This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/0VnbCUUxMHz9IQSGbuoNhNu-3i0.roa File: 0VnbCUUxMHz9IQSGbuoNhNu-3i0.roa (raw, json) Hash identifier: hvzM8HfzEPqtWwc9Q56WgaJxRYytObZ9iUV/CwXnl4U= Subject key identifier: D1:59:DB:09:45:31:30:7C:FD:21:04:86:6E:EA:0D:84:DB:BE:DE:2D Certificate issuer: /CN=5a61102ed4d66dcd952de01304e0afe1384d00bf Certificate serial: 019BD5823578F7FADED456C3F3A4910E472D Authority key identifier: 5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/0VnbCUUxMHz9IQSGbuoNhNu-3i0.roa Signing time: Mon 19 Jan 2026 09:07:18 +0000 ROA not before: Mon 19 Jan 2026 09:07:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12886 IP address blocks: 62.204.160.0/19 maxlen: 19 94.101.120.0/22 maxlen: 24 103.21.236.0/22 maxlen: 22 103.51.228.0/22 maxlen: 22 103.76.96.0/22 maxlen: 22 103.192.160.0/22 maxlen: 22 103.234.232.0/22 maxlen: 22 128.65.144.0/21 maxlen: 21 170.81.52.0/22 maxlen: 22 170.84.228.0/22 maxlen: 22 185.88.92.0/22 maxlen: 22 185.188.18.0/24 maxlen: 24 193.23.64.0/19 maxlen: 19 212.118.192.0/19 maxlen: 19 2a02:f90::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.mft rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d5:82:35:78:f7:fa:de:d4:56:c3:f3:a4:91:0e:47:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a61102ed4d66dcd952de01304e0afe1384d00bf Validity Not Before: Jan 19 09:07:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d159db094531307cfd2104866eea0d84dbbede2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f4:bb:e4:c2:c6:5a:99:80:e7:9a:74:33:19: 95:4f:ed:5b:9c:7e:e9:78:ec:11:aa:60:a2:a6:f1: ab:1f:c4:66:cb:2e:b3:bf:76:50:7d:a9:f5:65:9a: 3b:8f:96:cb:34:b2:28:ff:fb:f2:27:ba:c9:b9:1d: b0:07:a6:77:cf:49:81:1c:46:7a:54:d7:d6:0b:66: c2:ff:b9:f4:2c:8c:09:34:8f:3e:7d:f4:ab:ed:a8: 48:ea:dc:e0:69:82:21:ed:75:5b:ab:0f:a5:6b:7e: ab:bc:8b:06:b1:4b:13:93:71:15:31:63:25:bf:6f: 7e:95:d7:5b:98:20:e0:c9:0e:8b:46:c9:27:97:2b: 07:d6:15:32:f0:4f:ac:11:05:9d:a7:36:2a:07:87: 11:8f:0d:9d:aa:dc:17:cb:c1:55:88:83:fc:e8:44: 69:b9:30:0f:c8:ed:ea:8f:a0:69:37:d2:b8:96:82: d6:b0:b0:70:bc:62:3b:e4:42:a2:6d:e2:42:78:1d: 5f:68:16:a0:a2:80:9d:2a:fc:bd:95:ce:5a:7b:57: b8:92:14:53:8c:5a:21:4b:cc:6f:ff:4c:0e:0a:9f: 5b:fe:f2:5f:ff:ca:ca:ba:82:e7:cb:36:e5:19:cf: e4:36:2c:26:15:2a:62:db:24:87:06:c8:69:43:a3: 49:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:59:DB:09:45:31:30:7C:FD:21:04:86:6E:EA:0D:84:DB:BE:DE:2D X509v3 Authority Key Identifier: keyid:5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/0VnbCUUxMHz9IQSGbuoNhNu-3i0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.204.160.0/19 94.101.120.0/22 103.21.236.0/22 103.51.228.0/22 103.76.96.0/22 103.192.160.0/22 103.234.232.0/22 128.65.144.0/21 170.81.52.0/22 170.84.228.0/22 