This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/XEGrGY29N2_6fdEZQllMn9S3ctY.roa File: XEGrGY29N2_6fdEZQllMn9S3ctY.roa (raw, json) Hash identifier: FoInU+oGSpZKQRSWi66xB6iIQ2i/avIu/9TIfHo6uB0= Subject key identifier: 5C:41:AB:19:8D:BD:37:6F:FA:7D:D1:19:42:59:4C:9F:D4:B7:72:D6 Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e Certificate serial: 019BDB8CCA09E4457A67CCAA87F534C82D62 Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/XEGrGY29N2_6fdEZQllMn9S3ctY.roa Signing time: Tue 20 Jan 2026 13:16:35 +0000 ROA not before: Tue 20 Jan 2026 13:16:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 64.119.64.0/20 maxlen: 24 70.40.160.0/20 maxlen: 24 85.136.0.0/20 maxlen: 24 85.136.32.0/20 maxlen: 24 85.136.64.0/20 maxlen: 24 86.105.104.0/22 maxlen: 24 89.36.236.0/22 maxlen: 24 89.37.128.0/24 maxlen: 24 89.37.188.0/22 maxlen: 24 89.40.43.0/24 maxlen: 24 89.184.208.0/20 maxlen: 32 91.232.136.0/22 maxlen: 24 93.114.169.0/24 maxlen: 24 93.115.155.0/24 maxlen: 24 94.177.65.0/24 maxlen: 24 94.190.248.0/22 maxlen: 24 135.132.48.0/20 maxlen: 24 176.223.190.0/24 maxlen: 24 185.64.100.0/22 maxlen: 24 185.172.20.0/22 maxlen: 24 185.210.40.0/22 maxlen: 24 185.215.220.0/22 maxlen: 24 185.217.24.0/22 maxlen: 24 185.223.40.0/22 maxlen: 24 185.224.140.0/22 maxlen: 24 185.249.236.0/22 maxlen: 24 185.252.168.0/22 maxlen: 24 188.211.252.0/22 maxlen: 24 188.212.104.0/22 maxlen: 24 193.46.204.0/24 maxlen: 24 193.46.211.0/24 maxlen: 24 194.213.10.0/24 maxlen: 24 194.242.28.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:db:8c:ca:09:e4:45:7a:67:cc:aa:87:f5:34:c8:2d:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e Validity Not Before: Jan 20 13:16:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c41ab198dbd376ffa7dd11942594c9fd4b772d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:15:8b:c2:76:09:c1:0a:10:88:bb:81:37:b3: 4e:0d:50:a0:3e:0a:76:40:49:b0:cb:ec:69:37:cb: 4e:82:58:4e:28:51:83:d2:57:c1:a7:ec:c4:6a:19: 00:05:d7:f3:c9:6b:f5:90:a9:76:15:b5:53:98:b5: 1d:b7:26:5b:01:21:58:43:44:2d:7d:37:5e:0c:63: ab:ff:e2:6c:72:af:39:52:a8:e6:42:29:dc:e5:72: 4d:f0:57:37:3b:3a:81:5b:85:f2:92:7f:16:8b:01: f8:49:03:6b:08:d9:45:d6:f5:f2:b0:9f:5a:b8:1d: ad:8e:b3:e5:b6:b2:ce:33:bb:19:d5:7b:ec:96:1d: cd:59:5b:83:af:96:40:1b:b9:bb:c8:9f:cf:1c:c4: e6:31:c2:d4:8b:54:59:62:d6:5e:0a:b5:d6:6a:cc: 6b:88:3b:f7:c9:89:f9:3f:24:2c:f0:cf:03:93:bc: 0d:f7:da:a5:26:f5:b9:fe:75:90:47:f0:af:ca:63: 71:27:51:86:e5:a4:68:ef:94:b0:ba:bc:d3:50:7d: 28:60:06:d6:d0:66:54:f8:6f:a4:f9:1f:f9:e0:01: 7e:be:49:20:03:d9:a5:6f:31:5b:d0:49:73:64:b6: a0:24:22:80:e5:07:ed:15:c0:7b:4f:85:7f:77:83: be:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:41:AB:19:8D:BD:37:6F:FA:7D:D1:19:42:59:4C:9F:D4:B7:72:D6 X509v3 Authority Key Identifier: keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/XEGrGY29N2_6fdEZQllMn9S3ctY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.119.64.0/20 70.40.160.0/20 85.136.0.0/20 