This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/lI1XK5SZ4unF2gsULOFdifpJAaI.roa File: lI1XK5SZ4unF2gsULOFdifpJAaI.roa (raw, json) Hash identifier: rfS2OFj3wmP/4G5TYdNqf/vwvU8JRB0c9MwtD5rUi20= Subject key identifier: 94:8D:57:2B:94:99:E2:E9:C5:DA:0B:14:2C:E1:5D:89:FA:49:01:A2 Certificate issuer: /CN=a4c93ab364c87832e7776226eee6c131dbe153bb Certificate serial: 019B7C80749DD6911BD1DC60ED24C4B0DE9A Authority key identifier: A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/lI1XK5SZ4unF2gsULOFdifpJAaI.roa Signing time: Fri 02 Jan 2026 02:19:11 +0000 ROA not before: Fri 02 Jan 2026 02:19:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197830 IP address blocks: 5.44.32.0/21 maxlen: 21 5.44.32.0/24 maxlen: 24 5.44.33.0/24 maxlen: 24 5.44.34.0/23 maxlen: 23 5.44.36.0/24 maxlen: 24 5.44.38.0/23 maxlen: 23 176.28.80.0/21 maxlen: 21 176.28.81.0/24 maxlen: 24 176.28.83.0/24 maxlen: 24 176.28.84.0/24 maxlen: 24 185.52.128.0/22 maxlen: 22 2a04:c840::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/pMk6s2TIeDLnd2Im7ubBMdvhU7s.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/pMk6s2TIeDLnd2Im7ubBMdvhU7s.mft rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:74:9d:d6:91:1b:d1:dc:60:ed:24:c4:b0:de:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4c93ab364c87832e7776226eee6c131dbe153bb Validity Not Before: Jan 2 02:19:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=948d572b9499e2e9c5da0b142ce15d89fa4901a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b4:5a:7d:2b:d3:26:3c:5c:27:96:eb:95:d6: 45:0c:c9:84:3a:f2:c5:37:31:f6:d2:9a:17:14:bf: 6e:db:d3:aa:73:34:b8:88:a5:7a:9e:c0:59:27:59: 3f:9a:d1:b7:78:b9:81:74:a5:7b:22:b2:3d:1c:d6: 40:2b:40:7e:77:fe:23:48:60:00:fc:67:41:8b:5c: 12:6f:ba:04:1f:c4:1b:c6:04:a4:28:43:27:0a:22: ad:3c:42:18:3c:c9:bd:54:80:ee:79:d7:aa:7d:c4: 0a:bb:9d:74:a9:f8:50:cd:93:a5:b0:cb:61:5e:ab: 52:6b:07:40:e2:83:31:24:6d:98:3f:8a:75:85:b8: 69:ba:c0:77:dd:78:43:7f:11:5d:c5:6d:7b:c3:a4: fd:2d:b9:cd:ba:bf:39:b0:2a:30:b8:f6:b6:f2:70: b8:df:fb:4c:d1:81:73:e8:02:ed:e3:ed:01:57:1f: 76:8b:74:5a:57:a1:4b:4c:88:77:a6:11:f9:9d:49: 0a:a5:44:8a:94:e4:cd:7c:0c:71:48:1b:b1:92:14: 4a:dc:01:1d:cf:84:88:c2:c7:1a:5b:14:76:e4:11: 39:9c:33:7b:57:22:a4:58:d6:c3:95:c3:52:29:70: 45:69:2f:11:51:a7:27:9b:c4:7c:68:d2:c5:5e:a0: c4:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:8D:57:2B:94:99:E2:E9:C5:DA:0B:14:2C:E1:5D:89:FA:49:01:A2 X509v3 Authority Key Identifier: keyid:A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/lI1XK5SZ4unF2gsULOFdifpJAaI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/pMk6s2TIeDLnd2Im7ubBMdvhU7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.44.32.0/21 