This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/8lQlMKflZoFm4farlYZZFEeWPsQ.roa File: 8lQlMKflZoFm4farlYZZFEeWPsQ.roa (raw, json) Hash identifier: XG5m/iFiaF2AqIOJbpW1AzmjmFAUsiXU7OrqAp0+oBM= Subject key identifier: F2:54:25:30:A7:E5:66:81:66:E1:F6:AB:95:86:59:14:47:96:3E:C4 Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B7B361807079FAE4A3739B095EF3B377A Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/8lQlMKflZoFm4farlYZZFEeWPsQ.roa Signing time: Thu 01 Jan 2026 20:18:21 +0000 ROA not before: Thu 01 Jan 2026 20:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212667 IP address blocks: 2.59.48.0/24 maxlen: 24 31.222.240.0/24 maxlen: 24 31.222.243.0/24 maxlen: 24 31.222.250.0/24 maxlen: 24 37.221.80.0/24 maxlen: 24 45.11.22.0/24 maxlen: 24 45.14.221.0/24 maxlen: 24 45.89.68.0/24 maxlen: 24 45.89.71.0/24 maxlen: 24 45.147.168.0/22 maxlen: 22 91.188.220.0/24 maxlen: 24 94.158.188.0/24 maxlen: 24 176.56.35.0/24 maxlen: 24 176.56.36.0/24 maxlen: 24 176.124.34.0/24 maxlen: 24 185.202.106.0/24 maxlen: 24 185.212.112.0/24 maxlen: 24 185.234.8.0/24 maxlen: 24 188.95.71.0/24 maxlen: 24 193.3.18.0/24 maxlen: 24 193.201.114.0/24 maxlen: 24 194.32.240.0/24 maxlen: 24 195.18.26.0/24 maxlen: 24 195.69.148.0/24 maxlen: 24 195.69.150.0/24 maxlen: 24 195.96.150.0/24 maxlen: 24 195.225.96.0/24 maxlen: 24 212.18.100.0/24 maxlen: 24 212.18.122.0/24 maxlen: 24 212.52.4.0/24 maxlen: 24 213.109.206.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:18:07:07:9f:ae:4a:37:39:b0:95:ef:3b:37:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Jan 1 20:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2542530a7e5668166e1f6ab9586591447963ec4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e7:82:a4:df:d7:40:0a:79:31:bd:19:75:c5: 0d:cf:3a:d2:1c:5b:de:3c:e3:b7:6e:e8:fb:53:b3: 00:75:7f:2d:af:28:47:f5:08:45:05:74:f9:74:da: 5c:f7:6c:dd:88:47:2f:74:4d:8f:13:ac:a9:dd:72: f3:51:1c:a1:88:ca:c2:67:f7:01:45:94:c7:1d:9b: f7:73:2f:7a:35:cb:72:a5:1d:49:9a:96:35:cd:8b: 72:90:e5:6e:01:56:1f:9e:05:b4:ce:c1:e0:d5:7e: 2a:0e:6f:70:5c:f8:62:3a:fe:65:86:ee:e1:f0:38: b7:57:7d:eb:ad:27:a3:4c:16:7c:f9:5d:41:16:63: 39:6e:e5:ba:b0:cb:b6:df:9a:ef:05:e3:b8:33:5a: a9:fc:18:04:05:96:4d:00:2f:e0:b2:e2:0b:08:2f: 13:c7:13:cf:35:c2:af:0b:38:7e:2d:48:f0:4a:ca: 88:e1:8a:32:6c:95:2e:25:16:de:72:21:29:77:ca: 30:6d:31:20:01:25:cd:15:19:87:83:00:ec:f9:33: f9:7d:3f:7b:5b:e9:c5:19:a1:c4:51:69:75:b4:dc: cb:80:b7:1b:d9:ad:26:55:2d:07:5d:48:b0:c0:f5: e4:32:fd:07:cc:c5:a4:89:77:8f:65:fd:8a:38:9d: 5e:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:54:25:30:A7:E5:66:81:66:E1:F6:AB:95:86:59:14:47:96:3E:C4 X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/8lQlMKflZoFm4farlYZZFEeWPsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.48.0/24 31.222.240.0/24 31.222.243.0/24 31.222.250.0/24 