This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/5kHMUhkQdhdmPsoYdgNhzsXtWzM.roa File: 5kHMUhkQdhdmPsoYdgNhzsXtWzM.roa (raw, json) Hash identifier: HkIcUKEr6evBI/O/U9bdxjljBynF2gnI1JjwJLgu2W8= Subject key identifier: E6:41:CC:52:19:10:76:17:66:3E:CA:18:76:03:61:CE:C5:ED:5B:33 Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a Certificate serial: 019B77C73CD64170103A62A58BBB5D1EE80A Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/5kHMUhkQdhdmPsoYdgNhzsXtWzM.roa Signing time: Thu 01 Jan 2026 04:18:24 +0000 ROA not before: Thu 01 Jan 2026 04:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 52016 IP address blocks: 194.190.21.0/24 maxlen: 24 194.190.137.0/24 maxlen: 24 194.190.157.0/24 maxlen: 24 194.226.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:3c:d6:41:70:10:3a:62:a5:8b:bb:5d:1e:e8:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a Validity Not Before: Jan 1 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e641cc5219107617663eca18760361cec5ed5b33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9d:ec:11:bc:36:06:3e:3b:72:50:b8:9d:2e: 83:49:1f:f0:a0:fa:51:9f:d8:55:af:f7:7c:4b:eb: a6:df:70:b9:b8:11:d5:ca:ba:77:93:68:8f:54:2d: 3d:4d:9b:7a:b6:a9:42:3b:71:78:a1:b6:c1:36:d4: 2c:5d:c1:27:21:53:16:c1:20:40:40:25:ca:3a:21: 06:89:94:1b:79:87:5e:6b:6a:cd:ff:f7:7a:c3:8a: 26:d6:1f:32:2f:9c:0e:6f:be:e5:20:6c:0a:61:31: eb:37:0f:2b:2b:4a:d8:39:e5:1d:28:a3:74:73:27: ec:6c:bd:28:19:b8:d6:1e:8d:95:5d:90:c7:c6:a4: 6f:64:36:03:68:95:40:94:81:34:d3:3d:45:89:bf: 2f:96:07:96:27:a5:85:97:7d:75:fb:04:71:02:a3: 27:6d:3d:78:24:00:5b:d7:83:10:0b:15:ad:ac:09: cf:ed:e8:41:fe:8d:6b:1f:1d:d4:a6:cf:b4:2f:7a: 80:62:dd:10:c5:56:6a:21:4e:f4:de:28:a1:c5:ab: 8c:77:9d:b0:52:da:85:b2:95:1d:b0:cd:22:d9:3e: 0c:f1:34:a5:88:8c:9c:be:19:a9:15:41:93:dd:58: 8e:5d:13:b3:31:66:ca:01:27:ef:a1:d8:75:69:86: 16:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:41:CC:52:19:10:76:17:66:3E:CA:18:76:03:61:CE:C5:ED:5B:33 X509v3 Authority Key Identifier: keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/5kHMUhkQdhdmPsoYdgNhzsXtWzM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.190.21.0/24 194.190.137.0/24 194.190.157.0/24 194.226.130.0/23 Signature Algorithm: sha256WithRSAEncryption 86:93:cd:f2:74:f2:fe:a9:19:d1:e2:8f:66:c6:55:fa:84:d2: 6e:17:fd:bb:ec:8a:16:e8:01:c0:8e:20:1e:b3:90:65:ba:3a: 4f:2b:d1:a1:83:e6:69:d4:1a:5a:c4:60:71:3b:50:f7:63:e0: 40:6f:ad:84:4f:d5:d5:80:34:d1:cf:67:43:4f:06:56:03:32: 1d:97:ca:82:ab:15:93:91:62:9a:e4:9a:37:0f:ec:52:1e:1a: 07:07:a9:20:07:f0:6f:3b:41:37:b2:40:23:36:f0:10:5a:ed: ab:49:46:a3:2c:95:60:34:1c:04:41:d7:90:a9:12:6d:9b:23: d9:25:5c:5a:fc:0c:a1:6e:9f:62:a9:70:0e:30:57:c3:61:a1: 53:46:b8:ae:03:89:2f:4b:b5:40:b9:da:ee:4f:d3:11:21:82: d2:c5:f8:b7:b0:cd:b1:ff:a7:85:c1:47:36:b6:ae:88:d6:2b: 5b:b4:85:29:68:8a:45:db:a2:d5:a5:70:a4:e6:a3:71:06:d6: 20:1e:cb:73:dd:9e:7b:1d:5b:bc:30:2c:db:8a:2e:46:0d:29: 6e:38:cf:4b:78:03:db:28:57:da:11:c4:1c:9e:a7:3f:96:c8: 76:32:d8:f2:38:39:e0:d9:6b:6a:b2:ef:59:a0:a8:80:99:44: 5b:76:ab:5c -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3xzzWQXAQOmKli7tdHugKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx NjQ2NGEwHhcNMjYwMTAxMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNjQxY2M1MjE5MTA3NjE3NjYzZWNhMTg3NjAzNjFjZWM1ZWQ1YjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4p3sEbw2Bj47clC4nS6DSR/woPpR n9hVr/d8S+um33C5uBHVyrp3k2iPVC09TZt6tqlCO3F4obbBNtQsXcEnIVMWwSBA QCXKOiEGiZQbeYdea2rN//d6w4om1h8yL5wOb77lIGwKYTHrNw8rK0rYOeUdKKN0 cyfsbL0oGbjWHo2VXZDHxqRvZDYDaJVAlIE00z1Fib8vlgeWJ6WFl311+wRxAqMn bT14JABb14MQCxWtrAnP7ehB/o1rHx3Ups+0L3qAYt0QxVZqIU703iihxauMd52w UtqFspUdsM0i2T4M8TSliIycvhmpFUGT3ViOXROzMWbKASfvodh1aYYW8wIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFOZBzFIZEHYXZj7KGHYDYc7F7VszMB8GA1UdIwQY MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt OWU5YTFlMDM3MzhlLzEvNWtITVVoa1FkaGRtUHNvWWRnTmh6c1h0V3pNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwr4VAwQA wr6JAwQAwr6dAwQBwuKCMA0GCSqGSIb3DQEBCwUAA4IBAQCGk83ydPL+qRnR4o9m xlX6hNJuF/277IoW6AHAjiAes5BlujpPK9Ghg+Zp1BpaxGBxO1D3Y+BAb62ET9XV gDTRz2dDTwZWAzIdl8qCqxWTkWKa5Jo3D+xSHhoHB6kgB/BvO0E3skAjNvAQWu2r SUajLJVgNBwEQdeQqRJtmyPZJVxa/Ayhbp9iqXAOMFfDYaFTRriuA4kvS7VAudru T9MRIYLSxfi3sM2x/6eFwUc2tq6I1itbtIUpaIpF26LVpXCk5qNxBtYgHstz3Z57 HVu8MCzbii5GDSluOM9LeAPbKFfaEcQcnqc/lsh2MtjyODng2Wtqsu9ZoKiAmURb dqtc -----END CERTIFICATE-----Generated at Sun Jan 25 14:40:16 2026 by rpki-client