This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/cwXMDwSdPAC7ktKSXsf3XiFrpco.roa File: cwXMDwSdPAC7ktKSXsf3XiFrpco.roa (raw, json) Hash identifier: ylL+gpNQ+jWrNaI8CRohFwHRtYlv0vQDPOOLDPraRNU= Subject key identifier: 73:05:CC:0F:04:9D:3C:00:BB:92:D2:92:5E:C7:F7:5E:21:6B:A5:CA Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89 Certificate serial: 019A6DE110E1DB2D7322F9AD5E8BD9A67844 Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/cwXMDwSdPAC7ktKSXsf3XiFrpco.roa Signing time: Mon 10 Nov 2025 13:07:37 +0000 ROA not before: Mon 10 Nov 2025 13:07:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210079 IP address blocks: 5.35.100.0/24 maxlen: 24 5.35.101.0/24 maxlen: 24 5.35.102.0/24 maxlen: 24 37.143.8.0/23 maxlen: 23 37.143.10.0/23 maxlen: 23 37.143.12.0/23 maxlen: 23 37.143.14.0/23 maxlen: 23 46.254.16.0/23 maxlen: 23 46.254.18.0/23 maxlen: 23 46.254.20.0/23 maxlen: 23 46.254.22.0/24 maxlen: 24 46.254.23.0/24 maxlen: 24 91.201.40.0/22 maxlen: 22 91.218.228.0/23 maxlen: 23 91.218.230.0/23 maxlen: 23 95.181.224.0/24 maxlen: 24 95.181.225.0/24 maxlen: 24 95.181.226.0/24 maxlen: 24 95.181.227.0/24 maxlen: 24 95.181.228.0/24 maxlen: 24 95.181.229.0/24 maxlen: 24 95.181.230.0/24 maxlen: 24 95.181.231.0/24 maxlen: 24 95.183.8.0/23 maxlen: 23 95.183.10.0/24 maxlen: 24 95.183.11.0/24 maxlen: 24 95.183.12.0/24 maxlen: 24 95.183.13.0/24 maxlen: 24 95.183.14.0/24 maxlen: 24 95.183.15.0/24 maxlen: 24 130.49.172.0/22 maxlen: 24 178.57.216.0/23 maxlen: 24 178.57.218.0/23 maxlen: 24 178.57.220.0/23 maxlen: 23 178.57.220.0/24 maxlen: 24 178.57.221.0/24 maxlen: 24 178.57.222.0/23 maxlen: 24 178.217.100.0/24 maxlen: 24 178.217.101.0/24 maxlen: 24 185.11.246.0/23 maxlen: 23 185.12.92.0/22 maxlen: 22 185.12.92.0/24 maxlen: 24 185.12.93.0/24 maxlen: 24 185.12.94.0/24 maxlen: 24 185.12.95.0/24 maxlen: 24 185.22.232.0/23 maxlen: 23 185.22.234.0/23 maxlen: 23 185.87.192.0/24 maxlen: 24 185.87.193.0/24 maxlen: 24 185.87.194.0/24 maxlen: 24 185.87.195.0/24 maxlen: 24 185.87.196.0/24 maxlen: 24 185.87.197.0/24 maxlen: 24 185.87.198.0/24 maxlen: 24 185.87.199.0/24 maxlen: 24 185.221.152.0/22 maxlen: 24 185.221.154.0/24 maxlen: 24 185.221.155.0/24 maxlen: 24 212.8.247.0/24 maxlen: 24 217.144.96.0/24 maxlen: 24 217.144.97.0/24 maxlen: 24 217.144.98.0/24 maxlen: 24 217.144.99.0/24 maxlen: 24 217.144.100.0/24 maxlen: 24 217.144.101.0/24 maxlen: 24 217.144.103.0/24 maxlen: 24 2a03:80c0::/48 maxlen: 