This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/MzTCg6RlvrZqr-ataKMVV1O3e5c.roa File: MzTCg6RlvrZqr-ataKMVV1O3e5c.roa (raw, json) Hash identifier: xDOMJIkLwjQY+zuYlnyDdnhzWqp89fIYV7R0xToj6hQ= Subject key identifier: 33:34:C2:83:A4:65:BE:B6:6A:AF:E6:AD:68:A3:15:57:53:B7:7B:97 Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c Certificate serial: 019B7BA4088C91595C739B5FB49144B91B8C Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/MzTCg6RlvrZqr-ataKMVV1O3e5c.roa Signing time: Thu 01 Jan 2026 22:18:26 +0000 ROA not before: Thu 01 Jan 2026 22:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35280 IP address blocks: 5.182.212.0/22 maxlen: 24 84.54.60.0/22 maxlen: 24 185.56.152.0/24 maxlen: 24 185.56.154.0/23 maxlen: 24 185.94.140.0/22 maxlen: 22 185.94.140.0/23 maxlen: 24 185.94.140.0/24 maxlen: 24 185.94.141.0/24 maxlen: 24 185.94.142.0/23 maxlen: 24 185.160.8.0/23 maxlen: 24 185.160.9.0/24 maxlen: 24 185.160.10.0/23 maxlen: 24 193.16.213.0/24 maxlen: 24 193.16.221.0/24 maxlen: 24 193.16.236.0/24 maxlen: 24 2a02:53a0::/32 maxlen: 32 2a05:f440::/29 maxlen: 48 2a07:b7c0::/29 maxlen: 29 2a09:4b00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 22:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:08:8c:91:59:5c:73:9b:5f:b4:91:44:b9:1b:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c Validity Not Before: Jan 1 22:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3334c283a465beb66aafe6ad68a3155753b77b97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ce:c7:9f:18:b0:d3:a7:6d:15:d2:b5:32:c2: ad:88:de:ef:51:b4:11:bf:46:a1:be:53:f5:9b:01: 35:f0:7d:3f:cf:b5:6f:42:da:96:56:f8:23:54:16: 0d:2e:a8:a6:e3:53:fc:47:de:98:40:b3:6d:f7:44: ca:84:b4:2a:28:f3:d0:fa:47:a0:66:80:2c:6f:30: 9b:7e:96:3a:0f:16:50:3e:d4:b1:3a:6c:cf:6b:32: cd:4c:90:25:51:2c:e3:c6:f8:a0:e3:f9:ce:81:bf: 0a:70:bb:aa:ec:10:1d:b7:e1:3d:ac:82:82:a9:07: bb:bb:af:57:2b:a0:61:6e:df:f1:22:7f:8d:fc:94: 88:e1:43:fc:6f:b0:76:c7:7f:93:a3:39:46:b8:a2: 8f:f3:43:b5:68:9e:9f:e0:65:63:08:e6:4e:8a:0f: d0:0d:cf:23:91:74:35:91:cf:2e:84:ff:fb:6c:41: 97:b8:d3:6a:08:3b:3a:25:b6:61:9d:15:c8:77:47: 1e:59:c4:cf:0a:90:35:c5:d7:cd:17:09:f3:3c:b4: dc:2d:a2:7a:6b:c2:12:23:f0:8e:93:df:0c:51:a0: f9:5c:d8:52:b3:a0:8e:4d:26:ee:8e:61:e8:85:af: 90:82:4d:81:60:d5:00:1c:6b:d5:93:60:15:1f:21: f4:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:34:C2:83:A4:65:BE:B6:6A:AF:E6:AD:68:A3:15:57:53:B7:7B:97 X509v3 Authority Key Identifier: keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/MzTCg6RlvrZqr-ataKMVV1O3e5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.212.0/22 