This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/k4UtRTo4es2u6gj5J8Th7aFb0lI.roa File: k4UtRTo4es2u6gj5J8Th7aFb0lI.roa (raw, json) Hash identifier: IUlZB81NExbN3uxs4qiipWIFE522u3DdVU+kG7Xx+fY= Subject key identifier: 93:85:2D:45:3A:38:7A:CD:AE:EA:08:F9:27:C4:E1:ED:A1:5B:D2:52 Certificate issuer: /CN=6e60883aae491e5fb773a9264019ff4f888d5ca5 Certificate serial: 019B7A5A98684185EB74FC4C137936A66D70 Authority key identifier: 6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/k4UtRTo4es2u6gj5J8Th7aFb0lI.roa Signing time: Thu 01 Jan 2026 16:18:36 +0000 ROA not before: Thu 01 Jan 2026 16:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44143 IP address blocks: 37.19.104.0/21 maxlen: 21 37.19.104.0/22 maxlen: 22 37.19.107.0/24 maxlen: 24 37.19.108.0/23 maxlen: 23 37.19.110.0/24 maxlen: 24 77.243.16.0/20 maxlen: 20 77.243.16.0/21 maxlen: 21 77.243.16.0/24 maxlen: 24 77.243.19.0/24 maxlen: 24 77.243.20.0/22 maxlen: 22 77.243.20.0/23 maxlen: 23 77.243.20.0/24 maxlen: 24 77.243.22.0/24 maxlen: 24 77.243.23.0/24 maxlen: 24 77.243.24.0/22 maxlen: 22 77.243.28.0/22 maxlen: 22 77.243.28.0/24 maxlen: 24 77.243.29.0/24 maxlen: 24 77.243.30.0/24 maxlen: 24 77.243.31.0/24 maxlen: 24 95.86.4.0/22 maxlen: 22 95.86.8.0/22 maxlen: 22 95.86.48.0/21 maxlen: 21 95.86.60.0/22 maxlen: 22 185.37.24.0/22 maxlen: 22 185.37.24.0/24 maxlen: 24 185.37.25.0/24 maxlen: 24 185.37.26.0/24 maxlen: 24 185.37.27.0/24 maxlen: 24 188.120.96.0/20 maxlen: 20 188.120.96.0/21 maxlen: 21 188.120.96.0/24 maxlen: 24 188.120.97.0/24 maxlen: 24 188.120.98.0/24 maxlen: 24 188.120.99.0/24 maxlen: 24 188.120.100.0/24 maxlen: 24 188.120.101.0/24 maxlen: 24 188.120.102.0/24 maxlen: 24 188.120.103.0/24 maxlen: 24 188.120.104.0/21 maxlen: 21 188.120.112.0/21 maxlen: 21 188.120.112.0/22 maxlen: 22 188.120.113.0/24 maxlen: 24 188.120.114.0/24 maxlen: 24 188.120.115.0/24 maxlen: 24 188.120.116.0/22 maxlen: 22 188.120.116.0/24 maxlen: 24 188.120.117.0/24 maxlen: 24 188.120.118.0/24 maxlen: 24 188.120.119.0/24 maxlen: 24 198.143.176.0/21 maxlen: 21 2a00:61c0::/29 maxlen: 29 2a00:61c0::/32 maxlen: 32 2a00:61c1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.mft rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:98:68:41:85:eb:74:fc:4c:13:79:36:a6:6d:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e60883aae491e5fb773a9264019ff4f888d5ca5 Validity Not Before: Jan 1 16:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=93852d453a387acdaeea08f927c4e1eda15bd252 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e3:86:3e:34:ae:39:e0:1a:86:33:db:90:75: 78:b5:85:97:23:38:cf:92:1d:f7:d3:b1:d4:7d:19: d3:4c:63:ce:74:7d:c8:70:a5:e3:06:83:77:38:29: 81:1f:69:e8:56:f6:f8:32:1e:14:9e:11:92:ee:ab: 34:a9:5c:40:d5:24:3c:60:cc:17:dd:28:35:c4:c2: 9d:33:63:2b:e6:3a:c5:f1:ef:99:2c:7f:da:cc:62: 50:8b:29:cd:87:e0:52:0c:41:3e:fd:94:f2:d7:54: 4e:36:b2:b8:85:13:82:cb:38:90:96:a3:53:33:c8: 8a:d8:f8:22:ba:63:64:0b:78:3c:25:05:8f:72:31: 8c:97:31:02:ee:c5:32:45:15:51:1d:03:0c:5e:cd: 95:ce:20:e9:db:3f:c3:87:f3:28:ce:98:c4:ab:a4: 42:ef:97:65:1f:12:22:c6:d8:e1:86:1f:28:96:a7: 