48 2a03:80c0:1::/48 maxlen: 48 2a03:c980:db::/48 maxlen: 48 2a03:c980:e5::/48 maxlen: 48 2a03:c980:5fb5::/48 maxlen: 48 2a03:c980:5fb7::/48 maxlen: 48 2a03:c980:b239::/48 maxlen: 48 2a03:c980:b916::/48 maxlen: 48 2a03:c980:b957::/48 maxlen: 48 2a03:c980:beef::/48 maxlen: 48 2a03:c980:d990::/48 maxlen: 48 2a03:c980:dead::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.mft rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:6d:e1:10:e1:db:2d:73:22:f9:ad:5e:8b:d9:a6:78:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89 Validity Not Before: Nov 10 13:07:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7305cc0f049d3c00bb92d2925ec7f75e216ba5ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:41:6d:5a:7e:75:f6:b5:25:69:2c:b2:b0:a0: 23:26:f6:f1:ba:1d:ab:ff:6b:9a:68:1b:68:d9:20: cf:dc:37:3d:36:5c:95:6e:fa:e9:06:3c:83:8b:6f: 8f:d6:fd:e4:3f:f1:43:20:91:91:72:78:52:6e:d3: ea:9f:32:27:37:39:04:d4:0d:6a:3b:76:24:40:ce: b9:cd:5b:67:de:97:a7:e6:3e:4c:05:57:9d:21:44: b3:57:a9:c0:cc:d5:8c:a6:d1:50:c2:ff:fb:2c:82: 81:00:31:b2:7d:1e:89:a4:df:3f:4e:1e:68:79:56: 92:e9:52:7c:f1:7b:a5:c2:05:4d:22:75:74:ca:e3: 0f:27:be:a3:19:a0:6d:c7:87:c0:08:62:3e:5e:1e: 9b:94:2d:60:97:71:31:29:a0:27:32:04:19:fb:2f: 77:f6:db:2c:00:24:04:8a:ae:2f:ac:3c:7a:ad:b1: dd:21:d5:58:a6:fb:dc:31:01:eb:5c:78:f2:66:87: 91:98:d2:5d:91:5b:1f:9b:d7:60:8d:f4:f9:4e:7f: 01:ac:ec:da:37:d0:90:c0:db:df:3d:78:19:2f:75: 5c:28:52:cc:a5:12:89:c9:92:e8:26:3b:67:be:d9: fa:27:66:35:1f:be:0a:cf:7f:40:37:91:fe:b3:18: c1:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:05:CC:0F:04:9D:3C:00:BB:92:D2:92:5E:C7:F7:5E:21:6B:A5:CA X509v3 Authority Key Identifier: keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/cwXMDwSdPAC7ktKSXsf3XiFrpco.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.35.100.0-5.35.102.255 37.143.8.0/21 46.254.16.0/21 91.201.40.0/22 91.218.228.0/22 95.181.224.0/21 95.183.8.0/21 130.49.172.0/22 178.57.216.0/21 178.217.100.0/23 185.11.246.0/23 185.12.92.0/22 185.22.232.0/22 185.87.192.0/21 185.221.152.0/22 212.8.247.0/24 217.144.96.0-217.144.101.255 217.144.103.0/24 IPv6: 2a03:80c0::/47 2a03:c980:db::/48 2a03:c980:e5::/48 2a03:c980:5fb5::/48 2a03:c980:5fb7::/48 2a03:c980:b239::/48 2a03:c980:b916::/48 2a03:c980:b957::/48 2a03:c980:beef::/48 2a03:c980:d990::/48 2a03:c980:dead::/48 Signature Algorithm: sha256WithRSAEncryption 79:d6:cd:cc:b4:e6:c3:79:0b:62:fc:ed:ed:2f:44:1b:70:3f: 