This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/4rFM8nRqB3wIzJNdl4Iak_eVuZE.roa File: 4rFM8nRqB3wIzJNdl4Iak_eVuZE.roa (raw, json) Hash identifier: Kwqu0+r6aXX02cJCwND/MQ/S96ntwFBqXiJUoHPSRng= Subject key identifier: E2:B1:4C:F2:74:6A:07:7C:08:CC:93:5D:97:82:1A:93:F7:95:B9:91 Certificate issuer: /CN=3c86ec321e72fd46c98dcc0cd7c70bcad557d59c Certificate serial: 019B7AC92963579702F855F3454FF6ECB2C4 Authority key identifier: 3C:86:EC:32:1E:72:FD:46:C9:8D:CC:0C:D7:C7:0B:CA:D5:57:D5:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PIbsMh5y_UbJjcwM18cLytVX1Zw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/4rFM8nRqB3wIzJNdl4Iak_eVuZE.roa Signing time: Thu 01 Jan 2026 18:19:22 +0000 ROA not before: Thu 01 Jan 2026 18:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209097 IP address blocks: 5.182.144.0/24 maxlen: 24 5.182.145.0/24 maxlen: 24 5.182.146.0/24 maxlen: 24 5.182.147.0/24 maxlen: 24 45.149.56.0/24 maxlen: 24 45.149.57.0/24 maxlen: 24 45.149.58.0/24 maxlen: 24 45.149.59.0/24 maxlen: 24 185.115.204.0/24 maxlen: 24 2a0e:5c00::/32 maxlen: 32 2a0e:5c01::/32 maxlen: 32 2a0e:5c02::/32 maxlen: 32 2a0e:5c03::/32 maxlen: 32 2a0e:5c04::/30 maxlen: 30 2a12:f280::/32 maxlen: 32 2a12:f281::/32 maxlen: 32 2a12:f282::/32 maxlen: 32 2a12:f283::/32 maxlen: 32 2a12:f284::/32 maxlen: 32 2a12:f285::/32 maxlen: 32 2a12:f286::/31 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/PIbsMh5y_UbJjcwM18cLytVX1Zw.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/PIbsMh5y_UbJjcwM18cLytVX1Zw.mft rsync://rpki.ripe.net/repository/DEFAULT/PIbsMh5y_UbJjcwM18cLytVX1Zw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:29:63:57:97:02:f8:55:f3:45:4f:f6:ec:b2:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c86ec321e72fd46c98dcc0cd7c70bcad557d59c Validity Not Before: Jan 1 18:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2b14cf2746a077c08cc935d97821a93f795b991 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:01:2e:51:e5:5c:c2:b7:ed:d9:9d:33:b6:be: d2:ed:53:9c:49:e3:bf:fd:9e:98:b6:2b:75:2f:c5: 07:ee:b0:22:52:52:6d:79:a4:13:ef:68:41:70:f5: 69:0f:28:0a:55:1f:9a:fb:c5:a6:23:38:ae:bb:c8: a2:4e:f3:6d:ec:24:a1:bd:3b:95:a1:36:09:c6:30: 67:05:17:e6:fd:f0:e9:3f:97:72:a3:87:ed:55:2b: 5c:e9:a2:69:3b:69:dc:d3:46:22:df:7e:26:6b:02: 5c:cd:c9:51:2a:c9:a6:db:1c:08:55:54:19:61:44: f7:00:ae:54:69:84:2f:5a:c8:19:d6:c4:ad:2a:fc: d7:0b:d1:eb:18:5e:75:93:ac:b5:28:90:a3:0f:7d: 0e:81:8a:cf:5a:91:86:23:87:0f:56:46:fe:e4:21: 99:52:bc:fc:6f:c7:c3:7b:c6:4a:d2:6b:fe:9f:13: f8:ac:60:5e:c7:5c:12:e8:79:bf:c0:7a:64:42:dd: 38:7f:5d:30:1e:28:e4:38:73:a3:cd:fb:a7:c0:77: 77:0a:6a:e9:4e:07:d3:8a:45:b4:9d:26:c7:4d:8d: d6:38:e8:8e:d7:85:9a:ef:35:56:a6:a7:05:1c:ea: 27:af:4d:f0:3b:7d:7a:9f:7f:a4:22:b8:d5:72:cd: 86:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:B1:4C:F2:74:6A:07:7C:08:CC:93:5D:97:82:1A:93:F7:95:B9:91 X509v3 Authority Key Identifier: keyid:3C:86:EC:32:1E:72:FD:46:C9:8D:CC:0C:D7:C7:0B:CA:D5:57:D5:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PIbsMh5y_UbJjcwM18cLytVX1Zw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/4rFM8nRqB3wIzJNdl4Iak_eVuZE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5c0fd2-6743-4682-967b-5f15beafa9b1/1/PIbsMh5y_UbJjcwM18cLytVX1Zw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.144.0/22 45.149.56.0/22 185.115.204.0/24 IPv6: 2a0e:5c00::/29 2a12:f280::/29 Signature Algorithm: sha256WithRSAEncryption 79:ae:91:4e:a2:bf:4b:8c:fa:a1:5a:f0:05:7c:b7:fc:30:39: 75:49:7e:34:f1:91:eb:93:4d:c0:f5:9d:3b:9b:ec:82:e2:7c: 5f:7f:4d:d5:8a:89:c3:26:35:ff:4a:d7:dc:6d:de:ca:a3:81: 28:eb:88:36:68:15:99:37:99:64:6c:1b:0e:ac:7f:1a:a6:52: d4:ff:fd:ad:64:b0:c6:bc:d0:3c:ab:fe:49:14:41:25:9a:ce: 6b:ef:3b:97:12:59:7e:b9:53:20:ff:8b:a4:53:9f:54:a8:9b: 9c:0a:75:94:fc:78:9c:df:3b:14:c9:92:7e:2e:a7:a6:3a:50: 38:67:e2:51:4a:94:de:51:79:87:15:a8:4c:e5:ef:4e:cd:13: 62:bf:80:9c:dd:b6:27:0c:eb:0b:a3:a9:d4:73:5c:24:4f:89: 1a:bf:54:b5:e7:91:66:61:63:28:c5:60:d6:2c:31:cc:82:00: ec:aa:00:1e:6a:ef:d2:cb:63:cf:1f:a1:9b:bd:e3:4d:8b:8c: ce:fe:82:10:c8:ea:a2:cb:4f:7b:ff:10:aa:ad:e1:55:8b:d2: 7d:7f:4c:4a:23:d4:73:1d:5d:2a:e6:0e:a5:39:27:c8:d0:81: ad:98:8a:d1:23:a5:d7:e0:39:7f:2f:6f:44:67:16:d5:0c:d8: 15:3c:cb:9a -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt6ySljV5cC+FXzRU/27LLEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjODZlYzMyMWU3MmZkNDZjOThkY2MwY2Q3YzcwYmNhZDU1 N2Q1OWMwHhcNMjYwMTAxMTgxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMmIxNGNmMjc0NmEwNzdjMDhjYzkzNWQ5NzgyMWE5M2Y3OTViOTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgEuUeVcwrft2Z0ztr7S7VOcSeO/ /Z6Ytit1L8UH7rAiUlJteaQT72hBcPVpDygKVR+a+8WmIziuu8iiTvNt7CShvTuV oTYJxjBnBRfm/fDpP5dyo4ftVStc6aJpO2nc00Yi334mawJczclRKsmm2xwIVVQZ YUT3AK5UaYQvWsgZ1sStKvzXC9HrGF51k6y1KJCjD30OgYrPWpGGI4cPVkb+5CGZ Urz8b8fDe8ZK0mv+nxP4rGBex1wS6Hm/wHpkQt04f10wHijkOHOjzfunwHd3Cmrp TgfTikW0nSbHTY3WOOiO14Wa7zVWpqcFHOonr03wO316n3+kIrjVcs2GNQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFOKxTPJ0agd8CMyTXZeCGpP3lbmRMB8GA1UdIwQY MBaAFDyG7DIecv1GyY3MDNfHC8rVV9WcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUElic01oNXlfVWJKamN3TTE4Y0x5dFZYMVp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81YzBmZDItNjc0My00NjgyLTk2N2It NWYxNWJlYWZhOWIxLzEvNHJGTThuUnFCM3dJekpOZGw0SWFrX2VWdVpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi81YzBmZDItNjc0My00NjgyLTk2N2ItNWYxNWJlYWZhOWIx LzEvUElic01oNXlfVWJKamN3TTE4Y0x5dFZYMVp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCBbaQAwQC LZU4AwQAuXPMMBQEAgACMA4DBQMqDlwAAwUDKhLygDANBgkqhkiG9w0BAQsFAAOC AQEAea6RTqK/S4z6oVrwBXy3/DA5dUl+NPGR65NNwPWdO5vsguJ8X39N1YqJwyY1 /0rX3G3eyqOBKOuINmgVmTeZZGwbDqx/GqZS1P/9rWSwxrzQPKv+SRRBJZrOa+87 lxJZfrlTIP+LpFOfVKibnAp1lPx4nN87FMmSfi6npjpQOGfiUUqU3lF5hxWoTOXv Ts0TYr+AnN22JwzrC6Op1HNcJE+JGr9UteeRZmFjKMVg1iwxzIIA7KoAHmrv0stj zx+hm73jTYuMzv6CEMjqostPe/8Qqq3hVYvSfX9MSiPUcx1dKuYOpTknyNCBrZiK 0SOl1+A5fy9vRGcW1QzYFTzLmg== -----END CERTIFICATE-----Generated at Mon Jan 26 02:08:01 2026 by rpki-client