This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/M40JtCxRIL4bk5qpY9mm5IUfUtw.roa File: M40JtCxRIL4bk5qpY9mm5IUfUtw.roa (raw, json) Hash identifier: PgfhlX0Cddb7tDtGKyEhOLKnM2Kkb5tPZp8uRouKuM8= Subject key identifier: 33:8D:09:B4:2C:51:20:BE:1B:93:9A:A9:63:D9:A6:E4:85:1F:52:DC Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4 Certificate serial: 019B7CEE300AB1CECA912828FB6EB436A211 Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/M40JtCxRIL4bk5qpY9mm5IUfUtw.roa Signing time: Fri 02 Jan 2026 04:19:03 +0000 ROA not before: Fri 02 Jan 2026 04:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 834 IP address blocks: 5.102.116.0/22 maxlen: 24 5.102.120.0/22 maxlen: 24 31.186.180.0/22 maxlen: 23 82.163.64.0/22 maxlen: 24 82.163.168.0/22 maxlen: 24 82.163.224.0/22 maxlen: 24 185.86.140.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:30:0a:b1:ce:ca:91:28:28:fb:6e:b4:36:a2:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4 Validity Not Before: Jan 2 04:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=338d09b42c5120be1b939aa963d9a6e4851f52dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b9:45:7d:96:dc:ea:92:41:09:21:8e:10:46: 76:fe:21:7c:c2:ba:97:21:7a:a0:ba:5f:36:a9:f0: 68:b6:3f:bc:e7:89:e0:9c:fb:5b:52:e0:ce:4a:9e: 34:f2:ed:44:12:d1:99:3e:44:0f:6f:99:9e:8e:fa: 58:76:37:04:f6:36:15:2a:85:e1:1b:01:8f:ef:d0: 59:73:46:10:a1:9b:3d:33:1b:87:c4:7c:00:96:bc: 46:07:b2:f1:a2:46:31:c1:9a:c1:1b:6a:9a:3f:1b: c9:29:fe:95:df:a2:f4:fb:5f:2c:88:ab:fe:6e:72: 44:ba:be:1e:6c:a1:39:40:e5:c4:53:8b:99:97:4c: e7:2e:2f:a8:6a:39:aa:82:a3:8b:2f:5c:86:da:50: 6c:8b:f4:ba:4f:2c:1a:40:0b:b5:c6:b9:00:4d:56: 2f:c9:bf:16:37:98:f4:14:75:6d:a2:83:7b:a9:18: 55:59:80:24:ca:49:46:ac:f1:03:c5:6d:e3:6d:78: 9e:95:80:70:25:88:b6:26:d6:d4:ca:04:9d:cb:d7: d6:98:e8:46:41:53:ac:d9:3b:21:93:e8:d5:48:fd: cf:4b:b2:57:a9:83:00:d3:bd:b7:cc:05:90:d6:11: 41:a1:6f:85:b8:36:b3:c1:3e:1d:36:8e:a3:50:78: 1a:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:8D:09:B4:2C:51:20:BE:1B:93:9A:A9:63:D9:A6:E4:85:1F:52:DC X509v3 Authority Key Identifier: keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/M40JtCxRIL4bk5qpY9mm5IUfUtw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.102.116.0-5.102.123.255 31.186.180.0/22 82.163.64.0/22 82.163.168.0/22 82.163.224.0/22 185.86.140.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:30:46:55:f7:26:df:86:40:a1:c4:a7:90:97:75:91:5f:67: f1:45:ad:f7:99:e9:ab:a5:df:d0:f3:bf:e4:75:14:a6:d9:fb: 66:03:9d:f6:d4:9f:c7:c4:42:1a:85:df:8c:4f:9e:71:0e:e6: 9f:77:78:7a:23:3e:6b:ea:5b:0d:ee:81:55:d1:6b:4b:63:c5: 25:c3:b0:e7:eb:70:6c:68:a5:dd:a9:73:6f:7c:3a:f8:19:fe: 67:12:c1:6e:a7:ca:3d:de:07:99:6c:d9:4c:c0:12:02:4a:ee: 55:9f:27:f6:66:ab:3a:47:c4:8b:d3:61:27:df:c2:a1:c0:b2: fe:6b:17:79:b2:bf:9a:f9:98:57:48:a3:d4:06:95:7a:e4:aa: d7:23:cf:ab:3f:42:48:04:2e:ef:f1:d0:93:ac:67:22:08:a2: 77:44:73:49:cb:18:ac:ae:fb:15:85:03:a2:aa:e5:3e:ae:93: 12:e5:e0:d2:4b:a8:cf:2e:5d:01:8d:b3:3b:65:71:94:9f:06: d2:85:f5:e4:4d:da:f3:68:8e:76:c9:f4:42:52:4a:ab:c1:7a: 10:19:ff:21:db:be:aa:ef:44:bc:b4:80:ec:0e:9b:11:1b:12: f8:68:50:75:ad:84:2b:6c:d3:57:f5:c3:13:2b:6b:45:92:4f: 8f:7f:d2:19 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt87jAKsc7KkSgo+260NqIRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2 N2IxZTQwHhcNMjYwMTAyMDQxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzhkMDliNDJjNTEyMGJlMWI5MzlhYTk2M2Q5YTZlNDg1MWY1MmRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLlFfZbc6pJBCSGOEEZ2/iF8wrqX IXqgul82qfBotj+854ngnPtbUuDOSp408u1EEtGZPkQPb5mejvpYdjcE9jYVKoXh GwGP79BZc0YQoZs9MxuHxHwAlrxGB7LxokYxwZrBG2qaPxvJKf6V36L0+18siKv+ bnJEur4ebKE5QOXEU4uZl0znLi+oajmqgqOLL1yG2lBsi/S6TywaQAu1xrkATVYv yb8WN5j0FHVtooN7qRhVWYAkyklGrPEDxW3jbXielYBwJYi2JtbUygSdy9fWmOhG QVOs2Tshk+jVSP3PS7JXqYMA0723zAWQ1hFBoW+FuDazwT4dNo6jUHga2QIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFDONCbQsUSC+G5OaqWPZpuSFH1LcMB8GA1UdIwQY MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut ODk3MTRhN2U4ZDU4LzEvTTQwSnRDeFJJTDRiazVxcFk5bW01SVVmVXR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4 LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAIFZnQD BAIFZngDBAIfurQDBAJSo0ADBAJSo6gDBAJSo+ADBAG5VowwDQYJKoZIhvcNAQEL BQADggEBAI8wRlX3Jt+GQKHEp5CXdZFfZ/FFrfeZ6aul39Dzv+R1FKbZ+2YDnfbU n8fEQhqF34xPnnEO5p93eHojPmvqWw3ugVXRa0tjxSXDsOfrcGxopd2pc298OvgZ /mcSwW6nyj3eB5ls2UzAEgJK7lWfJ/ZmqzpHxIvTYSffwqHAsv5rF3myv5r5mFdI o9QGlXrkqtcjz6s/QkgELu/x0JOsZyIIondEc0nLGKyu+xWFA6Kq5T6ukxLl4NJL qM8uXQGNsztlcZSfBtKF9eRN2vNojnbJ9EJSSqvBehAZ/yHbvqrvRLy0gOwOmxEb EvhoUHWthCts01f1wxMra0WST49/0hk= -----END CERTIFICATE-----Generated at Sun Jan 25 10:20:23 2026 by rpki-client