This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/AFEWredyAjvqwTGptAJ8OUVB7P4.roa File: AFEWredyAjvqwTGptAJ8OUVB7P4.roa (raw, json) Hash identifier: 2m1v01Idcr237fiGD0VAWcDdfdXlJYmgXEBaQhLhLnM= Subject key identifier: 00:51:16:AD:E7:72:02:3B:EA:C1:31:A9:B4:02:7C:39:45:41:EC:FE Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c Certificate serial: 019B7DC9E224060C4B9FEEE6F6D064A941F9 Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/AFEWredyAjvqwTGptAJ8OUVB7P4.roa Signing time: Fri 02 Jan 2026 08:19:01 +0000 ROA not before: Fri 02 Jan 2026 08:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29286 IP address blocks: 84.22.64.0/19 maxlen: 19 84.22.64.0/24 maxlen: 24 84.22.65.0/24 maxlen: 24 84.22.66.0/24 maxlen: 24 84.22.67.0/24 maxlen: 24 84.22.68.0/24 maxlen: 24 84.22.69.0/24 maxlen: 24 84.22.70.0/24 maxlen: 24 84.22.71.0/24 maxlen: 24 84.22.72.0/24 maxlen: 24 84.22.73.0/24 maxlen: 24 84.22.74.0/24 maxlen: 24 84.22.75.0/24 maxlen: 24 84.22.76.0/24 maxlen: 24 84.22.77.0/24 maxlen: 24 84.22.78.0/24 maxlen: 24 84.22.79.0/24 maxlen: 24 84.22.80.0/24 maxlen: 24 84.22.81.0/24 maxlen: 24 84.22.84.0/24 maxlen: 24 84.22.85.0/24 maxlen: 24 84.22.86.0/24 maxlen: 24 128.140.128.0/20 maxlen: 20 185.23.96.0/23 maxlen: 23 185.23.99.0/24 maxlen: 24 195.234.248.0/22 maxlen: 22 213.180.225.0/24 maxlen: 24 213.180.226.0/24 maxlen: 24 213.180.228.0/24 maxlen: 24 213.180.229.0/24 maxlen: 24 213.180.230.0/24 maxlen: 24 213.180.240.0/21 maxlen: 21 213.180.247.0/24 maxlen: 24 213.180.252.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:e2:24:06:0c:4b:9f:ee:e6:f6:d0:64:a9:41:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c Validity Not Before: Jan 2 08:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=005116ade772023beac131a9b4027c394541ecfe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a7:1f:49:38:ef:69:d6:ba:8e:4d:a1:1a:3d: f2:df:e5:9e:5d:ae:ae:07:15:40:dd:8a:12:17:c8: f9:91:90:c0:86:cb:48:45:16:81:ce:dd:a3:ef:75: 79:a5:04:ed:9b:c2:b7:86:ce:b6:4d:fe:0c:e6:33: 9e:6f:e5:ab:4e:80:8c:ed:e2:3a:28:2a:1f:24:77: a6:e9:46:62:d4:35:f4:5e:02:f1:31:d9:cc:e4:5d: 7b:40:1a:cd:69:7b:81:29:53:3f:61:0e:f2:fa:4a: e4:15:b9:90:3e:ba:7a:88:74:ff:b7:38:a2:89:e8: f7:93:86:0e:27:e0:72:da:89:7c:a0:60:a7:45:d2: bd:e0:4c:00:3d:92:31:cf:63:ce:2d:33:75:ce:ff: 19:ec:00:fc:ec:30:18:07:b7:70:4b:6d:47:95:e9: 56:a9:60:1f:3b:f9:d2:21:6b:41:1f:8c:8e:d4:f5: d6:12:0f:1a:4e:ca:26:8b:50:9e:a0:ed:d5:04:86: 67:24:31:f3:dd:8b:a7:a4:b3:ba:13:1f:08:6b:b6: fd:b8:08:d0:21:d0:df:bf:09:89:dc:5c:f2:50:bd: 65:5b:78:59:48:35:23:ed:ea:f0:68:fe:7d:cc:be: 1a:87:ab:01:48:f1:d1:0e:f8:6e:40:3e:6d:74:d4: 5a:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:51:16:AD:E7:72:02:3B:EA:C1:31:A9:B4:02:7C:39:45:41:EC:FE