This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a5RtvXmfAsuHqiZZ38Rb51SC2to.roa File: a5RtvXmfAsuHqiZZ38Rb51SC2to.roa (raw, json) Hash identifier: U7NXzJ9I0qB7PAqpPLnRTt9kVJrqwxqTOSFgHxHxyfw= Subject key identifier: 6B:94:6D:BD:79:9F:02:CB:87:AA:26:59:DF:C4:5B:E7:54:82:DA:DA Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 019B7F85511CD43BE460B85E2DC7D41869D8 Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a5RtvXmfAsuHqiZZ38Rb51SC2to.roa Signing time: Fri 02 Jan 2026 16:23:22 +0000 ROA not before: Fri 02 Jan 2026 16:23:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48678 IP address blocks: 62.76.224.0/24 maxlen: 24 193.124.95.0/24 maxlen: 24 193.124.200.0/24 maxlen: 24 193.124.202.0/24 maxlen: 24 194.87.66.0/24 maxlen: 24 194.87.67.0/24 maxlen: 24 194.87.81.0/24 maxlen: 24 194.87.149.0/24 maxlen: 24 194.87.170.0/24 maxlen: 24 194.87.172.0/24 maxlen: 24 194.135.32.0/24 maxlen: 24 195.58.60.0/24 maxlen: 24 212.192.244.0/24 maxlen: 24 212.192.252.0/24 maxlen: 24 212.193.12.0/24 maxlen: 24 212.193.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:51:1c:d4:3b:e4:60:b8:5e:2d:c7:d4:18:69:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Jan 2 16:23:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6b946dbd799f02cb87aa2659dfc45be75482dada Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e8:88:9a:5f:14:67:6e:31:7e:8b:60:0e:94: 3c:2a:48:85:65:34:4d:29:68:59:42:92:42:bc:b3: 03:4f:08:b6:50:f6:d2:32:93:d2:01:ef:7e:ba:c4: 4e:f6:0b:67:9f:bd:7f:35:28:23:a9:87:e2:61:c2: f7:c1:41:40:7a:40:17:8b:63:43:f7:a4:37:49:7b: 03:0c:9d:78:0b:b1:90:04:88:b5:55:19:03:b1:b7: 50:a1:a7:c0:0d:90:70:c3:ab:9e:95:5c:87:03:38: b9:56:cd:8c:69:b8:49:7d:65:f9:9b:94:55:e6:36: 8f:be:ae:da:94:b4:16:b5:ed:c6:c2:71:54:bd:a6: 28:13:a4:ac:8e:7a:cd:46:ea:4c:5d:39:cc:eb:98: b1:e4:8c:da:c4:85:fc:32:d5:5d:88:b2:dd:9b:ba: 24:26:15:5c:0e:01:89:01:55:8c:5a:11:b1:be:00: 40:18:c2:7c:50:9c:8e:d2:32:89:df:fc:57:34:ba: 65:96:c6:31:06:f0:66:0f:65:fe:f3:b2:1f:69:d5: 51:8a:16:cb:a2:89:a7:0d:1e:6d:ad:b6:63:bd:89: 99:12:a0:c1:a0:f1:d3:64:8a:31:80:43:2d:b6:4f: dc:80:a6:0a:3e:c0:40:79:6d:5b:6a:6d:c4:c6:ea: 94:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:94:6D:BD:79:9F:02:CB:87:AA:26:59:DF:C4:5B:E7:54:82:DA:DA X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/a5RtvXmfAsuHqiZZ38Rb51SC2to.