This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/ndNKivh3eGWkwwwoBkB-DTBLeAk.roa File: ndNKivh3eGWkwwwoBkB-DTBLeAk.roa (raw, json) Hash identifier: 1Ul5VkOu4uH6nlTFxGEpna5ymLuVxA+ZTlonloh+hpk= Subject key identifier: 9D:D3:4A:8A:F8:77:78:65:A4:C3:0C:28:06:40:7E:0D:30:4B:78:09 Certificate issuer: /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8 Certificate serial: 019B7C1339CE6B44C80165641BEB0D62E9B3 Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/ndNKivh3eGWkwwwoBkB-DTBLeAk.roa Signing time: Fri 02 Jan 2026 00:19:53 +0000 ROA not before: Fri 02 Jan 2026 00:19:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12874 IP address blocks: 2.224.0.0/13 maxlen: 13 2.232.0.0/13 maxlen: 13 37.186.192.0/18 maxlen: 18 62.101.64.0/19 maxlen: 19 62.101.96.0/19 maxlen: 19 62.101.124.0/22 maxlen: 22 81.208.0.0/18 maxlen: 18 81.208.64.0/18 maxlen: 18 83.103.0.0/17 maxlen: 17 83.103.0.0/18 maxlen: 18 83.103.64.0/18 maxlen: 18 85.18.0.0/16 maxlen: 16 85.18.0.0/17 maxlen: 17 85.18.128.0/17 maxlen: 17 89.96.0.0/15 maxlen: 15 89.96.0.0/16 maxlen: 16 89.97.0.0/16 maxlen: 16 92.223.128.0/17 maxlen: 17 93.32.0.0/12 maxlen: 12 93.32.0.0/13 maxlen: 13 93.32.0.0/14 maxlen: 14 93.32.0.0/15 maxlen: 15 93.33.0.0/16 maxlen: 16 93.34.0.0/15 maxlen: 15 93.36.0.0/14 maxlen: 14 93.36.0.0/15 maxlen: 15 93.37.0.0/17 maxlen: 17 93.37.128.0/17 maxlen: 17 93.38.0.0/15 maxlen: 15 93.39.0.0/16 maxlen: 16 93.40.0.0/13 maxlen: 13 93.40.0.0/14 maxlen: 14 93.40.0.0/15 maxlen: 15 93.40.128.0/18 maxlen: 18 93.40.192.0/18 maxlen: 18 93.41.0.0/16 maxlen: 16 93.42.0.0/15 maxlen: 15 93.42.0.0/16 maxlen: 16 93.43.0.0/16 maxlen: 16 93.44.0.0/14 maxlen: 14 93.44.0.0/15 maxlen: 15 93.46.0.0/15 maxlen: 15 93.48.0.0/13 maxlen: 13 93.56.0.0/14 maxlen: 14 93.60.0.0/15 maxlen: 15 93.62.0.0/15 maxlen: 15 151.0.128.0/17 maxlen: 17 185.7.112.0/22 maxlen: 22 213.140.0.0/20 maxlen: 20 213.140.16.0/20 maxlen: 20 213.156.32.0/20 maxlen: 20 213.156.48.0/20 maxlen: 20 2001:b00::/29 maxlen: 29 2001:b00:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:39:ce:6b:44:c8:01:65:64:1b:eb:0d:62:e9:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8 Validity Not Before: Jan 2 00:19:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9dd34a8af8777865a4c30c2806407e0d304b7809 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:4a:00:8c:11:33:26:20:c8:5c:22:c2:1f:ee: 42:df:02:b5:0c:0b:37:2e:65:98:af:34:e3:4e:eb: 01:f4:7e:58:dd:83:09:3e:b2:9f:9f:55:0b:f9:0d: 15:5d:af:a3:3a:b3:d6:e6:42:8a:b6:67:d6:e7:85: 9c:ca:7d:a8:95:4e:8f:b1:fe:c6:3b:f7:7c:18:25: d3:76:db:f2:c4:92:18:3e:5b:d6:61:45:1e:68:91: 42:fc:ad:f4:02:ed:6d:57:db:b4:3a:27:e1:26:63: 5e:44:bd:18:eb:00:1f:99:6d:5c:6c:4a:ac:00:aa: 09:fd:a7:03:7c:4f:64:50:de:12:50:1a:f2:f4:49: 26:6a:a7:10:30:fd:87:08:1a:31:e9:2a:54:c8:c2: 9c:1d:8f:78:81:43:55:e7:33:30:c2:f2:89:9d:f3: 66:79:0c:55:f7:90:b6:e9:8c:9e:43:56:03:dc:d0: ec:29:fe:f6:81:58:c9:eb:23:e2:7a:97:97:14:f6: f1:ab:86:dd:1d:1e:37:3a:10:81:90:b6:5f:08:1c: