This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/tw9opvf0Dc5mqTovtjfu2Csg6vo.roa File: tw9opvf0Dc5mqTovtjfu2Csg6vo.roa (raw, json) Hash identifier: /sxGcP7rnMogpd9PU079PAunh+PKIDCxrO0qaczcWVs= Subject key identifier: B7:0F:68:A6:F7:F4:0D:CE:66:A9:3A:2F:B6:37:EE:D8:2B:20:EA:FA Certificate issuer: /CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b Certificate serial: 019B7F147E09F30ED966FEE262C1933AE979 Authority key identifier: CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/tw9opvf0Dc5mqTovtjfu2Csg6vo.roa Signing time: Fri 02 Jan 2026 14:20:07 +0000 ROA not before: Fri 02 Jan 2026 14:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44244 IP address blocks: 2.144.0.0/16 maxlen: 24 2.145.0.0/16 maxlen: 24 2.146.0.0/16 maxlen: 24 2.147.0.0/16 maxlen: 24 5.112.0.0/16 maxlen: 24 5.113.0.0/16 maxlen: 24 5.114.0.0/16 maxlen: 24 5.115.0.0/16 maxlen: 24 5.116.0.0/16 maxlen: 24 5.117.0.0/16 maxlen: 24 5.119.0.0/16 maxlen: 24 5.120.0.0/16 maxlen: 24 5.121.0.0/16 maxlen: 24 5.122.0.0/16 maxlen: 24 5.123.0.0/16 maxlen: 24 5.124.0.0/16 maxlen: 24 5.125.0.0/16 maxlen: 24 5.126.0.0/16 maxlen: 24 5.127.0.0/16 maxlen: 24 92.42.48.0/21 maxlen: 24 2a01:5ec0::/36 maxlen: 37 2a01:5ec0:1000::/36 maxlen: 37 2a01:5ec0:2000::/36 maxlen: 37 2a01:5ec0:3000::/36 maxlen: 37 2a01:5ec0:4000::/36 maxlen: 37 2a01:5ec0:5000::/36 maxlen: 37 2a01:5ec0:6000::/36 maxlen: 37 2a01:5ec0:7000::/36 maxlen: 37 2a01:5ec0:8000::/36 maxlen: 37 2a01:5ec0:9000::/36 maxlen: 37 2a01:5ec0:a000::/36 maxlen: 37 2a01:5ec0:b000::/36 maxlen: 37 2a01:5ec0:c000::/36 maxlen: 37 2a01:5ec0:d000::/36 maxlen: 37 2a01:5ec0:e000::/36 maxlen: 37 2a01:5ec1::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.mft rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:7e:09:f3:0e:d9:66:fe:e2:62:c1:93:3a:e9:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf5567122a88ca9889a1798b6c942dcc0cbc753b Validity Not Before: Jan 2 14:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b70f68a6f7f40dce66a93a2fb637eed82b20eafa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:71:a7:fe:93:f9:37:77:6e:15:71:f1:ce:5f: 11:81:5c:8b:bd:c3:45:a7:2b:f6:57:2a:f0:51:a7: 3c:28:af:7b:ec:a9:c9:ce:f2:a7:da:00:b9:18:96: d4:b5:8b:92:3a:a7:08:f9:cd:ba:a1:40:e5:fd:7b: 37:98:44:95:86:a5:7e:93:45:17:45:8e:00:48:ae: cd:1f:5a:ef:64:b1:f6:00:06:c0:af:5f:18:86:67: f4:b2:86:3d:43:b5:00:7a:32:93:88:7a:4c:91:b0: fb:17:24:98:b3:4f:5e:41:d3:77:c3:a9:21:4b:bf: d2:4a:7f:50:fb:1f:c6:d0:41:36:60:d1:d3:5f:74: 83:90:96:89:54:b7:bb:7f:c6:10:8c:09:9b:ad:dc: 98:54:42:15:89:71:1e:96:0f:04:fa:e6:95:63:4e: 04:b2:0c:80:0f:08:45:02:6e:ca:aa:cd:3e:39:06: 32:3a:61:51:ee:bd:6d:91:d5:9d:b0:89:6a:26:7b: 6c:ed:88:5f:55:f1:7e:df:f8:0f:e5:00:27:ef:f0: 6b:fe:c3:93:a7:58:a9:0b:f8:8c:82:79:56:86:2a: b3:8c:8e:c2:4c:4b:da:f1:24:71:78:7f:57:0f:28: 9c:78:4f:a0:74:43:b2:09:bf:02:77:0e:75:4d:48: 33:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:0F:68:A6:F7:F4:0D:CE:66:A9:3A:2F:B6:37:EE:D8:2B:20:EA:FA X509v3 Authority Key Identifier: