This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/P_D_ETEf8fM0qD-n9k3sXI0l4sQ.roa File: P_D_ETEf8fM0qD-n9k3sXI0l4sQ.roa (raw, json) Hash identifier: km1zfTMKVFbL54YLMOaXsziXgfhwGqdhHfk0e2A1ubg= Subject key identifier: 3F:F0:FF:11:31:1F:F1:F3:34:A8:3F:A7:F6:4D:EC:5C:8D:25:E2:C4 Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019BC66B99FB3132F6321E452632CEB099EB Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/P_D_ETEf8fM0qD-n9k3sXI0l4sQ.roa Signing time: Fri 16 Jan 2026 10:48:19 +0000 ROA not before: Fri 16 Jan 2026 10:48:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209341 IP address blocks: 65.181.113.0/24 maxlen: 24 192.250.229.0/24 maxlen: 24 192.250.230.0/24 maxlen: 24 194.147.95.0/24 maxlen: 24 209.42.26.0/24 maxlen: 24 209.42.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c6:6b:99:fb:31:32:f6:32:1e:45:26:32:ce:b0:99:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Jan 16 10:48:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ff0ff11311ff1f334a83fa7f64dec5c8d25e2c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:06:82:23:a5:30:5b:31:b2:ea:35:99:ad:ef: de:c7:2b:d1:18:f0:f4:43:cd:e7:48:23:16:19:f3: 8f:27:0a:e4:e4:b7:45:54:d7:d7:b0:0e:b4:fb:fc: 34:7d:ec:71:45:a6:ea:95:23:e6:34:25:e7:96:c2: fa:0c:1e:b1:db:25:50:26:b7:a8:b4:88:49:2e:06: c7:9f:11:10:16:e2:92:5b:e5:5e:a3:ab:02:b3:a7: 1a:61:0d:62:e7:0f:27:04:00:4f:c8:1c:f8:3e:39: 1f:ff:9e:69:e7:5f:46:ce:d6:c1:3a:3b:81:3b:54: d7:0e:8f:b7:71:e7:b1:42:70:96:78:0b:09:1f:d4: 7f:c8:ba:80:48:80:63:25:b9:36:fe:05:2f:0f:72: 12:c3:cf:4b:5f:ce:f6:59:1d:c9:ea:51:44:ea:ba: 46:f1:78:ec:1c:2f:d6:f9:2a:88:fd:31:c3:c2:9e: 4a:28:e0:0f:b0:a6:00:b2:51:74:90:66:00:c0:c8: 7e:70:18:3e:08:dc:7a:d5:42:ab:5a:9e:46:80:08: 8d:ca:48:aa:f4:02:91:3e:23:9d:64:69:8c:24:61: de:c1:4f:bc:4b:4f:6e:9e:4a:1b:4e:ee:ad:6a:57: 66:cc:6f:be:34:e2:71:ec:1b:ba:a0:b7:c6:e5:9d: af:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:F0:FF:11:31:1F:F1:F3:34:A8:3F:A7:F6:4D:EC:5C:8D:25:E2:C4 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/P_D_ETEf8fM0qD-n9k3sXI0l4sQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 65.181.113.0/24 192.250.229.0-192.250.230.255 194.147.95.0/24 209.42.26.0/24 209.42.31.0/24 Signature Algorithm: sha256WithRSAEncryption 10:33:01:eb:d3:aa:da:34:d4:1e:8d:e5:67:08:d9:94:08:9a: 2b:a6:98:86:bd:a2:0a:6f:7a:ad:8c:13:09:57:32:2e:9e:39: 20:32:84:e1:d4:fa:7a:2e:1f:97:f1:a5:54:92:a7:be:86:06: d4:82:dc:67:d5:f8:18:c9:2b:d7:78:d2:e6:28:6d:7b:5a:89: 41:5c:c9:aa:0c:cf:88:cd:33:af:e5:f1:70:ee:c9:9e:2a:e9: 91:fc:14:47:e9:87:86:63:2f:f7:21:6b:57:5a:16:51:66:00: c9:f2:9a:d4:b0:7e:a7:45:05:ca:db:20:44:ae:a8:cf:e9:17: e2:b0:b5:3d:83:0a:95:8f:4e:05:dc:68:ea:a5:74:15:e6:c1: a9:9c:45:6f:17:57:8c:78:77:bf:d1:44:94:e4:8a:7a:d1:57: df:df:fa:fd:c7:0f:8a:09:d7:8a:49:94:69:e0:06:1b:7e:62: 2f:4c:6d:a1:e9:79:0c:d4:8a:24:2c:00:2a:b8:77:fd:8d:51: 64:5e:e1:2e:8f:29:47:87:1a:f6:de:0d:d8:4b:04:43:af:8b: f5:30:e4:df:6d:39:dc:b9:66:de:d3:e9:be:a6:a0:f5:9e:00: e0:d1:00:4b:73:d6:0b:d4:fd:5f:aa:f9:a9:45:1d:14:30:74: 63:93:b6:26 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZvGa5n7MTL2Mh5FJjLOsJnrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjYwMTE2MTA0ODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmYwZmYxMTMxMWZmMWYzMzRhODNmYTdmNjRkZWM1YzhkMjVlMmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgaCI6UwWzGy6jWZre/exyvRGPD0 Q83nSCMWGfOPJwrk5LdFVNfXsA60+/w0fexxRabqlSPmNCXnlsL6DB6x2yVQJreo tIhJLgbHnxEQFuKSW+Veo6sCs6caYQ1i5w8nBABPyBz4Pjkf/55p519GztbBOjuB O1TXDo+3ceexQnCWeAsJH9R/yLqASIBjJbk2/gUvD3ISw89LX872WR3J6lFE6rpG 8XjsHC/W+SqI/THDwp5KKOAPsKYAslF0kGYAwMh+cBg+CNx61UKrWp5GgAiNykiq 9AKRPiOdZGmMJGHewU+8S09unkobTu6taldmzG++NOJx7Bu6oLfG5Z2v7wIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFD/w/xExH/HzNKg/p/ZN7FyNJeLEMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvUF9EX0VURWY4Zk0wcUQtbjlrM3NYSTBsNHNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAQbVxMAwD BADA+uUDBADA+uYDBADCk18DBADRKhoDBADRKh8wDQYJKoZIhvcNAQELBQADggEB ABAzAevTqto01B6N5WcI2ZQImiummIa9ogpveq2MEwlXMi6eOSAyhOHU+nouH5fx pVSSp76GBtSC3GfV+BjJK9d40uYobXtaiUFcyaoMz4jNM6/l8XDuyZ4q6ZH8FEfp h4ZjL/cha1daFlFmAMnymtSwfqdFBcrbIESuqM/pF+KwtT2DCpWPTgXcaOqldBXm wamcRW8XV4x4d7/RRJTkinrRV9/f+v3HD4oJ14pJlGngBht+Yi9MbaHpeQzUiiQs ACq4d/2NUWRe4S6PKUeHGvbeDdhLBEOvi/Uw5N9tOdy5Zt7T6b6moPWeAODRAEtz 1gvU/V+q+alFHRQwdGOTtiY= -----END CERTIFICATE-----Generated at Sun Jan 25 19:02:35 2026 by rpki-client