This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/s4UUnGEQ4xGZfW9HORKgAKeDeDk.roa File: s4UUnGEQ4xGZfW9HORKgAKeDeDk.roa (raw, json) Hash identifier: bWxNQV0PxOmoVlnQdQ8nP2osJqNNGhv2/QIKGIWI/58= Subject key identifier: B3:85:14:9C:61:10:E3:11:99:7D:6F:47:39:12:A0:00:A7:83:78:39 Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343 Certificate serial: 019B7C12147340C4E66A1AAF1AFE3F529D02 Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/s4UUnGEQ4xGZfW9HORKgAKeDeDk.roa Signing time: Fri 02 Jan 2026 00:18:38 +0000 ROA not before: Fri 02 Jan 2026 00:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41079 IP address blocks: 91.199.22.0/24 maxlen: 24 91.228.196.0/22 maxlen: 24 91.234.146.0/24 maxlen: 24 91.237.52.0/24 maxlen: 24 91.239.66.0/23 maxlen: 24 178.250.40.0/21 maxlen: 24 185.5.96.0/22 maxlen: 24 185.25.148.0/22 maxlen: 24 185.123.160.0/22 maxlen: 24 185.140.120.0/22 maxlen: 22 185.180.204.0/22 maxlen: 24 185.193.112.0/22 maxlen: 24 185.201.112.0/22 maxlen: 24 185.204.216.0/22 maxlen: 24 185.208.164.0/24 maxlen: 24 185.243.52.0/22 maxlen: 24 193.17.184.0/24 maxlen: 24 193.218.152.0/22 maxlen: 24 194.169.227.0/24 maxlen: 24 195.2.254.0/23 maxlen: 24 195.78.66.0/23 maxlen: 24 195.114.0.0/23 maxlen: 24 195.242.116.0/23 maxlen: 24 2a02:1778::/32 maxlen: 32 2a02:1778::/48 maxlen: 64 2a02:1778:194::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:14:73:40:c4:e6:6a:1a:af:1a:fe:3f:52:9d:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343 Validity Not Before: Jan 2 00:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b385149c6110e311997d6f473912a000a7837839 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9a:8f:3c:ac:4c:52:10:1e:4f:4f:49:4f:da: 39:cd:2b:25:43:5b:92:8f:1b:0b:13:86:39:18:88: 8f:28:53:bc:5b:a1:c0:28:23:25:1f:ab:81:31:19: 9c:1a:88:28:ba:9c:73:97:5c:b3:89:47:84:6e:2b: 00:94:50:16:ed:9c:6d:61:2d:ca:4a:89:78:41:ea: e1:00:a3:85:8c:5d:20:9a:e9:be:bb:28:26:f1:5e: a6:fd:7c:c7:d7:68:14:3e:47:ae:e2:de:31:21:db: 87:72:d5:50:18:f2:a6:6b:cb:01:19:3b:f4:bd:56: 54:c3:c9:8b:16:be:22:b7:e8:f6:32:4c:46:b0:d2: e6:97:67:b4:c7:3b:3c:4d:e1:5c:73:86:ec:ce:31: d7:d5:47:6a:2a:54:f4:92:9c:5a:07:da:ff:72:64: 69:8c:22:22:13:97:6d:da:e9:1a:45:7d:c1:db:ad: ff:c3:1c:75:03:b3:a9:a9:7f:82:ce:2c:90:a2:80: 66:70:f1:8c:1b:7b:99:28:1a:09:72:fc:1f:ee:8f: f9:e8:22:74:32:e0:d2:54:e4:47:db:be:95:0c:aa: 45:88:bb:90:48:86:52:f1:74:e5:e5:6f:3b:d2:c4: 68:a9:f3:97:36:8a:da:b9:4e:ed:05:42:c4:6e:f6: 87:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:85:14:9C:61:10:E3:11:99:7D:6F:47:39:12:A0:00:A7:83:78:39 X509v3 Authority Key Identifier: keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/s4UUnGEQ4xGZfW9HORKgAKeDeDk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.199.22.0/24 91.228.196.0/22 91.234.146.0/24 91.237.52.0/24 