84.54.60.0/22 185.56.152.0/24 185.56.154.0/23 185.94.140.0/22 185.160.8.0/22 193.16.213.0/24 193.16.221.0/24 193.16.236.0/24 IPv6: 2a02:53a0::/32 2a05:f440::/29 2a07:b7c0::/29 2a09:4b00::/32 Signature Algorithm: sha256WithRSAEncryption 34:19:4d:ae:c6:1d:82:c1:f8:30:81:e3:f2:49:c9:cb:29:67: 1a:db:43:e0:e5:97:b4:c6:72:b0:ec:00:8d:80:40:2e:05:df: 5f:66:88:f9:bc:22:7d:57:8d:c4:8d:f1:e4:50:33:20:2d:bb: 6a:cc:1c:c1:2d:03:6b:d5:de:27:f1:4e:14:15:e6:cf:29:1e: a7:bb:7a:a0:17:2b:3e:80:3b:31:38:e0:76:6c:37:d6:a9:0f: 96:ec:61:04:56:0e:00:3d:47:7b:29:25:a2:0a:7c:63:51:52: 98:f9:85:48:f0:23:92:de:fd:f2:e8:a2:61:03:0b:b5:50:48: 17:2c:1f:59:52:a8:32:ef:f1:95:1d:e6:aa:3f:82:f5:26:15: e8:50:1a:04:68:21:b7:3d:d2:88:b9:69:83:e2:ab:9f:28:19: b0:74:a3:74:c6:3d:b1:cf:2e:4c:58:20:44:53:9b:95:bd:4c: 3c:d6:d3:1a:f9:a6:30:d1:43:a9:35:ed:04:d2:61:72:53:46: 58:e6:a4:89:0a:46:5c:88:b0:40:e5:87:f6:57:9b:ec:f5:19: 2d:5f:f2:f7:f5:68:66:e6:cd:83:4a:12:7a:c4:f4:2a:8c:99: 5b:3e:e8:b0:00:60:86:bf:2b:fc:dc:0f:b3:21:2e:f6:2c:9d: 2c:2f:f9:5e -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgISAZt7pAiMkVlcc5tftJFEuRuMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm ZTM3M2MwHhcNMjYwMTAxMjIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzM0YzI4M2E0NjViZWI2NmFhZmU2YWQ2OGEzMTU1NzUzYjc3Yjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM7Hnxiw06dtFdK1MsKtiN7vUbQR v0ahvlP1mwE18H0/z7VvQtqWVvgjVBYNLqim41P8R96YQLNt90TKhLQqKPPQ+keg ZoAsbzCbfpY6DxZQPtSxOmzPazLNTJAlUSzjxvig4/nOgb8KcLuq7BAdt+E9rIKC qQe7u69XK6Bhbt/xIn+N/JSI4UP8b7B2x3+TozlGuKKP80O1aJ6f4GVjCOZOig/Q Dc8jkXQ1kc8uhP/7bEGXuNNqCDs6JbZhnRXId0ceWcTPCpA1xdfNFwnzPLTcLaJ6 a8ISI/COk98MUaD5XNhSs6COTSbujmHoha+Qgk2BYNUAHGvVk2AVHyH0aQIDAQAB o4ICXTCCAlkwHQYDVR0OBBYEFDM0woOkZb62aq/mrWijFVdTt3uXMB8GA1UdIwQY MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt NjljNjhlMmVmMjdkLzEvTXpUQ2c2Umx2clpxci1hdGFLTVZWMU8zZTVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjA8BAIAATA2AwQCBbbUAwQC VDY8AwQAuTiYAwQBuTiaAwQCuV6MAwQCuaAIAwQAwRDVAwQAwRDdAwQAwRDsMCIE AgACMBwDBQAqAlOgAwUDKgX0QAMFAyoHt8ADBQAqCUsAMA0GCSqGSIb3DQEBCwUA A4IBAQA0GU2uxh2CwfgwgePyScnLKWca20Pg5Ze0xnKw7ACNgEAuBd9fZoj5vCJ9 V43EjfHkUDMgLbtqzBzBLQNr1d4n8U4UFebPKR6nu3qgFys+gDsxOOB2bDfWqQ+W 7GEEVg4APUd7KSWiCnxjUVKY+YVI8COS3v3y6KJhAwu1UEgXLB9ZUqgy7/GVHeaq P4L1JhXoUBoEaCG3PdKIuWmD4qufKBmwdKN0xj2xzy5MWCBEU5uVvUw81tMa+aYw 0UOpNe0E0mFyU0ZY5qSJCkZciLBA5Yf2V5vs9RktX/L39Whm5s2DShJ6xPQqjJlb PuiwAGCGvyv83A+zIS72LJ0sL/le -----END CERTIFICATE-----Generated at Tue Jan 20 08:02:13 2026 by rpki-client