This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/rYfhpRHyVYaDgETn8bVAeDRcfcw.roa File: rYfhpRHyVYaDgETn8bVAeDRcfcw.roa (raw, json) Hash identifier: RBBw7oingd7PNWXzXnBorOXFXIc0NmsGTz5l0deTzRU= Subject key identifier: AD:87:E1:A5:11:F2:55:86:83:80:44:E7:F1:B5:40:78:34:5C:7D:CC Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704 Certificate serial: 019B7EA71E2CE71CFCA44EA0E654B4AB21F1 Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/rYfhpRHyVYaDgETn8bVAeDRcfcw.roa Signing time: Fri 02 Jan 2026 12:20:40 +0000 ROA not before: Fri 02 Jan 2026 12:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208951 IP address blocks: 31.44.0.0/24 maxlen: 24 31.44.1.0/24 maxlen: 24 31.44.2.0/24 maxlen: 24 31.44.3.0/24 maxlen: 24 45.14.48.0/24 maxlen: 24 45.14.49.0/24 maxlen: 24 45.14.50.0/24 maxlen: 24 45.14.51.0/24 maxlen: 24 45.138.24.0/24 maxlen: 24 45.138.25.0/24 maxlen: 24 45.138.26.0/24 maxlen: 24 78.111.84.0/24 maxlen: 24 92.246.130.0/24 maxlen: 24 92.246.131.0/24 maxlen: 24 94.141.96.0/24 maxlen: 24 94.141.97.0/24 maxlen: 24 94.141.98.0/24 maxlen: 24 94.141.99.0/24 maxlen: 24 109.207.168.0/24 maxlen: 24 109.207.169.0/24 maxlen: 24 109.207.171.0/24 maxlen: 24 109.207.172.0/24 maxlen: 24 188.227.57.0/24 maxlen: 24 188.227.58.0/24 maxlen: 24 188.227.59.0/24 maxlen: 24 188.227.84.0/24 maxlen: 24 188.227.85.0/24 maxlen: 24 188.227.86.0/24 maxlen: 24 188.227.87.0/24 maxlen: 24 188.227.106.0/24 maxlen: 24 188.227.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.mft rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:1e:2c:e7:1c:fc:a4:4e:a0:e6:54:b4:ab:21:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704 Validity Not Before: Jan 2 12:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad87e1a511f25586838044e7f1b54078345c7dcc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:98:9d:2b:e0:a3:73:e3:36:8e:51:e5:2f:1a: c9:09:3c:ee:3f:91:71:34:8a:08:40:f9:93:55:3c: f5:00:d3:0b:c7:0b:d9:7d:0e:70:73:8d:c9:d4:8f: aa:02:ba:08:e1:ba:4b:e0:7f:74:94:2a:ac:a8:00: d2:c3:36:ae:27:49:62:a4:f6:a5:59:9f:5b:cd:69: 06:15:6c:6f:32:9b:2a:b2:8a:0f:57:d8:51:ce:a0: 33:ed:05:40:e8:4d:7f:06:9d:c4:79:02:59:bd:ae: c0:ad:f1:8a:2a:27:a8:10:bd:93:61:ed:f4:6d:70: 40:72:01:aa:f9:06:2a:26:74:f4:42:a8:7b:9a:ac: 15:d6:2b:08:d5:04:e5:77:37:e7:94:61:3d:59:86: d3:6d:9c:a1:e0:b4:d8:d3:f3:32:33:c8:e7:9c:04: 92:b2:74:df:79:20:5f:a4:39:1a:92:c5:34:b4:3e: 79:a1:5b:2a:ed:8e:60:6c:9a:cf:72:e7:64:3f:50: c8:7c:6e:0b:52:31:15:e8:3e:2b:bf:9f:ad:98:20: 12:32:18:fe:c4:5b:11:64:0b:29:c8:57:b1:11:c6: 5a:95:3b:fc:d5:3a:be:bb:9f:f9:e5:27:9f:59:54: 3c:2a:bc:5a:4e:b7:e7:81:fb:58:90:d1:fd:75:b1: 9b:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:87:E1:A5:11:F2:55:86:83:80:44:E7:F1:B5:40:78:34:5C:7D:CC X509v3 