This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/42Rcnwutm1ywNZ_X0-W_swhKEEM.roa File: 42Rcnwutm1ywNZ_X0-W_swhKEEM.roa (raw, json) Hash identifier: bi2ZbfhoxgNISP+fs+ffnhhXz6L36QQJYtK0dcQ3mCA= Subject key identifier: E3:64:5C:9F:0B:AD:9B:5C:B0:35:9F:D7:D3:E5:BF:B3:08:4A:10:43 Certificate issuer: /CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5 Certificate serial: 019B7834A2F9E6B0623E332780C386245244 Authority key identifier: 38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/42Rcnwutm1ywNZ_X0-W_swhKEEM.roa Signing time: Thu 01 Jan 2026 06:17:54 +0000 ROA not before: Thu 01 Jan 2026 06:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29247 IP address blocks: 5.144.192.0/18 maxlen: 18 5.144.192.0/20 maxlen: 20 5.144.208.0/20 maxlen: 20 5.144.224.0/20 maxlen: 20 5.203.0.0/16 maxlen: 16 31.152.0.0/16 maxlen: 16 62.103.103.0/24 maxlen: 24 94.143.176.0/24 maxlen: 24 94.143.177.0/24 maxlen: 24 94.143.178.0/24 maxlen: 24 94.143.180.0/24 maxlen: 24 94.143.183.0/24 maxlen: 24 109.178.0.0/16 maxlen: 16 149.210.0.0/18 maxlen: 18 149.210.64.0/18 maxlen: 18 195.167.65.0/24 maxlen: 24 2a02:1388::/29 maxlen: 29 2a02:1388::/36 maxlen: 36 2a02:1388:2000::/36 maxlen: 36 2a02:1388:4000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.mft rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:a2:f9:e6:b0:62:3e:33:27:80:c3:86:24:52:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5 Validity Not Before: Jan 1 06:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3645c9f0bad9b5cb0359fd7d3e5bfb3084a1043 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:8e:a5:9d:ef:e6:25:b1:23:07:9e:ab:6c:81: ae:d8:ae:dd:72:84:61:08:3e:9d:e3:6b:bc:c1:74: 2f:0b:f1:df:63:8c:fb:c2:95:11:58:c3:a2:7d:ed: 22:f8:49:22:ae:ac:31:b5:21:fb:44:41:a8:9c:4d: 26:ce:36:23:b2:e5:c9:ec:28:3d:da:da:5b:20:f1: 7f:63:78:6a:97:98:24:dc:74:2f:3d:b0:33:22:c3: a7:fa:79:df:0b:f4:d2:6c:c3:38:35:1a:6e:b1:59: 38:a0:af:81:f8:26:47:d8:39:79:5a:10:53:6b:bd: ef:19:44:10:de:b9:b9:2c:d7:7b:33:59:30:2e:a5: f3:cf:c3:c6:dd:f7:5f:85:91:3a:13:82:e2:eb:35: 3d:7a:f0:5c:50:b5:7f:f9:6f:24:02:a9:3e:bd:54: 68:df:21:a7:22:30:d6:bc:9f:43:58:64:e7:7a:df: d7:fd:d8:a5:d0:62:ce:0f:fd:3c:0c:1a:0e:4e:f5: 94:46:d2:89:3c:49:31:6a:9d:0c:a5:77:9e:ce:5a: 13:2a:6d:a6:8a:a2:e8:59:ee:a6:ed:b2:86:1b:56: 2e:25:f1:52:fc:0a:7e:22:ce:75:8c:ef:71:45:a7: 65:d3:3b:0e:17:dd:99:7b:fa:b7:79:8f:63:ee:07: d3:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:64:5C:9F:0B:AD:9B:5C:B0:35:9F:D7:D3:E5:BF:B3:08:4A:10:43 X509v3 Authority Key Identifier: keyid:38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/42Rcnwutm1ywNZ_X0-W_swhKEEM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.144.192.0/18 