This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lYEpGgsnxd67WIGhCFNcCGNtJrI.roa File: lYEpGgsnxd67WIGhCFNcCGNtJrI.roa (raw, json) Hash identifier: MpkGgEsAt866nmiNdYNmI1SLRC2oGxvNKuEAfjm0gEs= Subject key identifier: 95:81:29:1A:0B:27:C5:DE:BB:58:81:A1:08:53:5C:08:63:6D:26:B2 Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Certificate serial: 019B7F8532695E31C03217AB2349ABBE9B56 Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lYEpGgsnxd67WIGhCFNcCGNtJrI.roa Signing time: Fri 02 Jan 2026 16:23:14 +0000 ROA not before: Fri 02 Jan 2026 16:23:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7018 IP address blocks: 5.182.28.0/22 maxlen: 22 45.67.117.0/24 maxlen: 24 45.150.168.0/22 maxlen: 22 45.151.196.0/22 maxlen: 22 89.40.161.0/24 maxlen: 24 91.242.70.0/24 maxlen: 24 91.242.71.0/24 maxlen: 24 91.242.72.0/23 maxlen: 24 91.242.73.0/24 maxlen: 24 91.242.123.0/24 maxlen: 24 91.242.124.0/24 maxlen: 24 91.242.126.0/24 maxlen: 24 91.242.127.0/24 maxlen: 24 185.40.105.0/24 maxlen: 24 185.180.145.0/24 maxlen: 24 193.31.104.0/22 maxlen: 22 195.138.103.0/24 maxlen: 24 195.138.109.0/24 maxlen: 24 195.138.110.0/24 maxlen: 24 195.138.111.0/24 maxlen: 24 195.138.113.0/24 maxlen: 24 195.138.115.0/24 maxlen: 24 195.138.120.0/24 maxlen: 24 195.138.124.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:32:69:5e:31:c0:32:17:ab:23:49:ab:be:9b:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8 Validity Not Before: Jan 2 16:23:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9581291a0b27c5debb5881a108535c08636d26b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:17:bf:4b:13:25:55:b7:a2:21:12:48:50:18: ee:8f:62:5d:fb:a8:84:50:39:4c:5d:af:50:18:20: 6c:69:e7:7a:33:da:c6:41:f9:9c:87:df:8e:88:b5: 0b:65:f5:ca:45:dd:6d:dd:44:1d:91:b8:61:5b:e0: 30:e4:40:4e:d8:d3:3e:6b:ad:dc:e4:56:a8:95:87: 35:7d:9c:eb:c7:30:2a:bb:d0:1c:80:67:00:ef:12: 85:0a:cb:8c:09:5b:88:c1:77:c6:46:fa:4d:c6:c9: 7e:dc:64:f9:05:66:f1:ee:a2:f6:b8:fe:26:d8:9a: aa:23:7c:ab:af:54:89:0e:d5:7b:59:22:fc:69:e6: 44:35:4d:e4:56:91:62:9a:d5:7f:c0:fb:22:8c:84: cf:5e:61:89:81:3e:b4:8c:c0:63:00:34:1f:ce:8d: bd:b4:21:6e:d3:90:19:1d:21:84:b5:e6:74:7f:e8: 23:94:58:d3:46:09:00:da:fe:f9:16:e3:9f:8e:48: 2b:13:80:e5:56:e7:a6:0a:11:90:27:9c:45:8f:31: f9:a6:68:ac:31:17:bd:57:2e:41:8a:57:e1:52:8b: 36:7d:2a:fd:ee:2f:17:5f:41:0e:df:01:6f:a7:e6: 06:bf:de:93:a9:5d:ff:b6:af:6e:73:ea:13:a5:23: a8:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:81:29:1A:0B:27:C5:DE:BB:58:81:A1:08:53:5C:08:63:6D:26:B2 X509v3 Authority Key Identifier: keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lYEpGgsnxd67WIGhCFNcCGNtJrI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.28.0/22 45.67.117.0/24 