This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/SwQK8a0RuGojFMRd-1GGkonnT-U.roa File: SwQK8a0RuGojFMRd-1GGkonnT-U.roa (raw, json) Hash identifier: 7GJC22Eus5d8mAhvDyq0PoK19aG3z12w1E45uuUpyP4= Subject key identifier: 4B:04:0A:F1:AD:11:B8:6A:23:14:C4:5D:FB:51:86:92:89:E7:4F:E5 Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012 Certificate serial: 019B78352A97340963A96B4F2AC0B23CD794 Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/SwQK8a0RuGojFMRd-1GGkonnT-U.roa Signing time: Thu 01 Jan 2026 06:18:28 +0000 ROA not before: Thu 01 Jan 2026 06:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205544 IP address blocks: 23.19.56.0/21 maxlen: 24 23.19.56.0/24 maxlen: 24 23.19.59.0/24 maxlen: 24 23.19.62.0/24 maxlen: 24 23.81.32.0/21 maxlen: 21 23.106.32.0/21 maxlen: 21 23.106.56.0/21 maxlen: 21 23.106.232.0/21 maxlen: 21 81.17.56.0/21 maxlen: 24 81.17.56.0/22 maxlen: 22 81.17.60.0/24 maxlen: 24 81.17.61.0/24 maxlen: 24 81.17.62.0/24 maxlen: 24 81.17.63.0/24 maxlen: 24 95.168.176.0/20 maxlen: 24 95.168.176.0/21 maxlen: 21 95.168.184.0/24 maxlen: 24 95.168.185.0/24 maxlen: 24 95.168.186.0/23 maxlen: 23 95.168.186.0/24 maxlen: 24 95.168.187.0/24 maxlen: 24 95.168.188.0/22 maxlen: 22 173.208.48.0/21 maxlen: 21 173.234.16.0/21 maxlen: 24 173.234.16.0/24 maxlen: 24 173.234.17.0/24 maxlen: 24 173.234.18.0/23 maxlen: 23 173.234.18.0/24 maxlen: 24 173.234.19.0/24 maxlen: 24 173.234.20.0/23 maxlen: 23 173.234.22.0/23 maxlen: 23 173.234.72.0/21 maxlen: 21 173.234.136.0/21 maxlen: 21 185.222.24.0/22 maxlen: 24 185.222.24.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.mft rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:2a:97:34:09:63:a9:6b:4f:2a:c0:b2:3c:d7:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012 Validity Not Before: Jan 1 06:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4b040af1ad11b86a2314c45dfb51869289e74fe5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:71:5d:c9:8a:f7:78:56:50:f6:df:2b:5b:7d: 2b:ca:43:16:94:51:08:19:ac:c4:d2:f6:c6:f5:49: f1:a2:a7:ff:18:cd:61:28:88:a5:70:87:41:10:66: 93:ac:3b:76:22:8a:67:e4:72:9f:3e:4f:1e:0e:4b: 6a:55:b7:28:31:f9:35:4b:69:4a:76:6e:dd:8d:82: b7:58:87:cf:ee:ca:92:46:d6:c1:5b:87:62:0c:eb: 0f:18:00:f0:21:fb:57:4d:eb:39:5c:e3:a2:28:9b: a2:c4:ea:ec:ec:b3:58:e8:0b:75:3f:d6:83:cf:eb: 3a:13:ba:89:00:b3:79:9d:54:77:c6:38:0b:7e:66: 51:e2:68:9c:f4:84:0f:48:d1:8e:74:ae:10:c4:c0: dc:55:94:c4:60:54:5b:ea:0b:f6:3d:14:f0:70:dd: 37:fc:94:96:6e:e7:d4:47:89:15:ac:d2:9b:7e:4a: 15:a6:cf:18:d6:4c:53:9c:f0:47:35:4e:08:e1:ba: b2:34:14:dc:f0:4d:4f:0c:c4:5b:5b:00:c3:3b:de: 52:b8:ab:e1:11:5a:93:96:2b:3e:c4:bc:26:84:ab: 33:0b:1a:57:bd:bd:9e:d6:42:8d:53:09:29:76:da: 94:af:a8:19:98:20:70:71:a1:9c:ab:bc:e5:4d:db: 