176.28.80.0/21 185.52.128.0/22 IPv6: 2a04:c840::/29 Signature Algorithm: sha256WithRSAEncryption 53:c5:47:32:56:21:9c:63:f4:e0:42:83:99:02:ae:3c:3a:1f: e3:db:b4:c5:fe:21:85:5a:17:bf:e1:79:d7:e2:df:c6:b3:2c: 0e:a9:f6:36:85:b9:86:b7:29:cd:06:37:03:93:4f:a3:96:c7: c7:01:14:63:df:93:63:21:b0:21:be:32:ec:49:d5:e1:66:1b: 29:d0:e2:6e:e8:30:86:b1:fb:a9:26:06:2c:30:c8:2c:a4:18: 7a:34:ef:6e:ee:fb:5a:78:58:69:93:cd:23:ab:3a:96:72:ed: 6d:ff:8c:a5:bd:22:48:cc:e7:50:1f:e8:64:7a:a9:65:a9:97: 35:23:61:3b:0f:7d:7e:92:ed:c9:b0:0b:bd:b1:64:9c:89:7c: e7:5d:48:06:fc:46:c5:10:6e:dc:33:f5:57:e8:74:d6:ec:6a: 99:65:0d:de:0e:53:04:6c:5a:1c:d6:cc:b0:95:66:87:95:7b: 5d:11:c0:65:7b:22:9f:68:82:37:f4:44:74:66:c2:cf:2c:68: d0:95:8d:f4:06:97:32:41:0e:77:d7:73:f6:49:8c:e3:4d:cc: 23:da:e9:b9:39:33:44:3e:a7:25:28:c2:ce:de:34:bb:bf:b8: 00:4d:b8:8e:2d:88:42:65:73:f8:04:b0:ba:3f:93:03:af:05: 44:1a:01:12 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt8gHSd1pEb0dxg7STEsN6aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0YzkzYWIzNjRjODc4MzJlNzc3NjIyNmVlZTZjMTMxZGJl MTUzYmIwHhcNMjYwMTAyMDIxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDhkNTcyYjk0OTllMmU5YzVkYTBiMTQyY2UxNWQ4OWZhNDkwMWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurRafSvTJjxcJ5brldZFDMmEOvLF NzH20poXFL9u29OqczS4iKV6nsBZJ1k/mtG3eLmBdKV7IrI9HNZAK0B+d/4jSGAA /GdBi1wSb7oEH8QbxgSkKEMnCiKtPEIYPMm9VIDuedeqfcQKu510qfhQzZOlsMth XqtSawdA4oMxJG2YP4p1hbhpusB33XhDfxFdxW17w6T9LbnNur85sCowuPa28nC4 3/tM0YFz6ALt4+0BVx92i3RaV6FLTIh3phH5nUkKpUSKlOTNfAxxSBuxkhRK3AEd z4SIwscaWxR25BE5nDN7VyKkWNbDlcNSKXBFaS8RUacnm8R8aNLFXqDE+wIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFJSNVyuUmeLpxdoLFCzhXYn6SQGiMB8GA1UdIwQY MBaAFKTJOrNkyHgy53diJu7mwTHb4VO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEt ZTI1MzNjZGQyNWFmLzEvbEkxWEs1U1o0dW5GMmdzVUxPRmRpZnBKQWFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEtZTI1MzNjZGQyNWFm LzEvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBSwgAwQD sBxQAwQCuTSAMA0EAgACMAcDBQMqBMhAMA0GCSqGSIb3DQEBCwUAA4IBAQBTxUcy ViGcY/TgQoOZAq48Oh/j27TF/iGFWhe/4XnX4t/GsywOqfY2hbmGtynNBjcDk0+j lsfHARRj35NjIbAhvjLsSdXhZhsp0OJu6DCGsfupJgYsMMgspBh6NO9u7vtaeFhp k80jqzqWcu1t/4ylvSJIzOdQH+hkeqllqZc1I2E7D31+ku3JsAu9sWSciXznXUgG /EbFEG7cM/VX6HTW7GqZZQ3eDlMEbFoc1sywlWaHlXtdEcBleyKfaII39ER0ZsLP LGjQlY30BpcyQQ5313P2SYzjTcwj2um5OTNEPqclKMLO3jS7v7gATbiOLYhCZXP4 BLC6P5MDrwVEGgES -----END CERTIFICATE-----Generated at Mon Jan 26 16:22:10 2026 by rpki-client