This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/r1BhnEtrGRHSnduVeLfXI1g7D8E.roa File: r1BhnEtrGRHSnduVeLfXI1g7D8E.roa (raw, json) Hash identifier: rXhnnWAjarg7mZ42xlNMXXH5o5Am7aLxQUdcs4vzEJg= Subject key identifier: AF:50:61:9C:4B:6B:19:11:D2:9D:DB:95:78:B7:D7:23:58:3B:0F:C1 Certificate issuer: /CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd Certificate serial: 019B7BA337B73EC1CF0477DD5616A92E103C Authority key identifier: A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/r1BhnEtrGRHSnduVeLfXI1g7D8E.roa Signing time: Thu 01 Jan 2026 22:17:32 +0000 ROA not before: Thu 01 Jan 2026 22:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202087 IP address blocks: 45.89.212.0/22 maxlen: 22 45.94.8.0/22 maxlen: 24 45.94.10.0/24 maxlen: 24 94.26.93.0/24 maxlen: 24 94.26.95.0/24 maxlen: 24 94.26.97.0/24 maxlen: 24 94.26.98.0/23 maxlen: 23 94.26.101.0/24 maxlen: 24 94.26.103.0/24 maxlen: 24 94.26.109.0/24 maxlen: 24 94.190.196.0/22 maxlen: 22 94.190.196.0/24 maxlen: 24 94.190.197.0/24 maxlen: 24 94.190.198.0/24 maxlen: 24 94.190.199.0/24 maxlen: 24 104.255.128.0/21 maxlen: 21 153.94.56.0/21 maxlen: 21 185.9.212.0/22 maxlen: 22 185.49.216.0/22 maxlen: 22 185.75.80.0/22 maxlen: 22 185.83.148.0/23 maxlen: 23 185.83.150.0/23 maxlen: 23 185.94.76.0/23 maxlen: 23 185.94.78.0/23 maxlen: 23 192.190.168.0/22 maxlen: 22 2a03:50c0::/32 maxlen: 32 2a03:50c0:1000::/36 maxlen: 36 2a03:50c0:3300::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.mft rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:37:b7:3e:c1:cf:04:77:dd:56:16:a9:2e:10:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a49c4e0cf5c8dbbb6a67cf1da2f31f4162749fdd Validity Not Before: Jan 1 22:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af50619c4b6b1911d29ddb9578b7d723583b0fc1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:4e:40:a5:86:0f:c2:3c:5e:f6:13:01:9c:ee: 62:06:3a:fc:5a:40:24:51:a6:02:4d:83:14:f1:ef: 80:ad:f4:ad:9e:4f:10:ef:39:aa:3d:df:3b:03:14: a6:ac:02:60:72:13:44:b3:5c:e8:fd:e7:59:fd:5f: a5:79:9d:91:fb:de:0c:d9:81:69:4f:19:01:b0:4b: 96:8c:14:93:d0:a4:a0:89:6f:34:18:88:74:17:1d: bb:10:6b:4d:bd:fa:87:a3:7f:94:4e:f4:e7:14:b3: 8d:12:6c:bf:65:53:08:9b:31:7b:10:26:0c:8e:8e: 34:b9:f3:d0:b8:d6:a0:f9:37:b9:5b:e0:5c:ee:4f: 07:d8:e1:3c:26:7d:2b:5a:f7:de:77:42:1f:9a:7e: 5f:a5:dc:ba:93:5a:08:68:b0:0a:65:e1:37:42:d5: db:b4:34:f0:76:fc:41:50:e1:e9:b4:6b:d0:6e:a9: 74:8d:3b:1d:b8:57:1e:de:d6:fe:7e:c6:e2:59:09: 99:cd:9d:44:03:12:bf:0f:4e:61:f8:fc:46:16:95: d7:c7:71:13:c0:84:4c:35:6b:fb:5e:52:56:81:eb: 88:48:7e:99:ac:81:48:fa:c0:da:10:31:96:6a:0f: e9:51:6b:d6:b6:d6:a2:f8:f5:17:db:43:f2:3e:93: 35:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:50:61:9C:4B:6B:19:11:D2:9D:DB:95:78:B7:D7:23:58:3B:0F:C1 X509v3 Authority Key Identifier: keyid:A4:9C:4E:0C:F5:C8:DB:BB:6A:67:CF:1D:A2:F3:1F:41:62:74:9F:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJxODPXI27tqZ88dovMfQWJ0n90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/r1BhnEtrGRHSnduVeLfXI1g7D8E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9e19c6-defd-455f-90a3-88ed8d7717a4/1/pJxODPXI27tqZ88dovMfQWJ0n90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.89.212.0/22 