This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/PAWgUkJGkZMMH0B0t_bDMbs7oV8.roa File: PAWgUkJGkZMMH0B0t_bDMbs7oV8.roa (raw, json) Hash identifier: 4QE+DZNcvEZQ8RmxR+2Kr+4pUxx1nFvP9EyqXOoK9Tw= Subject key identifier: 3C:05:A0:52:42:46:91:93:0C:1F:40:74:B7:F6:C3:31:BB:3B:A1:5F Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Certificate serial: 019A737D868F4396666A843F373F33995EB0 Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/PAWgUkJGkZMMH0B0t_bDMbs7oV8.roa Signing time: Tue 11 Nov 2025 15:16:37 +0000 ROA not before: Tue 11 Nov 2025 15:16:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31034 IP address blocks: 5.249.128.0/19 maxlen: 24 31.11.32.0/21 maxlen: 24 31.14.128.0/20 maxlen: 24 46.37.0.0/19 maxlen: 24 62.149.128.0/17 maxlen: 24 66.71.128.0/18 maxlen: 24 66.71.128.0/19 maxlen: 24 66.71.176.0/20 maxlen: 24 77.81.224.0/20 maxlen: 24 80.73.224.0/21 maxlen: 24 80.211.0.0/16 maxlen: 24 89.36.208.0/22 maxlen: 24 89.46.64.0/20 maxlen: 24 89.46.104.0/21 maxlen: 24 89.46.192.0/21 maxlen: 24 94.177.160.0/19 maxlen: 24 94.177.192.0/18 maxlen: 24 95.110.128.0/17 maxlen: 24 109.70.240.0/22 maxlen: 24 109.70.244.0/22 maxlen: 24 176.107.144.0/21 maxlen: 24 185.56.8.0/22 maxlen: 24 185.58.116.0/22 maxlen: 24 185.58.192.0/22 maxlen: 24 188.213.160.0/20 maxlen: 24 194.182.110.0/23 maxlen: 24 195.231.0.0/17 maxlen: 24 195.231.64.0/20 maxlen: 24 195.231.80.0/21 maxlen: 24 195.231.88.0/21 maxlen: 24 209.227.224.0/20 maxlen: 24 217.61.0.0/18 maxlen: 24 217.61.56.0/21 maxlen: 24 2a00:6d40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:73:7d:86:8f:43:96:66:6a:84:3f:37:3f:33:99:5e:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Validity Not Before: Nov 11 15:16:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3c05a052424691930c1f4074b7f6c331bb3ba15f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:02:79:cf:8b:3c:0a:b2:f5:a2:a1:27:78:3a: 9c:a7:ad:ac:bf:fc:92:31:56:68:44:d7:67:3b:a7: 0c:20:b2:71:1f:3d:f7:8d:6e:38:f5:31:3f:b5:f2: bc:5b:75:76:2d:e0:af:ef:80:a9:f8:94:f1:9f:de: 55:eb:4e:ee:99:93:f1:1f:63:5d:da:5f:86:f0:d0: 14:a0:57:ba:07:de:be:99:8b:54:d6:41:ef:76:a5: ed:71:30:31:77:8d:e1:3e:3d:98:89:8b:be:4a:47: 44:9a:54:fc:c0:8f:e1:0c:52:50:53:57:c5:19:74: 75:23:d7:d1:87:ce:b1:93:80:d3:65:3f:1f:88:bd: 69:b3:83:cf:d7:06:40:06:4a:e6:10:3e:a2:c4:ee: 99:79:6f:2a:aa:5f:c8:95:6e:1e:71:d3:03:33:84: 6e:0b:bf:5b:5b:bc:bf:96:e7:3f:2e:16:7a:93:00: 2a:04:86:00:dd:45:5b:cc:ae:25:a6:8a:53:84:8b: 5a:25:bf:23:78:bb:90:a1:f8:dc:86:8f:20:2a:76: 2e:a2:14:f3:c3:11:09:06:36:eb:5a:f6:a4:9b:ff: 8e:1d:87:19:94:16:7e:2e:b8:23:b9:2f:70:07:09: f7:d7:4e:71:11:b6:be:58:78:24:ac:c9:09:db:51: 92:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:05:A0:52:42:46:91:93:0C:1F:40:74:B7:F6:C3:31:BB:3B:A1:5F X509v3 Authority Key Identifier: keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/PAWgUkJGkZMMH0B0t_bDMbs7oV8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.249.128.0/19 