This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e4cdc7-4001-4d09-9b28-de4af229e3ba/1/kpMx_jDvAD2J4w_3QrPa_7EmM7k.roa File: kpMx_jDvAD2J4w_3QrPa_7EmM7k.roa (raw, json) Hash identifier: s8PvuEvsSULDst+nlshWZnZoN6R6lxtcg9VvUqcdZGw= Subject key identifier: 92:93:31:FE:30:EF:00:3D:89:E3:0F:F7:42:B3:DA:FF:B1:26:33:B9 Certificate issuer: /CN=d8dd0f066a3e24f1a663112a1f28e9d83b2ecd73 Certificate serial: 019C05512825B0AE7FAF4AFD5985C014BC39 Authority key identifier: D8:DD:0F:06:6A:3E:24:F1:A6:63:11:2A:1F:28:E9:D8:3B:2E:CD:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2N0PBmo-JPGmYxEqHyjp2DsuzXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e4cdc7-4001-4d09-9b28-de4af229e3ba/1/kpMx_jDvAD2J4w_3QrPa_7EmM7k.roa Signing time: Wed 28 Jan 2026 15:55:30 +0000 ROA not before: Wed 28 Jan 2026 15:55:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41484 IP address blocks: 31.25.0.0/23 maxlen: 23 31.25.0.0/24 maxlen: 24 31.25.1.0/24 maxlen: 24 31.25.2.0/24 maxlen: 24 31.25.3.0/24 maxlen: 24 31.25.4.0/24 maxlen: 24 31.25.5.0/24 maxlen: 24 31.25.6.0/24 maxlen: 24 31.25.7.0/24 maxlen: 24 37.72.112.0/21 maxlen: 21 37.72.112.0/24 maxlen: 24 37.72.113.0/24 maxlen: 24 37.72.114.0/23 maxlen: 23 37.72.116.0/22 maxlen: 22 176.62.208.0/22 maxlen: 22 176.62.210.0/23 maxlen: 23 176.62.212.0/22 maxlen: 22 185.4.156.0/24 maxlen: 24 185.4.157.0/24 maxlen: 24 185.4.158.0/24 maxlen: 24 185.4.159.0/24 maxlen: 24 185.68.104.0/22 maxlen: 22 185.68.104.0/24 maxlen: 24 185.68.105.0/24 maxlen: 24 185.68.106.0/24 maxlen: 24 185.68.107.0/24 maxlen: 24 2a02:5680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e4cdc7-4001-4d09-9b28-de4af229e3ba/1/2N0PBmo-JPGmYxEqHyjp2DsuzXM.crl rsync://rpki.ripe.net/repository/DEFAULT/09/e4cdc7-4001-4d09-9b28-de4af229e3ba/1/2N0PBmo-JPGmYxEqHyjp2DsuzXM.mft rsync://rpki.ripe.net/repository/DEFAULT/2N0PBmo-JPGmYxEqHyjp2DsuzXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:05:51:28:25:b0:ae:7f:af:4a:fd:59:85:c0:14:bc:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8dd0f066a3e24f1a663112a1f28e9d83b2ecd73 Validity Not Before: Jan 28 15:55:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=929331fe30ef003d89e30ff742b3daffb12633b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3f:ba:d8:8f:6a:cb:9f:4b:4f:4b:5f:a3:bf: 16:bf:bf:cf:43:31:02:68:ae:ac:14:d9:b6:9e:11: 69:d5:a5:7a:f2:e1:16:04:2e:45:19:0a:33:ad:24: 2a:32:a7:53:41:4b:f6:9a:0f:f0:c4:d4:ed:35:11: f3:89:a2:42:58:db:2a:ec:cc:e2:04:71:80:c4:7b: f1:0f:39:9a:67:36:71:31:b6:e0:cb:f5:af:25:fe: a6:f5:ea:02:9d:a0:c0:01:31:a3:9c:9b:90:8b:1c: c6:9b:3e:9d:1a:8d:2f:9f:fa:cd:56:71:a4:f2:94: ae:a3:c9:88:3d:7d:b2:63:b7:18:e9:8e:05:01:5a: 02:ab:2b:4d:03:ef:46:40:50:0e:06:3d:01:a5:1e: 94:d0:f9:34:e9:33:f3:3a:17:f5:8a:23:dd:a5:c9: c1:e5:43:a0:3d:5b:f7:9c:c6:5f:f7:65:01:c8:48: ee:cf:f7:48:f3:51:3b:b9:0d:64:0b:9c:b0:a6:1c: 65:14:c8:10:4c:47:11:ac:0c:0d:c3:0c:1e:33:c4: d9:c5:b2:eb:ca:0d:f2:81:10:f4:dd:a1:bb:00:dc: e6:68:8a:e3:c3:6e:ac:aa:25:97:8f:0b:dd:1c:41: 67:46:88:cf:8c:ee:12:d8:ba:b8:d9:fa:29:cb:ac: 1b:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:93:31:FE:30:EF:00:3D:89:E3:0F:F7:42:B3:DA:FF:B1:26:33:B9 X509v3 