This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/PONcyMXXHXmic_X-1JQkIHiL7RQ.roa File: PONcyMXXHXmic_X-1JQkIHiL7RQ.roa (raw, json) Hash identifier: bNlWZk13v7v2Ir/cn7yeztAmiMq+0QF9OeWKUb72sIk= Subject key identifier: 3C:E3:5C:C8:C5:D7:1D:79:A2:73:F5:FE:D4:94:24:20:78:8B:ED:14 Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e Certificate serial: 019B7D5B52906266C785CB1565D2BEE122C8 Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/PONcyMXXHXmic_X-1JQkIHiL7RQ.roa Signing time: Fri 02 Jan 2026 06:18:15 +0000 ROA not before: Fri 02 Jan 2026 06:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42632 IP address blocks: 77.220.160.0/23 maxlen: 23 77.220.164.0/22 maxlen: 23 77.220.168.0/22 maxlen: 23 77.220.172.0/23 maxlen: 23 77.220.174.0/23 maxlen: 23 77.220.176.0/21 maxlen: 24 77.220.180.0/24 maxlen: 24 77.220.184.0/21 maxlen: 21 83.222.96.0/22 maxlen: 22 83.222.100.0/22 maxlen: 22 83.222.104.0/22 maxlen: 22 83.222.108.0/22 maxlen: 22 83.222.112.0/22 maxlen: 22 83.222.116.0/22 maxlen: 22 146.255.192.0/22 maxlen: 23 146.255.196.0/24 maxlen: 24 146.255.197.0/24 maxlen: 24 146.255.198.0/23 maxlen: 24 146.255.200.0/23 maxlen: 23 146.255.200.0/24 maxlen: 24 146.255.201.0/24 maxlen: 24 176.58.32.0/22 maxlen: 23 176.58.36.0/23 maxlen: 23 176.58.40.0/24 maxlen: 24 176.58.62.0/23 maxlen: 23 212.76.128.0/21 maxlen: 23 212.76.136.0/21 maxlen: 23 212.76.144.0/22 maxlen: 22 212.76.152.0/22 maxlen: 24 212.76.156.0/22 maxlen: 22 2a02:878:1::/48 maxlen: 48 2a02:878:2::/48 maxlen: 48 2a02:878:a::/48 maxlen: 48 2a02:878:10::/48 maxlen: 48 2a02:878:a801::/48 maxlen: 48 2a02:878:a80e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.mft rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:52:90:62:66:c7:85:cb:15:65:d2:be:e1:22:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e Validity Not Before: Jan 2 06:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ce35cc8c5d71d79a273f5fed4942420788bed14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:44:11:04:7b:93:f2:a8:af:d4:13:22:18:2f: 02:80:f1:a3:e1:f4:d6:d4:4d:31:a7:62:48:1c:be: 8a:de:45:71:76:c8:76:2a:f5:a6:0c:26:5b:58:0a: d1:a1:9f:7a:36:42:08:00:c9:6f:ec:e3:b7:a7:98: 9a:7a:9b:af:7b:cb:56:cb:4b:5f:3d:48:1b:3e:2a: c8:d5:a4:6a:e9:75:1c:73:23:21:e5:f0:79:30:39: 04:75:fc:b7:14:c5:e4:c9:5b:b4:b0:b7:18:04:0a: 90:a0:b8:ee:75:90:4c:c3:bd:a9:f5:07:25:d8:43: 79:6d:eb:f0:b3:53:ef:2f:a0:c2:9a:d4:df:e2:d9: cf:8a:63:7a:8e:6f:19:3d:c6:60:6d:a8:e5:45:19: 6d:1b:23:68:44:51:53:77:fd:b9:73:5d:59:53:bb: 46:12:fc:c4:ba:3a:de:48:fd:63:25:55:b8:77:30: a6:12:8d:5a:6d:f3:ab:47:b7:c8:d0:a6:5a:a4:ab: 1f:b5:f7:55:c0:cb:39:31:83:be:8c:ae:2f:71:97: 46:de:f1:ab:41:a9:c8:3e:00:b4:2c:c1:ed:06:d7: 85:9e:36:b5:7d:ce:26:ee:03:d5:7e:89:ab:b3:88: e2:aa:42:e1:8a:8b:11:4f:33:99:4e:84:da:5f:8b: f4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:E3:5C:C8:C5:D7:1D:79:A2:73:F5:FE:D4:94:24:20:78:8B:ED:14 X509v3 