This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/aI-ahOCwvF9dDyH09tBe3WnKiGg.roa File: aI-ahOCwvF9dDyH09tBe3WnKiGg.roa (raw, json) Hash identifier: W4z3ROiXmDdwVFy1xkMGSOsTs29f9yswRvpywgw4Gjk= Subject key identifier: 68:8F:9A:84:E0:B0:BC:5F:5D:0F:21:F4:F6:D0:5E:DD:69:CA:88:68 Certificate issuer: /CN=845c58752f3336422ff0ee1726474591e7a41e5f Certificate serial: 019B7FF0632F7FA29E4E6251ED5342E2E6D1 Authority key identifier: 84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/aI-ahOCwvF9dDyH09tBe3WnKiGg.roa Signing time: Fri 02 Jan 2026 18:20:19 +0000 ROA not before: Fri 02 Jan 2026 18:20:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34624 IP address blocks: 31.170.192.0/19 maxlen: 24 46.253.16.0/20 maxlen: 24 86.105.240.0/24 maxlen: 24 86.107.191.0/24 maxlen: 24 89.33.16.0/24 maxlen: 24 89.35.2.0/23 maxlen: 24 89.35.2.0/24 maxlen: 24 89.35.174.0/23 maxlen: 24 89.40.134.0/23 maxlen: 24 89.191.64.0/19 maxlen: 24 93.115.33.0/24 maxlen: 24 193.238.60.0/22 maxlen: 24 2a00:1930::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.mft rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:63:2f:7f:a2:9e:4e:62:51:ed:53:42:e2:e6:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=845c58752f3336422ff0ee1726474591e7a41e5f Validity Not Before: Jan 2 18:20:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=688f9a84e0b0bc5f5d0f21f4f6d05edd69ca8868 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ff:07:0a:9d:c7:9b:dd:e3:bf:be:50:90:2c: 00:00:d3:9d:bd:57:b5:01:2e:0e:36:2e:75:d7:be: 11:ce:82:1d:dd:15:1e:d4:a5:0c:b5:b6:00:43:9b: 2d:3b:44:7e:a1:a5:7d:c7:9e:2d:c9:b5:88:52:99: fb:ee:24:aa:3c:e5:e0:69:e8:7e:b5:88:7e:4a:17: 95:6b:3a:bc:52:5c:f4:57:59:a3:ab:d0:99:b6:ed: 25:b4:bf:3b:eb:4a:8b:c6:5b:2f:f5:ee:4b:41:fb: 49:b4:df:f9:25:61:92:a6:b6:b0:da:cd:a8:4d:13: a9:04:5e:dc:87:10:2f:61:2a:a9:f1:71:a9:ea:34: 11:6a:32:7a:f2:f7:14:bb:5b:4e:b6:95:32:db:25: 39:4f:00:e2:c7:5a:d1:75:7f:0d:1e:02:9b:b2:94: 0c:41:20:ff:78:c0:d0:4c:4b:28:3b:f4:9c:91:7c: 3d:e4:7f:ad:66:34:38:a0:e2:68:e6:86:cb:b2:b5: 6d:27:f2:70:61:62:4e:5a:4f:96:12:b4:d2:09:2c: fa:cb:e1:ca:f9:fe:de:ea:bf:64:a9:99:b3:d9:6d: 0d:86:c9:a5:22:2d:12:36:9c:ee:0b:0c:09:ec:5f: f4:a5:10:44:15:99:03:43:15:ef:16:54:84:1a:cb: 68:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:8F:9A:84:E0:B0:BC:5F:5D:0F:21:F4:F6:D0:5E:DD:69:CA:88:68 X509v3 Authority Key Identifier: keyid:84:5C:58:75:2F:33:36:42:2F:F0:EE:17:26:47:45:91:E7:A4:1E:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFxYdS8zNkIv8O4XJkdFkeekHl8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/aI-ahOCwvF9dDyH09tBe3WnKiGg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e3ab-228c-4a23-9216-f134e51cc05b/1/hFxYdS8zNkIv8O4XJkdFkeekHl8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.170.192.0/19 