This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/xRX3eIjahO4puPTf1ETFcIeZtqM.roa File: xRX3eIjahO4puPTf1ETFcIeZtqM.roa (raw, json) Hash identifier: uyFEZOqDVgGWkkphz2xd63YtUHxoX2hF8v7uVO62XeU= Subject key identifier: C5:15:F7:78:88:DA:84:EE:29:B8:F4:DF:D4:44:C5:70:87:99:B6:A3 Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342 Certificate serial: 019B7D5C5673347828D454921D5D465CC9CE Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/xRX3eIjahO4puPTf1ETFcIeZtqM.roa Signing time: Fri 02 Jan 2026 06:19:22 +0000 ROA not before: Fri 02 Jan 2026 06:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44534 IP address blocks: 5.45.209.0/24 maxlen: 24 5.45.214.0/24 maxlen: 24 5.45.219.0/24 maxlen: 24 5.45.241.0/24 maxlen: 24 5.45.243.0/24 maxlen: 24 5.45.252.0/22 maxlen: 22 5.255.203.0/24 maxlen: 24 5.255.205.0/24 maxlen: 24 5.255.232.0/24 maxlen: 24 5.255.234.0/23 maxlen: 23 37.9.75.0/24 maxlen: 24 37.9.86.0/24 maxlen: 24 37.9.98.0/24 maxlen: 24 37.140.168.0/24 maxlen: 24 77.88.6.0/24 maxlen: 24 77.88.12.0/23 maxlen: 23 77.88.42.0/23 maxlen: 23 77.88.61.0/24 maxlen: 24 84.252.160.0/19 maxlen: 20 87.250.232.0/24 maxlen: 24 87.250.238.0/24 maxlen: 24 87.250.240.0/24 maxlen: 24 90.156.176.0/20 maxlen: 24 90.156.176.0/24 maxlen: 24 93.158.144.0/22 maxlen: 22 93.158.155.0/24 maxlen: 24 93.158.168.0/22 maxlen: 22 93.158.182.0/24 maxlen: 24 93.158.184.0/24 maxlen: 24 93.158.185.0/24 maxlen: 24 93.158.186.0/24 maxlen: 24 93.158.187.0/24 maxlen: 24 95.108.168.0/22 maxlen: 22 95.108.170.0/24 maxlen: 24 141.8.130.0/23 maxlen: 23 178.154.152.0/24 maxlen: 24 2a02:6bf:8000::/34 maxlen: 48 2a02:6bf:8005::/48 maxlen: 48 2a02:6bf:8006::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:56:73:34:78:28:d4:54:92:1d:5d:46:5c:c9:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342 Validity Not Before: Jan 2 06:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c515f77888da84ee29b8f4dfd444c5708799b6a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b7:6a:84:ed:f0:80:00:68:46:b3:62:da:12: 66:06:de:ad:2f:01:36:a3:96:c8:dc:86:e9:c6:df: 78:77:c6:b9:af:8a:80:a7:af:14:4f:d6:71:ab:16: be:29:6b:5c:ae:0e:5d:3d:19:1e:7a:73:d2:90:49: 12:10:73:09:cb:54:3d:29:df:ea:4e:d5:3f:5b:2f: 85:81:f2:b6:80:0a:16:d3:91:03:bc:b9:ee:7b:53: 5e:40:c0:69:9a:22:ea:a0:e9:65:a5:85:8c:4c:ba: f4:ca:14:95:ae:77:10:a5:78:a5:29:b9:d9:f1:0c: 9f:d8:16:ba:cf:3a:d9:2f:98:df:13:62:a2:50:5f: 99:c8:a1:17:d0:2e:ff:af:3c:f1:11:49:78:36:8d: c5:64:d3:e8:f9:07:cf:8a:bb:54:ec:26:2c:85:e9: 14:b9:93:86:f7:df:5b:16:47:2d:9c:67:ec:90:9e: 15:07:e0:cc:40:c9:3c:a8:60:04:24:9b:50:20:45: 90:9a:8d:88:63:79:f8:e4:b7:cf:06:1b:d6:e3:ce: c2:f1:30:b1:a0:85:75:4b:5d:3a:7a:af:bf:0e:95: 36:db:c7:4f:2d:34:8e:dc:1e:d5:db:6a:82:65:a2: 01:09:f2:27:9e:fe:ce:14:96:ee:5f:69:8c:97:00: 97:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:15:F7:78:88:DA:84:EE:29:B8:F4:DF:D4:44:C5:70:87:99:B6:A3 X509v3 Authority Key Identifier: keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/xRX3eIjahO4puPTf1ETFcIeZtqM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.45.209.0/24 