56:b4:49:26:77:cf:26:0f:81:8c:ff:2d:6b:1d:0c:06:3f:79: e2:a5:b3:e9:aa:45:d9:73:ee:1d:d6:cb:91:56:86:28:6c:a8: 4d:db:54:de:52:72:77:98:ac:76:84:17:27:b3:b9:b5:9e:06: d3:64:70:84:27:3e:19:d4:e7:db:ef:bd:9a:20:ae:3f:8f:23: d3:02:4f:95:28:f1:67:ff:b6:80:46:e8:24:0d:35:1e:87:1a: 2d:9a:a8:8d:f2:a7:db:cd:ec:fb:64:67:56:27:8d:15:c0:04: e5:79:54:6f:55:12:dd:f0:f7:09:15:b9:98:dd:ed:ec:5d:77: 5f:a7:1d:69:08:c3:37:a0:cb:c4:90:bf:ac:7d:42:c3:fd:bd: df:1e:a8:93:bf:c3:74:62:43:71:00:46:08:1e:fd:22:ca:d6: ec:d1:dc:29:84:3f:20:10:ba:e7:82:61:7a:9b:55:7b:90:f8: c5:3e:df:ac:0f:fb:df:d0:da:29:c7:13:d9:aa:34:13:29:8c: 32:b5:0e:a3:ee:0d:c0:4e:94:bb:32:ee:2f:97:b0:ef:08:4b: 49:10:44:55:40:1f:8c:12:98:f9:4f:ce:7b:b9:66:51:5b:f6: 79:25:f3:7c -----BEGIN CERTIFICATE----- MIIF4zCCBMugAwIBAgISAZpt4RDh2y1zIvmtXovZpnhEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3 NGFkODkwHhcNMjUxMTEwMTMwNzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzA1Y2MwZjA0OWQzYzAwYmI5MmQyOTI1ZWM3Zjc1ZTIxNmJhNWNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUFtWn519rUlaSyysKAjJvbxuh2r /2uaaBto2SDP3Dc9NlyVbvrpBjyDi2+P1v3kP/FDIJGRcnhSbtPqnzInNzkE1A1q O3YkQM65zVtn3pen5j5MBVedIUSzV6nAzNWMptFQwv/7LIKBADGyfR6JpN8/Th5o eVaS6VJ88XulwgVNInV0yuMPJ76jGaBtx4fACGI+Xh6blC1gl3ExKaAnMgQZ+y93 9tssACQEiq4vrDx6rbHdIdVYpvvcMQHrXHjyZoeRmNJdkVsfm9dgjfT5Tn8BrOza N9CQwNvfPXgZL3VcKFLMpRKJyZLoJjtnvtn6J2Y1H74Kz39AN5H+sxjBvQIDAQAB o4IC7zCCAuswHQYDVR0OBBYEFHMFzA8EnTwAu5LSkl7H914ha6XKMB8GA1UdIwQY MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt NGMyMWE1MDVmMzQ2LzEvY3dYTUR3U2RQQUM3a3RLU1hzZjNYaUZycGNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2 LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwgYIEAgABMHwwDAME AgUjZAMEAAUjZgMEAyWPCAMEAy7+EAMEAlvJKAMEAlva5AMEA1+14AMEA1+3CAME AoIxrAMEA7I52AMEAbLZZAMEAbkL9gMEArkMXAMEArkW6AMEA7lXwAMEArndmAME ANQI9zAMAwQF2ZBgAwQB2ZBkAwQA2ZBnMGkEAgACMGMDBwEqA4DAAAADBwAqA8mA ANsDBwAqA8mAAOUDBwAqA8mAX7UDBwAqA8mAX7cDBwAqA8mAsjkDBwAqA8mAuRYD BwAqA8mAuVcDBwAqA8mAvu8DBwAqA8mA2ZADBwAqA8mA3q0wDQYJKoZIhvcNAQEL BQADggEBAHnWzcy05sN5C2L87e0vRBtwP1a0SSZ3zyYPgYz/LWsdDAY/eeKls+mq Rdlz7h3Wy5FWhihsqE3bVN5ScneYrHaEFyezubWeBtNkcIQnPhnU59vvvZogrj+P I9MCT5Uo8Wf/toBG6CQNNR6HGi2aqI3yp9vN7PtkZ1YnjRXABOV5VG9VEt3w9wkV uZjd7exdd1+nHWkIwzegy8SQv6x9QsP9vd8eqJO/w3RiQ3EARgge/SLK1uzR3CmE PyAQuueCYXqbVXuQ+MU+36wP+9/Q2inHE9mqNBMpjDK1DqPuDcBOlLsy7i+XsO8I S0kQRFVAH4wSmPlPznu5ZlFb9nkl83w= -----END CERTIFICATE-----Generated at Sat Dec 6 21:14:24 2025 by rpki-client