This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/07tUw4jtD4mf_hWsatPxJ_MIHL8.roa File: 07tUw4jtD4mf_hWsatPxJ_MIHL8.roa (raw, json) Hash identifier: QrwrQX4QZucxWYaBIBlKAIfP7PxcTKwh9rMlp5A3Hx0= Subject key identifier: D3:BB:54:C3:88:ED:0F:89:9F:FE:15:AC:6A:D3:F1:27:F3:08:1C:BF Certificate issuer: /CN=b4425cf5501344ac5acc307abd0af013fac67073 Certificate serial: 019B76EB86FBB812FE4C2407BDB90B532E5C Authority key identifier: B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/07tUw4jtD4mf_hWsatPxJ_MIHL8.roa Signing time: Thu 01 Jan 2026 00:18:25 +0000 ROA not before: Thu 01 Jan 2026 00:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202709 IP address blocks: 5.61.216.0/21 maxlen: 21 45.82.132.0/22 maxlen: 22 185.58.132.0/22 maxlen: 22 185.119.228.0/22 maxlen: 22 185.142.20.0/22 maxlen: 22 185.142.20.0/24 maxlen: 24 185.142.21.0/24 maxlen: 24 185.142.22.0/24 maxlen: 24 185.142.23.0/24 maxlen: 24 193.25.255.0/24 maxlen: 24 193.26.0.0/24 maxlen: 24 193.26.2.0/24 maxlen: 24 193.26.12.0/24 maxlen: 24 194.48.180.0/22 maxlen: 22 2a02:63e0::/32 maxlen: 32 2a0e:6b80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.mft rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:86:fb:b8:12:fe:4c:24:07:bd:b9:0b:53:2e:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4425cf5501344ac5acc307abd0af013fac67073 Validity Not Before: Jan 1 00:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3bb54c388ed0f899ffe15ac6ad3f127f3081cbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:c5:47:c0:cf:a7:22:af:33:5d:a8:a8:eb:88: bc:04:6c:c2:90:96:47:34:62:04:9b:2e:cf:cc:dc: 80:f9:67:7f:06:7c:bd:75:2d:de:4c:06:3f:c2:e9: fa:2e:2d:46:c7:78:2f:3a:dd:df:51:fd:60:2e:fd: 16:06:58:25:57:fc:02:9a:0c:a9:f7:fa:da:60:3d: 93:23:32:db:bf:c3:5f:98:3f:1a:7b:01:a7:52:9b: 0c:a3:68:b0:e5:1b:9d:ad:62:cd:b0:24:46:80:b0: b0:5b:73:15:b8:3f:58:9d:2c:91:08:7c:de:c0:78: 98:2d:9c:7a:3f:d8:29:31:5b:8e:2b:a6:54:ac:63: 92:fe:af:a7:86:24:7d:9c:76:da:07:1c:98:64:9a: bd:2c:56:3c:98:c5:d0:c2:5a:4f:d2:3f:63:af:8c: 8c:4e:a1:90:ad:9f:57:73:d5:7e:dc:cd:3b:ab:38: 77:c4:89:cc:bc:79:1c:19:8b:67:71:51:0b:6a:f7: 4e:09:66:b4:68:8b:2b:df:58:33:0e:b4:b3:b0:19: 30:4d:02:85:a5:a9:99:e1:f9:58:7c:bb:66:c0:f2: 68:35:7f:03:6d:26:20:22:2f:4b:08:bb:00:a2:a7: 65:df:5c:e5:74:60:96:05:aa:5a:cf:99:81:08:aa: 8d:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:BB:54:C3:88:ED:0F:89:9F:FE:15:AC:6A:D3:F1:27:F3:08:1C:BF X509v3 Authority Key Identifier: keyid:B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/07tUw4jtD4mf_hWsatPxJ_MIHL8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.61.216.0/21 45.82.132.0/22 185.58.132.0/22 