46.253.16.0/20 86.105.240.0/24 86.107.191.0/24 89.33.16.0/24 89.35.2.0/23 89.35.174.0/23 89.40.134.0/23 89.191.64.0/19 93.115.33.0/24 193.238.60.0/22 IPv6: 2a00:1930::/32 Signature Algorithm: sha256WithRSAEncryption b3:d9:66:68:e7:c6:37:23:24:0a:13:0a:1d:85:f6:38:99:68: b1:46:c4:50:1d:6b:d1:11:7c:5a:3a:ed:7b:bb:53:1b:d0:41: 8b:8e:00:b3:b5:48:e7:3f:e8:47:1a:53:4d:39:6e:33:4e:3c: aa:97:7d:3d:8d:72:ed:ec:38:01:91:84:6f:13:f0:0e:f7:ce: cc:0e:e1:03:eb:72:82:d0:8b:38:63:0d:2d:11:77:e8:66:b8: ea:9b:a6:3b:18:db:39:7e:fe:b1:88:1c:10:f4:ff:fb:0d:6b: b6:59:86:2d:f7:8d:3d:87:d6:d8:d6:2a:15:51:b4:4e:1a:2a: e1:31:c1:71:ce:98:b5:3c:a8:77:9d:6c:49:75:13:c9:20:ce: 06:cb:1e:2a:9d:a2:6a:59:02:19:04:03:79:d9:ef:97:97:f9: 3d:ff:95:a8:9b:86:08:aa:2f:8b:7a:b6:fe:45:5a:d8:b5:42: 9d:25:ee:37:29:72:89:e4:ca:19:ca:12:94:f0:b1:1d:38:14: 69:a7:00:bf:67:8b:27:f6:9f:c4:73:a5:1c:ba:c2:88:40:2d: 18:b5:51:e8:46:da:67:f1:ab:51:23:c7:24:13:47:07:5f:b7: f5:ee:23:76:4e:90:4f:63:18:a4:6d:c1:76:9b:07:95:90:22: 17:53:9f:d4 -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgISAZt/8GMvf6KeTmJR7VNC4ubRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NWM1ODc1MmYzMzM2NDIyZmYwZWUxNzI2NDc0NTkxZTdh NDFlNWYwHhcNMjYwMTAyMTgyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODhmOWE4NGUwYjBiYzVmNWQwZjIxZjRmNmQwNWVkZDY5Y2E4ODY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/8HCp3Hm93jv75QkCwAANOdvVe1 AS4ONi51174RzoId3RUe1KUMtbYAQ5stO0R+oaV9x54tybWIUpn77iSqPOXgaeh+ tYh+SheVazq8Ulz0V1mjq9CZtu0ltL8760qLxlsv9e5LQftJtN/5JWGSpraw2s2o TROpBF7chxAvYSqp8XGp6jQRajJ68vcUu1tOtpUy2yU5TwDix1rRdX8NHgKbspQM QSD/eMDQTEsoO/SckXw95H+tZjQ4oOJo5obLsrVtJ/JwYWJOWk+WErTSCSz6y+HK +f7e6r9kqZmz2W0NhsmlIi0SNpzuCwwJ7F/0pRBEFZkDQxXvFlSEGstoXwIDAQAB o4ICVDCCAlAwHQYDVR0OBBYEFGiPmoTgsLxfXQ8h9PbQXt1pyohoMB8GA1UdIwQY MBaAFIRcWHUvMzZCL/DuFyZHRZHnpB5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYt ZjEzNGU1MWNjMDViLzEvYUktYWhPQ3d2RjlkRHlIMDl0QmUzV25LaUdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS82NGUzYWItMjI4Yy00YTIzLTkyMTYtZjEzNGU1MWNjMDVi LzEvaEZ4WWRTOHpOa0l2OE80WEprZEZrZWVrSGw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQFH6rAAwQE Lv0QAwQAVmnwAwQAVmu/AwQAWSEQAwQBWSMCAwQBWSOuAwQBWSiGAwQFWb9AAwQA XXMhAwQCwe48MA0EAgACMAcDBQAqABkwMA0GCSqGSIb3DQEBCwUAA4IBAQCz2WZo 58Y3IyQKEwodhfY4mWixRsRQHWvREXxaOu17u1Mb0EGLjgCztUjnP+hHGlNNOW4z Tjyql309jXLt7DgBkYRvE/AO987MDuED63KC0Is4Yw0tEXfoZrjqm6Y7GNs5fv6x iBwQ9P/7DWu2WYYt9409h9bY1ioVUbROGirhMcFxzpi1PKh3nWxJdRPJIM4Gyx4q naJqWQIZBAN52e+Xl/k9/5Wom4YIqi+Lerb+RVrYtUKdJe43KXKJ5MoZyhKU8LEd OBRppwC/Z4sn9p/Ec6UcusKIQC0YtVHoRtpn8atRI8ckE0cHX7f17iN2TpBPYxik bcF2mweVkCIXU5/U -----END CERTIFICATE-----Generated at Mon Jan 26 08:21:16 2026 by rpki-client