This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Y2nJBnRnNh-WlEWlPML8mjTDUbM.roa File: Y2nJBnRnNh-WlEWlPML8mjTDUbM.roa (raw, json) Hash identifier: EQQSLf951cekN3Ib/OD0TFtguegsJd5BXORrWTSHjrc= Subject key identifier: 63:69:C9:06:74:67:36:1F:96:94:45:A5:3C:C2:FC:9A:34:C3:51:B3 Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b Certificate serial: 019A9BEF3A4856D920A5511BE59A6D05AE66 Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Y2nJBnRnNh-WlEWlPML8mjTDUbM.roa Signing time: Wed 19 Nov 2025 11:45:37 +0000 ROA not before: Wed 19 Nov 2025 11:45:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 398781 IP address blocks: 31.13.211.0/24 maxlen: 32 45.81.39.0/24 maxlen: 32 67.211.224.0/20 maxlen: 32 69.160.128.0/20 maxlen: 32 69.160.144.0/20 maxlen: 32 80.76.48.0/24 maxlen: 32 81.31.193.0/24 maxlen: 32 82.158.232.0/21 maxlen: 32 82.158.240.0/21 maxlen: 32 82.158.248.0/21 maxlen: 32 85.136.224.0/20 maxlen: 32 85.136.240.0/20 maxlen: 32 85.217.222.0/23 maxlen: 32 87.120.4.0/24 maxlen: 32 87.120.38.0/24 maxlen: 32 87.120.59.0/24 maxlen: 32 87.120.60.0/24 maxlen: 32 87.120.98.0/24 maxlen: 32 87.120.236.0/24 maxlen: 32 87.121.20.0/24 maxlen: 32 87.121.21.0/24 maxlen: 32 87.121.45.0/24 maxlen: 32 87.121.87.0/24 maxlen: 32 91.92.230.0/24 maxlen: 32 93.123.47.0/24 maxlen: 32 93.123.73.0/24 maxlen: 32 93.123.117.0/24 maxlen: 32 93.123.119.0/24 maxlen: 32 94.156.12.0/24 maxlen: 32 94.156.130.0/24 maxlen: 32 94.156.239.0/24 maxlen: 32 94.156.248.0/24 maxlen: 32 185.207.13.0/24 maxlen: 32 213.254.64.0/18 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:ef:3a:48:56:d9:20:a5:51:1b:e5:9a:6d:05:ae:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b Validity Not Before: Nov 19 11:45:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6369c9067467361f969445a53cc2fc9a34c351b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:22:ba:50:45:89:2d:11:58:f1:95:ab:74:a1: 8c:45:47:b8:37:ed:66:cc:b6:7c:d1:8e:23:d9:08: 37:42:ad:4e:dc:f9:73:fc:48:eb:78:7c:31:11:63: a5:6a:38:e0:cc:c6:05:54:55:16:82:7c:44:f6:5d: e9:65:9d:0c:81:e7:6f:70:87:2f:bf:b6:e4:d4:e0: 87:8d:39:64:f0:3d:71:e5:fc:04:b7:13:fa:be:e6: d1:1d:79:6e:17:b0:ab:f9:f0:c5:4a:97:3f:b0:af: 05:2d:ec:1a:bb:68:5f:f8:dc:b6:06:33:9e:bb:2c: b0:c7:a1:bd:be:eb:85:5c:9e:7b:96:f4:16:80:37: f0:92:36:20:50:a9:98:bc:f5:cf:16:ba:84:39:c8: d4:86:b6:ff:cd:02:b3:ce:3d:e1:81:d9:8c:0f:1a: ac:f1:c1:0d:91:14:be:e3:10:9c:f0:21:57:a1:ff: 46:cd:9f:be:17:d6:8d:4b:6d:ad:25:81:8d:97:29: 5a:99:2c:1f:60:7f:2a:33:45:b7:d2:73:17:c8:2d: ba:42:ce:bf:d8:94:57:37:ac:b1:a3:aa:19:cb:40: 65:82:de:ca:ee:29:6f:ad:69:4e:d6:f5:f3:1c:cc: f2:d0:48:ef:ea:10:f6:f0:0a:99:bf:b0:9f:06:79: 6b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:69:C9:06:74:67:36:1F:96:94:45:A5:3C:C2:FC:9A:34:C3:51:B3 X509v3 Authority Key Identifier: keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/Y2nJBnRnNh-WlEWlPML8mjTDUbM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.13.211.0/24 