This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/U5Hr7DVltimNN4exYtKNMwjtw8w.roa File: U5Hr7DVltimNN4exYtKNMwjtw8w.roa (raw, json) Hash identifier: a1GYmzluOFIdh7d+x71WU9ozZYGhuTpIQod/AeGpY6Y= Subject key identifier: 53:91:EB:EC:35:65:B6:29:8D:37:87:B1:62:D2:8D:33:08:ED:C3:CC Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84 Certificate serial: 019B7F1558FB548C96AEBE83BE6D855D0C8E Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/U5Hr7DVltimNN4exYtKNMwjtw8w.roa Signing time: Fri 02 Jan 2026 14:21:04 +0000 ROA not before: Fri 02 Jan 2026 14:21:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42926 IP address blocks: 31.210.64.0/18 maxlen: 24 46.45.128.0/18 maxlen: 24 46.45.185.0/24 maxlen: 24 46.45.186.0/24 maxlen: 24 46.45.187.0/24 maxlen: 24 46.45.188.0/24 maxlen: 24 77.75.32.0/21 maxlen: 24 79.98.128.0/21 maxlen: 24 94.101.80.0/20 maxlen: 24 94.101.90.0/24 maxlen: 24 176.53.0.0/17 maxlen: 24 176.53.74.0/24 maxlen: 24 176.53.96.0/24 maxlen: 24 176.53.112.0/24 maxlen: 24 178.211.32.0/19 maxlen: 24 178.211.61.0/24 maxlen: 24 185.25.100.0/22 maxlen: 22 185.25.100.0/24 maxlen: 24 185.25.101.0/24 maxlen: 24 185.25.102.0/24 maxlen: 24 185.25.103.0/24 maxlen: 24 185.157.40.0/22 maxlen: 24 185.184.208.0/22 maxlen: 24 213.128.64.0/19 maxlen: 24 213.128.93.0/24 maxlen: 24 213.128.94.0/24 maxlen: 24 213.128.95.0/24 maxlen: 24 2a00:56a0::/32 maxlen: 48 2a01:790::/32 maxlen: 48 2a0b:5f40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:58:fb:54:8c:96:ae:be:83:be:6d:85:5d:0c:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84 Validity Not Before: Jan 2 14:21:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5391ebec3565b6298d3787b162d28d3308edc3cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b9:d5:3c:31:1d:6b:7a:54:cc:be:1c:d8:54: a0:f0:4e:a8:09:11:6d:00:85:d1:1a:87:f2:3d:e2: 1d:88:24:c0:d8:44:a0:e9:eb:80:b1:03:7f:b9:b6: c9:99:92:06:fc:fd:30:5b:d2:3c:3f:61:63:8c:c1: f0:a7:67:6f:a1:bd:d6:2a:b0:88:14:3b:f7:27:17: b0:d7:8a:c8:82:28:1d:50:0d:b6:c8:1f:c9:73:5f: 27:66:f3:88:27:90:62:46:6b:5c:9f:7b:a8:a5:2c: b6:0b:af:d5:63:d5:20:da:3f:55:1e:c6:17:b1:b2: 20:d5:0a:d2:71:cd:40:76:df:05:58:ef:ef:28:6f: e1:89:64:27:8c:75:eb:d5:d6:23:73:38:2d:81:1a: d9:bd:b2:92:21:c1:52:38:5a:17:e6:5c:d2:84:08: 17:b1:6b:4a:67:f8:78:b2:be:90:ac:e3:c2:cb:f4: 4c:7a:06:87:99:9c:18:c7:c0:a5:92:f5:9a:55:5e: 3c:66:43:0d:08:f3:77:bb:f9:c1:4a:83:73:bd:36: c9:96:9c:1c:ed:96:0e:1a:df:42:ce:31:ef:fd:c3: 8c:90:c3:d1:16:14:0d:31:f1:b4:db:f2:f5:7b:ac: 86:2b:cf:37:3a:d4:2b:e6:e4:46:50:1b:ec:00:4f: bb:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:91:EB:EC:35:65:B6:29:8D:37:87:B1:62:D2:8D:33:08:ED:C3:CC X509v3 Authority Key Identifier: keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/U5Hr7DVltimNN4exYtKNMwjtw8w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.210.64.0/18 46.45.128.0/18 77.75.32.0/21 79.98.128.0/21 94.101.80.0/20 176.53.0.0/17 178.211.32.0/19 185.25.100.0/22 185.157.40.0/22 185.184.208.0/22 213.128.64.0/19 IPv6: 2a00:56a0::/32 2a01:790::/32 2a0b:5f40::/29 Signature Algorithm: sha256WithRSAEncryption 79:b3:7c:61:c3:12:9d:88:c2:4c:5d:e7:d9:25:b4:bf:8a:8d: da:3a:14:25:db:02:59:8e:37:c6:49:fd:fa:1f:bb:d3:b7:ec: 6b:84:82:e7:77:46:14:6a:60:7c:7d:82:0e:82:fc:bd:da:e2: a5:56:20:a6:a8:08:cf:6a:97:80:c9:a9:3d:ca:17:bb:5c:f0: 4f:22:bf:a2:28:59:34:41:6e:fa:66:70:c7:5e:fc:62:9e:3e: 28:3f:27:30:0c:2a:66:ae:04:16:a7:ff:3f:51:c6:31:4b:14: 62:4b:c0:73:49:6d:11:85:31:c1:95:1c:2e:32:64:34:b1:ae: 28:6d:dc:9c:0e:dc:51:74:15:3a:15:8b:c6:2f:6d:2d:79:4f: 2c:3f:1e:18:0b:98:8b:d8:17:3e:c3:21:b3:f4:d6:ff:67:88: bb:85:9d:73:5a:f6:5f:9f:ca:1d:8f:51:db:11:34:8e:d4:cb: d9:1e:74:37:d1:38:70:4f:2f:35:c9:da:8d:26:cc:f5:66:78: 4f:93:7d:94:e0:f0:dc:24:47:d1:68:5a:30:22:55:5e:ed:d7: cf:94:7f:1f:58:3a:ee:1a:e9:01:09:b7:e5:40:41:9b:20:3c: b3:90:6e:d8:ab:a0:93:84:79:43:c5:1b:56:8f:fb:64:15:e8: 82:45:58:bc -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISAZt/FVj7VIyWrr6Dvm2FXQyOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0 NDdhODQwHhcNMjYwMTAyMTQyMTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MzkxZWJlYzM1NjViNjI5OGQzNzg3YjE2MmQyOGQzMzA4ZWRjM2NjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubnVPDEda3pUzL4c2FSg8E6oCRFt AIXRGofyPeIdiCTA2ESg6euAsQN/ubbJmZIG/P0wW9I8P2FjjMHwp2dvob3WKrCI FDv3Jxew14rIgigdUA22yB/Jc18nZvOIJ5BiRmtcn3uopSy2C6/VY9Ug2j9VHsYX sbIg1QrScc1Adt8FWO/vKG/hiWQnjHXr1dYjczgtgRrZvbKSIcFSOFoX5lzShAgX sWtKZ/h4sr6QrOPCy/RMegaHmZwYx8ClkvWaVV48ZkMNCPN3u/nBSoNzvTbJlpwc 7ZYOGt9CzjHv/cOMkMPRFhQNMfG02/L1e6yGK883OtQr5uRGUBvsAE+7YwIDAQAB o4ICYjCCAl4wHQYDVR0OBBYEFFOR6+w1ZbYpjTeHsWLSjTMI7cPMMB8GA1UdIwQY MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt YTk2NTdlYjFmOGQ3LzEvVTVIcjdEVmx0aW1OTjRleFl0S05Nd2p0dzh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3 LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGH9JAAwQG Li2AAwQDTUsgAwQDT2KAAwQEXmVQAwQHsDUAAwQFstMgAwQCuRlkAwQCuZ0oAwQC ubjQAwQF1YBAMBsEAgACMBUDBQAqAFagAwUAKgEHkAMFAyoLX0AwDQYJKoZIhvcN AQELBQADggEBAHmzfGHDEp2Iwkxd59kltL+Kjdo6FCXbAlmON8ZJ/fofu9O37GuE gud3RhRqYHx9gg6C/L3a4qVWIKaoCM9ql4DJqT3KF7tc8E8iv6IoWTRBbvpmcMde /GKePig/JzAMKmauBBan/z9RxjFLFGJLwHNJbRGFMcGVHC4yZDSxriht3JwO3FF0 FToVi8YvbS15Tyw/HhgLmIvYFz7DIbP01v9niLuFnXNa9l+fyh2PUdsRNI7Uy9ke dDfROHBPLzXJ2o0mzPVmeE+TfZTg8NwkR9FoWjAiVV7t18+Ufx9YOu4a6QEJt+VA QZsgPLOQbtiroJOEeUPFG1aP+2QV6IJFWLw= -----END CERTIFICATE-----Generated at Mon Jan 26 00:13:55 2026 by rpki-client