This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CQ537MjckosfmUDeXDWvd9Tm5kQ.roa File: CQ537MjckosfmUDeXDWvd9Tm5kQ.roa (raw, json) Hash identifier: 1l9N2xgY9E1o/YJJiaWx5nILAY8epWzKGqG3KID98MM= Subject key identifier: 09:0E:77:EC:C8:DC:92:8B:1F:99:40:DE:5C:35:AF:77:D4:E6:E6:44 Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B7B35F2C6ECE8A29F311B01ED97C575ED Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CQ537MjckosfmUDeXDWvd9Tm5kQ.roa Signing time: Thu 01 Jan 2026 20:18:11 +0000 ROA not before: Thu 01 Jan 2026 20:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12722 IP address blocks: 2.59.48.0/24 maxlen: 24 31.222.240.0/24 maxlen: 24 31.222.243.0/24 maxlen: 24 31.222.250.0/24 maxlen: 24 37.221.80.0/24 maxlen: 24 45.11.22.0/24 maxlen: 24 45.14.220.0/24 maxlen: 24 45.14.221.0/24 maxlen: 24 45.80.120.0/22 maxlen: 22 45.89.68.0/24 maxlen: 24 45.89.71.0/24 maxlen: 24 91.188.220.0/24 maxlen: 24 94.158.188.0/24 maxlen: 24 176.56.35.0/24 maxlen: 24 176.56.36.0/24 maxlen: 24 176.124.34.0/24 maxlen: 24 185.202.106.0/24 maxlen: 24 185.212.112.0/24 maxlen: 24 185.234.8.0/24 maxlen: 24 188.95.71.0/24 maxlen: 24 193.3.18.0/24 maxlen: 24 193.201.114.0/24 maxlen: 24 194.32.240.0/24 maxlen: 24 195.18.26.0/24 maxlen: 24 195.69.148.0/24 maxlen: 24 195.69.150.0/24 maxlen: 24 195.225.96.0/24 maxlen: 24 213.109.206.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:f2:c6:ec:e8:a2:9f:31:1b:01:ed:97:c5:75:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Jan 1 20:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=090e77ecc8dc928b1f9940de5c35af77d4e6e644 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:aa:14:b7:fa:c7:f4:03:dc:01:b1:c3:4f:b7: fd:06:e3:64:2c:f6:6a:01:05:da:8e:47:25:73:21: 5d:b0:3f:0c:3c:e0:6c:e2:09:2a:73:c7:f5:4f:35: 85:9d:34:ca:7d:bc:49:1c:cc:10:48:ca:ee:37:cc: a4:c4:e1:6a:85:fa:c6:fd:1f:c4:19:79:fe:9c:a0: 8e:97:90:67:81:65:3e:fc:9f:0e:07:1c:d6:ac:ca: c1:b3:e4:a5:77:a6:57:6f:47:62:d8:16:ea:e7:db: a1:2e:f6:ac:7c:9f:73:83:09:c3:3b:0a:26:24:15: 6d:f4:3a:c6:ce:7f:95:79:c8:e8:2b:72:ad:d8:87: fc:df:8f:9d:db:f2:3d:f7:f0:41:e0:ed:09:a1:de: 9a:e9:59:69:65:74:4c:93:26:a8:1b:c7:ac:14:7a: e4:9e:e2:f4:8c:11:6f:07:a7:20:af:5d:d2:22:39: 0b:47:a5:14:3c:05:5c:9f:7b:2e:ad:d7:46:94:59: 22:57:f7:9b:af:a0:b7:a6:9c:9a:a3:2a:71:98:d6: c7:16:8b:20:1a:89:45:43:38:99:da:08:a4:b5:55: 3b:b3:6d:0f:12:67:48:f6:a4:ae:45:88:1d:74:52: c3:7b:de:9f:95:8a:9a:24:89:4e:7b:d8:ac:82:06: 06:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:0E:77:EC:C8:DC:92:8B:1F:99:40:DE:5C:35:AF:77:D4:E6:E6:44 X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/CQ537MjckosfmUDeXDWvd9Tm5kQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.48.0/24 31.222.240.0/24 31.222.243.0/24 31.222.250.0/24 37.221.80.0/24 45.11.22.0/24 45.14.220.0/23 45.80.120.0/22 45.89.68.0/24 45.89.71.0/24 91.188.220.0/24 94.158.188.0/24 176.56.35.0-176.56.36.255 176.124.34.0/24 185.202.106.0/24 185.212.112.0/24 185.234.8.0/24 188.95.71.0/24 193.3.18.0/24 193.201.114.0/24 194.32.240.0/24 195.18.26.0/24 195.69.148.0/24 195.69.150.0/24 195.225.96.0/24 213.109.206.