This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ByKSk6_PCk0jKVqec0OJjbAcRcU.roa File: ByKSk6_PCk0jKVqec0OJjbAcRcU.roa (raw, json) Hash identifier: t1f1S4C1okYWwtKH8np/6yMDAc9jaCyFzuNOyR5oQYc= Subject key identifier: 07:22:92:93:AF:CF:0A:4D:23:29:5A:9E:73:43:89:8D:B0:1C:45:C5 Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Certificate serial: 019B797E41A81B7745DF6136AF7BDD5E71BA Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ByKSk6_PCk0jKVqec0OJjbAcRcU.roa Signing time: Thu 01 Jan 2026 12:17:56 +0000 ROA not before: Thu 01 Jan 2026 12:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198668 IP address blocks: 37.221.240.0/20 maxlen: 32 45.153.192.0/22 maxlen: 24 85.255.88.0/22 maxlen: 22 185.19.0.0/22 maxlen: 32 185.64.222.0/24 maxlen: 32 185.74.60.0/23 maxlen: 32 185.97.24.0/22 maxlen: 24 185.188.100.0/22 maxlen: 24 185.188.100.0/24 maxlen: 24 213.108.162.0/23 maxlen: 24 2a03:d840::/32 maxlen: 48 2a03:d840:ffff::/48 maxlen: 48 2a04:c740::/29 maxlen: 48 2a0d:3140::/29 maxlen: 29 2a0f:9300::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:41:a8:1b:77:45:df:61:36:af:7b:dd:5e:71:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Validity Not Before: Jan 1 12:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=07229293afcf0a4d23295a9e7343898db01c45c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:5f:a2:b2:19:92:4c:ae:b3:c6:46:c1:69:79: 09:f0:08:f4:c5:08:dd:0f:c0:ba:cc:1a:65:a6:f6: 88:0b:7f:ec:8c:1c:49:d1:31:fc:5a:06:cc:94:7a: db:68:9b:d7:64:57:a0:5f:a3:bb:3b:55:ef:8a:b3: e0:1e:f0:f8:96:89:a6:ec:ac:c8:b6:20:88:e4:57: 6e:60:7b:f3:45:0a:b9:7c:0f:be:59:28:51:62:b7: ff:8e:3d:4e:e5:ff:5a:c7:ba:eb:e6:b1:e7:aa:9d: a5:63:b2:37:5b:5e:aa:6f:87:9a:15:4f:b4:36:9e: 0f:06:17:54:d5:a1:86:28:61:ce:c7:33:15:81:41: 17:55:c2:68:10:06:5a:ca:23:93:30:e2:9e:84:5d: 77:00:5d:ec:2f:a0:8e:03:9d:85:f4:86:a0:68:c6: cc:95:62:dc:77:e4:77:5f:4a:31:e6:2b:b8:fc:8c: d7:b9:87:ad:14:c1:2d:c2:3b:ce:d7:67:94:5a:81: dc:db:f8:b8:75:bb:09:d4:9d:59:de:2f:f8:ac:8a: dd:c7:e2:57:97:2d:3c:ee:9a:d3:81:c2:95:50:e2: 28:d3:ca:19:a5:ff:fd:3d:f7:77:b1:d2:3d:83:b5: 17:bd:97:a8:3d:2b:2f:f8:a8:bd:b3:70:65:89:a7: 6a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:22:92:93:AF:CF:0A:4D:23:29:5A:9E:73:43:89:8D:B0:1C:45:C5 X509v3 Authority Key Identifier: keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ByKSk6_PCk0jKVqec0OJjbAcRcU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.221.240.0/20 45.153.192.0/22 85.255.88.0/22 