This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/yRzqIKJw98DxqIb6iZBd3eLbtDk.roa File: yRzqIKJw98DxqIb6iZBd3eLbtDk.roa (raw, json) Hash identifier: GErK4H2IlL6YqcPLNZ4dRpGSDXRO5lmQqTJzqxsVSck= Subject key identifier: C9:1C:EA:20:A2:70:F7:C0:F1:A8:86:FA:89:90:5D:DD:E2:DB:B4:39 Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec Certificate serial: 019B797EB025DBCB262C2369CF552E3E9FE0 Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/yRzqIKJw98DxqIb6iZBd3eLbtDk.roa Signing time: Thu 01 Jan 2026 12:18:24 +0000 ROA not before: Thu 01 Jan 2026 12:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12716 IP address blocks: 37.63.0.0/20 maxlen: 20 37.63.16.0/22 maxlen: 22 37.63.20.0/22 maxlen: 24 37.63.24.0/22 maxlen: 22 37.63.28.0/22 maxlen: 24 37.63.32.0/22 maxlen: 24 37.63.96.0/22 maxlen: 22 62.204.154.0/23 maxlen: 23 78.90.18.0/23 maxlen: 23 78.90.44.0/23 maxlen: 23 78.90.62.0/24 maxlen: 24 78.90.73.0/24 maxlen: 24 78.90.124.0/24 maxlen: 24 78.90.218.0/23 maxlen: 23 83.97.30.0/24 maxlen: 24 84.252.40.0/23 maxlen: 23 85.118.64.0/22 maxlen: 22 85.118.68.0/23 maxlen: 24 85.118.70.0/24 maxlen: 24 85.118.71.0/24 maxlen: 24 85.118.72.0/23 maxlen: 23 85.118.74.0/24 maxlen: 24 85.118.76.0/22 maxlen: 22 85.118.80.0/22 maxlen: 22 85.118.84.0/24 maxlen: 24 85.118.92.0/24 maxlen: 24 85.118.93.0/24 maxlen: 24 89.215.62.0/23 maxlen: 23 151.251.44.0/22 maxlen: 22 151.251.68.0/22 maxlen: 22 151.251.121.0/24 maxlen: 24 151.251.126.0/23 maxlen: 23 151.251.192.0/22 maxlen: 22 151.251.196.0/24 maxlen: 24 151.251.200.0/22 maxlen: 22 151.251.204.0/22 maxlen: 22 151.251.238.0/24 maxlen: 24 151.251.239.0/24 maxlen: 24 151.251.240.0/20 maxlen: 20 176.222.0.0/20 maxlen: 24 185.151.156.0/22 maxlen: 22 185.224.160.0/23 maxlen: 23 212.104.116.0/22 maxlen: 24 213.226.17.0/24 maxlen: 24 213.226.19.0/24 maxlen: 24 213.226.36.0/24 maxlen: 24 213.226.40.0/24 maxlen: 24 213.226.51.0/24 maxlen: 24 213.226.56.0/24 maxlen: 24 213.226.57.0/24 maxlen: 24 213.226.59.0/24 maxlen: 24 2001:1ac8:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:b0:25:db:cb:26:2c:23:69:cf:55:2e:3e:9f:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec Validity Not Before: Jan 1 12:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c91cea20a270f7c0f1a886fa89905ddde2dbb439 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7d:c8:e8:46:a2:7e:a2:aa:56:a6:b8:6d:61: c1:80:2c:24:94:09:ba:ec:84:60:b2:a2:23:73:60: c1:ae:19:69:16:9b:53:54:ef:21:f6:27:cc:a9:d0: 4d:6e:00:a3:bf:33:b1:3f:d7:00:10:53:c8:3a:28: c3:79:81:fc:94:20:e9:c1:df:de:fe:54:5e:96:6f: 1c:63:8a:54:3b:34:f0:cc:73:1a:12:87:1c:82:34: b8:ba:6d:cc:aa:94:9a:09:5c:61:b3:bc:29:c0:02: d9:29:98:38:88:c5:25:46:38:7f:f1:22:3a:19:e8: be:a0:22:3d:e8:c7:77:0e:08:94:08:12:3c:19:6b: 28:3e:e8:b7:ff:c4:fa:16:b1:f7:cc:ee:c2:b3:55: 4d:54:10:a9:4d:a2:88:7f:4a:fe:f7:e5:aa:90:f2: 5f:1b:a9:33:40:62:b5:ce:d8:53:2c:fa:a1:35:e0: 2d:6d:47:84:9b:48:24:25:ca:5e:3a:f8:36:a3:5c: 17:f7:02:b0:4b:4c:2c:97:35:33:6a:4b:6e:05:3d: 6b:de:af:b9:a4:a4:4f:8d:24:13:91:4c:5e:e3:82: 67:37:46:bc:07:ac:8e:e2:ef:cb:0a:ee:b6:b4:4b: 96:3d:e1:2e:0b:27:61:73:a3:b6:3e:85:c2:f1:4f: c0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:1C:EA:20:A2:70:F7:C0:F1:A8:86:FA:89:90:5D:DD:E2:DB:B4:39 X509v3 Authority Key Identifier: keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/yRzqIKJw98DxqIb6iZBd3eLbtDk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.63.0.0-37.63.35.255 37.63.96.0/22 62.204.154.0/23 78.90.18.0/23 78.90.44.0/23 78.90.62.0/24 78.90.73.0/24 78.90.124.0/24 78.90.218.0/23 83.97.30.0/24 84.252.40.0/23 85.118.64.0-85.118.74.255 85.118.76.0-85.118.84.255 85.118.92.0/23 89.215.62.0/23 151.251.44.0/22 151.251.68.0/22 151.251.121.0/24 151.251.126.0/23 151.251.192.0-151.251.196.255 151.251.200.0/21 151.251.238.0-151.251.255.255 176.222.0.0/20 185.151.156.0/22 185.224.160.0/23 212.104.116.0/22 213.226.17.0/24 213.226.19.0/24 213.226.36.0/24 213.226.40.0/24 213.226.51.0/24 213.226.56.0/23 213.226.59.0/24 IPv6: 2001:1ac8:1::/48 Signature Algorithm: sha256WithRSAEncryption 2c:c5:0c:79:1e:74:81:f9:59:08:f5:42:c5:d7:b8:bc:94:12: 0f:dd:7e:23:b8:2f:7e:15:7b:7d:60:d8:d4:1f:d5:1e:16:37: 7b:25:7b:58:d7:19:1c:cc:85:8b:78:66:11:5f:50:6c:7d:3e: 95:6d:9a:6e:b4:12:7e:3e:40:c0:52:d5:b6:2b:27:07:25:11: 40:6f:f0:be:fb:f0:be:34:5c:3d:fe:33:75:9e:24:f0:29:0f: bf:46:d4:d4:4e:72:a6:bb:5b:66:3f:8e:24:b0:ee:0d:25:74: ba:14:5d:22:34:c5:53:92:e7:ac:ca:79:ae:b1:c2:8c:0b:7c: 0f:69:6e:fe:42:4a:e1:6e:6d:c1:ab:d6:7c:d3:3e:0e:21:b1: 81:fe:5c:79:ad:c2:ad:c7:9c:10:0d:bf:be:a9:70:82:b6:e4: dc:e6:34:98:4e:94:c2:53:db:6e:76:ac:fb:43:01:c3:2d:89: 66:9a:21:c4:97:2d:8e:16:cd:dd:85:23:1e:eb:53:69:1a:79: ab:a9:56:a2:66:b8:50:82:6d:91:e7:d1:a0:34:ef:6b:a2:8f: 36:93:3a:f6:27:4f:88:e1:74:cf:5b:18:bf:e6:b2:9d:43:c8: 52:db:40:e5:ac:b4:57:1f:4c:1b:43:e9:8f:e8:4d:0b:df:8c: f3:31:80:fb -----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISAZt5frAl28smLCNpz1UuPp/gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj ZDgyZWMwHhcNMjYwMTAxMTIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTFjZWEyMGEyNzBmN2MwZjFhODg2ZmE4OTkwNWRkZGUyZGJiNDM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX3I6EaifqKqVqa4bWHBgCwklAm6 7IRgsqIjc2DBrhlpFptTVO8h9ifMqdBNbgCjvzOxP9cAEFPIOijDeYH8lCDpwd/e /lRelm8cY4pUOzTwzHMaEoccgjS4um3MqpSaCVxhs7wpwALZKZg4iMUlRjh/8SI6 Gei+oCI96Md3DgiUCBI8GWsoPui3/8T6FrH3zO7Cs1VNVBCpTaKIf0r+9+WqkPJf G6kzQGK1zthTLPqhNeAtbUeEm0gkJcpeOvg2o1wX9wKwS0wslzUzaktuBT1r3q+5 pKRPjSQTkUxe44JnN0a8B6yO4u/LCu62tEuWPeEuCydhc6O2PoXC8U/AWwIDAQAB o4IDCDCCAwQwHQYDVR0OBBYEFMkc6iCicPfA8aiG+omQXd3i27Q5MB8GA1UdIwQY MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt N2ZiYmFlNmY5NDM3LzEveVJ6cUlLSnc5OER4cUliNmlaQmQzZUxidERrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3 LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCB8wQCAAEwgeww CwMDACU/AwQCJT8gAwQCJT9gAwQBPsyaAwQBTloSAwQBTlosAwQATlo+AwQATlpJ AwQATlp8AwQBTlraAwQAU2EeAwQBVPwoMAwDBAZVdkADBABVdkowDAMEAlV2TAME AFV2VAMEAVV2XAMEAVnXPgMEApf7LAMEApf7RAMEAJf7eQMEAZf7fjAMAwQGl/vA AwQAl/vEAwQDl/vIMAsDBAGX++4DAwKX+AMEBLDeAAMEArmXnAMEAbngoAMEAtRo dAMEANXiEQMEANXiEwMEANXiJAMEANXiKAMEANXiMwMEAdXiOAMEANXiOzAPBAIA AjAJAwcAIAEayAABMA0GCSqGSIb3DQEBCwUAA4IBAQAsxQx5HnSB+VkI9ULF17i8 lBIP3X4juC9+FXt9YNjUH9UeFjd7JXtY1xkczIWLeGYRX1BsfT6VbZputBJ+PkDA UtW2KycHJRFAb/C++/C+NFw9/jN1niTwKQ+/RtTUTnKmu1tmP44ksO4NJXS6FF0i NMVTkuesynmuscKMC3wPaW7+Qkrhbm3Bq9Z80z4OIbGB/lx5rcKtx5wQDb++qXCC tuTc5jSYTpTCU9tudqz7QwHDLYlmmiHEly2OFs3dhSMe61NpGnmrqVaiZrhQgm2R 59GgNO9roo82kzr2J0+I4XTPWxi/5rKdQ8hS20DlrLRXH0wbQ+mP6E0L34zzMYD7 -----END CERTIFICATE-----Generated at Mon Jan 26 17:25:19 2026 by rpki-client