fa:a6:96:e0:40:fb:b6:6d:9a:73:b3:bf:69:76:d7: a1:9d:25:2f:a6:dc:27:2b:d6:b8:b9:ed:c2:f4:14: 0a:a0:a1:95:fa:e3:91:99:62:6e:7c:d2:2f:d5:e5: e1:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D3:4A:8A:F8:77:78:65:A4:C3:0C:28:06:40:7E:0D:30:4B:78:09 X509v3 Authority Key Identifier: keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/ndNKivh3eGWkwwwoBkB-DTBLeAk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.224.0.0/12 37.186.192.0/18 62.101.64.0/18 81.208.0.0/17 83.103.0.0/17 85.18.0.0/16 89.96.0.0/15 92.223.128.0/17 93.32.0.0/11 151.0.128.0/17 185.7.112.0/22 213.140.0.0/19 213.156.32.0/19 IPv6: 2001:b00::/29 Signature Algorithm: sha256WithRSAEncryption 20:a1:e6:8c:dc:38:51:97:31:fb:44:08:78:ac:42:3c:d3:7d: d8:ab:4a:90:a8:b6:35:bf:54:07:2b:76:52:ac:e0:30:39:fc: f3:73:05:7b:b9:24:15:07:30:f0:a4:04:71:d0:99:93:bf:d7: 8e:61:90:9c:cd:5d:90:8f:36:be:96:16:0e:f3:35:ca:70:bc: 20:a5:2e:2a:dc:3b:77:c3:3d:3a:c7:56:a4:cf:0f:c7:4f:6c: 89:99:cc:07:7f:fd:22:41:62:6f:e7:44:ce:1d:98:6c:88:69: 18:67:61:f0:d1:bd:66:b2:e2:92:ba:64:fc:f7:cd:7a:e9:eb: fd:0b:10:a2:b4:79:a3:bf:71:e4:da:c8:c2:b4:7f:7d:69:e5: 91:09:72:b0:fd:ef:3c:e9:d5:6e:51:10:a0:4d:5c:9c:d3:e7: f4:15:34:f0:31:2a:f5:84:63:be:80:ab:a2:85:27:1e:2c:00: e0:cd:d7:78:77:74:d9:61:c5:7d:1e:f2:03:85:5b:d7:cf:a7: 1a:8a:dd:2c:69:3d:0f:e1:66:6b:41:b6:da:b9:37:9c:04:49: 00:16:29:57:30:12:4f:e6:02:0f:8f:53:c9:81:b4:ed:22:ef: ac:ec:ae:be:24:59:d2:a6:97:ac:74:9f:b8:48:e5:87:a0:c7: 55:26:b7:02 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgISAZt8EznOa0TIAWVkG+sNYumzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1 NGRkYzgwHhcNMjYwMTAyMDAxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGQzNGE4YWY4Nzc3ODY1YTRjMzBjMjgwNjQwN2UwZDMwNGI3ODA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EoAjBEzJiDIXCLCH+5C3wK1DAs3 LmWYrzTjTusB9H5Y3YMJPrKfn1UL+Q0VXa+jOrPW5kKKtmfW54Wcyn2olU6Psf7G O/d8GCXTdtvyxJIYPlvWYUUeaJFC/K30Au1tV9u0OifhJmNeRL0Y6wAfmW1cbEqs AKoJ/acDfE9kUN4SUBry9EkmaqcQMP2HCBox6SpUyMKcHY94gUNV5zMwwvKJnfNm eQxV95C26YyeQ1YD3NDsKf72gVjJ6yPiepeXFPbxq4bdHR43OhCBkLZfCBz6ppbg QPu2bZpzs79pdtehnSUvptwnK9a4ue3C9BQKoKGV+uORmWJufNIv1eXhNwIDAQAB o4ICXDCCAlgwHQYDVR0OBBYEFJ3TSor4d3hlpMMMKAZAfg0wS3gJMB8GA1UdIwQY MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt MDc0NzQ1MjRlZjlhLzEvbmROS2l2aDNlR1drd3d3b0JrQi1EVEJMZUFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwMEAuADBAYl usADBAY+ZUADBAdR0AADBAdTZwADAwBVEgMDAVlgAwQHXN+AAwMFXSADBAeXAIAD BAK5B3ADBAXVjAADBAXVnCAwDQQCAAIwBwMFAyABCwAwDQYJKoZIhvcNAQELBQAD ggEBACCh5ozcOFGXMftECHisQjzTfdirSpCotjW/VAcrdlKs4DA5/PNzBXu5JBUH MPCkBHHQmZO/145hkJzNXZCPNr6WFg7zNcpwvCClLircO3fDPTrHVqTPD8dPbImZ zAd//SJBYm/nRM4dmGyIaRhnYfDRvWay4pK6ZPz3zXrp6/0LEKK0eaO/ceTayMK0 f31p5ZEJcrD97zzp1W5REKBNXJzT5/QVNPAxKvWEY76Aq6KFJx4sAODN13h3dNlh xX0e8gOFW9fPpxqK3SxpPQ/hZmtBttq5N5wESQAWKVcwEk/mAg+PU8mBtO0i76zs rr4kWdKml6x0n7hI5Yegx1UmtwI= -----END CERTIFICATE-----Generated at Sun Jan 25 22:12:41 2026 by rpki-client