This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/P-d8pM3ZUaWx7RORvhmY0byklDA.roa File: P-d8pM3ZUaWx7RORvhmY0byklDA.roa (raw, json) Hash identifier: TNlFLwzOtLz7DKoRELe5o3L3+L4T1FawURG1uQlmVU0= Subject key identifier: 3F:E7:7C:A4:CD:D9:51:A5:B1:ED:13:91:BE:19:98:D1:BC:A4:94:30 Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a Certificate serial: 019B7A5AFD3DBA54E2A0FF5D0A17A41390C6 Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/P-d8pM3ZUaWx7RORvhmY0byklDA.roa Signing time: Thu 01 Jan 2026 16:19:01 +0000 ROA not before: Thu 01 Jan 2026 16:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9002 IP address blocks: 2.58.98.0/24 maxlen: 24 31.128.32.0/22 maxlen: 24 37.233.82.0/23 maxlen: 24 37.233.84.0/23 maxlen: 24 37.233.86.0/24 maxlen: 24 45.92.174.0/24 maxlen: 24 45.130.212.0/22 maxlen: 24 45.137.188.0/24 maxlen: 24 45.145.5.0/24 maxlen: 24 45.145.163.0/24 maxlen: 24 45.145.168.0/24 maxlen: 24 45.152.87.0/24 maxlen: 24 45.156.20.0/24 maxlen: 24 46.173.20.0/24 maxlen: 24 77.73.233.0/24 maxlen: 24 77.73.235.0/24 maxlen: 24 77.73.238.0/24 maxlen: 24 83.222.20.0/23 maxlen: 24 89.40.204.0/24 maxlen: 24 90.156.254.0/23 maxlen: 24 91.218.142.0/23 maxlen: 24 155.212.224.0/21 maxlen: 24 185.77.231.0/24 maxlen: 24 193.22.244.0/24 maxlen: 24 193.23.3.0/24 maxlen: 24 193.242.106.0/24 maxlen: 24 193.242.109.0/24 maxlen: 24 194.36.208.0/24 maxlen: 24 194.113.209.0/24 maxlen: 24 212.74.231.0/24 maxlen: 24 213.139.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:fd:3d:ba:54:e2:a0:ff:5d:0a:17:a4:13:90:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a Validity Not Before: Jan 1 16:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3fe77ca4cdd951a5b1ed1391be1998d1bca49430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:ac:ed:b4:cc:a4:9d:54:19:19:14:29:6d:df: 4d:a5:49:12:f4:a5:43:9a:e1:3a:a9:02:7f:e4:fd: 36:63:dc:5f:bb:1f:39:6f:fb:55:68:0e:87:5d:a2: c3:4f:aa:93:e6:75:31:d8:37:ef:c2:e2:0b:77:eb: 6a:1a:bf:eb:c5:f4:be:e5:de:64:ca:d0:34:d2:c7: 7b:b8:3f:48:b7:31:22:2e:2f:f6:a0:a3:a6:7a:1d: 97:04:d4:9f:4e:13:fb:c7:ad:e6:8c:d5:3b:a9:e1: 2e:51:20:12:ca:2d:11:a9:7b:8d:75:7e:0a:e8:dc: 87:40:ba:6d:c2:0c:9f:60:ed:0e:05:10:b3:b3:64: af:a0:64:e6:68:a1:86:06:eb:aa:0e:28:b1:93:28: ca:49:b9:ae:64:9b:87:d6:d3:51:04:f5:f1:30:26: b1:50:f2:b9:f8:9c:44:e7:77:60:5b:3a:d0:3b:41: f6:40:81:f3:36:12:b6:7f:02:03:bf:23:4d:05:27: e9:50:30:3c:53:3a:68:cc:4a:1c:40:a8:fa:f3:ce: eb:4a:9c:87:41:08:c4:f6:38:92:03:b2:e7:d4:b6: 72:9e:2a:92:a0:cc:c3:56:74:af:eb:de:53:b9:dd: ce:11:4f:8c:3d:fc:3f:27:53:a6:4c:f6:f9:ff:41: 02:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:E7:7C:A4:CD:D9:51:A5:B1:ED:13:91:BE:19:98:D1:BC:A4:94:30 X509v3 Authority Key Identifier: keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/P-d8pM3ZUaWx7RORvhmY0byklDA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.98.0/24 31.128.32.0/22 