X509v3 Authority Key Identifier: keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/AFEWredyAjvqwTGptAJ8OUVB7P4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.22.64.0/19 128.140.128.0/20 185.23.96.0/23 185.23.99.0/24 195.234.248.0/22 213.180.225.0-213.180.226.255 213.180.228.0-213.180.230.255 213.180.240.0/21 213.180.252.0/22 Signature Algorithm: sha256WithRSAEncryption 28:c2:a0:5a:dd:d7:bd:a0:80:29:86:ae:70:6b:8e:6e:8d:48: 63:bc:b5:61:1b:0b:14:c0:04:cb:1e:69:1c:59:86:f9:bb:59: 3e:4c:e0:a5:74:95:85:78:c5:db:e2:f1:4c:95:9a:81:38:4e: 36:e7:ad:58:25:02:2a:5d:ff:4c:54:7a:6e:d3:9a:ef:e2:6e: 04:e6:3a:fe:b1:cc:cb:ab:a8:06:fc:1d:40:bc:ce:ea:7d:a2: 88:3a:5f:f9:5c:d2:41:8c:80:fe:75:2d:d2:3b:84:a6:32:08: d4:a6:02:32:bf:11:64:c2:ee:4a:46:08:af:5f:b6:44:41:70: 43:04:06:b0:52:9a:b7:6e:2f:df:ad:04:fb:30:61:e3:dd:75: a3:fa:00:b2:f1:51:1f:9b:36:6a:1a:f1:e7:05:b5:c4:df:25: e4:09:f6:a9:e4:cb:3e:e8:96:60:ef:d2:d7:dc:bb:f4:3e:05: 95:23:13:01:e8:1c:87:14:52:a1:13:f5:90:d8:27:6c:b9:7d: c0:a7:1b:0a:a9:dc:12:70:17:d0:8a:7e:b2:bb:db:14:b5:11: 92:a5:c6:30:80:31:21:57:32:a7:59:65:c0:41:f5:c1:67:c8: ed:59:db:c9:84:02:96:b0:56:ec:ba:e3:9a:04:73:83:74:f0: 49:50:b9:bc -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISAZt9yeIkBgxLn+7m9tBkqUH5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl ZDhjMWMwHhcNMjYwMTAyMDgxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDUxMTZhZGU3NzIwMjNiZWFjMTMxYTliNDAyN2MzOTQ1NDFlY2ZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAracfSTjvada6jk2hGj3y3+WeXa6u BxVA3YoSF8j5kZDAhstIRRaBzt2j73V5pQTtm8K3hs62Tf4M5jOeb+WrToCM7eI6 KCofJHem6UZi1DX0XgLxMdnM5F17QBrNaXuBKVM/YQ7y+krkFbmQPrp6iHT/tzii iej3k4YOJ+By2ol8oGCnRdK94EwAPZIxz2POLTN1zv8Z7AD87DAYB7dwS21HlelW qWAfO/nSIWtBH4yO1PXWEg8aTsomi1CeoO3VBIZnJDHz3YunpLO6Ex8Ia7b9uAjQ IdDfvwmJ3FzyUL1lW3hZSDUj7erwaP59zL4ah6sBSPHRDvhuQD5tdNRalQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFABRFq3ncgI76sExqbQCfDlFQez+MB8GA1UdIwQY MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt YmQ5MGEzZjA2ZTE2LzEvQUZFV3JlZHlBanZxd1RHcHRBSjhPVVZCN1A0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2 LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQFVBZAAwQE gIyAAwQBuRdgAwQAuRdjAwQCw+r4MAwDBADVtOEDBADVtOIwDAMEAtW05AMEANW0 5gMEA9W08AMEAtW0/DANBgkqhkiG9w0BAQsFAAOCAQEAKMKgWt3XvaCAKYaucGuO bo1IY7y1YRsLFMAEyx5pHFmG+btZPkzgpXSVhXjF2+LxTJWagThONuetWCUCKl3/ TFR6btOa7+JuBOY6/rHMy6uoBvwdQLzO6n2iiDpf+VzSQYyA/nUt0juEpjII1KYC Mr8RZMLuSkYIr1+2REFwQwQGsFKat24v360E+zBh4911o/oAsvFRH5s2ahrx5wW1 xN8l5An2qeTLPuiWYO/S19y79D4FlSMTAegchxRSoRP1kNgnbLl9wKcbCqncEnAX 0Ip+srvbFLURkqXGMIAxIVcyp1llwEH1wWfI7VnbyYQClrBW7LrjmgRzg3TwSVC5 vA== -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:43 2026 by rpki-client