This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/GIKwXPgpp9tYu44qAWsgouqavSk.roa File: GIKwXPgpp9tYu44qAWsgouqavSk.roa (raw, json) Hash identifier: U0ZjuWOGhkNCjwceAqeYAxKQDQUWsJyAsTBPjUkaiJM= Subject key identifier: 18:82:B0:5C:F8:29:A7:DB:58:BB:8E:2A:01:6B:20:A2:EA:9A:BD:29 Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436 Certificate serial: 019B77C6747F6178D40B3AE002CBD1ADACB5 Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/GIKwXPgpp9tYu44qAWsgouqavSk.roa Signing time: Thu 01 Jan 2026 04:17:33 +0000 ROA not before: Thu 01 Jan 2026 04:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31708 IP address blocks: 31.193.168.0/21 maxlen: 21 31.193.170.0/24 maxlen: 24 62.197.40.0/23 maxlen: 23 62.197.44.0/24 maxlen: 24 62.197.50.0/23 maxlen: 23 83.142.24.0/22 maxlen: 22 83.142.29.0/24 maxlen: 24 85.13.192.0/18 maxlen: 18 85.13.192.0/24 maxlen: 24 85.13.199.0/24 maxlen: 24 85.13.208.0/24 maxlen: 24 85.13.209.0/24 maxlen: 24 85.13.214.0/24 maxlen: 24 85.13.216.0/24 maxlen: 24 85.13.222.0/24 maxlen: 24 85.13.228.0/24 maxlen: 24 85.13.230.0/24 maxlen: 24 85.13.234.0/24 maxlen: 24 85.13.247.0/24 maxlen: 24 85.13.251.0/24 maxlen: 24 89.187.64.0/22 maxlen: 22 89.187.70.0/23 maxlen: 23 89.187.72.0/24 maxlen: 24 89.187.74.0/23 maxlen: 23 89.187.76.0/24 maxlen: 24 89.187.78.0/23 maxlen: 23 89.187.78.0/24 maxlen: 24 89.187.79.0/24 maxlen: 24 89.187.80.0/21 maxlen: 21 89.187.80.0/24 maxlen: 24 89.187.81.0/24 maxlen: 24 89.187.84.0/24 maxlen: 24 89.187.85.0/24 maxlen: 24 89.187.86.0/24 maxlen: 24 89.187.88.0/22 maxlen: 22 89.187.91.0/24 maxlen: 24 89.187.92.0/24 maxlen: 24 89.187.94.0/23 maxlen: 23 89.187.95.0/24 maxlen: 24 109.70.136.0/21 maxlen: 21 109.70.141.0/24 maxlen: 24 109.70.143.0/24 maxlen: 24 193.26.222.0/24 maxlen: 24 2a01:c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.mft rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:74:7f:61:78:d4:0b:3a:e0:02:cb:d1:ad:ac:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436 Validity Not Before: Jan 1 04:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1882b05cf829a7db58bb8e2a016b20a2ea9abd29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:46:bf:bc:55:1d:b5:a7:1c:fa:41:d4:ae:cb: a9:75:c1:ed:51:f0:41:55:2b:5f:a8:b9:d8:70:31: 0f:10:1d:4b:85:b8:ab:4f:07:de:93:e6:fe:67:7c: c8:cb:e4:a5:c4:47:4d:73:c5:50:6e:ca:4a:ae:59: 7e:59:e5:97:37:21:f1:d0:7b:bd:88:ee:d1:a3:9b: cd:ab:2f:08:f0:1b:a6:b8:d1:70:ac:6d:d3:00:fa: 43:d1:e2:6e:c0:57:0c:18:a8:21:0b:50:d8:9f:3e: ab:84:68:87:12:56:03:99:ed:f4:1d:ee:57:a6:dd: da:7e:e0:7a:29:24:40:61:d3:8c:fb:25:4b:72:46: b9:83:f8:47:5d:07:48:80:71:1a:8c:61:c9:7f:22: c3:cc:27:ed:08:ac:d6:8a:14:21:25:c7:48:34:62: 8b:bd:03:20:9a:49:23:68:37:16:8f:38:c3:6f:66: 9d:99:ce:2d:a6:a0:b4:d8:5a:0c:79:13:11:e4:59: c7:ae:0d:fc:8f:c7:56:fc:16:c7:d5:80:41:f7:62: 10:9f:3f:2d:56:85:6d:6f:02:20:df:31:cb:f8:6c: a2:4e:03:dd:aa:01:73:f5:06:cf:35:18:22:4e:e6: 