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.76.224.0/24 193.124.95.0/24 193.124.200.0/24 193.124.202.0/24 194.87.66.0/23 194.87.81.0/24 194.87.149.0/24 194.87.170.0/24 194.87.172.0/24 194.135.32.0/24 195.58.60.0/24 212.192.244.0/24 212.192.252.0/24 212.193.12.0/23 Signature Algorithm: sha256WithRSAEncryption 17:4e:50:5f:56:43:10:fb:b7:4b:69:91:db:aa:c7:10:da:5a: cc:71:55:bd:3d:71:09:e6:d6:33:3b:d0:c3:fb:0f:4c:f2:22: fc:f7:de:71:c0:98:f9:39:38:a4:4b:38:e8:d4:bf:15:4d:cd: 1c:55:11:35:10:d3:5c:3a:0d:f4:1f:19:d9:21:e0:b0:3a:e9: aa:02:9c:ba:1e:2f:7e:b4:11:ab:ec:9e:48:77:f7:93:26:09: e2:cd:5a:28:5f:13:d6:a3:76:cf:39:cd:80:c8:2f:f2:5b:bc: 47:35:08:0c:fe:f2:08:c1:2f:22:13:fd:24:be:d5:f5:2d:4c: 48:c6:83:36:31:2c:da:4f:d5:16:30:30:01:b6:a9:f4:a5:89: 50:2c:a1:b8:0f:bc:e3:9f:c3:6e:26:02:40:81:be:83:d1:9f: 6e:2b:4f:7c:7f:d5:71:a5:31:40:38:c5:06:a8:b4:89:dc:4f: 3a:85:fc:4c:89:24:e8:ae:e1:2d:77:5f:fe:27:5f:b2:95:3a: 33:34:10:c8:96:c2:98:2e:23:06:d9:e6:5c:52:cb:06:79:d8: 04:9d:a6:48:43:f0:94:e4:a2:b0:b6:40:c7:57:d1:29:2c:38: 09:d1:39:7c:56:26:f6:57:e4:32:8d:c2:90:76:76:e4:a3:6c: 98:cd:d6:4a -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZt/hVEc1DvkYLheLcfUGGnYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjYwMTAyMTYyMzIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Yjk0NmRiZDc5OWYwMmNiODdhYTI2NTlkZmM0NWJlNzU0ODJkYWRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+iIml8UZ24xfotgDpQ8KkiFZTRN KWhZQpJCvLMDTwi2UPbSMpPSAe9+usRO9gtnn71/NSgjqYfiYcL3wUFAekAXi2ND 96Q3SXsDDJ14C7GQBIi1VRkDsbdQoafADZBww6uelVyHAzi5Vs2MabhJfWX5m5RV 5jaPvq7alLQWte3GwnFUvaYoE6SsjnrNRupMXTnM65ix5IzaxIX8MtVdiLLdm7ok JhVcDgGJAVWMWhGxvgBAGMJ8UJyO0jKJ3/xXNLpllsYxBvBmD2X+87IfadVRihbL oomnDR5trbZjvYmZEqDBoPHTZIoxgEMttk/cgKYKPsBAeW1bam3ExuqU6QIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFGuUbb15nwLLh6omWd/EW+dUgtraMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvYTVSdHZYbWZBc3VIcWlaWjM4UmI1MVNDMnRvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAPkzgAwQA wXxfAwQAwXzIAwQAwXzKAwQBwldCAwQAwldRAwQAwleVAwQAwleqAwQAwlesAwQA wocgAwQAwzo8AwQA1MD0AwQA1MD8AwQB1MEMMA0GCSqGSIb3DQEBCwUAA4IBAQAX TlBfVkMQ+7dLaZHbqscQ2lrMcVW9PXEJ5tYzO9DD+w9M8iL8995xwJj5OTikSzjo 1L8VTc0cVRE1ENNcOg30HxnZIeCwOumqApy6Hi9+tBGr7J5Id/eTJgnizVooXxPW o3bPOc2AyC/yW7xHNQgM/vIIwS8iE/0kvtX1LUxIxoM2MSzaT9UWMDABtqn0pYlQ LKG4D7zjn8NuJgJAgb6D0Z9uK098f9VxpTFAOMUGqLSJ3E86hfxMiSToruEtd1/+ J1+ylTozNBDIlsKYLiMG2eZcUssGedgEnaZIQ/CU5KKwtkDHV9EpLDgJ0Tl8Vib2 V+QyjcKQdnbko2yYzdZK -----END CERTIFICATE-----Generated at Mon Jan 19 16:54:18 2026 by rpki-client