This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/1CdaDEMYuczsE5fB0W--_kjgKz4.roa File: 1CdaDEMYuczsE5fB0W--_kjgKz4.roa (raw, json) Hash identifier: eLlevVfSpCGIySbdmJVMxY3O6xhqpu9HHp+hjTsXa+Y= Subject key identifier: D4:27:5A:0C:43:18:B9:CC:EC:13:97:C1:D1:6F:BE:FE:48:E0:2B:3E Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190 Certificate serial: 019B7F154E3F3943185DAE5DAC62D10180D1 Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/1CdaDEMYuczsE5fB0W--_kjgKz4.roa Signing time: Fri 02 Jan 2026 14:21:01 +0000 ROA not before: Fri 02 Jan 2026 14:21:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3301 IP address blocks: 2.248.0.0/14 maxlen: 14 2.252.0.0/15 maxlen: 15 2.254.0.0/16 maxlen: 16 2.255.0.0/17 maxlen: 17 2.255.128.0/18 maxlen: 18 2.255.190.0/24 maxlen: 24 2.255.191.0/24 maxlen: 24 62.20.0.0/16 maxlen: 16 77.110.0.0/18 maxlen: 18 78.64.0.0/12 maxlen: 12 81.224.0.0/12 maxlen: 12 81.228.4.0/23 maxlen: 23 81.228.4.0/24 maxlen: 24 81.228.5.0/24 maxlen: 24 82.214.0.0/18 maxlen: 18 85.11.0.0/18 maxlen: 18 90.224.0.0/12 maxlen: 12 92.254.128.0/17 maxlen: 17 95.109.0.0/17 maxlen: 17 95.192.0.0/12 maxlen: 12 185.103.208.0/22 maxlen: 22 185.103.208.0/24 maxlen: 24 188.126.224.0/19 maxlen: 19 188.126.233.0/24 maxlen: 24 188.126.240.0/23 maxlen: 23 192.16.152.0/23 maxlen: 23 192.16.153.0/24 maxlen: 24 192.150.58.0/23 maxlen: 23 192.150.60.0/22 maxlen: 22 192.150.64.0/22 maxlen: 22 192.150.68.0/23 maxlen: 23 192.150.78.0/23 maxlen: 23 192.150.80.0/23 maxlen: 23 193.44.0.0/15 maxlen: 15 194.16.0.0/15 maxlen: 15 194.18.0.0/16 maxlen: 16 194.22.0.0/15 maxlen: 15 194.218.0.0/16 maxlen: 16 194.236.0.0/15 maxlen: 15 195.67.0.0/16 maxlen: 16 195.198.0.0/16 maxlen: 16 195.252.32.0/19 maxlen: 19 212.28.192.0/19 maxlen: 19 212.181.0.0/16 maxlen: 16 213.64.0.0/14 maxlen: 14 217.208.0.0/13 maxlen: 13 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.mft rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:4e:3f:39:43:18:5d:ae:5d:ac:62:d1:01:80:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190 Validity Not Before: Jan 2 14:21:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d4275a0c4318b9ccec1397c1d16fbefe48e02b3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:30:8e:14:41:0d:39:d4:30:cf:3f:18:03:bb: bd:be:ba:f0:92:2e:60:27:a4:60:5c:e2:f6:b3:a6: b8:a7:52:e2:18:07:ec:69:91:c2:67:36:56:8e:ea: 6f:a7:74:c3:ff:8b:37:ea:f2:70:f3:9a:ae:0f:01: ec:0f:da:3e:e0:1f:34:86:5f:1a:f8:86:c3:6a:17: 14:65:9a:84:89:59:0c:42:60:e8:36:2b:7f:59:5a: d1:ea:44:2d:53:28:f7:15:12:fb:8b:d7:00:be:5e: 62:39:38:14:c3:9b:a6:70:8c:1e:3d:b3:c1:61:0d: 0e:a3:ad:db:bd:88:41:ff:b5:4c:bd:e6:9d:a4:da: 42:28:b5:8f:a9:fe:24:31:f3:a0:39:2d:2d:82:dc: 8f:dc:5a:7b:57:98:ae:4f:81:5a:7b:54:21:df:eb: 11:2d:07:83:72:53:94:84:c5:f2:ef:81:08:b7:89: 1f:bf:dd:93:cd:cd:c5:ee:50:8e:96:ed:a5:78:56: 2a:59:d5:6c:7d:39:af:ab:91:1f:1d:86:2b:8c:57: 47:a9:00:8b:d2:3d:86:63:3d:e5:3e:ac:f3:fc:ae: eb:80:83:2a:d0:7f:73:08:33:60:ff:a2:46:a5:75: 32:79:12:52:5a:15:9d:9e:50:ce:cb:e7:17:4d:b5: f7:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:27:5A:0C:43:18:B9:CC:EC:13:97:C1:D1:6F:BE:FE:48:E0:2B:3E