37.221.80.0/24 45.11.22.0/24 45.14.221.0/24 45.89.68.0/24 45.89.71.0/24 45.147.168.0/22 91.188.220.0/24 94.158.188.0/24 176.56.35.0-176.56.36.255 176.124.34.0/24 185.202.106.0/24 185.212.112.0/24 185.234.8.0/24 188.95.71.0/24 193.3.18.0/24 193.201.114.0/24 194.32.240.0/24 195.18.26.0/24 195.69.148.0/24 195.69.150.0/24 195.96.150.0/24 195.225.96.0/24 212.18.100.0/24 212.18.122.0/24 212.52.4.0/24 213.109.206.0/24 Signature Algorithm: sha256WithRSAEncryption 75:04:3b:86:e2:57:f2:f7:48:93:96:a5:67:f1:54:d5:03:14: 7f:25:2b:c3:54:b1:4b:33:44:8f:93:f8:7e:f5:0c:47:84:4a: f1:16:df:b9:9d:ff:7d:7d:b0:81:06:20:0b:e6:61:c6:8a:96: 09:f8:27:30:b2:04:d5:a9:f9:5d:2c:86:af:e8:1a:41:d9:8b: 4b:13:a5:c5:d0:5f:70:d7:76:7e:8d:1b:c4:64:de:84:33:6a: 5f:e0:87:fc:0b:f9:3c:50:04:84:1d:d2:26:f4:77:1b:51:34: a5:c2:0d:13:98:e4:76:93:22:e0:70:e6:3f:f9:24:8e:a1:67: ae:40:ea:07:4b:21:ae:80:a6:10:07:ac:76:d7:48:61:9a:ba: 47:33:71:7d:82:dc:f7:69:33:44:fb:f7:88:15:1f:ec:26:81: be:f5:60:a1:7b:35:5c:2b:aa:7c:9d:0d:3b:5a:91:04:eb:d8: 98:d6:d8:fb:91:14:63:35:9c:92:d4:0c:af:0e:00:5c:2a:39: ce:9c:94:c0:2d:67:a1:c1:bb:54:b8:bc:6a:be:4a:30:25:b8: 8e:51:ee:92:b6:b0:27:7c:02:cf:e6:15:e0:a4:0b:d6:5e:74: dd:d0:8e:8f:f1:67:fc:0c:cb:da:7c:48:b2:94:cc:96:46:a3: 04:b8:c8:5c -----BEGIN CERTIFICATE----- MIIFuDCCBKCgAwIBAgISAZt7NhgHB5+uSjc5sJXvOzd6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjYwMTAxMjAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjU0MjUzMGE3ZTU2NjgxNjZlMWY2YWI5NTg2NTkxNDQ3OTYzZWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+eCpN/XQAp5Mb0ZdcUNzzrSHFve POO3buj7U7MAdX8tryhH9QhFBXT5dNpc92zdiEcvdE2PE6yp3XLzURyhiMrCZ/cB RZTHHZv3cy96NctypR1JmpY1zYtykOVuAVYfngW0zsHg1X4qDm9wXPhiOv5lhu7h 8Di3V33rrSejTBZ8+V1BFmM5buW6sMu235rvBeO4M1qp/BgEBZZNAC/gsuILCC8T xxPPNcKvCzh+LUjwSsqI4YoybJUuJRbeciEpd8owbTEgASXNFRmHgwDs+TP5fT97 W+nFGaHEUWl1tNzLgLcb2a0mVS0HXUiwwPXkMv0HzMWkiXePZf2KOJ1eKwIDAQAB o4ICxDCCAsAwHQYDVR0OBBYEFPJUJTCn5WaBZuH2q5WGWRRHlj7EMB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvOGxRbE1LZmxab0ZtNGZhcmxZWlpGRWVXUHNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAC OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAt WUcDBAItk6gDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnKagME ALnUcAMEALnqCAMEALxfRwMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAME AMNFlgMEAMNglgMEAMPhYAMEANQSZAMEANQSegMEANQ0BAMEANVtzjANBgkqhkiG 9w0BAQsFAAOCAQEAdQQ7huJX8vdIk5alZ/FU1QMUfyUrw1SxSzNEj5P4fvUMR4RK 8RbfuZ3/fX2wgQYgC+ZhxoqWCfgnMLIE1an5XSyGr+gaQdmLSxOlxdBfcNd2fo0b xGTehDNqX+CH/Av5PFAEhB3SJvR3G1E0pcINE5jkdpMi4HDmP/kkjqFnrkDqB0sh roCmEAesdtdIYZq6RzNxfYLc92kzRPv3iBUf7CaBvvVgoXs1XCuqfJ0NO1qRBOvY mNbY+5EUYzWcktQMrw4AXCo5zpyUwC1nocG7VLi8ar5KMCW4jlHukrawJ3wCz+YV 4KQL1l503dCOj/Fn/AzL2nxIspTMlkajBLjIXA== -----END CERTIFICATE-----Generated at Thu Jan 15 13:18:29 2026 by rpki-client