This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/zgGVTKcsMuTYxTSo5ptzlUkk81g.roa File: zgGVTKcsMuTYxTSo5ptzlUkk81g.roa (raw, json) Hash identifier: rFMhsFr8C+PRe4efW7vvF5XSlNl/+vWFt+5ElFGjR5M= Subject key identifier: CE:01:95:4C:A7:2C:32:E4:D8:C5:34:A8:E6:9B:73:95:49:24:F3:58 Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa Certificate serial: 019BB3BE587B41182921F57803DC2078CE24 Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/zgGVTKcsMuTYxTSo5ptzlUkk81g.roa Signing time: Mon 12 Jan 2026 19:45:54 +0000 ROA not before: Mon 12 Jan 2026 19:45:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57344 IP address blocks: 5.104.168.0/23 maxlen: 23 5.104.174.0/24 maxlen: 24 46.253.134.0/24 maxlen: 24 77.76.0.0/24 maxlen: 24 77.76.8.0/24 maxlen: 24 77.76.10.0/24 maxlen: 24 77.76.11.0/24 maxlen: 24 78.128.0.0/24 maxlen: 24 78.128.8.0/24 maxlen: 24 78.128.41.0/24 maxlen: 24 78.128.43.0/24 maxlen: 24 78.128.60.0/24 maxlen: 24 78.128.67.0/24 maxlen: 24 78.128.72.0/24 maxlen: 24 78.128.76.0/24 maxlen: 24 78.128.79.0/24 maxlen: 24 78.128.81.0/24 maxlen: 24 78.128.92.0/24 maxlen: 24 78.128.94.0/24 maxlen: 24 78.128.96.0/24 maxlen: 24 78.128.98.0/24 maxlen: 24 78.128.106.0/24 maxlen: 24 78.128.107.0/24 maxlen: 24 78.128.108.0/23 maxlen: 23 78.128.116.0/23 maxlen: 23 78.142.1.0/24 maxlen: 24 78.142.4.0/23 maxlen: 23 78.142.17.0/24 maxlen: 24 78.142.20.0/24 maxlen: 24 78.142.24.0/24 maxlen: 24 78.142.30.0/24 maxlen: 24 78.142.31.0/24 maxlen: 24 78.142.33.0/24 maxlen: 24 78.142.34.0/24 maxlen: 24 78.142.47.0/24 maxlen: 24 78.142.48.0/24 maxlen: 24 78.142.60.0/24 maxlen: 24 78.142.63.0/24 maxlen: 24 79.124.0.0/24 maxlen: 24 79.124.15.0/24 maxlen: 24 79.124.20.0/23 maxlen: 23 79.124.23.0/24 maxlen: 24 79.124.24.0/22 maxlen: 24 79.124.28.0/24 maxlen: 24 79.124.47.0/24 maxlen: 24 79.124.50.0/24 maxlen: 24 79.124.51.0/24 maxlen: 24 79.124.53.0/24 maxlen: 24 79.124.73.0/24 maxlen: 24 79.124.74.0/24 maxlen: 24 79.124.76.0/24 maxlen: 24 79.124.79.0/24 maxlen: 24 79.124.82.0/24 maxlen: 24 82.118.224.0/24 maxlen: 24 82.118.236.0/24 maxlen: 24 82.118.238.0/24 maxlen: 24 82.118.244.0/24 maxlen: 24 82.118.246.0/23 maxlen: 23 87.246.2.0/24 maxlen: 24 91.148.131.0/24 maxlen: 24 91.148.140.0/24 maxlen: 24 91.148.149.0/24 maxlen: 24 91.148.160.0/24 maxlen: 24 91.148.168.0/24 maxlen: 24 91.148.169.0/24 maxlen: 24 91.148.187.0/24 maxlen: 24 91.191.216.0/23 maxlen: 24 94.72.145.0/24 maxlen: 24 94.72.148.0/22 maxlen: 24 94.72.158.0/24 maxlen: 24 94.72.159.0/24 maxlen: 24 130.185.224.0/24 maxlen: 24 130.185.226.0/24 maxlen: 24 130.185.229.0/24 maxlen: 24 130.185.235.0/24 maxlen: 24 130.185.236.0/24 maxlen: 24 130.185.237.0/24 maxlen: 24 130.185.248.0/24 maxlen: 24 130.185.250.0/24 maxlen: 24 176.241.176.0/23 maxlen: 24 178.132.80.0/24 maxlen: 24 178.132.81.0/24 maxlen: 24 178.132.82.0/23 maxlen: 24 178.132.84.0/23 maxlen: 24 185.148.160.0/22 maxlen: 22 185.148.162.0/24 maxlen: 24 185.197.152.0/22 maxlen: 24 185.232.156.0/23 