This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/zSUHQIil1pv6NSEqyiy6QZUHKgI.roa File: zSUHQIil1pv6NSEqyiy6QZUHKgI.roa (raw, json) Hash identifier: sCV+NE2NUCcb5ZuDP7u98vtXx/1nUNBXjVpaW7PtLOM= Subject key identifier: CD:25:07:40:88:A5:D6:9B:FA:35:21:2A:CA:2C:BA:41:95:07:2A:02 Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d Certificate serial: 019B7C806044007996E1B7F9ADE7DD2422BB Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/zSUHQIil1pv6NSEqyiy6QZUHKgI.roa Signing time: Fri 02 Jan 2026 02:19:06 +0000 ROA not before: Fri 02 Jan 2026 02:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49531 IP address blocks: 91.214.204.0/22 maxlen: 22 93.92.32.0/21 maxlen: 21 93.92.32.0/24 maxlen: 24 93.92.33.0/24 maxlen: 24 93.92.34.0/23 maxlen: 23 93.92.36.0/23 maxlen: 23 93.92.38.0/23 maxlen: 23 93.186.48.0/20 maxlen: 20 93.186.48.0/23 maxlen: 23 93.186.50.0/23 maxlen: 23 93.186.52.0/23 maxlen: 23 93.186.54.0/23 maxlen: 23 93.186.56.0/23 maxlen: 23 93.186.58.0/23 maxlen: 23 93.186.60.0/23 maxlen: 23 93.186.62.0/23 maxlen: 23 94.159.0.0/17 maxlen: 17 94.159.0.0/18 maxlen: 18 94.159.0.0/23 maxlen: 23 94.159.2.0/23 maxlen: 23 94.159.4.0/23 maxlen: 23 94.159.6.0/23 maxlen: 23 94.159.8.0/23 maxlen: 23 94.159.10.0/23 maxlen: 23 94.159.12.0/23 maxlen: 23 94.159.14.0/23 maxlen: 23 94.159.16.0/23 maxlen: 23 94.159.18.0/23 maxlen: 23 94.159.20.0/23 maxlen: 23 94.159.22.0/23 maxlen: 23 94.159.24.0/23 maxlen: 23 94.159.26.0/23 maxlen: 23 94.159.28.0/23 maxlen: 23 94.159.30.0/23 maxlen: 23 94.159.32.0/23 maxlen: 23 94.159.34.0/23 maxlen: 23 94.159.36.0/23 maxlen: 23 94.159.38.0/23 maxlen: 23 94.159.40.0/23 maxlen: 23 94.159.42.0/23 maxlen: 23 94.159.44.0/23 maxlen: 23 94.159.46.0/23 maxlen: 23 94.159.48.0/23 maxlen: 23 94.159.50.0/23 maxlen: 23 94.159.52.0/23 maxlen: 23 94.159.54.0/23 maxlen: 23 94.159.56.0/23 maxlen: 23 94.159.58.0/23 maxlen: 23 94.159.60.0/23 maxlen: 23 94.159.62.0/23 maxlen: 23 94.159.64.0/19 maxlen: 19 94.159.64.0/23 maxlen: 23 94.159.66.0/23 maxlen: 23 94.159.68.0/23 maxlen: 23 94.159.70.0/23 maxlen: 23 94.159.70.0/24 maxlen: 24 94.159.72.0/23 maxlen: 23 94.159.74.0/23 maxlen: 23 94.159.76.0/23 maxlen: 23 94.159.78.0/23 maxlen: 23 94.159.80.0/23 maxlen: 23 94.159.82.0/23 maxlen: 23 94.159.84.0/23 maxlen: 23 94.159.85.0/24 maxlen: 24 94.159.88.0/21 maxlen: 21 94.159.88.0/22 maxlen: 22 94.159.92.0/24 maxlen: 24 94.159.107.0/24 maxlen: 24 94.159.108.0/22 maxlen: 22 94.159.112.0/21 maxlen: 21 94.159.120.0/22 maxlen: 22 94.159.124.0/22 maxlen: 22 185.42.108.0/22 maxlen: 22 2a04:8f00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.mft rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:60:44:00:79:96:e1:b7:f9:ad:e7:dd:24:22:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d Validity Not Before: Jan 2 02:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cd25074088a5d69bfa35212aca2cba4195072a02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:d7:f5:e4:69:ec:24:c0:a0:d6:2a:29:40:23: e5:66:43:7f:fd:d6:a3:b8:c1:8c:0c:43:1f:93:71: d1:54:db:d9:fe:c6:ea:83:ec:7f:ae:c5:9b:46:a6: e4:a4:ab:4a:2f:ed:ae:b1:f7:15:b4:5d:28:7e:29: cc:14:19:4c:f7:8c:f1:4b:61:1f:d7:3e:37:bb:8e: 