37.233.82.0-37.233.86.255 45.92.174.0/24 45.130.212.0/22 45.137.188.0/24 45.145.5.0/24 45.145.163.0/24 45.145.168.0/24 45.152.87.0/24 45.156.20.0/24 46.173.20.0/24 77.73.233.0/24 77.73.235.0/24 77.73.238.0/24 83.222.20.0/23 89.40.204.0/24 90.156.254.0/23 91.218.142.0/23 155.212.224.0/21 185.77.231.0/24 193.22.244.0/24 193.23.3.0/24 193.242.106.0/24 193.242.109.0/24 194.36.208.0/24 194.113.209.0/24 212.74.231.0/24 213.139.229.0/24 Signature Algorithm: sha256WithRSAEncryption 02:ad:05:fe:18:94:49:86:47:cb:93:f1:cd:c5:50:db:dd:cb: 39:42:fd:9c:4c:36:14:ad:48:bc:56:a1:1d:9e:a1:10:7e:ef: f3:fe:c8:8e:2b:cf:07:99:84:33:08:d2:9f:2f:5f:25:e9:10: 7c:c8:89:f2:33:25:42:71:6d:11:70:04:71:a4:68:85:a8:96: 62:d5:80:70:26:1f:f1:e0:fe:97:7a:20:cc:c4:8a:36:c5:9c: a4:a5:bb:f1:38:1b:a8:3a:2c:e1:67:2c:05:ef:70:1f:19:8b: 90:81:c7:5e:5a:b4:21:14:ad:9f:1e:bb:98:93:33:91:44:fc: 30:db:3d:c9:60:99:f0:5d:2b:d4:1a:e9:f3:5d:d3:7e:1e:40: 19:33:d1:d6:6f:df:e5:76:96:c8:c2:1c:18:54:0f:95:26:83: 51:a9:47:df:5e:96:81:08:34:62:1e:b6:57:43:cf:12:9e:ca: 0b:ea:b7:6b:7a:64:64:66:3a:2f:0e:8b:10:31:c7:a2:4f:4d: 47:c4:da:a5:13:f0:90:d7:b9:a6:4a:47:a7:92:0e:14:9f:4a: 51:75:df:60:08:56:c1:68:cc:b6:59:4e:50:70:d9:00:b9:34: c0:99:f0:c4:9d:6e:14:f7:e3:12:26:3f:f1:16:42:a8:96:da: 79:40:e8:fe -----BEGIN CERTIFICATE----- MIIFsjCCBJqgAwIBAgISAZt6Wv09ulTioP9dChekE5DGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1 ZmQxNmEwHhcNMjYwMTAxMTYxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmU3N2NhNGNkZDk1MWE1YjFlZDEzOTFiZTE5OThkMWJjYTQ5NDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKzttMyknVQZGRQpbd9NpUkS9KVD muE6qQJ/5P02Y9xfux85b/tVaA6HXaLDT6qT5nUx2DfvwuILd+tqGr/rxfS+5d5k ytA00sd7uD9ItzEiLi/2oKOmeh2XBNSfThP7x63mjNU7qeEuUSASyi0RqXuNdX4K 6NyHQLptwgyfYO0OBRCzs2SvoGTmaKGGBuuqDiixkyjKSbmuZJuH1tNRBPXxMCax UPK5+JxE53dgWzrQO0H2QIHzNhK2fwIDvyNNBSfpUDA8UzpozEocQKj6887rSpyH QQjE9jiSA7Ln1LZyniqSoMzDVnSv695Tud3OEU+MPfw/J1OmTPb5/0ECNQIDAQAB o4ICvjCCArowHQYDVR0OBBYEFD/nfKTN2VGlse0Tkb4ZmNG8pJQwMB8GA1UdIwQY MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt ZDgzZWQxNDBkMjhkLzEvUC1kOHBNM1pVYVd4N1JPUnZobVkwYnlrbERBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAC OmIDBAIfgCAwDAMEASXpUgMEACXpVgMEAC1crgMEAi2C1AMEAC2JvAMEAC2RBQME AC2RowMEAC2RqAMEAC2YVwMEAC2cFAMEAC6tFAMEAE1J6QMEAE1J6wMEAE1J7gME AVPeFAMEAFkozAMEAVqc/gMEAVvajgMEA5vU4AMEALlN5wMEAMEW9AMEAMEXAwME AMHyagMEAMHybQMEAMIk0AMEAMJx0QMEANRK5wMEANWL5TANBgkqhkiG9w0BAQsF AAOCAQEAAq0F/hiUSYZHy5PxzcVQ293LOUL9nEw2FK1IvFahHZ6hEH7v8/7IjivP B5mEMwjSny9fJekQfMiJ8jMlQnFtEXAEcaRohaiWYtWAcCYf8eD+l3ogzMSKNsWc pKW78TgbqDos4WcsBe9wHxmLkIHHXlq0IRStnx67mJMzkUT8MNs9yWCZ8F0r1Brp 813Tfh5AGTPR1m/f5XaWyMIcGFQPlSaDUalH316WgQg0Yh62V0PPEp7KC+q3a3pk ZGY6Lw6LEDHHok9NR8TapRPwkNe5pkpHp5IOFJ9KUXXfYAhWwWjMtllOUHDZALk0 wJnwxJ1uFPfjEiY/8RZCqJbaeUDo/g== -----END CERTIFICATE-----Generated at Sun Jan 25 17:20:06 2026 by rpki-client