85.136.32.0/20 85.136.64.0/20 86.105.104.0/22 89.36.236.0/22 89.37.128.0/24 89.37.188.0/22 89.40.43.0/24 89.184.208.0/20 91.232.136.0/22 93.114.169.0/24 93.115.155.0/24 94.177.65.0/24 94.190.248.0/22 135.132.48.0/20 176.223.190.0/24 185.64.100.0/22 185.172.20.0/22 185.210.40.0/22 185.215.220.0/22 185.217.24.0/22 185.223.40.0/22 185.224.140.0/22 185.249.236.0/22 185.252.168.0/22 188.211.252.0/22 188.212.104.0/22 193.46.204.0/24 193.46.211.0/24 194.213.10.0/24 194.242.28.0/23 Signature Algorithm: sha256WithRSAEncryption c2:e5:c1:ea:2f:6d:78:21:41:48:38:85:3e:c7:ca:dc:45:50: e2:74:ef:49:a8:c0:41:b1:16:0d:93:75:3b:fb:bc:99:ef:c1: 55:30:a0:7c:e7:b1:12:36:4f:e7:54:cb:d7:54:29:ac:ed:6f: 56:fb:48:9c:ac:c5:8c:25:61:5d:ae:9b:82:3c:82:4d:35:d2: cf:97:71:e2:42:b2:6f:e8:67:03:44:3a:36:34:5f:62:e2:b0: 2a:10:99:3f:7f:c2:db:d9:b2:ff:87:f0:f1:2e:77:ee:4b:7d: 76:96:07:fe:a9:07:1f:c1:cf:a3:9f:08:73:42:cb:85:df:db: b7:52:30:59:fa:8a:cb:97:5e:c4:60:d5:88:33:31:4c:f4:a3: c4:df:22:f4:27:35:51:d6:40:ff:0d:2c:bb:ce:f1:f6:53:34: 0d:78:cd:f4:98:72:df:95:cc:10:05:cf:26:b5:7f:f6:72:13: d3:43:7d:95:08:a9:4d:83:6e:2e:e9:f4:73:90:e4:13:47:13: 93:c6:ad:1a:74:c6:a8:89:3d:de:bc:19:a3:7e:fc:41:a5:d2: d4:ee:85:ee:88:f6:d9:95:56:06:7a:90:15:51:8b:4b:2b:72: b6:4c:36:9a:b8:5c:78:e2:48:b8:ab:00:f0:25:7e:1d:63:bf: d1:f6:81:a5 -----BEGIN CERTIFICATE----- MIIFwjCCBKqgAwIBAgISAZvbjMoJ5EV6Z8yqh/U0yC1iMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk YzI2MWUwHhcNMjYwMTIwMTMxNjM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzQxYWIxOThkYmQzNzZmZmE3ZGQxMTk0MjU5NGM5ZmQ0Yjc3MmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRWLwnYJwQoQiLuBN7NODVCgPgp2 QEmwy+xpN8tOglhOKFGD0lfBp+zEahkABdfzyWv1kKl2FbVTmLUdtyZbASFYQ0Qt fTdeDGOr/+Jscq85UqjmQinc5XJN8Fc3OzqBW4Xykn8WiwH4SQNrCNlF1vXysJ9a uB2tjrPltrLOM7sZ1Xvslh3NWVuDr5ZAG7m7yJ/PHMTmMcLUi1RZYtZeCrXWasxr iDv3yYn5PyQs8M8Dk7wN99qlJvW5/nWQR/CvymNxJ1GG5aRo75SwurzTUH0oYAbW 0GZU+G+k+R/54AF+vkkgA9mlbzFb0ElzZLagJCKA5QftFcB7T4V/d4O+/wIDAQAB o4ICzjCCAsowHQYDVR0OBBYEFFxBqxmNvTdv+n3RGUJZTJ/Ut3LWMB8GA1UdIwQY MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt MTRhMDk5OTNkNjcxLzEvWEVHckdZMjlOMl82ZmRFWlFsbE1uOVMzY3RZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBARA d0ADBARGKKADBARViAADBARViCADBARViEADBAJWaWgDBAJZJOwDBABZJYADBAJZ JbwDBABZKCsDBARZuNADBAJb6IgDBABdcqkDBABdc5sDBABesUEDBAJevvgDBASH hDADBACw374DBAK5QGQDBAK5rBQDBAK50igDBAK519wDBAK52RgDBAK53ygDBAK5 4IwDBAK5+ewDBAK5/KgDBAK80/wDBAK81GgDBADBLswDBADBLtMDBADC1QoDBAHC 8hwwDQYJKoZIhvcNAQELBQADggEBAMLlweovbXghQUg4hT7HytxFUOJ070mowEGx Fg2TdTv7vJnvwVUwoHznsRI2T+dUy9dUKaztb1b7SJysxYwlYV2um4I8gk010s+X ceJCsm/oZwNEOjY0X2LisCoQmT9/wtvZsv+H8PEud+5LfXaWB/6pBx/Bz6OfCHNC y4Xf27dSMFn6isuXXsRg1YgzMUz0o8TfIvQnNVHWQP8NLLvO8fZTNA14zfSYct+V zBAFzya1f/ZyE9NDfZUIqU2Dbi7p9HOQ5BNHE5PGrRp0xqiJPd68GaN+/EGl0tTu he6I9tmVVgZ6kBVRi0srcrZMNpq4XHjiSLirAPAlfh1jv9H2gaU= -----END CERTIFICATE-----Generated at Sun Jan 25 13:32:47 2026 by rpki-client