X509v3 Authority Key Identifier: keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/1CdaDEMYuczsE5fB0W--_kjgKz4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.248.0.0-2.255.191.255 62.20.0.0/16 77.110.0.0/18 78.64.0.0/12 81.224.0.0/12 82.214.0.0/18 85.11.0.0/18 90.224.0.0/12 92.254.128.0/17 95.109.0.0/17 95.192.0.0/12 185.103.208.0/22 188.126.224.0/19 192.16.152.0/23 192.150.58.0-192.150.69.255 192.150.78.0-192.150.81.255 193.44.0.0/15 194.16.0.0-194.18.255.255 194.22.0.0/15 194.218.0.0/16 194.236.0.0/15 195.67.0.0/16 195.198.0.0/16 195.252.32.0/19 212.28.192.0/19 212.181.0.0/16 213.64.0.0/14 217.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 7f:df:2f:72:ec:e1:c1:83:18:29:2c:a4:8f:ee:7d:07:b7:0f: e7:d0:b7:76:02:87:b7:b7:53:6e:ad:39:00:1d:db:9c:57:fa: 9a:8b:c4:a8:47:5b:2d:10:f9:76:ca:f3:8e:79:c7:f1:72:bd: ae:c8:06:d0:57:8f:06:ba:4f:f7:bb:32:72:11:60:25:bf:c1: 58:3c:9d:ad:35:05:a2:88:26:b7:cb:e6:36:50:87:70:ce:cb: f4:dc:f3:9e:11:9a:2f:7f:cb:89:c0:c3:88:16:d8:8d:cd:3e: d1:f6:51:89:b6:53:db:66:bc:da:c7:31:8f:af:b1:b5:98:44: 0d:fe:b8:36:bd:4a:8b:6a:cb:90:73:bb:b0:33:f7:a0:fa:3d: 86:98:d0:e6:cf:ec:dd:db:dd:2d:8c:37:f3:c4:75:4a:29:20: fd:c0:6c:d0:5b:3d:a9:44:39:cb:03:55:13:db:36:e5:21:5d: ea:f7:08:f6:94:73:88:44:46:51:ed:40:52:05:4e:89:f7:b5: d0:04:59:cc:7b:aa:cb:e2:85:c4:c0:8c:2e:bd:bb:90:36:35: 6a:d8:4d:6c:f1:44:e2:7b:ba:fb:08:c7:73:21:fb:3a:1d:2c: 62:8a:2a:81:8d:b8:4f:5c:8b:0a:10:d8:d4:6e:a7:23:a8:a2: 6e:1b:2e:f1 -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgISAZt/FU4/OUMYXa5drGLRAYDRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1 YmUxOTAwHhcNMjYwMTAyMTQyMTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNDI3NWEwYzQzMThiOWNjZWMxMzk3YzFkMTZmYmVmZTQ4ZTAyYjNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTCOFEENOdQwzz8YA7u9vrrwki5g J6RgXOL2s6a4p1LiGAfsaZHCZzZWjupvp3TD/4s36vJw85quDwHsD9o+4B80hl8a +IbDahcUZZqEiVkMQmDoNit/WVrR6kQtUyj3FRL7i9cAvl5iOTgUw5umcIwePbPB YQ0Oo63bvYhB/7VMveadpNpCKLWPqf4kMfOgOS0tgtyP3Fp7V5iuT4Fae1Qh3+sR LQeDclOUhMXy74EIt4kfv92Tzc3F7lCOlu2leFYqWdVsfTmvq5EfHYYrjFdHqQCL 0j2GYz3lPqzz/K7rgIMq0H9zCDNg/6JGpXUyeRJSWhWdnlDOy+cXTbX3RwIDAQAB o4ICvzCCArswHQYDVR0OBBYEFNQnWgxDGLnM7BOXwdFvvv5I4Cs+MB8GA1UdIwQY MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt NjA4NTY0ODM5ZmQwLzEvMUNkYURFTVl1Y3pzRTVmQjBXLS1fa2pnS3o0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBvgQCAAEwgbcwCwMD AwL4AwQGAv+AAwMAPhQDBAZNbgADAwROQAMDBFHgAwQGUtYAAwQGVQsAAwMEWuAD BAdc/oADBAdfbQADAwRfwAMEArln0AMEBbx+4AMEAcAQmDAMAwQBwJY6AwQBwJZE MAwDBAHAlk4DBAHAllADAwHBLDAKAwMEwhADAwDCEgMDAcIWAwMAwtoDAwHC7AMD AMNDAwMAw8YDBAXD/CADBAXUHMADAwDUtQMDAtVAAwMD2dAwDQYJKoZIhvcNAQEL BQADggEBAH/fL3Ls4cGDGCkspI/ufQe3D+fQt3YCh7e3U26tOQAd25xX+pqLxKhH Wy0Q+XbK8455x/Fyva7IBtBXjwa6T/e7MnIRYCW/wVg8na01BaKIJrfL5jZQh3DO y/Tc854Rmi9/y4nAw4gW2I3NPtH2UYm2U9tmvNrHMY+vsbWYRA3+uDa9Sotqy5Bz u7Az96D6PYaY0ObP7N3b3S2MN/PEdUopIP3AbNBbPalEOcsDVRPbNuUhXer3CPaU c4hERlHtQFIFTon3tdAEWcx7qsvihcTAjC69u5A2NWrYTWzxROJ7uvsIx3Mh+zod LGKKKoGNuE9ciwoQ2NRupyOoom4bLvE= -----END CERTIFICATE-----Generated at Sun Jan 25 13:42:33 2026 by rpki-client