This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/iw7slNo1slt0urw_BCAUMgfe2b8.roa File: iw7slNo1slt0urw_BCAUMgfe2b8.roa (raw, json) Hash identifier: cT+hxmNlxZH6dKmkQNHvAP1HWpFqKzDkr41jDnNp5qM= Subject key identifier: 8B:0E:EC:94:DA:35:B2:5B:74:BA:BC:3F:04:20:14:32:07:DE:D9:BF Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694 Certificate serial: 019B7FF14F00409CBEF5AAEC9DDCFB189871 Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/iw7slNo1slt0urw_BCAUMgfe2b8.roa Signing time: Fri 02 Jan 2026 18:21:19 +0000 ROA not before: Fri 02 Jan 2026 18:21:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200780 IP address blocks: 5.42.200.0/24 maxlen: 24 45.9.104.0/22 maxlen: 24 45.85.132.0/22 maxlen: 24 45.155.228.0/22 maxlen: 24 45.156.188.0/22 maxlen: 24 46.19.104.0/21 maxlen: 24 77.236.98.0/23 maxlen: 24 88.218.32.0/23 maxlen: 24 89.40.220.0/23 maxlen: 24 91.227.36.0/22 maxlen: 24 91.233.66.0/24 maxlen: 24 91.234.104.0/22 maxlen: 24 93.177.69.0/24 maxlen: 24 93.177.70.0/23 maxlen: 24 95.178.108.0/22 maxlen: 24 185.40.102.0/23 maxlen: 24 185.62.224.0/22 maxlen: 24 185.73.204.0/22 maxlen: 24 185.73.204.0/24 maxlen: 24 185.144.24.0/22 maxlen: 24 185.217.200.0/22 maxlen: 24 194.11.255.0/24 maxlen: 24 194.13.1.0/24 maxlen: 24 194.13.64.0/24 maxlen: 24 194.13.67.0/24 maxlen: 24 194.88.112.0/22 maxlen: 22 194.106.208.0/23 maxlen: 24 195.35.96.0/24 maxlen: 24 195.133.148.0/22 maxlen: 24 2a05:46c0::/29 maxlen: 29 2a10:780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:4f:00:40:9c:be:f5:aa:ec:9d:dc:fb:18:98:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694 Validity Not Before: Jan 2 18:21:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b0eec94da35b25b74babc3f0420143207ded9bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2c:45:95:05:45:96:de:33:be:20:f7:24:47: e5:83:e2:84:f2:bb:95:fb:2d:4a:47:08:eb:59:fd: bd:2a:31:4c:23:83:46:c9:2d:63:84:e8:a4:a7:45: b7:cf:9f:78:2c:da:47:67:16:51:86:07:95:96:ef: e7:3a:eb:cc:d5:b2:b3:b5:43:d5:24:24:a7:33:27: c0:64:15:eb:28:77:5b:b5:7d:73:2d:a0:43:b6:92: 2a:b6:65:6b:9b:ac:10:55:11:a2:f1:94:7e:fd:c5: 05:89:d5:b3:c0:a7:2f:1d:02:ed:86:f4:8b:de:35: ce:1c:76:80:70:fe:9d:f1:3f:c6:48:ec:f4:e4:2a: 99:1c:8e:e6:8a:7c:8b:58:c4:13:ad:68:4a:ab:1a: 84:4d:33:98:9a:3e:d5:07:cd:3e:62:6f:ad:7f:57: 4e:59:b2:46:8a:3c:e2:0a:79:dd:2d:6c:3b:a5:2b: 4e:1c:04:95:5a:3d:ca:a4:da:af:0b:e2:e9:00:7b: 8e:8c:0d:64:66:6f:84:84:ca:a9:3d:9d:24:e4:7f: f1:c0:4f:d0:f1:29:c8:96:50:8e:96:25:fd:ad:ec: 8a:a7:ae:2b:70:ca:32:31:53:cc:49:e4:b6:a3:58: e0:f4:fb:76:5f:14:c5:45:91:e6:6b:59:b3:33:08: 49:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:0E:EC:94:DA:35:B2:5B:74:BA:BC:3F:04:20:14:32:07:DE:D9:BF X509v3 Authority Key Identifier: keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/iw7slNo1slt0urw_BCAUMgfe2b8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.42.200.0/24 45.9.104.0/22 45.85.132.0/22 