This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/sd_bm3gEOw7-0JVpKG8yK2OptLc.roa File: sd_bm3gEOw7-0JVpKG8yK2OptLc.roa (raw, json) Hash identifier: vdK8pGyhUzW2rMUKQmqHoaPCdID9Elq/G9yRotJFgFc= Subject key identifier: B1:DF:DB:9B:78:04:3B:0E:FE:D0:95:69:28:6F:32:2B:63:A9:B4:B7 Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25 Certificate serial: 019B7834CB748E22F19B0F11390881D50B5A Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/sd_bm3gEOw7-0JVpKG8yK2OptLc.roa Signing time: Thu 01 Jan 2026 06:18:04 +0000 ROA not before: Thu 01 Jan 2026 06:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24921 IP address blocks: 5.252.168.0/22 maxlen: 22 45.140.32.0/22 maxlen: 22 45.149.160.0/22 maxlen: 22 80.89.72.0/21 maxlen: 21 80.89.72.0/22 maxlen: 22 80.89.76.0/22 maxlen: 22 185.65.160.0/23 maxlen: 23 185.65.162.0/23 maxlen: 23 185.147.56.0/22 maxlen: 22 185.147.56.0/24 maxlen: 24 185.147.57.0/24 maxlen: 24 185.147.58.0/24 maxlen: 24 185.147.59.0/24 maxlen: 24 193.108.29.0/24 maxlen: 24 212.3.192.0/19 maxlen: 19 212.3.192.0/21 maxlen: 21 212.3.192.0/23 maxlen: 23 212.3.194.0/23 maxlen: 23 212.3.196.0/23 maxlen: 23 212.3.198.0/23 maxlen: 23 212.3.201.0/24 maxlen: 24 212.3.204.0/22 maxlen: 22 212.3.208.0/23 maxlen: 23 212.3.210.0/23 maxlen: 23 212.3.221.0/24 maxlen: 24 212.93.97.0/24 maxlen: 24 212.93.100.0/22 maxlen: 22 212.93.104.0/23 maxlen: 23 212.93.106.0/24 maxlen: 24 212.93.107.0/24 maxlen: 24 212.93.108.0/23 maxlen: 23 212.93.110.0/23 maxlen: 23 212.93.112.0/24 maxlen: 24 212.93.113.0/24 maxlen: 24 212.93.114.0/24 maxlen: 24 212.93.115.0/24 maxlen: 24 212.93.116.0/23 maxlen: 23 212.93.118.0/23 maxlen: 23 212.93.120.0/23 maxlen: 23 212.93.122.0/23 maxlen: 23 212.93.127.0/24 maxlen: 24 2a03:ec00:b000::/48 maxlen: 48 2a03:ec00:b008::/48 maxlen: 48 2a03:ec00:b100::/40 maxlen: 40 2a03:ec00:b100::/42 maxlen: 42 2a03:ec00:b140::/42 maxlen: 42 2a03:ec00:b180::/42 maxlen: 42 2a03:ec00:b300::/40 maxlen: 40 2a03:ec00:b400::/40 maxlen: 40 2a03:ec00:b900::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.mft rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:cb:74:8e:22:f1:9b:0f:11:39:08:81:d5:0b:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25 Validity Not Before: Jan 1 06:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1dfdb9b78043b0efed09569286f322b63a9b4b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:22:b3:f7:fb:e4:dd:f3:56:b0:20:b1:2e:b2: 29:bf:8b:1a:fd:c5:4d:60:9c:90:a8:fa:ac:3e:81: b1:cb:7a:b9:ad:f1:be:40:bc:96:38:58:96:1f:16: 98:f8:78:13:80:3b:47:e2:b0:72:dc:69:d8:c5:57: 07:31:3d:21:3c:49:d8:a9:51:23:1c:27:52:e9:6e: 0c:c8:58:56:48:cc:07:6f:e8:c3:b3:62:24:72:74: 23:15:7a:36:b2:c5:75:e6:73:0c:82:c7:15:4b:88: 8b:0b:95:b6:aa:27:b4:cd:f6:a8:dd:42:9e:31:f1: 6e:49:93:ce:25:fd:47:72:7d:87:3e:41:71:ae:67: 8e:5b:11:41:5b:29:8f:fd:73:93:fc:1f:db:d6:3f: 0e:08:6c:30:dc:48:96:4f:5b:15:41:18:1b:f6:be: 12:03:76:ed:07:41:01:91:01:59:8a:5e:cb:47:09: db:03:c6:e6:d4:12:72:11:f7:55:53:43:6c:3f:26: 92:22:cc:2a:cb:4f:1b:11:1b:df:98:30:a7:50:79: 8a:6d:57:b1:10:ab:a7:3a:cb:07:ea:d9:75:09:42: 0e:bd:99:dd:97:a0:30:94:01:e1:eb:72:f5:12:7c: d8:f1:a3:ec:94:52:23:68:e6:85:82:0c:48:c6:db: 