This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/4L2HrkOMp5Px3ZdgqOBGMnz6oXw.roa File: 4L2HrkOMp5Px3ZdgqOBGMnz6oXw.roa (raw, json) Hash identifier: qjbkKzm11wnXRFJIt4quryujdmBS5m5m8Id3/w9vHFw= Subject key identifier: E0:BD:87:AE:43:8C:A7:93:F1:DD:97:60:A8:E0:46:32:7C:FA:A1:7C Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39 Certificate serial: 019B7AC8068C448AD955E31F2138436F4738 Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/4L2HrkOMp5Px3ZdgqOBGMnz6oXw.roa Signing time: Thu 01 Jan 2026 18:18:07 +0000 ROA not before: Thu 01 Jan 2026 18:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57809 IP address blocks: 2.59.144.0/22 maxlen: 22 5.10.128.0/21 maxlen: 21 5.183.248.0/22 maxlen: 22 23.90.192.0/18 maxlen: 18 31.204.80.0/21 maxlen: 21 45.80.252.0/22 maxlen: 22 45.86.96.0/22 maxlen: 22 45.89.76.0/22 maxlen: 22 45.92.180.0/22 maxlen: 22 45.129.216.0/24 maxlen: 24 45.129.217.0/24 maxlen: 24 45.129.218.0/24 maxlen: 24 45.133.68.0/22 maxlen: 22 45.142.108.0/22 maxlen: 22 45.152.16.0/22 maxlen: 22 46.18.120.0/22 maxlen: 22 46.18.124.0/24 maxlen: 24 46.18.125.0/24 maxlen: 24 46.18.126.0/23 maxlen: 23 62.192.156.0/22 maxlen: 22 79.99.160.0/21 maxlen: 21 88.86.224.0/19 maxlen: 19 88.218.12.0/22 maxlen: 22 92.119.232.0/22 maxlen: 22 94.154.4.0/24 maxlen: 24 94.187.128.0/19 maxlen: 19 94.187.144.0/22 maxlen: 22 94.187.150.0/24 maxlen: 24 168.220.128.0/19 maxlen: 19 185.20.16.0/22 maxlen: 22 185.48.252.0/22 maxlen: 22 185.86.88.0/22 maxlen: 22 185.87.100.0/22 maxlen: 22 185.98.116.0/22 maxlen: 22 185.132.64.0/22 maxlen: 22 185.133.80.0/22 maxlen: 22 185.134.156.0/22 maxlen: 22 185.135.176.0/22 maxlen: 22 185.138.116.0/22 maxlen: 22 185.163.136.0/22 maxlen: 22 185.163.212.0/22 maxlen: 22 185.163.220.0/22 maxlen: 22 185.163.228.0/22 maxlen: 22 185.169.156.0/22 maxlen: 22 185.186.88.0/22 maxlen: 22 185.191.36.0/22 maxlen: 22 185.197.108.0/22 maxlen: 22 185.241.140.0/22 maxlen: 22 185.254.8.0/22 maxlen: 22 192.214.192.0/19 maxlen: 19 195.216.140.0/22 maxlen: 22 2a00:41e0::/29 maxlen: 32 2a00:6780::/29 maxlen: 32 2a01:648::/29 maxlen: 32 2a05:b780::/29 maxlen: 29 2a05:c100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:06:8c:44:8a:d9:55:e3:1f:21:38:43:6f:47:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39 Validity Not Before: Jan 1 18:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0bd87ae438ca793f1dd9760a8e046327cfaa17c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:52:af:36:2c:52:e4:e4:69:7b:08:bf:29:99: 8e:d1:13:ed:cb:e1:e2:08:33:69:01:8b:29:16:0e: 9a:17:4a:3c:1d:86:1d:01:65:2d:11:41:15:2f:d8: 31:40:d8:91:7b:cc:b1:4e:84:1a:85:22:2c:86:24: 3a:fb:a0:07:6b:fb:f0:92:97:de:84:93:8c:e8:56: ee:80:d2:a8:88:76:00:72:48:53:39:74:be:38:48: a1:0c:02:a3:17:cc:fd:b2:10:15:cc:f8:d0:54:28: 7f:42:d0:69:d9:33:17:ab:09:35:7f:60:60:94:00: b4:1b:c9:e0:ad:33:b0:56:24:96:9c:15:b6:48:48: ef:bb:21:58:05:59:0b:52:23:76:8b:b0:f9:74:6a: 09:b9:ec:fb:91:3e:1c:62:6d:85:38:60:fc:3f:9f: ed:9b:38:ea:0d:29:42:ed:ec:b9:d8:b8:3e:8f:7a: fa:6d:8b:db:71:33:65:03:8f:7f:a5:f5:d5:03:f4: a4:f7:df:92:e1:63:80:8d:05:69:8e:07:46:d1:fd: c9:e5:81:e3:c8:42:5e:d8:d3:24:81:ca:e0:6c:ce: a4:f8:bd:05:7e:b5:54:82:68:d7:31:1f:a2:2a:8a: d4:c3:55:76:33:54:ca:27:7c:5f:27:90:41:e8:77: e9:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:BD:87:AE:43:8C:A7:93:F1:DD:97:60:A8:E0:46:32:7C:FA:A1:7C X509v3 Authority Key Identifier: keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/4L2HrkOMp5Px3ZdgqOBGMnz6oXw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.144.0/22 5.10.128.0/21 5.183.248.0/22 23.90.192.0/18 31.204.80.0/21 45.80.252.0/22 45.86.96.0/22 45.89.76.0/22 45.92.180.0/22 45.129.216.0-45.129.218.255 45.133.68.0/22 45.142.108.0/22 45.152.16.0/22 46.18.120.0/21 62.192.156.0/22 79.99.160.0/21 88.86.224.0/19 88.218.12.0/22 92.119.232.0/22 94.154.4.0/24 94.187.128.0/19 168.220.128.0/19 185.20.16.0/22 185.48.252.0/22 185.86.88.0/22 185.87.100.0/22 185.98.116.0/22 185.132.64.0/22 185.133.80.0/22 185.134.156.0/22 185.135.176.0/22 185.138.116.0/22 185.163.136.0/22 185.163.212.0/22 185.163.220.0/22 185.163.228.0/22 185.169.156.0/22 185.186.88.0/22 185.191.36.0/22 185.197.108.0/22 185.241.140.0/22 185.254.8.0/22 192.214.192.0/19 195.216.140.0/22 IPv6: 2a00:41e0::/29 2a00:6780::/29 2a01:648::/29 2a05:b780::/29 2a05:c100::/29 Signature Algorithm: sha256WithRSAEncryption 41:ef:69:b1:4a:af:05:f1:86:54:1f:e2:73:74:02:fb:ba:9c: 59:00:2d:db:ad:21:0b:da:06:20:31:fb:04:e6:54:b4:5b:99: bb:48:8e:78:03:e2:1b:8d:76:21:3f:7c:df:70:c1:23:b0:7c: 29:a7:bb:b8:81:f0:38:56:00:ea:9e:51:ad:53:02:93:ff:1d: 47:9d:53:19:45:93:4b:d4:8a:44:1e:91:4b:4d:c2:8f:c0:cf: 61:c3:00:6d:25:6e:9f:f6:f8:a2:e3:5b:8f:33:01:4f:fa:a8: 92:17:c7:d5:4b:34:cc:c3:64:a6:cf:51:53:99:32:c5:26:93: cc:d4:c9:43:2e:fe:9a:0d:62:85:c5:46:75:52:2e:39:47:e5: 33:f0:a4:31:ee:9d:0b:cf:be:c2:ee:30:e1:30:db:ee:77:c8: 4e:e7:c4:08:e2:58:9d:b9:f2:b6:33:7a:85:3c:68:0b:9c:91: fb:95:ba:b3:20:dc:04:31:81:13:a1:49:ec:3e:f5:e7:4f:66: 7b:81:ab:e9:05:ef:be:30:9e:1f:1d:b6:a5:79:0c:70:28:b1: 49:db:21:7f:56:be:1c:b9:5f:56:b0:c0:df:15:67:aa:26:0c: 4b:15:12:b8:37:02:f2:4c:de:c5:8a:36:98:d9:f7:da:6c:ff: d4:40:40:89 -----BEGIN CERTIFICATE----- MIIGPDCCBSSgAwIBAgISAZt6yAaMRIrZVeMfIThDb0c4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh YjJkMzkwHhcNMjYwMTAxMTgxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGJkODdhZTQzOGNhNzkzZjFkZDk3NjBhOGUwNDYzMjdjZmFhMTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VKvNixS5ORpewi/KZmO0RPty+Hi CDNpAYspFg6aF0o8HYYdAWUtEUEVL9gxQNiRe8yxToQahSIshiQ6+6AHa/vwkpfe hJOM6FbugNKoiHYAckhTOXS+OEihDAKjF8z9shAVzPjQVCh/QtBp2TMXqwk1f2Bg lAC0G8ngrTOwViSWnBW2SEjvuyFYBVkLUiN2i7D5dGoJuez7kT4cYm2FOGD8P5/t mzjqDSlC7ey52Lg+j3r6bYvbcTNlA49/pfXVA/Sk99+S4WOAjQVpjgdG0f3J5YHj yEJe2NMkgcrgbM6k+L0FfrVUgmjXMR+iKorUw1V2M1TKJ3xfJ5BB6HfpPQIDAQAB o4IDSDCCA0QwHQYDVR0OBBYEFOC9h65DjKeT8d2XYKjgRjJ8+qF8MB8GA1UdIwQY MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt YjhlOGIzNGRiMjkwLzEvNEwySHJrT01wNVB4M1pkZ3FPQkdNbno2b1h3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCARgEAgABMIIB EAMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC PsCcAwQDT2OgAwQFWFbgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQC uRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQC uYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQC ub8kAwQCucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHg AwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEA Qe9psUqvBfGGVB/ic3QC+7qcWQAt260hC9oGIDH7BOZUtFuZu0iOeAPiG412IT98 33DBI7B8Kae7uIHwOFYA6p5RrVMCk/8dR51TGUWTS9SKRB6RS03Cj8DPYcMAbSVu n/b4ouNbjzMBT/qokhfH1Us0zMNkps9RU5kyxSaTzNTJQy7+mg1ihcVGdVIuOUfl M/CkMe6dC8++wu4w4TDb7nfITufECOJYnbnytjN6hTxoC5yR+5W6syDcBDGBE6FJ 7D71509me4Gr6QXvvjCeHx22pXkMcCixSdshf1a+HLlfVrDA3xVnqiYMSxUSuDcC 8kzexYo2mNn32mz/1EBAiQ== -----END CERTIFICATE-----Generated at Sun Jan 25 22:47:46 2026 by rpki-client