maxlen: 24 185.232.159.0/24 maxlen: 24 217.174.148.0/23 maxlen: 24 217.174.148.0/24 maxlen: 24 217.174.149.0/24 maxlen: 24 217.174.150.0/24 maxlen: 24 217.174.152.0/23 maxlen: 24 217.174.152.0/24 maxlen: 24 217.174.153.0/24 maxlen: 24 217.174.154.0/24 maxlen: 24 217.174.159.0/24 maxlen: 24 2a01:8740::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:be:58:7b:41:18:29:21:f5:78:03:dc:20:78:ce:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa Validity Not Before: Jan 12 19:45:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ce01954ca72c32e4d8c534a8e69b73954924f358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:50:25:4f:40:fe:d6:73:a4:0c:b9:04:58:f0: 93:c3:08:0c:f3:30:ff:03:32:10:a0:55:e4:af:28: 08:23:db:09:a4:0d:eb:be:fb:01:f2:48:d3:c0:90: 5f:2c:f2:69:9f:18:84:30:18:d6:f7:6a:62:03:1b: 29:6c:73:b0:2e:42:2c:13:bb:7a:2d:62:73:52:3e: 73:74:eb:af:f2:ed:64:b7:51:30:c0:1e:a5:b9:48: 19:8a:c2:52:2e:18:4b:70:6a:53:d3:b4:27:55:ee: 60:3f:45:93:21:d6:1e:a9:f4:da:94:c6:b9:26:4e: 47:29:01:ff:49:d6:57:c1:28:03:a6:63:17:55:0b: 1c:4b:13:a1:91:81:b5:b3:15:55:3b:bf:ba:36:79: 59:a6:cd:0b:21:74:7b:ed:4f:4a:53:01:75:54:26: eb:8f:35:84:8b:bc:e3:fe:19:b7:6d:a5:13:cb:f7: a2:ab:28:58:dc:e2:dd:c5:20:fd:55:1b:b6:02:20: ef:62:97:44:13:65:72:d7:e8:58:97:31:b0:0f:cc: 73:85:06:1b:59:48:1e:92:75:76:f1:5a:38:62:a1: 32:4b:32:f4:05:95:67:af:5f:ef:be:d8:b7:b6:0f: 0a:fe:cf:5b:46:a1:b1:d5:08:85:c9:7e:ec:f5:77: 41:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:01:95:4C:A7:2C:32:E4:D8:C5:34:A8:E6:9B:73:95:49:24:F3:58 X509v3 Authority Key Identifier: keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/zgGVTKcsMuTYxTSo5ptzlUkk81g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.104.168.0/23 5.104.174.0/24 46.253.134.0/24 77.76.0.0/24 77.76.8.0/24 77.76.10.0/23 78.128.0.0/24 78.128.8.0/24 78.128.41.0/24 78.128.43.0/24 78.128.60.0/24 78.128.67.0/24 78.128.72.0/24 78.128.76.0/24 78.128.79.0/24 78.128.81.0/24 78.128.92.0/24 78.128.94.0/24 78.128.96.0/24 78.128.98.0/24 78.128.106.0-78.128.109.255 78.128.116.0/23 78.142.1.0/24 78.142.4.0/23 78.142.17.0/24 78.142.20.0/24 78.142.24.0/24 78.142.30.0/23 78.142.33.0-78.142.34.255 78.142.47.0-78.142.48.255 78.142.60.0/24 78.142.63.0/24 79.124.0.0/24 79.124.15.0/24 79.124.20.0/23 79.124.23.0-79.124.28.255 79.124.47.0/24 79.124.50.0/23 79.124.53.0/24 79.124.73.0-79.124.74.255 79.124.76.0/24 79.124.79.0/24 79.124.82.0/24 82.118.224.0/24 82.118.236.0/24 82.118.238.0/24 82.118.244.0/24 82.118.246.0/23 87.246.2.0/24 91.148.131.0/24 91.148.140.0/24 91.148.149.0/24 91.148.160.0/24 91.148.168.0/23 91.148.187.0/24 91.191.216.0/23 94.72.145.0/24 94.72.148.0/22 94.72.158.0/23 130.185.224.0/24 130.185.226.0/24 130.185.229.0/24 130.185.235.0-130.185.237.255 130.185.248.0/24 130.185.250.0/24 176.241.176.0/23 178.132.80.0-178.132.85.255 185.148.160.0/22 185.197.152.0/22 185.232.156.0/23 185.232.159.0/24 217.174.148.0-217.174.150.255 217.174.152.0-217.174.154.255 217.174.159.0/24 IPv6: 