This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/Q5QFyvH5Bbx0j8jkhgedU-fc-NM.roa File: Q5QFyvH5Bbx0j8jkhgedU-fc-NM.roa (raw, json) Hash identifier: lyAyMIyfdC6/ghh0Pw2Rpm066Dbv/7GlUnb7YRvqq/E= Subject key identifier: 43:94:05:CA:F1:F9:05:BC:74:8F:C8:E4:86:07:9D:53:E7:DC:F8:D3 Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e Certificate serial: 019BDA2D518242E0793597205A323C14B248 Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/Q5QFyvH5Bbx0j8jkhgedU-fc-NM.roa Signing time: Tue 20 Jan 2026 06:52:41 +0000 ROA not before: Tue 20 Jan 2026 06:52:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44051 IP address blocks: 2.58.64.0/24 maxlen: 24 2.58.65.0/24 maxlen: 24 2.58.66.0/24 maxlen: 24 2.58.67.0/24 maxlen: 24 5.187.0.0/24 maxlen: 24 5.187.1.0/24 maxlen: 24 5.187.2.0/24 maxlen: 24 5.187.3.0/24 maxlen: 24 5.187.4.0/24 maxlen: 24 5.187.5.0/24 maxlen: 24 5.187.6.0/24 maxlen: 24 5.187.7.0/24 maxlen: 24 31.172.68.0/24 maxlen: 24 31.172.70.0/24 maxlen: 24 31.172.71.0/24 maxlen: 24 31.172.72.0/24 maxlen: 24 31.172.73.0/24 maxlen: 24 31.172.75.0/24 maxlen: 24 31.172.77.0/24 maxlen: 24 79.132.136.0/24 maxlen: 24 79.132.138.0/24 maxlen: 24 79.132.140.0/24 maxlen: 24 79.132.142.0/24 maxlen: 24 79.132.143.0/24 maxlen: 24 91.228.152.0/24 maxlen: 24 91.228.153.0/24 maxlen: 24 91.228.154.0/24 maxlen: 24 91.228.155.0/24 maxlen: 24 103.75.124.0/24 maxlen: 24 103.75.127.0/24 maxlen: 24 103.228.168.0/24 maxlen: 24 103.228.169.0/24 maxlen: 24 103.228.170.0/24 maxlen: 24 103.228.171.0/24 maxlen: 24 162.248.160.0/24 maxlen: 24 162.248.164.0/24 maxlen: 24 162.248.165.0/24 maxlen: 24 162.248.166.0/24 maxlen: 24 162.248.167.0/24 maxlen: 24 185.21.8.0/24 maxlen: 24 185.44.206.0/24 maxlen: 24 185.44.207.0/24 maxlen: 24 195.26.237.0/24 maxlen: 24 212.2.234.0/24 maxlen: 24 212.2.235.0/24 maxlen: 24 2a02:6b40::/32 maxlen: 32 2a02:6b40::/48 maxlen: 48 2a02:6b40:1::/48 maxlen: 48 2a02:6b40:1000::/48 maxlen: 48 2a02:6b40:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:da:2d:51:82:42:e0:79:35:97:20:5a:32:3c:14:b2:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e Validity Not Before: Jan 20 06:52:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=439405caf1f905bc748fc8e486079d53e7dcf8d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c4:3c:80:fc:48:ee:92:c9:e9:c9:6b:59:63: bc:14:3f:8e:52:2c:1b:79:8e:33:6b:be:c9:3e:d9: 98:56:36:2b:53:a5:2d:8a:69:d9:c1:ff:04:33:16: fb:c3:8e:be:85:06:cc:54:91:84:8f:f4:81:37:be: 03:4e:82:14:34:cb:7d:ff:b2:42:ac:d7:00:b3:7c: 15:39:8c:29:e8:fa:e3:25:fd:f1:e7:5f:fd:46:94: c8:7f:06:09:f0:5b:df:98:f8:70:39:8d:57:1b:8b: e9:fe:97:f5:55:df:63:0e:ee:35:1c:40:64:9c:f2: 17:c2:97:4a:2d:a5:95:8f:d4:bf:50:16:1f:cc:a7: 96:3f:50:b8:7f:98:c0:eb:a2:c7:db:95:d5:c9:69: f0:7f:37:39:37:64:04:52:7e:cb:d3:e6:bf:88:d6: 6d:b0:81:30:c3:38:9a:3b:c6:80:8a:11:2c:0d:87: 42:92:c0:88:e7:ab:99:65:3c:5d:19:9f:b2:df:97: 1d:c3:df:ca:a4:5f:a9:80:95:74:fe:ba:42:e0:82: f9:b5:71:d2:b4:02:31:29:6c:68:fa:55:a4:51:ca: 0b:3b:2e:a2:10:71:cf:d4:df:c7:68:1e:84:c8:fe: 