5.45.214.0/24 5.45.219.0/24 5.45.241.0/24 5.45.243.0/24 5.45.252.0/22 5.255.203.0/24 5.255.205.0/24 5.255.232.0/24 5.255.234.0/23 37.9.75.0/24 37.9.86.0/24 37.9.98.0/24 37.140.168.0/24 77.88.6.0/24 77.88.12.0/23 77.88.42.0/23 77.88.61.0/24 84.252.160.0/19 87.250.232.0/24 87.250.238.0/24 87.250.240.0/24 90.156.176.0/20 93.158.144.0/22 93.158.155.0/24 93.158.168.0/22 93.158.182.0/24 93.158.184.0/22 95.108.168.0/22 141.8.130.0/23 178.154.152.0/24 IPv6: 2a02:6bf:8000::/34 Signature Algorithm: sha256WithRSAEncryption 66:3e:a1:c2:6d:71:7b:b5:ce:6b:ea:c9:9e:bd:93:d4:90:cc: bd:c0:0f:47:5a:bb:2b:47:4c:41:72:77:f1:47:6a:31:e6:1d: cb:a5:10:d8:7e:d7:23:e1:dd:a2:56:a8:0e:b6:56:5e:c3:84: 81:bc:26:99:3a:98:db:41:2c:3e:ec:24:0e:7c:1a:39:d4:62: 8c:a6:cc:e2:b0:b7:01:48:a2:20:4c:53:10:99:63:83:94:16: ab:04:7a:03:38:4c:bb:ac:c5:b1:2e:9e:c1:08:02:5c:97:39: 09:8c:a6:71:07:ba:1f:1d:c5:0d:e6:19:6f:4e:f5:13:a6:22: 5b:10:24:78:05:75:1a:f2:91:9c:9e:72:30:03:59:eb:04:a3: 44:ae:3b:28:1f:fc:ff:de:16:3b:eb:a9:0d:63:10:94:2a:2b: fa:5d:67:d9:ce:d6:d8:87:a1:49:b1:3a:33:73:85:9e:4f:9a: d7:8e:2b:2c:09:91:64:ba:2e:52:ea:99:bf:ef:71:ee:d7:35: 87:90:29:ef:a0:0c:1f:f5:de:2f:80:7b:2a:dd:54:52:9d:33: 14:c0:b4:8d:92:a0:48:fb:6f:4e:30:88:d1:91:aa:ce:e3:1a: a4:f6:90:9b:67:d9:f3:71:a4:73:b9:4c:ca:cc:bf:95:2d:a2: bc:d5:8c:03 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgISAZt9XFZzNHgo1FSSHV1GXMnOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1 NzgzNDIwHhcNMjYwMTAyMDYxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNTE1Zjc3ODg4ZGE4NGVlMjliOGY0ZGZkNDQ0YzU3MDg3OTliNmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLdqhO3wgABoRrNi2hJmBt6tLwE2 o5bI3Ibpxt94d8a5r4qAp68UT9Zxqxa+KWtcrg5dPRkeenPSkEkSEHMJy1Q9Kd/q TtU/Wy+FgfK2gAoW05EDvLnue1NeQMBpmiLqoOllpYWMTLr0yhSVrncQpXilKbnZ 8Qyf2Ba6zzrZL5jfE2KiUF+ZyKEX0C7/rzzxEUl4No3FZNPo+QfPirtU7CYshekU uZOG999bFkctnGfskJ4VB+DMQMk8qGAEJJtQIEWQmo2IY3n45LfPBhvW487C8TCx oIV1S106eq+/DpU228dPLTSO3B7V22qCZaIBCfInnv7OFJbuX2mMlwCX2wIDAQAB o4IC0jCCAs4wHQYDVR0OBBYEFMUV93iI2oTuKbj039RExXCHmbajMB8GA1UdIwQY MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt MmNkOThlZTUzNTY5LzEveFJYM2VJamFoTzRwdVBUZjFFVEZjSWVadHFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5 LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBwQQCAAEwgboDBAAF LdEDBAAFLdYDBAAFLdsDBAAFLfEDBAAFLfMDBAIFLfwDBAAF/8sDBAAF/80DBAAF /+gDBAEF/+oDBAAlCUsDBAAlCVYDBAAlCWIDBAAljKgDBABNWAYDBAFNWAwDBAFN WCoDBABNWD0DBAVU/KADBABX+ugDBABX+u4DBABX+vADBARanLADBAJdnpADBABd npsDBAJdnqgDBABdnrYDBAJdnrgDBAJfbKgDBAGNCIIDBACympgwDgQCAAIwCAMG BioCBr+AMA0GCSqGSIb3DQEBCwUAA4IBAQBmPqHCbXF7tc5r6smevZPUkMy9wA9H WrsrR0xBcnfxR2ox5h3LpRDYftcj4d2iVqgOtlZew4SBvCaZOpjbQSw+7CQOfBo5 1GKMpszisLcBSKIgTFMQmWODlBarBHoDOEy7rMWxLp7BCAJclzkJjKZxB7ofHcUN 5hlvTvUTpiJbECR4BXUa8pGcnnIwA1nrBKNErjsoH/z/3hY766kNYxCUKiv6XWfZ ztbYh6FJsTozc4WeT5rXjissCZFkui5S6pm/73Hu1zWHkCnvoAwf9d4vgHsq3VRS nTMUwLSNkqBI+29OMIjRkarO4xqk9pCbZ9nzcaRzuUzKzL+VLaK81YwD -----END CERTIFICATE-----Generated at Sun Jan 25 21:03:20 2026 by rpki-client