This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/0kI-1w2SNQehfoRycoNU1Pziv3I.roa File: 0kI-1w2SNQehfoRycoNU1Pziv3I.roa (raw, json) Hash identifier: viuJDQhBSgYavhQbluwLnuiQSVTVx0a9HzJyfcAYcOw= Subject key identifier: D2:42:3E:D7:0D:92:35:07:A1:7E:84:72:72:83:54:D4:FC:E2:BF:72 Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903 Certificate serial: 019B77C7270FFD0A2E0BAA7683BCE05788B7 Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/0kI-1w2SNQehfoRycoNU1Pziv3I.roa Signing time: Thu 01 Jan 2026 04:18:18 +0000 ROA not before: Thu 01 Jan 2026 04:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198934 IP address blocks: 31.31.88.0/23 maxlen: 23 31.31.88.0/24 maxlen: 24 31.31.89.0/24 maxlen: 24 37.252.97.0/24 maxlen: 24 91.242.243.0/24 maxlen: 24 188.214.225.0/24 maxlen: 24 212.237.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:27:0f:fd:0a:2e:0b:aa:76:83:bc:e0:57:88:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903 Validity Not Before: Jan 1 04:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d2423ed70d923507a17e8472728354d4fce2bf72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a4:48:a6:0f:52:b7:17:30:fd:0a:96:8b:62: c3:62:ef:fe:79:4e:1e:ee:bf:1b:d5:36:30:2c:d3: 65:b6:90:90:d0:b1:51:1b:7e:81:69:af:74:79:0f: 60:6d:c7:69:73:07:29:53:73:05:8f:0a:e7:73:df: 72:6c:4f:5c:ef:d6:2f:60:9d:c0:84:55:2d:0e:b9: 2a:36:45:71:a5:33:57:14:42:88:53:af:1d:2c:8b: 0f:32:96:f1:f6:a5:5a:7f:30:39:a0:7b:9d:c1:41: 21:ff:86:1d:06:14:12:11:39:bd:5f:79:0a:4a:04: 19:6d:31:e8:72:d7:7e:0b:1c:fe:5e:61:de:1f:3a: e1:c5:aa:34:ad:01:65:8c:30:d1:08:e6:d9:e4:e9: 47:3b:f9:05:9a:13:ca:53:03:5e:f6:d5:33:cf:58: ea:57:a5:97:17:4a:c0:fb:0e:3a:32:b9:85:e0:a7: c9:ca:f1:59:da:6e:d0:d0:27:c8:8b:ef:e3:46:25: 24:7b:14:80:de:d6:8b:7c:1d:1c:b6:fd:24:62:6b: 2e:1c:b9:47:03:ba:b7:ec:2b:ed:4a:b3:d0:67:a5: bf:0d:fc:76:4b:34:02:97:68:82:1d:33:77:08:95: cc:85:b0:bd:bf:83:e0:20:75:7a:54:19:59:7e:0f: aa:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:42:3E:D7:0D:92:35:07:A1:7E:84:72:72:83:54:D4:FC:E2:BF:72 X509v3 Authority Key Identifier: keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/0kI-1w2SNQehfoRycoNU1Pziv3I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.31.88.0/23 37.252.97.0/24 91.242.243.0/24 188.214.225.0/24 212.237.230.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:53:05:7e:fa:8c:02:be:64:ac:50:fb:20:4a:15:89:d8:fa: 2c:90:e1:cf:2c:5a:4c:69:95:a6:ba:17:e5:eb:38:f0:6d:e7: fb:0a:51:71:a6:3c:d5:01:03:09:17:23:a0:01:1d:97:b1:86: 2f:71:47:c7:63:40:dc:1b:c7:9b:26:6d:2f:a0:41:a2:01:ad: 57:3d:43:84:fb:12:f3:c4:e3:40:c0:93:b2:9c:ff:e3:b5:2b: 36:88:ed:50:8b:b1:8a:2f:45:73:5e:fc:1b:92:65:e2:8b:35: 8e:43:3b:8a:a0:07:d9:2d:e5:a1:4e:54:00:3b:09:30:cf:d8: db:91:5b:fc:e7:b9:9b:e2:ce:8d:72:97:6d:5c:c5:c8:63:c1: 0e:24:99:d3:0e:5b:87:37:3e:e5:9e:82:3f:bb:67:31:d3:c2: e6:2c:73:47:31:6c:52:c4:56:d6:6d:63:19:46:78:17:4b:1e: d3:de:6b:cb:ad:45:a6:62:af:f4:50:df:82:df:02:ca:ed:67: c6:bd:24:12:30:8f:b2:f5:30:ef:f6:49:2c:2a:71:5d:13:6e: 51:32:6b:a1:a7:9b:b0:80:9a:55:b8:7b:57:82:d2:64:90:e4: 8d:37:08:1e:2c:d3:79:30:2f:f2:53:6b:5c:de:41:8d:b9:4a: f4:3e:bf:5d -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt3xycP/QouC6p2g7zgV4i3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw ZWY5MDMwHhcNMjYwMTAxMDQxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjQyM2VkNzBkOTIzNTA3YTE3ZTg0NzI3MjgzNTRkNGZjZTJiZjcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KRIpg9Stxcw/QqWi2LDYu/+eU4e 7r8b1TYwLNNltpCQ0LFRG36Baa90eQ9gbcdpcwcpU3MFjwrnc99ybE9c79YvYJ3A hFUtDrkqNkVxpTNXFEKIU68dLIsPMpbx9qVafzA5oHudwUEh/4YdBhQSETm9X3kK SgQZbTHoctd+Cxz+XmHeHzrhxao0rQFljDDRCObZ5OlHO/kFmhPKUwNe9tUzz1jq V6WXF0rA+w46MrmF4KfJyvFZ2m7Q0CfIi+/jRiUkexSA3taLfB0ctv0kYmsuHLlH A7q37CvtSrPQZ6W/Dfx2SzQCl2iCHTN3CJXMhbC9v4PgIHV6VBlZfg+qQQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFNJCPtcNkjUHoX6EcnKDVNT84r9yMB8GA1UdIwQY MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt ZmRmNjYzOGQyYzA0LzEvMGtJLTF3MlNOUWVoZm9SeWNvTlUxUHppdjNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0 LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHx9YAwQA JfxhAwQAW/LzAwQAvNbhAwQA1O3mMA0GCSqGSIb3DQEBCwUAA4IBAQBdUwV++owC vmSsUPsgShWJ2PoskOHPLFpMaZWmuhfl6zjwbef7ClFxpjzVAQMJFyOgAR2XsYYv cUfHY0DcG8ebJm0voEGiAa1XPUOE+xLzxONAwJOynP/jtSs2iO1Qi7GKL0VzXvwb kmXiizWOQzuKoAfZLeWhTlQAOwkwz9jbkVv857mb4s6NcpdtXMXIY8EOJJnTDluH Nz7lnoI/u2cx08LmLHNHMWxSxFbWbWMZRngXSx7T3mvLrUWmYq/0UN+C3wLK7WfG vSQSMI+y9TDv9kksKnFdE25RMmuhp5uwgJpVuHtXgtJkkOSNNwgeLNN5MC/yU2tc 3kGNuUr0Pr9d -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:48 2026 by rpki-client