185.19.0.0/22 185.64.222.0/24 185.74.60.0/23 185.97.24.0/22 185.188.100.0/22 213.108.162.0/23 IPv6: 2a03:d840::/32 2a04:c740::/29 2a0d:3140::/29 2a0f:9300::/29 Signature Algorithm: sha256WithRSAEncryption 2b:e8:d4:5d:26:70:af:b1:b4:89:41:1d:33:6d:93:fb:02:d6: ff:6a:9c:d8:eb:5b:69:af:35:c5:3d:18:15:c2:0e:56:a9:6c: 3b:01:b6:cd:d9:99:ee:52:d7:cf:b7:0f:76:c1:97:d1:f4:e1: 1d:ae:7b:42:93:ce:79:d4:82:02:ae:8a:e1:cf:a9:d2:16:e7: ce:a7:c4:51:c9:50:eb:f7:d6:37:dd:03:3f:6e:1e:c2:6c:11: 14:24:40:b7:9b:66:f0:ce:11:48:50:43:f0:7f:7f:10:57:ec: c1:4e:b7:4a:8a:e0:1c:af:e2:5a:fa:99:ff:c4:2e:81:ca:d7: 9d:ee:ef:f6:6c:6e:ca:f6:a7:74:0c:a3:2c:41:a8:1f:65:1f: 12:0f:db:8b:cb:ad:49:1f:1b:21:9f:9c:7c:41:13:2f:fa:fc: f1:f0:55:d8:ab:85:92:b0:af:8c:18:9e:d1:b8:ea:9b:9a:36: bd:d4:05:c9:7d:f0:a7:5a:03:f5:82:8e:35:5a:e9:24:f8:b5: ce:08:ca:71:2b:23:a2:be:68:d3:5c:7b:8c:ba:84:49:e9:f7: c0:58:d4:5f:27:6d:39:ed:60:96:18:a6:d2:11:4a:f8:48:a6: 75:c2:22:e2:45:23:5a:ce:47:9b:ed:c4:5c:60:8f:12:81:e6: 1e:02:f4:74 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgISAZt5fkGoG3dF32E2r3vdXnG6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2 MGY2ZjMwHhcNMjYwMTAxMTIxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNzIyOTI5M2FmY2YwYTRkMjMyOTVhOWU3MzQzODk4ZGIwMWM0NWM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1+ishmSTK6zxkbBaXkJ8Aj0xQjd D8C6zBplpvaIC3/sjBxJ0TH8WgbMlHrbaJvXZFegX6O7O1XvirPgHvD4lomm7KzI tiCI5FduYHvzRQq5fA++WShRYrf/jj1O5f9ax7rr5rHnqp2lY7I3W16qb4eaFU+0 Np4PBhdU1aGGKGHOxzMVgUEXVcJoEAZayiOTMOKehF13AF3sL6COA52F9IagaMbM lWLcd+R3X0ox5iu4/IzXuYetFMEtwjvO12eUWoHc2/i4dbsJ1J1Z3i/4rIrdx+JX ly087prTgcKVUOIo08oZpf/9Pfd3sdI9g7UXvZeoPSsv+Ki9s3BliadqYwIDAQAB o4ICXTCCAlkwHQYDVR0OBBYEFAcikpOvzwpNIylannNDiY2wHEXFMB8GA1UdIwQY MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It ZDFhYmY0ZWUzMmNiLzEvQnlLU2s2X1BDazBqS1ZxZWMwT0pqYkFjUmNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQEJd3wAwQC LZnAAwQCVf9YAwQCuRMAAwQAuUDeAwQBuUo8AwQCuWEYAwQCubxkAwQB1WyiMCIE AgACMBwDBQAqA9hAAwUDKgTHQAMFAyoNMUADBQMqD5MAMA0GCSqGSIb3DQEBCwUA A4IBAQAr6NRdJnCvsbSJQR0zbZP7Atb/apzY61tprzXFPRgVwg5WqWw7AbbN2Znu UtfPtw92wZfR9OEdrntCk8551IICrorhz6nSFufOp8RRyVDr99Y33QM/bh7CbBEU JEC3m2bwzhFIUEPwf38QV+zBTrdKiuAcr+Ja+pn/xC6Byted7u/2bG7K9qd0DKMs QagfZR8SD9uLy61JHxshn5x8QRMv+vzx8FXYq4WSsK+MGJ7RuOqbmja91AXJffCn WgP1go41Wukk+LXOCMpxKyOivmjTXHuMuoRJ6ffAWNRfJ2057WCWGKbSEUr4SKZ1 wiLiRSNazkeb7cRcYI8SgeYeAvR0 -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:46 2026 by rpki-client