31.11.32.0/21 31.14.128.0/20 46.37.0.0/19 62.149.128.0/17 66.71.128.0/18 77.81.224.0/20 80.73.224.0/21 80.211.0.0/16 89.36.208.0/22 89.46.64.0/20 89.46.104.0/21 89.46.192.0/21 94.177.160.0-94.177.255.255 95.110.128.0/17 109.70.240.0/21 176.107.144.0/21 185.56.8.0/22 185.58.116.0/22 185.58.192.0/22 188.213.160.0/20 194.182.110.0/23 195.231.0.0/17 209.227.224.0/20 217.61.0.0/18 IPv6: 2a00:6d40::/29 Signature Algorithm: sha256WithRSAEncryption 18:98:6a:23:e3:6f:94:b8:73:50:d7:bf:41:c6:d4:6f:c5:83: 86:33:a2:da:b1:66:eb:6d:88:b8:de:45:48:dd:06:3d:38:9c: 73:d5:5b:cd:86:34:c2:9b:72:f6:b2:e9:26:ba:d0:c6:bc:b0: 8b:eb:d6:71:e2:47:aa:bb:6f:07:4f:32:f4:3a:d7:26:5a:c2: d1:07:c2:5e:5d:92:3f:2e:4d:17:3d:ea:18:34:4c:63:47:96: 09:87:86:a4:9c:6b:e4:95:5b:96:9f:af:8a:32:45:93:1c:37: 2c:66:cf:6f:bc:95:18:11:ca:bc:19:66:61:1e:e7:2c:df:d4: a7:75:8c:a8:5a:97:72:73:38:0c:2b:9c:07:81:11:10:11:04: 33:50:a1:a6:e8:a7:18:b0:24:47:a6:18:e1:18:f8:30:b4:f8: 3a:00:b9:b6:0c:1b:58:e3:b5:5e:36:aa:39:1f:7e:fc:10:c7: fb:53:4b:2c:a4:ce:af:49:d3:87:9d:f2:4f:4b:d3:b5:19:aa: a0:e3:cc:e4:d2:17:87:f5:64:5e:ba:c4:a2:b5:38:c2:af:4d: 89:63:e1:50:14:42:f3:07:1f:56:78:59:8f:27:eb:95:5d:5f: 67:31:f0:82:0e:16:f5:8f:b4:b6:62:d5:98:32:62:f7:d9:87: ff:ec:a8:46 -----BEGIN CERTIFICATE----- MIIFpzCCBI+gAwIBAgISAZpzfYaPQ5ZmaoQ/Nz8zmV6wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5 Mzg2MWMwHhcNMjUxMTExMTUxNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYzA1YTA1MjQyNDY5MTkzMGMxZjQwNzRiN2Y2YzMzMWJiM2JhMTVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgJ5z4s8CrL1oqEneDqcp62sv/yS MVZoRNdnO6cMILJxHz33jW449TE/tfK8W3V2LeCv74Cp+JTxn95V607umZPxH2Nd 2l+G8NAUoFe6B96+mYtU1kHvdqXtcTAxd43hPj2YiYu+SkdEmlT8wI/hDFJQU1fF GXR1I9fRh86xk4DTZT8fiL1ps4PP1wZABkrmED6ixO6ZeW8qql/IlW4ecdMDM4Ru C79bW7y/luc/LhZ6kwAqBIYA3UVbzK4lpopThItaJb8jeLuQofjcho8gKnYuohTz wxEJBjbrWvakm/+OHYcZlBZ+LrgjuS9wBwn3105xEba+WHgkrMkJ21GSTQIDAQAB o4ICszCCAq8wHQYDVR0OBBYEFDwFoFJCRpGTDB9AdLf2wzG7O6FfMB8GA1UdIwQY MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt ODQyNjk0MTJkNTYxLzEvUEFXZ1VrSkdrWk1NSDBCMHRfYkRNYnM3b1Y4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwDBAUF +YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBAZCR4ADBARNUeADBANQSeADAwBQ 0wMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBANt RvADBAOwa5ADBAK5OAgDBAK5OnQDBAK5OsADBAS81aADBAHCtm4DBAfD5wADBATR 4+ADBAbZPQAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBABiYaiPj b5S4c1DXv0HG1G/Fg4YzotqxZuttiLjeRUjdBj04nHPVW82GNMKbcvay6Sa60Ma8 sIvr1nHiR6q7bwdPMvQ61yZawtEHwl5dkj8uTRc96hg0TGNHlgmHhqSca+SVW5af r4oyRZMcNyxmz2+8lRgRyrwZZmEe5yzf1Kd1jKhal3JzOAwrnAeBERARBDNQoabo pxiwJEemGOEY+DC0+DoAubYMG1jjtV42qjkffvwQx/tTSyykzq9J04ed8k9L07UZ qqDjzOTSF4f1ZF66xKK1OMKvTYlj4VAUQvMHH1Z4WY8n65VdX2cx8IIOFvWPtLZi 1ZgyYvfZh//sqEY= -----END CERTIFICATE-----Generated at Sat Dec 6 20:31:11 2025 by rpki-client