19:d0:f4:df:be:35:5b:cf:d3:a1:71:ea:1d:4b:01: 9b:2b:7b:27:87:f3:89:02:8f:83:53:79:71:8e:a2: 39:c1:9c:7e:b3:14:e1:c8:be:b9:50:9a:c1:81:9d: 06:f0:51:ec:26:79:a3:87:f7:dd:e6:be:08:53:e1: 46:77:fc:46:8c:a8:e0:3b:1f:43:66:66:ba:c1:cf: 8f:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:85:2D:45:3A:38:7A:CD:AE:EA:08:F9:27:C4:E1:ED:A1:5B:D2:52 X509v3 Authority Key Identifier: keyid:6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/k4UtRTo4es2u6gj5J8Th7aFb0lI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.19.104.0/21 77.243.16.0/20 95.86.4.0-95.86.11.255 95.86.48.0/21 95.86.60.0/22 185.37.24.0/22 188.120.96.0-188.120.119.255 198.143.176.0/21 IPv6: 2a00:61c0::/29 Signature Algorithm: sha256WithRSAEncryption 62:e8:7d:3b:71:4f:98:ae:11:6c:f0:6a:7b:99:d0:49:63:86: 60:35:b0:f5:33:2f:71:70:be:1a:2d:f5:7b:0f:e0:19:7c:04: 22:b5:a3:d0:8e:8e:cb:11:69:27:ea:f5:68:1f:16:de:8f:0b: 9a:2e:af:48:00:31:9e:c4:07:a9:00:d9:3f:1c:50:be:ea:f8: 22:ab:14:92:3c:fe:ac:09:3b:7c:db:af:c9:11:9e:f2:ec:a2: b1:12:c3:7d:3b:b8:b8:94:84:34:f3:88:9d:b6:88:49:c6:d6: 10:2a:2a:45:8f:23:1c:0a:ab:16:5b:be:96:44:f3:b8:ab:15: 43:ca:ed:7a:f9:40:3e:e5:e7:a1:6e:2a:35:92:22:62:3e:0c: 1e:50:45:4d:46:81:24:cf:08:e3:3a:65:42:2c:4d:13:2f:5a: 3f:96:b0:33:08:3e:08:61:e7:31:70:7c:77:de:4b:b7:d8:76: 56:ea:d7:14:49:82:6f:a0:69:7e:34:8a:3d:7c:67:d2:81:4a: 71:6d:31:55:8a:b9:35:ca:cb:84:78:59:de:15:7a:b0:0a:98: 24:cf:2f:db:ed:4a:7a:62:fd:35:95:c4:f9:79:e3:b8:1c:a1: 4e:44:4e:29:00:21:4f:48:f5:cf:c0:97:71:91:b9:48:91:97: b1:fe:f7:78 -----BEGIN CERTIFICATE----- MIIFRjCCBC6gAwIBAgISAZt6WphoQYXrdPxME3k2pm1wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlNjA4ODNhYWU0OTFlNWZiNzczYTkyNjQwMTlmZjRmODg4 ZDVjYTUwHhcNMjYwMTAxMTYxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Mzg1MmQ0NTNhMzg3YWNkYWVlYTA4ZjkyN2M0ZTFlZGExNWJkMjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOOGPjSuOeAahjPbkHV4tYWXIzjP kh3307HUfRnTTGPOdH3IcKXjBoN3OCmBH2noVvb4Mh4UnhGS7qs0qVxA1SQ8YMwX 3Sg1xMKdM2Mr5jrF8e+ZLH/azGJQiynNh+BSDEE+/ZTy11RONrK4hROCyziQlqNT M8iK2PgiumNkC3g8JQWPcjGMlzEC7sUyRRVRHQMMXs2VziDp2z/Dh/MozpjEq6RC 75dlHxIixtjhhh8olqcZ0PTfvjVbz9OhceodSwGbK3snh/OJAo+DU3lxjqI5wZx+ sxThyL65UJrBgZ0G8FHsJnmjh/fd5r4IU+FGd/xGjKjgOx9DZma6wc+PnQIDAQAB o4ICUjCCAk4wHQYDVR0OBBYEFJOFLUU6OHrNruoI+SfE4e2hW9JSMB8GA1UdIwQY MBaAFG5giDquSR5ft3OpJkAZ/0+IjVylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAt YjU2MDJkM2RhOGE2LzEvazRVdFJUbzRlczJ1NmdqNUo4VGg3YUZiMGxJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAtYjU2MDJkM2RhOGE2 LzEvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQDJRNoAwQE TfMQMAwDBAJfVgQDBAJfVggDBANfVjADBAJfVjwDBAK5JRgwDAMEBbx4YAMEA7x4 cAMEA8aPsDANBAIAAjAHAwUDKgBhwDANBgkqhkiG9w0BAQsFAAOCAQEAYuh9O3FP mK4RbPBqe5nQSWOGYDWw9TMvcXC+Gi31ew/gGXwEIrWj0I6OyxFpJ+r1aB8W3o8L mi6vSAAxnsQHqQDZPxxQvur4IqsUkjz+rAk7fNuvyRGe8uyisRLDfTu4uJSENPOI nbaIScbWECoqRY8jHAqrFlu+lkTzuKsVQ8rtevlAPuXnoW4qNZIiYj4MHlBFTUaB JM8I4zplQixNEy9aP5awMwg+CGHnMXB8d95Lt9h2VurXFEmCb6BpfjSKPXxn0oFK cW0xVYq5NcrLhHhZ3hV6sAqYJM8v2+1KemL9NZXE+XnjuByhTkROKQAhT0j1z8CX cZG5SJGXsf73eA== -----END CERTIFICATE-----Generated at Tue Feb 10 00:02:15 2026 by rpki-client