45.94.8.0/22 94.26.93.0/24 94.26.95.0/24 94.26.97.0-94.26.99.255 94.26.101.0/24 94.26.103.0/24 94.26.109.0/24 94.190.196.0/22 104.255.128.0/21 153.94.56.0/21 185.9.212.0/22 185.49.216.0/22 185.75.80.0/22 185.83.148.0/22 185.94.76.0/22 192.190.168.0/22 IPv6: 2a03:50c0::/32 Signature Algorithm: sha256WithRSAEncryption 28:63:9b:bc:e2:e1:97:f2:31:3e:65:df:5e:d2:f6:d6:49:e4: 22:d8:3a:35:a8:b7:b3:fb:6a:27:5c:9e:93:74:a1:2a:1b:4b: 6a:f7:d6:6b:80:8b:2e:fa:64:68:fc:b3:4f:02:a0:fc:f4:69: 6b:00:f3:fc:d8:64:e0:61:2c:2e:d8:9b:28:d9:6e:93:aa:b8: 2a:2e:eb:bc:a2:d6:7a:3c:9c:4a:68:10:a4:d9:a9:ee:19:69: 61:53:21:3a:5f:70:6f:b8:8d:32:0d:33:8a:4c:a9:a5:fc:8f: ba:eb:f0:da:d5:64:e9:8a:7a:af:f7:c8:11:37:b6:23:d5:f6: 01:9c:36:e0:6b:7c:ee:89:aa:45:82:e7:e3:b8:ae:e3:4c:be: ff:1e:e6:07:9b:ef:65:7f:d6:38:b2:6d:48:19:8b:9a:27:36: b4:81:d0:3b:e1:68:27:50:4f:be:6c:9d:64:8f:2c:89:cd:62: d7:37:ac:c1:47:be:60:8d:74:69:f1:9b:cb:41:02:87:91:23: d1:b8:a2:37:b0:1d:b2:79:d8:61:7e:74:01:73:3d:02:b2:40: 16:8d:68:04:93:54:a3:6f:89:32:f0:3c:b9:75:9a:62:e9:f4: 35:68:1a:17:9e:5a:eb:75:58:cb:f3:16:b8:27:32:e5:8b:a6: b3:0d:e5:82 -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgISAZt7oze3PsHPBHfdVhapLhA8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0OWM0ZTBjZjVjOGRiYmI2YTY3Y2YxZGEyZjMxZjQxNjI3 NDlmZGQwHhcNMjYwMTAxMjIxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjUwNjE5YzRiNmIxOTExZDI5ZGRiOTU3OGI3ZDcyMzU4M2IwZmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7E5ApYYPwjxe9hMBnO5iBjr8WkAk UaYCTYMU8e+ArfStnk8Q7zmqPd87AxSmrAJgchNEs1zo/edZ/V+leZ2R+94M2YFp TxkBsEuWjBST0KSgiW80GIh0Fx27EGtNvfqHo3+UTvTnFLONEmy/ZVMImzF7ECYM jo40ufPQuNag+Te5W+Bc7k8H2OE8Jn0rWvfed0Ifmn5fpdy6k1oIaLAKZeE3QtXb tDTwdvxBUOHptGvQbql0jTsduFce3tb+fsbiWQmZzZ1EAxK/D05h+PxGFpXXx3ET wIRMNWv7XlJWgeuISH6ZrIFI+sDaEDGWag/pUWvWttai+PUX20PyPpM1EQIDAQAB o4ICgzCCAn8wHQYDVR0OBBYEFK9QYZxLaxkR0p3blXi31yNYOw/BMB8GA1UdIwQY MBaAFKScTgz1yNu7amfPHaLzH0FidJ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMt ODhlZDhkNzcxN2E0LzEvcjFCaG5FdHJHUkhTbmR1VmVMZlhJMWc3RDhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85ZTE5YzYtZGVmZC00NTVmLTkwYTMtODhlZDhkNzcxN2E0 LzEvcEp4T0RQWEkyN3RxWjg4ZG92TWZRV0owbjkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQCLVnU AwQCLV4IAwQAXhpdAwQAXhpfMAwDBABeGmEDBAJeGmADBABeGmUDBABeGmcDBABe Gm0DBAJevsQDBANo/4ADBAOZXjgDBAK5CdQDBAK5MdgDBAK5S1ADBAK5U5QDBAK5 XkwDBALAvqgwDQQCAAIwBwMFACoDUMAwDQYJKoZIhvcNAQELBQADggEBAChjm7zi 4ZfyMT5l317S9tZJ5CLYOjWot7P7aidcnpN0oSobS2r31muAiy76ZGj8s08CoPz0 aWsA8/zYZOBhLC7YmyjZbpOquCou67yi1no8nEpoEKTZqe4ZaWFTITpfcG+4jTIN M4pMqaX8j7rr8NrVZOmKeq/3yBE3tiPV9gGcNuBrfO6JqkWC5+O4ruNMvv8e5geb 72V/1jiybUgZi5onNrSB0DvhaCdQT75snWSPLInNYtc3rMFHvmCNdGnxm8tBAoeR I9G4ojewHbJ52GF+dAFzPQKyQBaNaASTVKNviTLwPLl1mmLp9DVoGheeWut1WMvz FrgnMuWLprMN5YI= -----END CERTIFICATE-----Generated at Tue Jan 20 04:47:59 2026 by rpki-client