185.88.92.0/22 185.188.18.0/24 193.23.64.0/19 212.118.192.0/19 IPv6: 2a02:f90::/32 Signature Algorithm: sha256WithRSAEncryption 06:f9:7d:47:a6:7d:03:57:ca:31:c0:8a:0c:df:ba:c1:64:65: a2:18:55:0e:77:79:a4:b5:c7:c1:dd:91:fb:0d:bc:95:ac:a0: de:25:9f:e6:b0:43:4c:4c:f3:87:ff:77:af:57:d6:0b:cf:01: 67:99:a6:41:94:29:cd:3c:91:97:50:d7:fb:6c:d5:d0:a6:12: 2e:44:51:84:63:7f:72:c4:8b:a3:4b:bc:7d:a1:cd:f6:6f:12: 8e:55:01:1c:cd:59:dc:ad:b4:5d:77:93:32:ed:be:2f:38:0b: 61:d4:c5:5e:7f:47:47:67:24:10:13:7e:36:e0:06:bc:13:5b: f5:c3:72:87:f9:d8:dc:19:94:2b:00:f4:e8:26:83:cc:87:54: e3:b3:56:ed:b4:6b:04:05:1f:d5:2c:0d:9a:8e:b7:2b:77:82: 34:59:c5:51:8e:7d:f7:ca:8f:c9:9f:16:ab:59:86:d6:f2:c4: 83:dc:cc:cc:4f:05:17:6f:b6:4e:d3:d4:91:05:72:df:63:1d: 01:b2:41:e7:3c:e9:38:39:13:15:b4:17:22:7f:74:0a:7d:2b: e8:c9:8c:e5:43:11:9b:22:07:90:51:81:12:2f:8e:dd:6a:6f: 80:7d:08:e7:b9:c9:b9:5d:52:e6:2c:42:d5:4c:79:70:a9:28: 29:0e:4d:bb -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgISAZvVgjV49/re1FbD86SRDkctMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhNjExMDJlZDRkNjZkY2Q5NTJkZTAxMzA0ZTBhZmUxMzg0 ZDAwYmYwHhcNMjYwMTE5MDkwNzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMTU5ZGIwOTQ1MzEzMDdjZmQyMTA0ODY2ZWVhMGQ4NGRiYmVkZTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfS75MLGWpmA55p0MxmVT+1bnH7p eOwRqmCipvGrH8Rmyy6zv3ZQfan1ZZo7j5bLNLIo//vyJ7rJuR2wB6Z3z0mBHEZ6 VNfWC2bC/7n0LIwJNI8+ffSr7ahI6tzgaYIh7XVbqw+la36rvIsGsUsTk3EVMWMl v29+lddbmCDgyQ6LRsknlysH1hUy8E+sEQWdpzYqB4cRjw2dqtwXy8FViIP86ERp uTAPyO3qj6BpN9K4loLWsLBwvGI75EKibeJCeB1faBagooCdKvy9lc5ae1e4khRT jFohS8xv/0wOCp9b/vJf/8rKuoLnyzblGc/kNiwmFSpi2ySHBshpQ6NJSwIDAQAB o4ICZjCCAmIwHQYDVR0OBBYEFNFZ2wlFMTB8/SEEhm7qDYTbvt4tMB8GA1UdIwQY MBaAFFphEC7U1m3NlS3gEwTgr+E4TQC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV21FUUx0VFdiYzJWTGVBVEJPQ3Y0VGhOQUw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85NWU3OGEtNTdlNy00YTU4LTkzMTYt Mjg4YmQ2YjllMDkyLzEvMFZuYkNVVXhNSHo5SVFTR2J1b05oTnUtM2kwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi85NWU3OGEtNTdlNy00YTU4LTkzMTYtMjg4YmQ2YjllMDky LzEvV21FUUx0VFdiYzJWTGVBVEJPQ3Y0VGhOQUw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQFPsygAwQC XmV4AwQCZxXsAwQCZzPkAwQCZ0xgAwQCZ8CgAwQCZ+roAwQDgEGQAwQCqlE0AwQC qlTkAwQCuVhcAwQAubwSAwQFwRdAAwQF1HbAMA0EAgACMAcDBQAqAg+QMA0GCSqG SIb3DQEBCwUAA4IBAQAG+X1Hpn0DV8oxwIoM37rBZGWiGFUOd3mktcfB3ZH7DbyV rKDeJZ/msENMTPOH/3evV9YLzwFnmaZBlCnNPJGXUNf7bNXQphIuRFGEY39yxIuj S7x9oc32bxKOVQEczVncrbRdd5My7b4vOAth1MVef0dHZyQQE3424Aa8E1v1w3KH +djcGZQrAPToJoPMh1Tjs1bttGsEBR/VLA2ajrcrd4I0WcVRjn33yo/JnxarWYbW 8sSD3MzMTwUXb7ZO09SRBXLfYx0BskHnPOk4ORMVtBcif3QKfSvoyYzlQxGbIgeQ UYESL47dam+AfQjnucm5XVLmLELVTHlwqSgpDk27 -----END CERTIFICATE-----Generated at Mon Jan 26 05:32:38 2026 by rpki-client