8DBABo oAIDBABooAQDBABooAYDBABooAoDBACX7boDBADAKFgwRwQCAAIwQQMHASoCV0AA AAMHACoCV0AAEQMHACoCV0AAGDASAwcAKgJXQAAhAwcAKgJXQAAiAwcAKgJXQAGA AwcAKgJXQQAGMA0GCSqGSIb3DQEBCwUAA4IBAQAeQExwyCseNCRn0rJGHE20rzx5 KCQ1SMQ6qspiKFwOdPV6lx9u7dhrIMAkv+/1MXiSN87090VzTYtLPd5eFnWCT15D 0gW2YgsQUquNADdjLcePLHcxAw6vRY9zaEIop/kTvRwEI8DU97RTZcoZ4UMkJ+oX x737Iqp5tF7NGpDFG6T07syGikwTsniCB3zuSQQ0S/7G/8MCqXLyFt9Y8GEqirXY mt351wC4QiG4VVNkW7TxhuRnAZUMsb94Sp+daD9itkkTxHLL722yBRiYDxMijBim 437o+/pK1Omp5hXgR84jMvEXk5JpRaBlWkOJAl6RGMM0v/38X4yaNu4ZwJnq -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:52 2026 by rpki-client