2a01:8740::/32 Signature Algorithm: sha256WithRSAEncryption 8e:ed:e9:a9:6d:01:1a:34:b3:77:60:c2:96:c3:f1:8d:a1:45: 72:03:ba:8b:43:a7:f1:af:97:00:a1:52:a1:55:64:3c:f5:29: 3a:5d:a3:ac:ea:d1:5c:89:49:d2:8d:56:6c:54:51:5b:8b:52: f0:1f:0a:3e:48:cf:53:10:4b:08:e4:d1:d1:34:d9:1e:60:f1: 36:50:79:4b:73:19:bd:54:46:3e:67:e7:3f:d9:30:e8:1b:62: 16:af:ef:2c:23:b4:d9:d2:12:27:b8:3b:f0:ab:5a:ec:93:f9: 69:72:9f:b3:83:ab:32:c7:4b:1b:0f:ef:a3:9b:52:16:91:c8: 34:e5:d0:99:4a:fa:38:3f:4d:a9:0c:b6:ba:35:85:2f:d7:89: 30:8c:11:54:ab:ae:f3:74:76:96:7b:6f:cd:dd:d5:dc:82:cc: d7:7f:2c:a0:4f:cb:3b:88:2b:6c:da:b0:d9:1e:59:fe:77:5c: a6:d3:04:f0:67:1d:27:16:0b:09:6e:10:00:d9:9c:ea:d6:12: 48:06:2b:84:ae:f7:05:ba:ea:7c:45:b0:ae:74:be:9d:ad:7e: fd:c2:40:d0:de:0a:09:30:9d:fd:e0:30:37:f7:c1:4d:8c:cd: 48:0b:13:c6:a4:ca:b1:ad:57:9e:b0:10:a0:f2:87:81:79:b6: fb:51:86:33 -----BEGIN CERTIFICATE----- MIIHFDCCBfygAwIBAgISAZuzvlh7QRgpIfV4A9wgeM4kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1 Y2IyYWEwHhcNMjYwMTEyMTk0NTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTAxOTU0Y2E3MmMzMmU0ZDhjNTM0YThlNjliNzM5NTQ5MjRmMzU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1AlT0D+1nOkDLkEWPCTwwgM8zD/ AzIQoFXkrygII9sJpA3rvvsB8kjTwJBfLPJpnxiEMBjW92piAxspbHOwLkIsE7t6 LWJzUj5zdOuv8u1kt1EwwB6luUgZisJSLhhLcGpT07QnVe5gP0WTIdYeqfTalMa5 Jk5HKQH/SdZXwSgDpmMXVQscSxOhkYG1sxVVO7+6NnlZps0LIXR77U9KUwF1VCbr jzWEi7zj/hm3baUTy/eiqyhY3OLdxSD9VRu2AiDvYpdEE2Vy1+hYlzGwD8xzhQYb WUgeknV28Vo4YqEySzL0BZVnr1/vvti3tg8K/s9bRqGx1QiFyX7s9XdB0QIDAQAB o4IEIDCCBBwwHQYDVR0OBBYEFM4BlUynLDLk2MU0qOabc5VJJPNYMB8GA1UdIwQY MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt ZGFjYjVmMzU2ZWEzLzEvemdHVlRLY3NNdVRZeFRTbzVwdHpsVWtrODFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIICNAYIKwYBBQUHAQcBAf8EggIjMIICHzCCAgwEAgABMIIC BAMEAQVoqAMEAAVorgMEAC79hgMEAE1MAAMEAE1MCAMEAU1MCgMEAE6AAAMEAE6A CAMEAE6AKQMEAE6AKwMEAE6APAMEAE6AQwMEAE6ASAMEAE6ATAMEAE6ATwMEAE6A UQMEAE6AXAMEAE6AXgMEAE6AYAMEAE6AYjAMAwQBToBqAwQBToBsAwQBToB0AwQA To4BAwQBTo4EAwQATo4RAwQATo4UAwQATo4YAwQBTo4eMAwDBABOjiEDBABOjiIw DAMEAE6OLwMEAE6OMAMEAE6OPAMEAE6OPwMEAE98AAMEAE98DwMEAU98FDAMAwQA T3wXAwQAT3wcAwQAT3wvAwQBT3wyAwQAT3w1MAwDBABPfEkDBABPfEoDBABPfEwD BABPfE8DBABPfFIDBABSduADBABSduwDBABSdu4DBABSdvQDBAFSdvYDBABX9gID BABblIMDBABblIwDBABblJUDBABblKADBAFblKgDBABblLsDBAFbv9gDBABeSJED BAJeSJQDBAFeSJ4DBACCueADBACCueIDBACCueUwDAMEAIK56wMEAYK57AMEAIK5 +AMEAIK5+gMEAbDxsDAMAwQEsoRQAwQBsoRUAwQCuZSgAwQCucWYAwQBueicAwQA ueifMAwDBALZrpQDBADZrpYwDAMEA9mumAMEANmumgMEANmunzANBAIAAjAHAwUA KgGHQDANBgkqhkiG9w0BAQsFAAOCAQEAju3pqW0BGjSzd2DClsPxjaFFcgO6i0On 8a+XAKFSoVVkPPUpOl2jrOrRXIlJ0o1WbFRRW4tS8B8KPkjPUxBLCOTR0TTZHmDx NlB5S3MZvVRGPmfnP9kw6BtiFq/vLCO02dISJ7g78Kta7JP5aXKfs4OrMsdLGw/v o5tSFpHINOXQmUr6OD9NqQy2ujWFL9eJMIwRVKuu83R2lntvzd3V3ILM138soE/L O4grbNqw2R5Z/ndcptME8GcdJxYLCW4QANmc6tYSSAYrhK73BbrqfEWwrnS+na1+ /cJA0N4KCTCd/eAwN/fBTYzNSAsTxqTKsa1XnrAQoPKHgXm2+1GGMw== -----END CERTIFICATE-----Generated at Fri Jan 23 18:47:57 2026 by rpki-client