07:48:c9:d0:1d:e9:5e:05:7d:63:59:be:db:74:e5: de:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:82:B0:5C:F8:29:A7:DB:58:BB:8E:2A:01:6B:20:A2:EA:9A:BD:29 X509v3 Authority Key Identifier: keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/GIKwXPgpp9tYu44qAWsgouqavSk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.193.168.0/21 62.197.40.0/23 62.197.44.0/24 62.197.50.0/23 83.142.24.0/22 83.142.29.0/24 85.13.192.0/18 89.187.64.0/22 89.187.70.0-89.187.72.255 89.187.74.0-89.187.76.255 89.187.78.0-89.187.92.255 89.187.94.0/23 109.70.136.0/21 193.26.222.0/24 IPv6: 2a01:c0::/32 Signature Algorithm: sha256WithRSAEncryption 52:f8:4b:f2:57:1b:46:d6:d4:e4:09:78:3d:41:71:db:1d:9a: 28:a4:55:fc:83:fc:36:46:63:a2:d9:76:2b:3d:c5:c5:7d:16: f8:cf:32:98:c3:bf:ee:47:08:ad:73:a0:2d:40:8c:6e:38:ef: c5:19:ec:03:e5:9f:32:a4:bb:86:ce:41:18:9b:b8:28:8d:57: df:e6:a2:c0:49:db:1f:dd:6f:b0:da:a9:01:c7:6e:fd:1f:36: 24:3b:cc:9c:4f:ec:b6:69:31:66:94:52:4f:a5:4a:13:64:47: 54:79:97:d1:e2:63:c7:f9:3a:cb:7f:05:a4:c8:d4:48:4b:2c: d0:a4:43:2e:28:50:19:17:d4:28:75:b1:d3:54:a2:33:f5:ae: ab:3e:56:75:31:96:19:a4:e9:ab:11:58:57:4d:96:f6:3f:61: e1:7f:fb:8c:4b:48:c3:05:94:27:17:df:eb:2b:03:8c:0a:a9: 79:05:21:99:f0:da:7e:3d:17:eb:ce:10:3b:b4:b2:c9:63:86: 45:82:42:d7:84:42:d2:39:fe:cf:20:49:8f:29:f1:3b:d0:cf: 42:84:d2:7d:df:da:7c:a3:af:2f:5a:27:ac:b7:c4:74:c3:ee: 1c:b1:25:c4:e1:6b:dc:c2:5a:3d:05:16:3a:97:b6:95:a1:b4: 2b:15:b0:1d -----BEGIN CERTIFICATE----- MIIFdTCCBF2gAwIBAgISAZt3xnR/YXjUCzrgAsvRray1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2 ZDU0MzYwHhcNMjYwMTAxMDQxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxODgyYjA1Y2Y4MjlhN2RiNThiYjhlMmEwMTZiMjBhMmVhOWFiZDI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApka/vFUdtacc+kHUrsupdcHtUfBB VStfqLnYcDEPEB1LhbirTwfek+b+Z3zIy+SlxEdNc8VQbspKrll+WeWXNyHx0Hu9 iO7Ro5vNqy8I8BumuNFwrG3TAPpD0eJuwFcMGKghC1DYnz6rhGiHElYDme30He5X pt3afuB6KSRAYdOM+yVLcka5g/hHXQdIgHEajGHJfyLDzCftCKzWihQhJcdINGKL vQMgmkkjaDcWjzjDb2admc4tpqC02FoMeRMR5FnHrg38j8dW/BbH1YBB92IQnz8t VoVtbwIg3zHL+GyiTgPdqgFz9QbPNRgiTuYHSMnQHeleBX1jWb7bdOXe3QIDAQAB o4ICgTCCAn0wHQYDVR0OBBYEFBiCsFz4KafbWLuOKgFrIKLqmr0pMB8GA1UdIwQY MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt OTcyYTRjM2RjM2YzLzEvR0lLd1hQZ3BwOXRZdTQ0cUFXc2dvdXFhdlNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQDH8Go AwQBPsUoAwQAPsUsAwQBPsUyAwQCU44YAwQAU44dAwQGVQ3AAwQCWbtAMAwDBAFZ u0YDBABZu0gwDAMEAVm7SgMEAFm7TDAMAwQBWbtOAwQAWbtcAwQBWbteAwQDbUaI AwQAwRreMA0EAgACMAcDBQAqAQDAMA0GCSqGSIb3DQEBCwUAA4IBAQBS+EvyVxtG 1tTkCXg9QXHbHZoopFX8g/w2RmOi2XYrPcXFfRb4zzKYw7/uRwitc6AtQIxuOO/F GewD5Z8ypLuGzkEYm7gojVff5qLASdsf3W+w2qkBx279HzYkO8ycT+y2aTFmlFJP pUoTZEdUeZfR4mPH+TrLfwWkyNRISyzQpEMuKFAZF9QodbHTVKIz9a6rPlZ1MZYZ pOmrEVhXTZb2P2Hhf/uMS0jDBZQnF9/rKwOMCql5BSGZ8Np+PRfrzhA7tLLJY4ZF gkLXhELSOf7PIEmPKfE70M9ChNJ939p8o68vWiest8R0w+4csSXE4Wvcwlo9BRY6 l7aVobQrFbAd -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:23 2026 by rpki-client