Authority Key Identifier: keyid:D8:DD:0F:06:6A:3E:24:F1:A6:63:11:2A:1F:28:E9:D8:3B:2E:CD:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2N0PBmo-JPGmYxEqHyjp2DsuzXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e4cdc7-4001-4d09-9b28-de4af229e3ba/1/kpMx_jDvAD2J4w_3QrPa_7EmM7k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e4cdc7-4001-4d09-9b28-de4af229e3ba/1/2N0PBmo-JPGmYxEqHyjp2DsuzXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.25.0.0/21 37.72.112.0/21 176.62.208.0/21 185.4.156.0/22 185.68.104.0/22 IPv6: 2a02:5680::/32 Signature Algorithm: sha256WithRSAEncryption 1e:31:03:0d:f9:2b:f7:66:8a:dd:c8:c3:86:a8:7f:b0:ca:39: ff:c7:4f:e3:df:73:3e:ca:bf:64:cc:17:2c:d6:4d:ac:89:55: 0d:bc:d2:8c:58:32:85:79:da:f7:fb:37:d9:5e:46:d1:1e:82: 89:9a:3f:51:19:5f:f4:b0:61:89:fd:48:8a:05:a7:78:c3:8e: 68:6a:04:b0:58:91:3f:42:fe:64:0c:8a:b8:32:ff:75:bd:cd: 4b:2d:63:4b:ea:54:7c:5d:c2:92:9b:17:d5:9c:09:bd:1a:4b: 48:96:cb:c2:68:7b:09:57:74:39:53:ad:33:ea:92:3b:dd:52: cf:b9:c4:a7:5b:54:d1:54:56:a7:a5:8f:14:2b:6a:57:b2:c8: 85:07:85:9a:f4:8b:d1:67:07:a7:70:c2:5b:b1:8a:7f:47:ff: 17:66:ec:74:f3:52:32:77:a4:8b:8d:34:29:a4:6e:5d:fb:d0: 8f:73:91:bf:4b:35:0a:bb:03:dc:a6:6b:04:38:dd:c4:d4:ef: 00:49:91:94:d2:c7:60:38:58:23:ea:25:95:ed:ea:05:ad:6c: d2:ca:97:11:bb:d0:81:56:96:ef:95:99:77:4c:14:8c:8e:eb: 86:e5:6b:4b:d8:f3:5b:49:b0:52:0d:9d:de:ff:17:de:d0:6a: 26:b7:d7:da -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZwFUSglsK5/r0r9WYXAFLw5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZGQwZjA2NmEzZTI0ZjFhNjYzMTEyYTFmMjhlOWQ4M2Iy ZWNkNzMwHhcNMjYwMTI4MTU1NTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MjkzMzFmZTMwZWYwMDNkODllMzBmZjc0MmIzZGFmZmIxMjYzM2I5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT+62I9qy59LT0tfo78Wv7/PQzEC aK6sFNm2nhFp1aV68uEWBC5FGQozrSQqMqdTQUv2mg/wxNTtNRHziaJCWNsq7Mzi BHGAxHvxDzmaZzZxMbbgy/WvJf6m9eoCnaDAATGjnJuQixzGmz6dGo0vn/rNVnGk 8pSuo8mIPX2yY7cY6Y4FAVoCqytNA+9GQFAOBj0BpR6U0Pk06TPzOhf1iiPdpcnB 5UOgPVv3nMZf92UByEjuz/dI81E7uQ1kC5ywphxlFMgQTEcRrAwNwwweM8TZxbLr yg3ygRD03aG7ANzmaIrjw26sqiWXjwvdHEFnRojPjO4S2Lq42fopy6wb+wIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFJKTMf4w7wA9ieMP90Kz2v+xJjO5MB8GA1UdIwQY MBaAFNjdDwZqPiTxpmMRKh8o6dg7Ls1zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMk4wUEJtby1KUEdtWXhFcUh5anAyRHN1elhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNGNkYzctNDAwMS00ZDA5LTliMjgt ZGU0YWYyMjllM2JhLzEva3BNeF9qRHZBRDJKNHdfM1FyUGFfN0VtTTdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9lNGNkYzctNDAwMS00ZDA5LTliMjgtZGU0YWYyMjllM2Jh LzEvMk4wUEJtby1KUEdtWXhFcUh5anAyRHN1elhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxkAAwQD JUhwAwQDsD7QAwQCuQScAwQCuURoMA0EAgACMAcDBQAqAlaAMA0GCSqGSIb3DQEB CwUAA4IBAQAeMQMN+Sv3ZordyMOGqH+wyjn/x0/j33M+yr9kzBcs1k2siVUNvNKM WDKFedr3+zfZXkbRHoKJmj9RGV/0sGGJ/UiKBad4w45oagSwWJE/Qv5kDIq4Mv91 vc1LLWNL6lR8XcKSmxfVnAm9GktIlsvCaHsJV3Q5U60z6pI73VLPucSnW1TRVFan pY8UK2pXssiFB4Wa9IvRZwencMJbsYp/R/8XZux081Iyd6SLjTQppG5d+9CPc5G/ SzUKuwPcpmsEON3E1O8ASZGU0sdgOFgj6iWV7eoFrWzSypcRu9CBVpbvlZl3TBSM juuG5WtL2PNbSbBSDZ3e/xfe0Gomt9fa -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:10 2026 by rpki-client