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:13:2f:30:a8:8b:94:50:20:80:82:a8:92:4f:3d:f0:b6:c1: e9:ab:25:4a:ba:90:5b:c5:34:8e:ce:9b:b4:bb:07:6c:b1:91: 5d:d5:b4:1e:df:10:9f:01:3c:92:04:ca:e3:78:d0:6b:61:f3: 75:af:0d:12:53:b6:1f:b4:af:95:1f:a7:77:8f:86:d8:73:cb: 4c:91:65:51:66:5c:18:4b:67:10:e1:7c:86:61:d0:2a:ee:c2: bf:11:12:9c:33:86:55:6a:53:73:e2:83:a6:7d:d9:56:7f:ab: b7:38:35:29:f0:50:ff:21:16:96:c7:41:d6:c8:09:05:87:3d: ed:dc:c5:1e:2c:76:79:26:9f:e9:6c:78:67:21:ad:5e:00:db: f7:21:07:46:0a:5d:b0:77:3e:a9:45:d7:21:79:e1:72:a1:b3: 67:55:46:91:2d:89:05:6b:c8:ac:5c:41:74:ec:d9:a9:ac:79: 6c:d3:12:89:a9:7f:d9:0a:93:5b:1f:83:c7:d5:8c:5a:d3:ef: 3b:47:af:96:46:5c:ba:51:e2:dc:21:39:73:6b:b5:91:cb:c5: 29:43:10:eb:51:ba:c9:d5:a8:f8:e7:4c:81:7c:d4:ff:28:79: c4:c2:86:53:15:22:25:5a:3e:db:56:65:a5:79:22:d7:a5:be: a9:55:c2:02 -----BEGIN CERTIFICATE----- MIIFoDCCBIigAwIBAgISAZt7NfLG7OiinzEbAe2XxXXtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjYwMTAxMjAxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTBlNzdlY2M4ZGM5MjhiMWY5OTQwZGU1YzM1YWY3N2Q0ZTZlNjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8aoUt/rH9APcAbHDT7f9BuNkLPZq AQXajkclcyFdsD8MPOBs4gkqc8f1TzWFnTTKfbxJHMwQSMruN8ykxOFqhfrG/R/E GXn+nKCOl5BngWU+/J8OBxzWrMrBs+Sld6ZXb0di2Bbq59uhLvasfJ9zgwnDOwom JBVt9DrGzn+VecjoK3Kt2If834+d2/I99/BB4O0Jod6a6VlpZXRMkyaoG8esFHrk nuL0jBFvB6cgr13SIjkLR6UUPAVcn3surddGlFkiV/ebr6C3ppyaoypxmNbHFosg GolFQziZ2giktVU7s20PEmdI9qSuRYgddFLDe96flYqaJIlOe9isggYGywIDAQAB o4ICrDCCAqgwHQYDVR0OBBYEFAkOd+zI3JKLH5lA3lw1r3fU5uZEMB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvQ1E1MzdNamNrb3NmbVVEZVhEV3ZkOVRtNWtRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAt WUQDBAAtWUcDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnKagME ALnUcAMEALnqCAMEALxfRwMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAME AMNFlgMEAMPhYAMEANVtzjANBgkqhkiG9w0BAQsFAAOCAQEAXRMvMKiLlFAggIKo kk898LbB6aslSrqQW8U0js6btLsHbLGRXdW0Ht8QnwE8kgTK43jQa2Hzda8NElO2 H7SvlR+nd4+G2HPLTJFlUWZcGEtnEOF8hmHQKu7CvxESnDOGVWpTc+KDpn3ZVn+r tzg1KfBQ/yEWlsdB1sgJBYc97dzFHix2eSaf6Wx4ZyGtXgDb9yEHRgpdsHc+qUXX IXnhcqGzZ1VGkS2JBWvIrFxBdOzZqax5bNMSial/2QqTWx+Dx9WMWtPvO0evlkZc ulHi3CE5c2u1kcvFKUMQ61G6ydWo+OdMgXzU/yh5xMKGUxUiJVo+21ZlpXki16W+ qVXCAg== -----END CERTIFICATE-----Generated at Thu Jan 15 13:17:54 2026 by rpki-client