This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/P2z60TT5kqB-d0NQ2XA4fLTFBz0.roa File: P2z60TT5kqB-d0NQ2XA4fLTFBz0.roa (raw, json) Hash identifier: H2tzNdLvq80tMnAzPWbwLl8MIdAmcLNud7Ng3jnGJBE= Subject key identifier: 3F:6C:FA:D1:34:F9:92:A0:7E:77:43:50:D9:70:38:7C:B4:C5:07:3D Certificate issuer: /CN=bfe6fc768ad47b968e0a259fecc8a3da32fac5ea Certificate serial: 019B7910C00B9E3A216164F370405C14B75F Authority key identifier: BF:E6:FC:76:8A:D4:7B:96:8E:0A:25:9F:EC:C8:A3:DA:32:FA:C5:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-b8dorUe5aOCiWf7Mij2jL6xeo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/P2z60TT5kqB-d0NQ2XA4fLTFBz0.roa Signing time: Thu 01 Jan 2026 10:18:19 +0000 ROA not before: Thu 01 Jan 2026 10:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15817 IP address blocks: 31.220.120.0/21 maxlen: 21 37.202.0.0/21 maxlen: 21 45.144.184.0/22 maxlen: 22 46.30.56.0/21 maxlen: 21 176.52.240.0/21 maxlen: 21 178.16.56.0/21 maxlen: 21 185.15.192.0/22 maxlen: 22 185.166.20.0/22 maxlen: 22 185.181.132.0/22 maxlen: 22 185.215.156.0/22 maxlen: 22 185.221.104.0/22 maxlen: 22 185.224.152.0/22 maxlen: 22 185.227.112.0/22 maxlen: 22 185.227.112.0/24 maxlen: 24 185.227.113.0/24 maxlen: 24 185.227.114.0/24 maxlen: 24 185.227.115.0/24 maxlen: 24 185.233.52.0/22 maxlen: 22 185.237.64.0/22 maxlen: 22 185.243.132.0/22 maxlen: 22 185.247.148.0/24 maxlen: 24 185.247.149.0/24 maxlen: 24 185.247.151.0/24 maxlen: 24 188.94.248.0/21 maxlen: 21 193.53.246.0/23 maxlen: 23 193.53.250.0/23 maxlen: 23 2a03:2a00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/v-b8dorUe5aOCiWf7Mij2jL6xeo.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/v-b8dorUe5aOCiWf7Mij2jL6xeo.mft rsync://rpki.ripe.net/repository/DEFAULT/v-b8dorUe5aOCiWf7Mij2jL6xeo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c0:0b:9e:3a:21:61:64:f3:70:40:5c:14:b7:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfe6fc768ad47b968e0a259fecc8a3da32fac5ea Validity Not Before: Jan 1 10:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3f6cfad134f992a07e774350d970387cb4c5073d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e1:1a:e3:a3:d7:70:d3:fe:db:6b:2d:76:93: 2e:1f:03:7c:25:c5:43:7c:8d:ee:1e:fc:e4:78:71: 56:68:bd:31:a1:e9:3c:c4:51:c6:31:86:3c:70:f2: a0:44:1a:61:1e:de:3b:e2:bb:8c:de:b0:22:28:44: 5a:83:4d:6d:2a:9d:e4:ee:07:5c:95:35:e3:ad:ac: 8e:89:1b:6d:f1:35:86:8f:0c:d8:f8:28:a1:b4:7a: 9a:b0:dc:61:be:a9:a7:f9:12:1a:cb:5c:1d:1e:ae: e0:24:02:db:6f:5c:88:e3:38:3c:d3:84:88:09:02: 9e:3a:f0:c9:a3:0e:b2:a9:18:da:6d:cd:ce:ee:8c: d8:60:15:87:46:07:ce:8e:7f:72:02:3a:1f:e0:e0: b7:7a:b9:38:77:92:7b:3c:d3:e9:71:2b:5e:5b:9c: d1:f3:56:3a:58:9c:94:60:b8:c9:50:bc:0f:9c:a5: 59:b7:1d:86:2f:6a:a4:4b:27:18:06:ef:fe:29:b3: c9:8f:3e:1c:e0:55:34:0b:2e:69:c8:9b:cb:20:9e: 5a:2d:23:47:e2:55:a9:46:0b:1e:35:e7:8d:22:6d: 1c:7b:33:b8:68:f8:ea:11:a6:5d:ad:c2:9f:4c:c8: 97:83:3c:c8:66:31:7a:6f:9f:8f:8d:12:92:c6:d3: 0e:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:6C:FA:D1:34:F9:92:A0:7E:77:43:50:D9:70:38:7C:B4:C5:07:3D X509v3 Authority Key Identifier: keyid:BF:E6:FC:76:8A:D4:7B:96:8E:0A:25:9F:EC:C8:A3:DA:32:FA:C5:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-b8dorUe5aOCiWf7Mij2jL6xeo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/P2z60TT5kqB-d0NQ2XA4fLTFBz0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/00c711-0c29-4301-94bc-ea57cbe36811/1/v-b8dorUe5aOCiWf7Mij2jL6xeo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.120.0/21 37.202.0.0/21 45.144.184.0/22 46.30.56.0/21 176.52.240.0/21 178.16.56.0/21 185.15.192.0/22 185.166.20.0/22 185.181.132.0/22 185.215.156.0/22 185.221.104.0/22 185.224.152.0/22 185.227.112.0/22 185.233.52.0/22 185.237.64.0/22 185.243.132.0/22 185.247.148.0/23 185.247.151.0/24 188.94.248.0/21 193.53.246.0/23 193.53.250.0/23 IPv6: 2a03:2a00::/29 Signature Algorithm: sha256WithRSAEncryption 02:d1:19:af:cb:3e:aa:cb:ac:50:0c:81:b2:68:f1:a3:b9:38: 6f:d2:4a:d9:ec:1a:6f:95:c9:08:13:d7:0c:d7:a8:f3:23:ae: 13:32:6e:57:29:b6:2a:f9:4a:47:59:2a:01:df:0b:6c:26:58: ca:76:4c:a5:56:ac:b7:8c:15:70:3c:04:2a:df:22:07:38:17: 49:f3:b9:d8:68:5e:9f:f2:3c:cc:a6:d9:84:cf:e1:33:3d:33: 2a:ae:ec:1d:d5:1e:db:c3:78:ca:08:d3:a9:56:80:26:82:d3: ac:c7:3d:ef:32:dd:48:b7:c4:6a:52:0a:9b:21:a4:c3:8a:4d: 1e:b1:1e:ef:83:1b:33:66:9a:ac:60:77:92:4d:21:15:f3:25: 42:81:ea:59:5a:08:16:32:54:22:55:28:1b:79:5e:5e:fa:e1: ec:10:e3:1c:a9:73:44:49:e7:c3:b4:38:35:ec:d0:5e:44:bd: 0b:40:a7:c0:0e:7d:d2:64:9c:35:4b:b7:52:3b:e7:e3:ec:ed: 67:fd:5f:50:be:4b:9e:27:d6:d4:32:a7:2f:36:c9:33:fa:5c: 53:93:e1:97:ad:11:34:fd:76:c0:83:3a:16:10:b5:a6:ae:bc: c5:b2:4e:08:1c:8a:d9:26:fe:c7:a2:b6:c1:41:bc:21:a0:28: 65:be:73:8b -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgISAZt5EMALnjohYWTzcEBcFLdfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZTZmYzc2OGFkNDdiOTY4ZTBhMjU5ZmVjYzhhM2RhMzJm YWM1ZWEwHhcNMjYwMTAxMTAxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZjZjZmFkMTM0Zjk5MmEwN2U3NzQzNTBkOTcwMzg3Y2I0YzUwNzNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+Ea46PXcNP+22stdpMuHwN8JcVD fI3uHvzkeHFWaL0xoek8xFHGMYY8cPKgRBphHt474ruM3rAiKERag01tKp3k7gdc lTXjrayOiRtt8TWGjwzY+CihtHqasNxhvqmn+RIay1wdHq7gJALbb1yI4zg804SI CQKeOvDJow6yqRjabc3O7ozYYBWHRgfOjn9yAjof4OC3erk4d5J7PNPpcSteW5zR 81Y6WJyUYLjJULwPnKVZtx2GL2qkSycYBu/+KbPJjz4c4FU0Cy5pyJvLIJ5aLSNH 4lWpRgseNeeNIm0cezO4aPjqEaZdrcKfTMiXgzzIZjF6b5+PjRKSxtMOawIDAQAB o4IClDCCApAwHQYDVR0OBBYEFD9s+tE0+ZKgfndDUNlwOHy0xQc9MB8GA1UdIwQY MBaAFL/m/HaK1HuWjgoln+zIo9oy+sXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdi1iOGRvclVlNWFPQ2lXZjdNaWoyakw2eGVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8wMGM3MTEtMGMyOS00MzAxLTk0YmMt ZWE1N2NiZTM2ODExLzEvUDJ6NjBUVDVrcUItZDBOUTJYQTRmTFRGQnowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8wMGM3MTEtMGMyOS00MzAxLTk0YmMtZWE1N2NiZTM2ODEx LzEvdi1iOGRvclVlNWFPQ2lXZjdNaWoyakw2eGVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfgMEAx/c eAMEAyXKAAMEAi2QuAMEAy4eOAMEA7A08AMEA7IQOAMEArkPwAMEArmmFAMEArm1 hAMEArnXnAMEArndaAMEArngmAMEArnjcAMEArnpNAMEArntQAMEArnzhAMEAbn3 lAMEALn3lwMEA7xe+AMEAcE19gMEAcE1+jANBAIAAjAHAwUDKgMqADANBgkqhkiG 9w0BAQsFAAOCAQEAAtEZr8s+qsusUAyBsmjxo7k4b9JK2ewab5XJCBPXDNeo8yOu EzJuVym2KvlKR1kqAd8LbCZYynZMpVast4wVcDwEKt8iBzgXSfO52Ghen/I8zKbZ hM/hMz0zKq7sHdUe28N4ygjTqVaAJoLTrMc97zLdSLfEalIKmyGkw4pNHrEe74Mb M2aarGB3kk0hFfMlQoHqWVoIFjJUIlUoG3leXvrh7BDjHKlzREnnw7Q4NezQXkS9 C0CnwA590mScNUu3Ujvn4+ztZ/1fUL5LnifW1DKnLzbJM/pcU5Phl60RNP12wIM6 FhC1pq68xbJOCByK2Sb+x6K2wUG8IaAoZb5ziw== -----END CERTIFICATE-----Generated at Mon Jan 26 12:22:23 2026 by rpki-client