185.119.228.0/22 185.142.20.0/22 193.25.255.0-193.26.0.255 193.26.2.0/24 193.26.12.0/24 194.48.180.0/22 IPv6: 2a02:63e0::/32 2a0e:6b80::/29 Signature Algorithm: sha256WithRSAEncryption 19:e5:ff:17:93:ec:77:ec:cf:d6:15:b1:6d:d1:0c:34:c6:da: 95:a9:d4:72:d2:6e:9d:07:40:35:0d:58:88:b3:2d:14:0c:bf: 6e:d8:d1:ec:b8:d2:13:c9:69:85:74:95:dc:e6:15:39:d7:20: 72:9e:55:54:85:d8:fa:d2:09:fe:1c:35:b7:8b:92:0b:a5:ad: a4:a7:87:10:a3:0d:9a:37:1d:fa:73:0f:17:a7:e8:c3:32:fe: 0c:b0:b3:d8:a6:75:09:a0:ef:f3:6f:0a:a0:8a:8a:c2:1b:35: 89:3b:9b:4d:d3:84:6a:4e:0e:8c:3c:5c:ce:35:1f:28:97:cd: 39:11:3a:4e:1e:e9:7f:21:c2:e2:f3:3f:16:fe:46:71:a1:5d: 94:0d:c9:56:57:12:eb:20:9a:de:91:46:8a:31:4f:96:6e:dc: 21:92:6e:36:a7:b4:9e:8a:ae:39:4e:12:c9:05:00:d0:34:da: 86:15:59:10:af:2e:e0:ce:87:dc:bf:1e:d8:9c:22:1f:73:be: ee:cf:83:0f:e1:a0:11:7b:aa:37:f1:a9:b2:ef:66:f7:3d:26: 1e:87:8e:92:31:52:45:54:5a:3f:75:d8:9c:aa:49:a3:b9:d1: 67:4b:71:f0:de:1c:04:4f:26:2e:f8:c0:26:20:23:fb:16:07: 36:c8:75:f8 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZt264b7uBL+TCQHvbkLUy5cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NDI1Y2Y1NTAxMzQ0YWM1YWNjMzA3YWJkMGFmMDEzZmFj NjcwNzMwHhcNMjYwMTAxMDAxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkM2JiNTRjMzg4ZWQwZjg5OWZmZTE1YWM2YWQzZjEyN2YzMDgxY2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sVHwM+nIq8zXaio64i8BGzCkJZH NGIEmy7PzNyA+Wd/Bny9dS3eTAY/wun6Li1Gx3gvOt3fUf1gLv0WBlglV/wCmgyp 9/raYD2TIzLbv8NfmD8aewGnUpsMo2iw5RudrWLNsCRGgLCwW3MVuD9YnSyRCHze wHiYLZx6P9gpMVuOK6ZUrGOS/q+nhiR9nHbaBxyYZJq9LFY8mMXQwlpP0j9jr4yM TqGQrZ9Xc9V+3M07qzh3xInMvHkcGYtncVELavdOCWa0aIsr31gzDrSzsBkwTQKF pamZ4flYfLtmwPJoNX8DbSYgIi9LCLsAoqdl31zldGCWBapaz5mBCKqNLQIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFNO7VMOI7Q+Jn/4VrGrT8SfzCBy/MB8GA1UdIwQY MBaAFLRCXPVQE0SsWswwer0K8BP6xnBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQt Y2ViOGFiNmQxMTJlLzEvMDd0VXc0anRENG1mX2hXc2F0UHhKX01JSEw4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQtY2ViOGFiNmQxMTJl LzEvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDBT3YAwQC LVKEAwQCuTqEAwQCuXfkAwQCuY4UMAwDBADBGf8DBADBGgADBADBGgIDBADBGgwD BALCMLQwFAQCAAIwDgMFACoCY+ADBQMqDmuAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ 5f8Xk+x37M/WFbFt0Qw0xtqVqdRy0m6dB0A1DViIsy0UDL9u2NHsuNITyWmFdJXc 5hU51yBynlVUhdj60gn+HDW3i5ILpa2kp4cQow2aNx36cw8Xp+jDMv4MsLPYpnUJ oO/zbwqgiorCGzWJO5tN04RqTg6MPFzONR8ol805ETpOHul/IcLi8z8W/kZxoV2U DclWVxLrIJrekUaKMU+Wbtwhkm42p7Seiq45ThLJBQDQNNqGFVkQry7gzofcvx7Y nCIfc77uz4MP4aARe6o38amy72b3PSYeh46SMVJFVFo/ddicqkmjudFnS3Hw3hwE TyYu+MAmICP7Fgc2yHX4 -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:52 2026 by rpki-client