91.239.66.0/23 178.250.40.0/21 185.5.96.0/22 185.25.148.0/22 185.123.160.0/22 185.140.120.0/22 185.180.204.0/22 185.193.112.0/22 185.201.112.0/22 185.204.216.0/22 185.208.164.0/24 185.243.52.0/22 193.17.184.0/24 193.218.152.0/22 194.169.227.0/24 195.2.254.0/23 195.78.66.0/23 195.114.0.0/23 195.242.116.0/23 IPv6: 2a02:1778::/32 Signature Algorithm: sha256WithRSAEncryption bd:c6:7c:c7:c6:9d:e0:87:87:fb:ae:5d:a0:4c:63:4c:a6:d5: d9:ab:4a:91:f8:b4:d7:dc:84:75:ba:d9:44:fd:49:ed:b9:3b: 66:89:68:70:3e:be:64:9f:45:47:0c:58:e5:58:77:9b:5c:bd: 0f:4c:fd:63:c0:3d:a3:8a:f1:ab:93:36:b1:ee:34:16:ae:d4: d6:9a:72:87:79:8b:38:a7:ca:56:20:05:8f:cf:a4:bd:91:dc: cb:30:af:49:02:73:6d:99:e1:0a:3b:c5:c3:e7:a4:c7:2f:ea: 82:cb:0e:5a:d3:74:bd:53:a6:28:58:c8:5d:6f:0e:65:3c:36: ca:2c:34:a4:14:c6:91:15:66:c4:d2:b9:4b:35:ec:ce:03:68: fa:c0:16:20:82:0b:c5:a3:a7:e3:60:e5:e3:2b:8c:c8:6a:12: b5:89:f2:30:16:ad:7f:1c:54:2b:8e:3b:2f:c7:5f:8a:f4:57: 0f:8f:24:41:c6:8e:70:7b:61:08:47:fe:57:70:d0:b6:5a:56: 7a:8d:1c:e8:0f:af:5b:cb:0d:84:75:85:1e:12:b9:9e:18:b0: 24:b9:ce:9f:10:b7:fa:a1:4b:8d:0c:a8:d2:be:d1:31:3b:54: e7:4f:69:8c:34:85:f4:6b:5f:c3:7d:8c:75:b8:81:dc:08:13: ea:94:94:f9 -----BEGIN CERTIFICATE----- MIIFlTCCBH2gAwIBAgISAZt8EhRzQMTmahqvGv4/Up0CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw N2IzNDMwHhcNMjYwMTAyMDAxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzg1MTQ5YzYxMTBlMzExOTk3ZDZmNDczOTEyYTAwMGE3ODM3ODM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZqPPKxMUhAeT09JT9o5zSslQ1uS jxsLE4Y5GIiPKFO8W6HAKCMlH6uBMRmcGogoupxzl1yziUeEbisAlFAW7ZxtYS3K Sol4QerhAKOFjF0gmum+uygm8V6m/XzH12gUPkeu4t4xIduHctVQGPKma8sBGTv0 vVZUw8mLFr4it+j2MkxGsNLml2e0xzs8TeFcc4bszjHX1UdqKlT0kpxaB9r/cmRp jCIiE5dt2ukaRX3B263/wxx1A7OpqX+CziyQooBmcPGMG3uZKBoJcvwf7o/56CJ0 MuDSVORH276VDKpFiLuQSIZS8XTl5W870sRoqfOXNorauU7tBULEbvaHNQIDAQAB o4ICoTCCAp0wHQYDVR0OBBYEFLOFFJxhEOMRmX1vRzkSoACng3g5MB8GA1UdIwQY MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt Mjk3ZTI4MmQ2NmE4LzEvczRVVW5HRVE0eEdaZlc5SE9SS2dBS2VEZURrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4 LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBkQQCAAEwgYoDBABb xxYDBAJb5MQDBABb6pIDBABb7TQDBAFb70IDBAOy+igDBAK5BWADBAK5GZQDBAK5 e6ADBAK5jHgDBAK5tMwDBAK5wXADBAK5yXADBAK5zNgDBAC50KQDBAK58zQDBADB EbgDBALB2pgDBADCqeMDBAHDAv4DBAHDTkIDBAHDcgADBAHD8nQwDQQCAAIwBwMF ACoCF3gwDQYJKoZIhvcNAQELBQADggEBAL3GfMfGneCHh/uuXaBMY0ym1dmrSpH4 tNfchHW62UT9Se25O2aJaHA+vmSfRUcMWOVYd5tcvQ9M/WPAPaOK8auTNrHuNBau 1Naacod5izinylYgBY/PpL2R3Mswr0kCc22Z4Qo7xcPnpMcv6oLLDlrTdL1TpihY yF1vDmU8NsosNKQUxpEVZsTSuUs17M4DaPrAFiCCC8Wjp+Ng5eMrjMhqErWJ8jAW rX8cVCuOOy/HX4r0Vw+PJEHGjnB7YQhH/ldw0LZaVnqNHOgPr1vLDYR1hR4SuZ4Y sCS5zp8Qt/qhS40MqNK+0TE7VOdPaYw0hfRrX8N9jHW4gdwIE+qUlPk= -----END CERTIFICATE-----Generated at Mon Jan 26 12:38:10 2026 by rpki-client