keyid:CF:55:67:12:2A:88:CA:98:89:A1:79:8B:6C:94:2D:CC:0C:BC:75:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1VnEiqIypiJoXmLbJQtzAy8dTs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/tw9opvf0Dc5mqTovtjfu2Csg6vo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0a97f1-7bf5-4368-8260-8d715ac217e2/1/z1VnEiqIypiJoXmLbJQtzAy8dTs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.144.0.0/14 5.112.0.0-5.117.255.255 5.119.0.0-5.127.255.255 92.42.48.0/21 IPv6: 2a01:5ec0::-2a01:5ec0:efff:ffff:ffff:ffff:ffff:ffff 2a01:5ec1::/36 Signature Algorithm: sha256WithRSAEncryption 9b:e8:c5:de:11:4a:db:53:21:a2:db:51:85:05:ad:8e:b9:e6: 0e:17:6c:0c:06:fa:e8:ba:b1:f6:78:50:7a:96:e8:0d:0b:93: c1:30:28:bf:20:31:b3:5a:dc:5c:ad:de:8b:0e:4c:88:2d:6e: 28:47:2e:61:c4:e2:76:ba:99:88:0e:cc:57:7d:66:3d:19:ef: 8c:b0:53:3a:36:f5:44:38:18:2a:bc:ed:1b:e7:e0:ea:78:76: 75:b7:3d:22:6c:4f:e0:76:93:71:77:9b:5f:b8:37:f0:ef:85: 50:00:41:bf:4a:07:42:86:a9:2f:c8:c8:00:2d:98:60:c8:69: 85:f7:73:7b:92:bf:73:97:09:f8:f4:91:3f:32:fd:11:4c:5b: b9:eb:6e:74:e6:35:2a:cc:ce:a6:fb:c9:0d:85:03:3b:b1:90: e0:44:fa:95:c0:db:0c:84:0b:e5:87:c0:3a:b0:9a:2c:af:7a: 02:d2:7f:ca:8f:11:e1:df:cc:f7:e1:64:cf:4f:7b:1e:58:dc: 94:31:0d:8e:0f:4c:85:ad:09:aa:9b:ac:b3:93:d2:82:78:54: de:67:fc:05:78:91:ff:f4:14:33:6d:46:d2:24:2c:59:d9:76: 85:08:b6:9d:cd:70:b1:4b:e0:50:21:e2:c9:c9:03:85:5f:bd: 07:a8:fc:b1 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgISAZt/FH4J8w7ZZv7iYsGTOul5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNTU2NzEyMmE4OGNhOTg4OWExNzk4YjZjOTQyZGNjMGNi Yzc1M2IwHhcNMjYwMTAyMTQyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNzBmNjhhNmY3ZjQwZGNlNjZhOTNhMmZiNjM3ZWVkODJiMjBlYWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XGn/pP5N3duFXHxzl8RgVyLvcNF pyv2VyrwUac8KK977KnJzvKn2gC5GJbUtYuSOqcI+c26oUDl/Xs3mESVhqV+k0UX RY4ASK7NH1rvZLH2AAbAr18Yhmf0soY9Q7UAejKTiHpMkbD7FySYs09eQdN3w6kh S7/SSn9Q+x/G0EE2YNHTX3SDkJaJVLe7f8YQjAmbrdyYVEIViXEelg8E+uaVY04E sgyADwhFAm7Kqs0+OQYyOmFR7r1tkdWdsIlqJnts7YhfVfF+3/gP5QAn7/Br/sOT p1ipC/iMgnlWhiqzjI7CTEva8SRxeH9XDyiceE+gdEOyCb8Cdw51TUgzxwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFLcPaKb39A3OZqk6L7Y37tgrIOr6MB8GA1UdIwQY MBaAFM9VZxIqiMqYiaF5i2yULcwMvHU7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAt OGQ3MTVhYzIxN2UyLzEvdHc5b3B2ZjBEYzVtcVRvdnRqZnUyQ3NnNnZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS8wYTk3ZjEtN2JmNS00MzY4LTgyNjAtOGQ3MTVhYzIxN2Uy LzEvejFWbkVpcUl5cGlKb1htTGJKUXR6QXk4ZFRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDApBAIAATAjAwMCApAwCgMD BAVwAwMBBXQwCgMDAAV3AwMHBQADBANcKjAwHwQCAAIwGTAPAwUGKgFewAMGBCoB XsDgAwYEKgFewQAwDQYJKoZIhvcNAQELBQADggEBAJvoxd4RSttTIaLbUYUFrY65 5g4XbAwG+ui6sfZ4UHqW6A0Lk8EwKL8gMbNa3Fyt3osOTIgtbihHLmHE4na6mYgO zFd9Zj0Z74ywUzo29UQ4GCq87Rvn4Op4dnW3PSJsT+B2k3F3m1+4N/DvhVAAQb9K B0KGqS/IyAAtmGDIaYX3c3uSv3OXCfj0kT8y/RFMW7nrbnTmNSrMzqb7yQ2FAzux kOBE+pXA2wyEC+WHwDqwmiyvegLSf8qPEeHfzPfhZM9Pex5Y3JQxDY4PTIWtCaqb rLOT0oJ4VN5n/AV4kf/0FDNtRtIkLFnZdoUItp3NcLFL4FAh4snJA4VfvQeo/LE= -----END CERTIFICATE-----Generated at Mon Jan 26 02:32:04 2026 by rpki-client