9b:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:DF:DB:9B:78:04:3B:0E:FE:D0:95:69:28:6F:32:2B:63:A9:B4:B7 X509v3 Authority Key Identifier: keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/sd_bm3gEOw7-0JVpKG8yK2OptLc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.252.168.0/22 45.140.32.0/22 45.149.160.0/22 80.89.72.0/21 185.65.160.0/22 185.147.56.0/22 193.108.29.0/24 212.3.192.0/19 212.93.97.0/24 212.93.100.0-212.93.123.255 212.93.127.0/24 IPv6: 2a03:ec00:b000::/48 2a03:ec00:b008::/48 2a03:ec00:b100::/40 2a03:ec00:b300::-2a03:ec00:b4ff:ffff:ffff:ffff:ffff:ffff 2a03:ec00:b900::/40 Signature Algorithm: sha256WithRSAEncryption c4:ee:01:2a:e3:14:03:9a:e5:c7:16:3d:c0:2e:5e:16:75:ef: 98:77:50:cf:27:19:5a:59:62:3f:cc:8b:2d:12:50:c3:11:ed: 03:d0:23:31:2c:b1:1b:b2:66:d0:1a:ed:e1:84:a8:e6:9c:e1: c7:89:d8:ad:30:8f:28:32:8e:78:a5:4b:15:71:bd:6a:97:bb: ec:91:79:0f:fe:a5:6c:43:e4:66:5d:d9:7f:02:eb:5a:e3:6b: 18:4f:90:5f:ce:a7:b1:ef:b5:75:42:fe:6e:50:4d:61:f0:5d: 4c:05:fb:64:57:50:1c:d5:74:a0:27:37:b0:54:7f:2b:00:06: f5:62:95:5d:46:54:7d:51:d6:72:0d:37:36:f7:46:68:da:02: 74:59:15:0a:ec:5a:54:59:da:b9:93:b4:bf:2b:6e:9f:4c:2c: 3f:de:ae:2b:5f:b4:a1:2c:6a:30:f2:f0:3a:d7:e6:32:76:50: d4:f3:c5:28:5c:42:15:9d:a7:57:b0:2d:e2:d2:73:14:d1:03: 9c:9d:2d:d2:f3:97:e5:66:20:b0:38:d1:50:61:cb:e4:67:57: 02:90:dd:50:b3:f7:f9:82:e8:8c:dd:eb:44:3c:81:4b:6f:2e: da:e5:e3:f0:44:7c:74:14:f8:47:1b:93:ff:91:6b:c7:1c:1d: d9:24:76:57 -----BEGIN CERTIFICATE----- MIIFgDCCBGigAwIBAgISAZt4NMt0jiLxmw8ROQiB1QtaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhYjM2NjY4ODkzYTgyNDRkNTUzZWZjYTQ2ODhkMGYxMDE5 ZTRlMjUwHhcNMjYwMTAxMDYxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWRmZGI5Yjc4MDQzYjBlZmVkMDk1NjkyODZmMzIyYjYzYTliNGI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyKz9/vk3fNWsCCxLrIpv4sa/cVN YJyQqPqsPoGxy3q5rfG+QLyWOFiWHxaY+HgTgDtH4rBy3GnYxVcHMT0hPEnYqVEj HCdS6W4MyFhWSMwHb+jDs2IkcnQjFXo2ssV15nMMgscVS4iLC5W2qie0zfao3UKe MfFuSZPOJf1Hcn2HPkFxrmeOWxFBWymP/XOT/B/b1j8OCGww3EiWT1sVQRgb9r4S A3btB0EBkQFZil7LRwnbA8bm1BJyEfdVU0NsPyaSIswqy08bERvfmDCnUHmKbVex EKunOssH6tl1CUIOvZndl6AwlAHh63L1EnzY8aPslFIjaOaFggxIxtubKQIDAQAB o4ICjDCCAogwHQYDVR0OBBYEFLHf25t4BDsO/tCVaShvMitjqbS3MB8GA1UdIwQY MBaAFAqzZmiJOoJE1VPvykaI0PEBnk4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTkt MmFmMDY3YTEzMGFhLzEvc2RfYm0zZ0VPdzctMEpWcEtHOHlLMk9wdExjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTktMmFmMDY3YTEzMGFh LzEvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjBQBAIAATBKAwQCBfyo AwQCLYwgAwQCLZWgAwQDUFlIAwQCuUGgAwQCuZM4AwQAwWwdAwQF1APAAwQA1F1h MAwDBALUXWQDBALUXXgDBADUXX8wOgQCAAIwNAMHACoD7ACwAAMHACoD7ACwCAMG ACoD7ACxMBADBgAqA+wAswMGACoD7AC0AwYAKgPsALkwDQYJKoZIhvcNAQELBQAD ggEBAMTuASrjFAOa5ccWPcAuXhZ175h3UM8nGVpZYj/Miy0SUMMR7QPQIzEssRuy ZtAa7eGEqOac4ceJ2K0wjygyjnilSxVxvWqXu+yReQ/+pWxD5GZd2X8C61rjaxhP kF/Op7HvtXVC/m5QTWHwXUwF+2RXUBzVdKAnN7BUfysABvVilV1GVH1R1nINNzb3 RmjaAnRZFQrsWlRZ2rmTtL8rbp9MLD/eritftKEsajDy8DrX5jJ2UNTzxShcQhWd p1ewLeLScxTRA5ydLdLzl+VmILA40VBhy+RnVwKQ3VCz9/mC6Izd60Q8gUtvLtrl 4/BEfHQU+Ecbk/+Ra8ccHdkkdlc= -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:38 2026 by rpki-client