4b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:04:0A:F1:AD:11:B8:6A:23:14:C4:5D:FB:51:86:92:89:E7:4F:E5 X509v3 Authority Key Identifier: keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/SwQK8a0RuGojFMRd-1GGkonnT-U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.19.56.0/21 23.81.32.0/21 23.106.32.0/21 23.106.56.0/21 23.106.232.0/21 81.17.56.0/21 95.168.176.0/20 173.208.48.0/21 173.234.16.0/21 173.234.72.0/21 173.234.136.0/21 185.222.24.0/22 Signature Algorithm: sha256WithRSAEncryption 35:53:e6:d1:5e:7a:7f:90:0d:32:07:fd:8c:44:22:0c:ab:a3: 52:68:79:5a:d8:f6:5a:1c:19:43:25:cd:0d:9a:b0:ec:76:58: 3b:2c:2a:de:72:5c:9f:cd:1f:5b:5a:d7:63:0a:19:90:8a:0c: 8c:2c:ff:94:9e:b0:b3:4c:19:b4:73:78:0a:d6:ac:44:35:02: 54:03:50:76:78:6c:c2:dd:ed:2b:7f:a1:f1:3e:bf:52:e6:cb: e7:83:b3:ae:5d:4d:33:40:1d:2d:ad:ec:d3:8f:21:3d:6c:5a: 41:ea:a0:af:a2:4f:ab:44:f2:6f:4e:54:f3:4d:e2:ab:59:00: bd:93:e5:ed:a3:ef:08:9a:0a:76:53:d4:f2:f6:84:6a:7d:a5: 04:86:fe:31:1f:b5:40:25:1e:c4:15:9b:dd:1b:2b:db:a7:b1: 89:7a:f8:43:00:69:04:5e:34:ae:2d:17:e4:77:6d:15:78:ae: 34:2f:b9:af:ae:5f:ad:ca:6c:73:e6:d7:77:81:46:62:af:a8: 8d:1a:e1:e7:b6:91:2d:f2:3b:94:cf:40:ab:32:7a:b7:f3:ac: 91:22:0b:76:24:61:5b:d8:f2:cc:23:75:48:d1:3b:8f:54:ae: 37:14:c4:d7:cc:8a:aa:a2:d1:5e:92:aa:f3:8e:5b:f9:9b:8f: 7c:c4:77:0b -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISAZt4NSqXNAljqWtPKsCyPNeUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk MGIwMTIwHhcNMjYwMTAxMDYxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YjA0MGFmMWFkMTFiODZhMjMxNGM0NWRmYjUxODY5Mjg5ZTc0ZmU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XFdyYr3eFZQ9t8rW30rykMWlFEI GazE0vbG9Unxoqf/GM1hKIilcIdBEGaTrDt2Iopn5HKfPk8eDktqVbcoMfk1S2lK dm7djYK3WIfP7sqSRtbBW4diDOsPGADwIftXTes5XOOiKJuixOrs7LNY6At1P9aD z+s6E7qJALN5nVR3xjgLfmZR4mic9IQPSNGOdK4QxMDcVZTEYFRb6gv2PRTwcN03 /JSWbufUR4kVrNKbfkoVps8Y1kxTnPBHNU4I4bqyNBTc8E1PDMRbWwDDO95SuKvh EVqTlis+xLwmhKszCxpXvb2e1kKNUwkpdtqUr6gZmCBwcaGcq7zlTdtLHQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEsECvGtEbhqIxTEXftRhpKJ50/lMB8GA1UdIwQY MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt OWYyMTRkMWJhOTM0LzEvU3dRSzhhMFJ1R29qRk1SZC0xR0drb25uVC1VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0 LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQDFxM4AwQD F1EgAwQDF2ogAwQDF2o4AwQDF2roAwQDURE4AwQEX6iwAwQDrdAwAwQDreoQAwQD repIAwQDreqIAwQCud4YMA0GCSqGSIb3DQEBCwUAA4IBAQA1U+bRXnp/kA0yB/2M RCIMq6NSaHla2PZaHBlDJc0NmrDsdlg7LCreclyfzR9bWtdjChmQigyMLP+UnrCz TBm0c3gK1qxENQJUA1B2eGzC3e0rf6HxPr9S5svng7OuXU0zQB0trezTjyE9bFpB 6qCvok+rRPJvTlTzTeKrWQC9k+Xto+8Imgp2U9Ty9oRqfaUEhv4xH7VAJR7EFZvd Gyvbp7GJevhDAGkEXjSuLRfkd20VeK40L7mvrl+tymxz5td3gUZir6iNGuHntpEt 8juUz0CrMnq386yRIgt2JGFb2PLMI3VI0TuPVK43FMTXzIqqotFekqrzjlv5m498 xHcL -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:19 2026 by rpki-client