Authority Key Identifier: keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/rYfhpRHyVYaDgETn8bVAeDRcfcw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.44.0.0/22 45.14.48.0/22 45.138.24.0-45.138.26.255 78.111.84.0/24 92.246.130.0/23 94.141.96.0/22 109.207.168.0/23 109.207.171.0-109.207.172.255 188.227.57.0-188.227.59.255 188.227.84.0/22 188.227.106.0/23 Signature Algorithm: sha256WithRSAEncryption 92:04:d9:11:1a:fd:78:60:8c:8d:db:88:9a:07:91:79:3e:50: 39:f2:e3:20:ed:f7:e6:b7:7f:1e:4e:2c:58:f1:38:32:50:f7: b4:2c:f8:28:b2:bd:44:d1:18:88:24:92:32:eb:91:eb:e0:d8: 2c:ad:07:ea:a5:32:54:6e:e1:33:d3:79:5f:34:27:fe:94:4e: f4:b7:c3:df:fc:bd:6e:7f:d8:33:bc:6b:d5:fc:df:d7:eb:23: ac:af:9b:4e:68:be:ed:90:fe:cc:76:2c:b3:75:b4:61:66:00: 49:19:a9:b2:04:5a:cd:ad:e4:18:0e:4f:d8:73:8a:2f:5c:34: 4b:d4:be:93:27:6e:62:42:40:40:b7:87:1d:59:77:7a:85:97: 0d:61:1b:3f:e9:8b:2c:38:24:a4:ba:43:0d:31:f6:d0:63:f3: 47:f4:67:d2:ec:a9:72:3c:d4:e7:d0:b4:75:5c:07:df:c2:d2: 1b:44:7e:6f:99:25:e4:22:4f:b6:92:6c:cd:54:60:39:d9:35: 25:99:79:52:b5:ff:fb:af:bc:3b:a4:8d:39:6c:25:e7:8c:48: ad:51:10:7c:36:2e:b8:79:88:d0:74:74:69:1f:bd:68:c5:fd: 55:28:ab:22:d4:c1:d1:66:5a:e2:ef:3e:76:3e:8e:ac:7f:79: 19:a9:3c:9d -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgISAZt+px4s5xz8pE6g5lS0qyHxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1 MzI3MDQwHhcNMjYwMTAyMTIyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDg3ZTFhNTExZjI1NTg2ODM4MDQ0ZTdmMWI1NDA3ODM0NWM3ZGNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJidK+Cjc+M2jlHlLxrJCTzuP5Fx NIoIQPmTVTz1ANMLxwvZfQ5wc43J1I+qAroI4bpL4H90lCqsqADSwzauJ0lipPal WZ9bzWkGFWxvMpsqsooPV9hRzqAz7QVA6E1/Bp3EeQJZva7ArfGKKieoEL2TYe30 bXBAcgGq+QYqJnT0Qqh7mqwV1isI1QTldzfnlGE9WYbTbZyh4LTY0/MyM8jnnASS snTfeSBfpDkaksU0tD55oVsq7Y5gbJrPcudkP1DIfG4LUjEV6D4rv5+tmCASMhj+ xFsRZAspyFexEcZalTv81Tq+u5/55SefWVQ8KrxaTrfngftYkNH9dbGbqwIDAQAB o4ICXTCCAlkwHQYDVR0OBBYEFK2H4aUR8lWGg4BE5/G1QHg0XH3MMB8GA1UdIwQY MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt ZjlmYjM4Yzc3YzU1LzEvcllmaHBSSHlWWWFEZ0VUbjhiVkFlRFJjZmN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1 LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCHywAAwQC LQ4wMAwDBAMtihgDBAAtihoDBABOb1QDBAFc9oIDBAJejWADBAFtz6gwDAMEAG3P qwMEAG3PrDAMAwQAvOM5AwQCvOM4AwQCvONUAwQBvONqMA0GCSqGSIb3DQEBCwUA A4IBAQCSBNkRGv14YIyN24iaB5F5PlA58uMg7ffmt38eTixY8TgyUPe0LPgosr1E 0RiIJJIy65Hr4NgsrQfqpTJUbuEz03lfNCf+lE70t8Pf/L1uf9gzvGvV/N/X6yOs r5tOaL7tkP7MdiyzdbRhZgBJGamyBFrNreQYDk/Yc4ovXDRL1L6TJ25iQkBAt4cd WXd6hZcNYRs/6YssOCSkukMNMfbQY/NH9GfS7KlyPNTn0LR1XAffwtIbRH5vmSXk Ik+2kmzNVGA52TUlmXlStf/7r7w7pI05bCXnjEitURB8Ni64eYjQdHRpH71oxf1V KKsi1MHRZlri7z52Po6sf3kZqTyd -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:45 2026 by rpki-client