45.81.39.0/24 67.211.224.0/20 69.160.128.0/19 80.76.48.0/24 81.31.193.0/24 82.158.232.0-82.158.255.255 85.136.224.0/19 85.217.222.0/23 87.120.4.0/24 87.120.38.0/24 87.120.59.0-87.120.60.255 87.120.98.0/24 87.120.236.0/24 87.121.20.0/23 87.121.45.0/24 87.121.87.0/24 91.92.230.0/24 93.123.47.0/24 93.123.73.0/24 93.123.117.0/24 93.123.119.0/24 94.156.12.0/24 94.156.130.0/24 94.156.239.0/24 94.156.248.0/24 185.207.13.0/24 213.254.64.0/18 Signature Algorithm: sha256WithRSAEncryption 77:b9:72:95:31:d0:ec:4e:c0:8e:db:70:8b:2f:63:92:a2:9a: 2a:48:96:47:6d:74:73:43:12:89:69:85:8a:ed:77:2a:65:33: 46:30:f9:dd:39:4d:d3:67:6a:a8:96:52:bd:d6:e7:e3:42:3d: 40:6f:83:e9:2c:4f:c9:23:84:3a:f0:87:6f:6e:53:36:85:76: b4:21:e0:63:8a:73:3d:7c:93:86:e5:77:28:bd:08:7e:76:51: 45:ed:3b:b4:82:95:ad:5e:2f:e9:48:ae:58:e9:e3:4b:02:de: bb:aa:7e:dd:cd:bc:7e:60:7a:0c:e6:9c:1f:cd:2b:ff:10:c8: f4:c9:a3:5e:a3:a3:c7:ac:1e:d2:a9:39:dc:b8:22:c1:e5:94: 23:25:c9:a0:8f:16:32:af:3d:85:f5:f9:5a:02:b0:bb:30:13: f6:51:d4:2f:f0:ce:1f:c6:62:ed:f8:2f:f1:c1:08:9f:8f:43: 7a:e1:65:3e:9b:e1:af:05:5b:78:fd:50:b3:76:74:7c:f2:f8: 30:52:e7:e9:cd:16:34:af:ff:c5:70:6c:20:19:9d:80:9d:f2: ef:f5:be:37:67:ad:cd:7d:8f:eb:f5:8f:06:42:36:6e:52:a9: 3f:3d:74:f3:ce:64:4c:50:c0:9e:29:36:f7:8a:99:b3:db:af: a5:a6:55:fa -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgISAZqb7zpIVtkgpVEb5ZptBa5mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl NzczNWIwHhcNMjUxMTE5MTE0NTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzY5YzkwNjc0NjczNjFmOTY5NDQ1YTUzY2MyZmM5YTM0YzM1MWIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyK6UEWJLRFY8ZWrdKGMRUe4N+1m zLZ80Y4j2Qg3Qq1O3Plz/EjreHwxEWOlajjgzMYFVFUWgnxE9l3pZZ0MgedvcIcv v7bk1OCHjTlk8D1x5fwEtxP6vubRHXluF7Cr+fDFSpc/sK8FLewau2hf+Ny2BjOe uyywx6G9vuuFXJ57lvQWgDfwkjYgUKmYvPXPFrqEOcjUhrb/zQKzzj3hgdmMDxqs 8cENkRS+4xCc8CFXof9GzZ++F9aNS22tJYGNlylamSwfYH8qM0W30nMXyC26Qs6/ 2JRXN6yxo6oZy0Blgt7K7ilvrWlO1vXzHMzy0Ejv6hD28AqZv7CfBnlrEwIDAQAB o4ICvzCCArswHQYDVR0OBBYEFGNpyQZ0ZzYflpRFpTzC/Jo0w1GzMB8GA1UdIwQY MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt ZWVkZDk0ZWMxMjhjLzEvWTJuSkJuUm5OaC1XbEVXbFBNTDhtalREVWJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBvgQCAAEwgbcDBAAf DdMDBAAtUScDBARD0+ADBAVFoIADBABQTDADBABRH8EwCwMEA1Ke6AMDAFKeAwQF VYjgAwQBVdneAwQAV3gEAwQAV3gmMAwDBABXeDsDBABXeDwDBABXeGIDBABXeOwD BAFXeRQDBABXeS0DBABXeVcDBABbXOYDBABdey8DBABde0kDBABde3UDBABde3cD BABenAwDBABenIIDBABenO8DBABenPgDBAC5zw0DBAbV/kAwDQYJKoZIhvcNAQEL BQADggEBAHe5cpUx0OxOwI7bcIsvY5KimipIlkdtdHNDEolphYrtdyplM0Yw+d05 TdNnaqiWUr3W5+NCPUBvg+ksT8kjhDrwh29uUzaFdrQh4GOKcz18k4bldyi9CH52 UUXtO7SCla1eL+lIrljp40sC3ruqft3NvH5gegzmnB/NK/8QyPTJo16jo8esHtKp Ody4IsHllCMlyaCPFjKvPYX1+VoCsLswE/ZR1C/wzh/GYu34L/HBCJ+PQ3rhZT6b 4a8FW3j9ULN2dHzy+DBS5+nNFjSv/8VwbCAZnYCd8u/1vjdnrc19j+v1jwZCNm5S qT89dPPOZExQwJ4pNveKmbPbr6WmVfo= -----END CERTIFICATE-----Generated at Sat Dec 6 17:15:04 2025 by rpki-client