5.203.0.0/16 31.152.0.0/16 62.103.103.0/24 94.143.176.0-94.143.178.255 94.143.180.0/24 94.143.183.0/24 109.178.0.0/16 149.210.0.0/17 195.167.65.0/24 IPv6: 2a02:1388::/29 Signature Algorithm: sha256WithRSAEncryption 9d:db:32:54:b0:53:4b:d2:fa:23:b2:66:cf:04:df:e6:fb:29: 0d:f0:0f:cf:b5:52:16:2a:8c:d6:f1:d5:d8:4a:1e:e1:a6:1b: 46:32:99:d9:46:90:5f:da:46:f9:0c:a4:b5:68:22:65:91:fc: 2e:a4:fa:8d:46:da:ec:1c:9c:88:be:61:8e:07:38:0e:59:b3: 1c:2f:92:e2:dc:4b:19:9e:c0:11:90:a9:e8:72:2d:3f:07:2a: 61:b5:e3:37:c5:6e:47:74:69:d6:25:88:3b:c8:15:4a:ef:b3: fc:41:0c:60:e6:d4:81:57:07:67:b3:64:9d:17:18:f1:7f:c3: a0:79:54:26:cc:da:8f:3e:a0:2c:75:b0:f6:bc:b2:d1:ef:67: f2:c1:c8:21:4f:b7:8c:27:7f:58:24:ba:75:00:43:97:d3:81: de:16:15:ae:b0:42:fd:8b:c9:6b:a8:03:5d:02:e6:f7:c2:71: 64:75:b5:8b:9a:58:cc:9a:f1:3d:61:fe:b0:3a:2b:ba:dc:a4: ba:47:da:25:34:c4:b1:21:8e:ea:fc:2c:cb:20:db:8a:f9:e0: bd:80:f3:9d:f6:b5:c0:f8:74:ad:2d:44:dd:cf:e5:b5:5b:ff: ea:cc:e3:60:d2:ed:e7:e8:8b:b1:9a:eb:89:37:20:fe:4f:02: 41:6b:98:fb -----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgISAZt4NKL55rBiPjMngMOGJFJEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4ZjljNTRmMTkxOTNlMDY1NDgxNjNmODk1YzNhNDZiOWY4 YmZiYjUwHhcNMjYwMTAxMDYxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzY0NWM5ZjBiYWQ5YjVjYjAzNTlmZDdkM2U1YmZiMzA4NGExMDQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY6lne/mJbEjB56rbIGu2K7dcoRh CD6d42u8wXQvC/HfY4z7wpURWMOife0i+EkirqwxtSH7REGonE0mzjYjsuXJ7Cg9 2tpbIPF/Y3hql5gk3HQvPbAzIsOn+nnfC/TSbMM4NRpusVk4oK+B+CZH2Dl5WhBT a73vGUQQ3rm5LNd7M1kwLqXzz8PG3fdfhZE6E4Li6zU9evBcULV/+W8kAqk+vVRo 3yGnIjDWvJ9DWGTnet/X/dil0GLOD/08DBoOTvWURtKJPEkxap0MpXeezloTKm2m iqLoWe6m7bKGG1YuJfFS/Ap+Is51jO9xRadl0zsOF92Ze/q3eY9j7gfTHwIDAQAB o4ICUzCCAk8wHQYDVR0OBBYEFONkXJ8LrZtcsDWf19Plv7MIShBDMB8GA1UdIwQY MBaAFDj5xU8ZGT4GVIFj+JXDpGufi/u1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMt NzI0OTQ5YjQ2MGU5LzEvNDJSY253dXRtMXl3TlpfWDAtV19zd2hLRUVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMtNzI0OTQ5YjQ2MGU5 LzEvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwQGBZDAAwMA BcsDAwAfmAMEAD5nZzAMAwQEXo+wAwQAXo+yAwQAXo+0AwQAXo+3AwMAbbIDBAeV 0gADBADDp0EwDQQCAAIwBwMFAyoCE4gwDQYJKoZIhvcNAQELBQADggEBAJ3bMlSw U0vS+iOyZs8E3+b7KQ3wD8+1UhYqjNbx1dhKHuGmG0YymdlGkF/aRvkMpLVoImWR /C6k+o1G2uwcnIi+YY4HOA5ZsxwvkuLcSxmewBGQqehyLT8HKmG14zfFbkd0adYl iDvIFUrvs/xBDGDm1IFXB2ezZJ0XGPF/w6B5VCbM2o8+oCx1sPa8stHvZ/LByCFP t4wnf1gkunUAQ5fTgd4WFa6wQv2LyWuoA10C5vfCcWR1tYuaWMya8T1h/rA6K7rc pLpH2iU0xLEhjur8LMsg24r54L2A8532tcD4dK0tRN3P5bVb/+rM42DS7efoi7Ga 64k3IP5PAkFrmPs= -----END CERTIFICATE-----Generated at Mon Jan 26 12:26:59 2026 by rpki-client