This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1O31PXRW4JrmyjbMW_cFD49VkV4.roa File: 1O31PXRW4JrmyjbMW_cFD49VkV4.roa (raw, json) Hash identifier: RZkMcDta9CU3T62UrZ8XhVHVSF2PbH34epdk7jlUds4= Subject key identifier: D4:ED:F5:3D:74:56:E0:9A:E6:CA:36:CC:5B:F7:05:0F:8F:55:91:5E Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Certificate serial: 019B76EAF75F624622DD1E2B1883991B66A9 Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1O31PXRW4JrmyjbMW_cFD49VkV4.roa Signing time: Thu 01 Jan 2026 00:17:48 +0000 ROA not before: Thu 01 Jan 2026 00:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149457 IP address blocks: 103.25.84.0/24 maxlen: 24 146.19.135.0/24 maxlen: 24 188.253.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:f7:5f:62:46:22:dd:1e:2b:18:83:99:1b:66:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Validity Not Before: Jan 1 00:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d4edf53d7456e09ae6ca36cc5bf7050f8f55915e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c7:89:dd:1b:48:d2:96:4a:9b:d1:0b:5d:8d: 91:6a:e6:94:ae:41:67:81:18:a0:f7:73:65:14:61: b7:57:79:fd:bb:6a:6c:59:80:a9:19:44:59:36:8f: 73:f2:82:31:46:37:0b:b2:ad:d0:b2:24:90:a8:41: f2:2b:f5:04:e0:03:ed:dd:f1:32:08:03:0a:6d:28: 34:72:17:11:9d:ae:62:29:13:49:8d:7e:62:b6:b5: 38:85:5f:d6:0b:90:f8:eb:bf:37:84:65:5f:80:48: 85:ba:53:7f:ab:b1:dd:9d:19:aa:d9:52:a3:1f:e8: 68:bd:59:8d:c6:35:69:63:83:ca:79:70:a8:53:e6: c2:68:07:2f:dd:6a:fb:da:09:9f:eb:60:6c:5f:c7: f9:4f:96:f4:48:51:76:eb:1f:1d:42:aa:5e:05:08: c8:e4:ce:90:12:76:49:65:f7:df:18:71:05:06:c0: 9b:5d:12:ff:89:74:e5:c8:02:b4:a3:48:a3:9c:ac: 1b:ba:f2:07:db:12:5b:1f:6a:b2:2d:b3:ba:42:8a: 71:a7:32:a2:85:fc:9d:b8:af:24:c0:ff:32:83:5f: 7d:01:2a:ab:41:19:a3:9e:fa:05:d2:8f:74:2c:b0: 90:34:52:cd:70:ca:fa:04:e8:d3:21:7b:b0:bb:f3: 67:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:ED:F5:3D:74:56:E0:9A:E6:CA:36:CC:5B:F7:05:0F:8F:55:91:5E X509v3 Authority Key Identifier: keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1O31PXRW4JrmyjbMW_cFD49VkV4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.25.84.0/24 146.19.135.0/24 188.253.1.0/24 Signature Algorithm: sha256WithRSAEncryption a2:f9:af:c0:d0:7f:1d:ce:1a:5d:0a:d5:ac:61:fa:77:e1:c5: 12:1e:f5:e6:ff:fc:1c:cf:dd:fe:18:87:72:e7:82:62:d2:de: 75:6f:ca:64:22:67:0e:e0:f8:02:08:1b:f7:6c:f5:bb:fe:3b: fb:97:1c:82:7d:e6:be:e9:eb:a6:58:35:6d:5d:88:4d:38:12: 77:38:a8:f4:a1:70:8b:4f:8a:9b:eb:55:12:de:9e:ca:0d:d5: d6:66:a5:64:49:91:9f:46:db:0d:a0:76:0e:6d:89:ba:10:43: 47:ad:8c:61:2f:53:35:af:58:6b:b7:8d:ca:94:9f:29:34:4f: b4:a8:bd:dc:ae:65:c6:f1:82:16:a6:8a:c2:e9:56:dc:4d:67: 61:2a:95:32:00:ab:ce:da:92:d9:68:83:de:c5:2a:81:0d:f2: 9c:1a:40:17:66:cf:11:a6:64:c0:96:5e:c6:e1:35:42:82:ba: d7:6e:3b:2d:fb:1e:25:2a:0c:16:4b:7b:e2:6e:d7:26:2f:65: a3:1f:0f:a3:39:9c:50:5a:06:35:75:27:6e:fe:3b:34:bf:a5: bb:92:2d:a2:61:47:29:2b:92:91:e3:5c:e0:64:cd:1a:d9:c6: 66:77:0f:0f:1e:74:b2:52:15:df:67:fe:38:6b:53:cb:c9:0f: f9:6d:df:87 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt26vdfYkYi3R4rGIOZG2apMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2 NWE0NzgwHhcNMjYwMTAxMDAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNGVkZjUzZDc0NTZlMDlhZTZjYTM2Y2M1YmY3MDUwZjhmNTU5MTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuseJ3RtI0pZKm9ELXY2RauaUrkFn gRig93NlFGG3V3n9u2psWYCpGURZNo9z8oIxRjcLsq3QsiSQqEHyK/UE4APt3fEy CAMKbSg0chcRna5iKRNJjX5itrU4hV/WC5D46783hGVfgEiFulN/q7HdnRmq2VKj H+hovVmNxjVpY4PKeXCoU+bCaAcv3Wr72gmf62BsX8f5T5b0SFF26x8dQqpeBQjI 5M6QEnZJZfffGHEFBsCbXRL/iXTlyAK0o0ijnKwbuvIH2xJbH2qyLbO6QopxpzKi hfyduK8kwP8yg199ASqrQRmjnvoF0o90LLCQNFLNcMr6BOjTIXuwu/NnPQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNTt9T10VuCa5so2zFv3BQ+PVZFeMB8GA1UdIwQY MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt ZmUwNjU5MTc2YTU2LzEvMU8zMVBYUlc0SnJteWpiTVdfY0ZENDlWa1Y0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2 LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZxlUAwQA khOHAwQAvP0BMA0GCSqGSIb3DQEBCwUAA4IBAQCi+a/A0H8dzhpdCtWsYfp34cUS HvXm//wcz93+GIdy54Ji0t51b8pkImcO4PgCCBv3bPW7/jv7lxyCfea+6eumWDVt XYhNOBJ3OKj0oXCLT4qb61US3p7KDdXWZqVkSZGfRtsNoHYObYm6EENHrYxhL1M1 r1hrt43KlJ8pNE+0qL3crmXG8YIWporC6VbcTWdhKpUyAKvO2pLZaIPexSqBDfKc GkAXZs8RpmTAll7G4TVCgrrXbjst+x4lKgwWS3vibtcmL2WjHw+jOZxQWgY1dSdu /js0v6W7ki2iYUcpK5KR41zgZM0a2cZmdw8PHnSyUhXfZ/44a1PLyQ/5bd+H -----END CERTIFICATE-----Generated at Sun Jan 25 11:58:06 2026 by rpki-client