Authority Key Identifier: keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/PONcyMXXHXmic_X-1JQkIHiL7RQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.220.160.0/23 77.220.164.0-77.220.191.255 83.222.96.0-83.222.119.255 146.255.192.0-146.255.201.255 176.58.32.0-176.58.37.255 176.58.40.0/24 176.58.62.0/23 212.76.128.0-212.76.147.255 212.76.152.0/21 IPv6: 2a02:878:1::-2a02:878:2:ffff:ffff:ffff:ffff:ffff 2a02:878:a::/48 2a02:878:10::/48 2a02:878:a801::/48 2a02:878:a80e::/48 Signature Algorithm: sha256WithRSAEncryption a4:da:ce:da:07:a4:e3:e1:c9:dd:6b:0b:0b:09:b3:c9:39:74: 5b:20:e5:07:d6:b5:cb:44:ab:94:4a:d5:85:df:37:29:d3:cb: f6:7f:43:56:e3:84:54:7a:2a:49:cf:0e:5b:2f:5c:f5:74:11: 19:88:61:43:9e:2c:88:bf:e4:f2:c5:79:a1:59:c4:00:33:90: c5:67:76:54:d6:73:47:c6:e9:30:74:2c:ad:b7:ce:eb:76:bb: 3a:18:7a:b8:f0:19:eb:be:df:ff:ce:98:08:f4:47:41:1a:69: d2:b6:c9:0f:0a:6f:a6:7c:29:71:bf:0c:7f:c2:86:8c:8e:6e: 57:e7:a9:8a:72:6a:22:be:0a:5e:c5:bc:bd:d9:ea:46:01:aa: 71:2b:36:1d:92:4a:81:73:f5:e2:82:dc:89:7d:8f:26:ca:fd: 50:22:92:af:45:3a:94:c7:98:bb:fa:b9:b7:1f:b4:a1:15:60: bb:85:78:c5:6d:4a:2c:ff:50:eb:46:b0:0d:27:6c:4a:28:5d: b2:f3:d3:4e:7c:ba:28:0f:0e:55:9b:e0:e6:11:42:4f:f9:c2: df:4c:ac:9b:96:20:ae:fd:51:b1:50:41:19:09:ef:a4:c5:21: 1f:b8:6f:94:48:96:8d:77:45:2a:26:e6:4c:5a:90:58:c2:a5: f9:ea:18:8b -----BEGIN CERTIFICATE----- MIIFmDCCBICgAwIBAgISAZt9W1KQYmbHhcsVZdK+4SLIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj MjAzMmUwHhcNMjYwMTAyMDYxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzY2UzNWNjOGM1ZDcxZDc5YTI3M2Y1ZmVkNDk0MjQyMDc4OGJlZDE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UQRBHuT8qiv1BMiGC8CgPGj4fTW 1E0xp2JIHL6K3kVxdsh2KvWmDCZbWArRoZ96NkIIAMlv7OO3p5iaepuve8tWy0tf PUgbPirI1aRq6XUccyMh5fB5MDkEdfy3FMXkyVu0sLcYBAqQoLjudZBMw72p9Qcl 2EN5bevws1PvL6DCmtTf4tnPimN6jm8ZPcZgbajlRRltGyNoRFFTd/25c11ZU7tG EvzEujreSP1jJVW4dzCmEo1abfOrR7fI0KZapKsftfdVwMs5MYO+jK4vcZdG3vGr QanIPgC0LMHtBteFnja1fc4m7gPVfomrs4jiqkLhiosRTzOZToTaX4v0kwIDAQAB o4ICpDCCAqAwHQYDVR0OBBYEFDzjXMjF1x15onP1/tSUJCB4i+0UMB8GA1UdIwQY MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct OWUyMjBmMDRhOTAxLzEvUE9OY3lNWFhIWG1pY19YLTFKUWtJSGlMN1JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjBkBAIAATBeAwQBTdyg MAwDBAJN3KQDBAZN3IAwDAMEBVPeYAMEA1PecDAMAwQGkv/AAwQBkv/IMAwDBAWw OiADBAGwOiQDBACwOigDBAGwOj4wDAMEB9RMgAMEAtRMkAMEA9RMmDA+BAIAAjA4 MBIDBwAqAgh4AAEDBwAqAgh4AAIDBwAqAgh4AAoDBwAqAgh4ABADBwAqAgh4qAED BwAqAgh4qA4wDQYJKoZIhvcNAQELBQADggEBAKTaztoHpOPhyd1rCwsJs8k5dFsg 5QfWtctEq5RK1YXfNynTy/Z/Q1bjhFR6KknPDlsvXPV0ERmIYUOeLIi/5PLFeaFZ xAAzkMVndlTWc0fG6TB0LK23zut2uzoYerjwGeu+3//OmAj0R0EaadK2yQ8Kb6Z8 KXG/DH/ChoyOblfnqYpyaiK+Cl7FvL3Z6kYBqnErNh2SSoFz9eKC3Il9jybK/VAi kq9FOpTHmLv6ubcftKEVYLuFeMVtSiz/UOtGsA0nbEooXbLz0058uigPDlWb4OYR Qk/5wt9MrJuWIK79UbFQQRkJ76TFIR+4b5RIlo13RSom5kxakFjCpfnqGIs= -----END CERTIFICATE-----Generated at Mon Jan 26 02:44:06 2026 by rpki-client