27:00:4b:25:7c:01:8f:43:2d:43:8b:80:ca:94:cd: a5:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:94:05:CA:F1:F9:05:BC:74:8F:C8:E4:86:07:9D:53:E7:DC:F8:D3 X509v3 Authority Key Identifier: keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/Q5QFyvH5Bbx0j8jkhgedU-fc-NM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.64.0/22 5.187.0.0/21 31.172.68.0/24 31.172.70.0-31.172.73.255 31.172.75.0/24 31.172.77.0/24 79.132.136.0/24 79.132.138.0/24 79.132.140.0/24 79.132.142.0/23 91.228.152.0/22 103.75.124.0/24 103.75.127.0/24 103.228.168.0/22 162.248.160.0/24 162.248.164.0/22 185.21.8.0/24 185.44.206.0/23 195.26.237.0/24 212.2.234.0/23 IPv6: 2a02:6b40::/32 Signature Algorithm: sha256WithRSAEncryption 4b:56:35:67:79:d0:e0:e7:07:14:b9:cb:08:25:7b:59:84:3f: 89:b5:e3:3b:49:46:07:3f:55:12:0d:f9:2b:86:33:b8:12:d7: 2c:8b:c5:31:a3:22:6a:21:26:33:ca:58:82:f7:4c:b0:7a:dd: b2:56:ae:5b:f3:2c:52:e0:f8:5a:59:4f:f2:b3:06:90:b1:80: 6c:a7:47:08:2e:ce:c4:7c:39:0e:43:49:8a:b3:fd:e2:f5:7c: 78:e5:07:ac:53:6e:82:6f:4e:e9:5a:9f:a0:23:2d:56:59:88: 89:50:b0:9a:3b:f2:2f:d3:09:a2:c1:62:b5:61:77:f0:f5:b8: 70:5b:77:b9:05:27:62:e9:3c:93:ab:8c:d1:6e:ca:d9:e3:37: ff:20:ce:e9:ed:ea:5b:2c:1d:95:cf:77:7c:2a:c1:e1:e5:a9: 63:60:1d:a0:5c:39:2c:a1:90:f5:4c:27:50:91:57:d9:79:8f: 8c:18:36:02:d0:97:f8:54:24:ec:df:25:20:05:bb:71:46:2c: 19:4a:b7:cf:85:a8:4d:d6:ef:62:e5:c4:30:b3:ac:62:0b:81: a9:62:0d:92:2e:c6:59:57:d4:68:9c:66:96:41:26:90:6a:9f: ea:17:b3:e6:e6:50:90:8f:50:60:6b:b8:f9:ad:fe:b5:b3:4a: 68:3a:02:e9 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgISAZvaLVGCQuB5NZcgWjI8FLJIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1 ZDAwN2UwHhcNMjYwMTIwMDY1MjQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Mzk0MDVjYWYxZjkwNWJjNzQ4ZmM4ZTQ4NjA3OWQ1M2U3ZGNmOGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusQ8gPxI7pLJ6clrWWO8FD+OUiwb eY4za77JPtmYVjYrU6UtimnZwf8EMxb7w46+hQbMVJGEj/SBN74DToIUNMt9/7JC rNcAs3wVOYwp6PrjJf3x51/9RpTIfwYJ8FvfmPhwOY1XG4vp/pf1Vd9jDu41HEBk nPIXwpdKLaWVj9S/UBYfzKeWP1C4f5jA66LH25XVyWnwfzc5N2QEUn7L0+a/iNZt sIEwwziaO8aAihEsDYdCksCI56uZZTxdGZ+y35cdw9/KpF+pgJV0/rpC4IL5tXHS tAIxKWxo+lWkUcoLOy6iEHHP1N/HaB6EyP4nAEslfAGPQy1Di4DKlM2l5QIDAQAB o4IClzCCApMwHQYDVR0OBBYEFEOUBcrx+QW8dI/I5IYHnVPn3PjTMB8GA1UdIwQY MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt MWZiYzY0MWI1MGIxLzEvUTVRRnl2SDVCYngwajhqa2hnZWRVLWZjLU5NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAIC OkADBAMFuwADBAAfrEQwDAMEAR+sRgMEAR+sSAMEAB+sSwMEAB+sTQMEAE+EiAME AE+EigMEAE+EjAMEAU+EjgMEAlvkmAMEAGdLfAMEAGdLfwMEAmfkqAMEAKL4oAME AqL4pAMEALkVCAMEAbkszgMEAMMa7QMEAdQC6jANBAIAAjAHAwUAKgJrQDANBgkq hkiG9w0BAQsFAAOCAQEAS1Y1Z3nQ4OcHFLnLCCV7WYQ/ibXjO0lGBz9VEg35K4Yz uBLXLIvFMaMiaiEmM8pYgvdMsHrdslauW/MsUuD4WllP8rMGkLGAbKdHCC7OxHw5 DkNJirP94vV8eOUHrFNugm9O6VqfoCMtVlmIiVCwmjvyL9MJosFitWF38PW4cFt3 uQUnYuk8k6uM0W7K2eM3/yDO6e3qWywdlc93fCrB4eWpY2AdoFw5LKGQ9UwnUJFX 2XmPjBg2AtCX+FQk7N8lIAW7cUYsGUq3z4WoTdbvYuXEMLOsYguBqWINki7GWVfU aJxmlkEmkGqf6hez5uZQkI9QYGu4+a3+tbNKaDoC6Q== -----END CERTIFICATE-----Generated at Sun Jan 25 19:19:41 2026 by rpki-client