45.155.228.0/22 45.156.188.0/22 46.19.104.0/21 77.236.98.0/23 88.218.32.0/23 89.40.220.0/23 91.227.36.0/22 91.233.66.0/24 91.234.104.0/22 93.177.69.0-93.177.71.255 95.178.108.0/22 185.40.102.0/23 185.62.224.0/22 185.73.204.0/22 185.144.24.0/22 185.217.200.0/22 194.11.255.0/24 194.13.1.0/24 194.13.64.0/24 194.13.67.0/24 194.88.112.0/22 194.106.208.0/23 195.35.96.0/24 195.133.148.0/22 IPv6: 2a05:46c0::/29 2a10:780::/32 Signature Algorithm: sha256WithRSAEncryption 71:5d:9d:19:3b:ad:80:c4:81:ca:cc:1d:b2:37:52:6b:34:8b: fc:7c:d2:5a:5a:2d:21:9b:b3:70:cd:ce:cf:4d:27:ff:cb:ca: 09:55:8c:a2:a3:9f:22:ec:65:e3:29:7b:f6:bc:b3:18:bd:df: 11:88:03:f5:1b:16:70:dc:d9:48:b5:a1:6d:c0:5d:62:ff:0b: 86:50:04:2a:fd:36:76:81:3a:1b:87:03:53:f2:66:4b:b3:88: ce:48:80:18:26:33:3e:70:4c:4e:8e:74:d4:9a:9e:f0:d0:2d: b0:11:d6:f2:2d:56:86:1f:2c:b2:6e:65:02:fd:d8:85:51:d8: 48:60:2b:24:54:e2:f4:d7:32:43:06:85:c7:45:6d:d3:8b:bf: 1f:f2:e5:50:6b:a4:38:a5:5a:4c:49:21:4d:8b:e0:2b:a8:c8: e0:67:26:7d:64:9b:ad:65:b1:9f:b6:ff:c7:15:d4:af:eb:c9: 2e:37:47:7d:69:ad:f1:e6:44:d6:4d:e6:f4:b3:49:c2:18:f2: 21:40:92:ea:5b:8e:49:3e:67:c8:c7:9c:29:48:f5:b5:95:61: 61:cc:e8:07:5f:d2:14:45:c3:cd:89:5e:aa:8c:92:22:17:e0: 32:d7:37:ba:9d:4e:10:97:f2:b4:b7:6c:09:eb:b1:58:58:0b: a3:07:0a:67 -----BEGIN CERTIFICATE----- MIIFvDCCBKSgAwIBAgISAZt/8U8AQJy+9arsndz7GJhxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5 YTI2OTQwHhcNMjYwMTAyMTgyMTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YjBlZWM5NGRhMzViMjViNzRiYWJjM2YwNDIwMTQzMjA3ZGVkOWJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSxFlQVFlt4zviD3JEflg+KE8ruV +y1KRwjrWf29KjFMI4NGyS1jhOikp0W3z594LNpHZxZRhgeVlu/nOuvM1bKztUPV JCSnMyfAZBXrKHdbtX1zLaBDtpIqtmVrm6wQVRGi8ZR+/cUFidWzwKcvHQLthvSL 3jXOHHaAcP6d8T/GSOz05CqZHI7minyLWMQTrWhKqxqETTOYmj7VB80+Ym+tf1dO WbJGijziCnndLWw7pStOHASVWj3KpNqvC+LpAHuOjA1kZm+EhMqpPZ0k5H/xwE/Q 8SnIllCOliX9reyKp64rcMoyMVPMSeS2o1jg9Pt2XxTFRZHma1mzMwhJkwIDAQAB o4ICyDCCAsQwHQYDVR0OBBYEFIsO7JTaNbJbdLq8PwQgFDIH3tm/MB8GA1UdIwQY MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt ODM4ZWJmNDEyYTYxLzEvaXc3c2xObzFzbHQwdXJ3X0JDQVVNZ2ZlMmI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBsQQCAAEwgaoDBAAF KsgDBAItCWgDBAItVYQDBAItm+QDBAItnLwDBAMuE2gDBAFN7GIDBAFY2iADBAFZ KNwDBAJb4yQDBABb6UIDBAJb6mgwDAMEAF2xRQMEA12xQAMEAl+ybAMEAbkoZgME Ark+4AMEArlJzAMEArmQGAMEArnZyAMEAMIL/wMEAMINAQMEAMINQAMEAMINQwME AsJYcAMEAcJq0AMEAMMjYAMEAsOFlDAUBAIAAjAOAwUDKgVGwAMFACoQB4AwDQYJ KoZIhvcNAQELBQADggEBAHFdnRk7rYDEgcrMHbI3Ums0i/x80lpaLSGbs3DNzs9N J//LyglVjKKjnyLsZeMpe/a8sxi93xGIA/UbFnDc2Ui1oW3AXWL/C4ZQBCr9NnaB OhuHA1PyZkuziM5IgBgmMz5wTE6OdNSanvDQLbAR1vItVoYfLLJuZQL92IVR2Ehg KyRU4vTXMkMGhcdFbdOLvx/y5VBrpDilWkxJIU2L4CuoyOBnJn1km61lsZ+2/8cV 1K/ryS43R31prfHmRNZN5vSzScIY8iFAkupbjkk+Z8jHnClI9bWVYWHM6Adf0hRF w82JXqqMkiIX4DLXN7qdThCX8rS3bAnrsVhYC6MHCmc= -----END CERTIFICATE-----Generated at Mon Jan 26 07:23:25 2026 by rpki-client