25:0a:d1:4d:f4:3b:e1:ff:7b:9f:9c:c8:f1:b9:f2: 69:31:29:3d:3e:d9:99:56:f3:63:72:30:dc:e7:31: b8:7e:ae:50:03:a5:0f:b2:92:33:b6:0c:23:73:62: 7d:1a:ca:b1:4e:06:be:fd:7c:e7:96:ae:f8:e0:73: 7b:54:08:e5:ff:9a:ed:f4:19:b5:13:77:c8:ac:6e: 04:99:67:49:50:af:1c:cd:83:97:5a:aa:d8:2a:fb: c2:2d:07:78:46:ab:2b:7f:04:36:cb:0e:23:c0:bb: 44:ce:29:c5:bd:b0:2a:77:51:eb:20:46:1b:be:fc: 43:ec:3b:6d:69:01:fa:0e:a7:c3:01:8a:03:44:94: 2d:38:39:f2:5f:31:52:8a:d6:73:b0:05:8e:57:2e: 5e:c4:39:86:6d:86:80:43:18:3b:51:64:33:db:0c: fe:f1:61:7c:02:a0:9c:cf:e4:95:13:c9:38:5b:93: 05:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:25:07:40:88:A5:D6:9B:FA:35:21:2A:CA:2C:BA:41:95:07:2A:02 X509v3 Authority Key Identifier: keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/zSUHQIil1pv6NSEqyiy6QZUHKgI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.214.204.0/22 93.92.32.0/21 93.186.48.0/20 94.159.0.0/17 185.42.108.0/22 IPv6: 2a04:8f00::/29 Signature Algorithm: sha256WithRSAEncryption 63:bd:7a:8f:bd:14:2d:32:f6:0e:f5:b9:37:53:f9:e8:d2:f7: 6a:58:da:9e:d9:3f:53:01:f8:34:09:40:d3:94:44:b1:92:df: 06:da:4d:fc:08:33:84:0e:db:5a:ba:17:12:c9:69:03:95:05: 5c:0b:fc:a0:28:01:6f:96:54:ef:7c:29:da:e9:3b:50:cb:43: 43:a9:3f:a4:fa:f8:98:a7:49:de:5f:ac:87:19:8a:27:80:68: a7:53:23:91:3d:f9:71:35:13:cb:4e:4c:1e:93:1f:64:08:61: be:43:58:ee:97:1d:5e:e2:51:fd:9c:c7:bb:f4:c4:66:62:04: fb:86:59:e7:fc:82:88:b8:9f:f9:c2:99:7a:51:ae:8d:22:3d: e1:4c:73:88:20:0c:34:54:b2:99:1d:ea:96:8a:d8:34:c8:67: 94:00:79:a7:24:d2:e8:04:61:92:47:24:6f:f4:7b:2d:e1:b3: 40:5a:f7:0a:a6:37:3b:32:4e:70:c9:b2:10:19:94:3f:e7:ae: 25:23:0c:21:17:49:94:9d:13:a3:52:c5:81:cc:7f:82:01:39: eb:e4:7d:86:f1:d3:f3:a9:63:8a:35:68:f6:29:37:6d:93:1e: 22:9b:c1:cc:be:aa:a2:4f:0a:89:f4:37:54:d4:46:9f:f8:c7: 13:87:2d:5c -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt8gGBEAHmW4bf5refdJCK7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi ZDQ2NWQwHhcNMjYwMTAyMDIxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDI1MDc0MDg4YTVkNjliZmEzNTIxMmFjYTJjYmE0MTk1MDcyYTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+tf15GnsJMCg1iopQCPlZkN//daj uMGMDEMfk3HRVNvZ/sbqg+x/rsWbRqbkpKtKL+2usfcVtF0ofinMFBlM94zxS2Ef 1z43u44lCtFN9Dvh/3ufnMjxufJpMSk9PtmZVvNjcjDc5zG4fq5QA6UPspIztgwj c2J9GsqxTga+/Xznlq744HN7VAjl/5rt9Bm1E3fIrG4EmWdJUK8czYOXWqrYKvvC LQd4RqsrfwQ2yw4jwLtEzinFvbAqd1HrIEYbvvxD7DttaQH6DqfDAYoDRJQtODny XzFSitZzsAWOVy5exDmGbYaAQxg7UWQz2wz+8WF8AqCcz+SVE8k4W5MF4wIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFM0lB0CIpdab+jUhKsosukGVByoCMB8GA1UdIwQY MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt MzkxMGE1OWExMTIxLzEvelNVSFFJaWwxcHY2TlNFcXlpeTZRWlVIS2dJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW9bMAwQD XVwgAwQEXbowAwQHXp8AAwQCuSpsMA0EAgACMAcDBQMqBI8AMA0GCSqGSIb3DQEB CwUAA4IBAQBjvXqPvRQtMvYO9bk3U/no0vdqWNqe2T9TAfg0CUDTlESxkt8G2k38 CDOEDttauhcSyWkDlQVcC/ygKAFvllTvfCna6TtQy0NDqT+k+viYp0neX6yHGYon gGinUyORPflxNRPLTkwekx9kCGG+Q1julx1e4lH9nMe79MRmYgT7hlnn/IKIuJ/5 wpl6Ua6NIj3hTHOIIAw0VLKZHeqWitg0yGeUAHmnJNLoBGGSRyRv9Hst4bNAWvcK pjc7Mk5wybIQGZQ/564lIwwhF0mUnROjUsWBzH+CATnr5H2G8dPzqWOKNWj2KTdt kx4im8HMvqqiTwqJ9DdU1Eaf+McThy1c -----END CERTIFICATE-----Generated at Sun Jan 25 17:00:03 2026 by rpki-client