45.150.168.0/22 45.151.196.0/22 89.40.161.0/24 91.242.70.0-91.242.73.255 91.242.123.0-91.242.124.255 91.242.126.0/23 185.40.105.0/24 185.180.145.0/24 193.31.104.0/22 195.138.103.0/24 195.138.109.0-195.138.111.255 195.138.113.0/24 195.138.115.0/24 195.138.120.0/24 195.138.124.0/22 Signature Algorithm: sha256WithRSAEncryption 31:09:dc:89:5f:b8:86:af:4f:6f:29:1d:4f:ad:52:56:4f:e8: 95:8f:1c:82:0f:d7:fa:c7:6e:35:0b:c1:5c:38:e5:c9:d8:0b: ee:99:4e:86:c5:e9:3c:46:18:10:49:90:6c:49:06:a5:96:67: d3:36:c7:c9:37:06:b4:3a:e9:57:66:d8:66:bd:42:90:50:e1: 27:b4:3c:b5:76:b7:6f:78:58:be:09:d5:58:3c:c2:62:6b:b1: 50:dd:9e:15:c4:ad:b3:aa:10:27:1b:49:3d:ab:3f:8b:53:99: e3:42:2b:5e:db:9d:89:d7:52:91:6c:2c:3c:46:ba:8f:c7:82: 09:6d:e4:59:c6:38:2d:f3:42:44:fa:2a:e8:42:a2:3e:0e:63: 8d:14:53:1e:f8:43:27:da:df:cb:69:e9:41:0d:6e:25:ae:7e: f6:51:ee:8e:e1:98:2f:a8:68:34:50:e3:60:36:17:b9:ae:80: 18:c1:77:fa:50:8f:b2:24:2e:0e:43:f6:e6:3a:4e:61:b9:5d: 56:39:af:e0:65:eb:16:0d:0a:0d:10:4b:3a:03:b6:36:b9:0a: 65:b2:02:6e:d5:2c:fc:23:8f:92:8e:72:a4:a6:eb:a4:11:27: ba:ef:93:1d:53:8f:cd:f2:b5:f9:69:15:26:d9:de:cc:59:61: f0:58:4e:04 -----BEGIN CERTIFICATE----- MIIFeTCCBGGgAwIBAgISAZt/hTJpXjHAMherI0mrvptWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3 MWE5YTgwHhcNMjYwMTAyMTYyMzE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTgxMjkxYTBiMjdjNWRlYmI1ODgxYTEwODUzNWMwODYzNmQyNmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Be/SxMlVbeiIRJIUBjuj2Jd+6iE UDlMXa9QGCBsaed6M9rGQfmch9+OiLULZfXKRd1t3UQdkbhhW+Aw5EBO2NM+a63c 5FaolYc1fZzrxzAqu9AcgGcA7xKFCsuMCVuIwXfGRvpNxsl+3GT5BWbx7qL2uP4m 2JqqI3yrr1SJDtV7WSL8aeZENU3kVpFimtV/wPsijITPXmGJgT60jMBjADQfzo29 tCFu05AZHSGEteZ0f+gjlFjTRgkA2v75FuOfjkgrE4DlVuemChGQJ5xFjzH5pmis MRe9Vy5BilfhUos2fSr97i8XX0EO3wFvp+YGv96TqV3/tq9uc+oTpSOo4wIDAQAB o4IChTCCAoEwHQYDVR0OBBYEFJWBKRoLJ8Xeu1iBoQhTXAhjbSayMB8GA1UdIwQY MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt M2FjOWU1NmMzMDg5LzEvbFlFcEdnc254ZDY3V0lHaENGTmNDR050SnJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5 LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgW2 HAMEAC1DdQMEAi2WqAMEAi2XxAMEAFkooTAMAwQBW/JGAwQBW/JIMAwDBABb8nsD BABb8nwDBAFb8n4DBAC5KGkDBAC5tJEDBALBH2gDBADDimcwDAMEAMOKbQMEBMOK YAMEAMOKcQMEAMOKcwMEAMOKeAMEAsOKfDANBgkqhkiG9w0BAQsFAAOCAQEAMQnc iV+4hq9PbykdT61SVk/olY8cgg/X+sduNQvBXDjlydgL7plOhsXpPEYYEEmQbEkG pZZn0zbHyTcGtDrpV2bYZr1CkFDhJ7Q8tXa3b3hYvgnVWDzCYmuxUN2eFcSts6oQ JxtJPas/i1OZ40IrXtudiddSkWwsPEa6j8eCCW3kWcY4LfNCRPoq6EKiPg5jjRRT HvhDJ9rfy2npQQ1uJa5+9lHujuGYL6hoNFDjYDYXua6AGMF3+lCPsiQuDkP25jpO YbldVjmv4GXrFg0KDRBLOgO2NrkKZbICbtUs/COPko5ypKbrpBEnuu+THVOPzfK1 +WkVJtnezFlh8FhOBA== -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:33 2026 by rpki-client