This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/XdcWPBpFOD8oe1lke-ybjvwOpLQ.roa File: XdcWPBpFOD8oe1lke-ybjvwOpLQ.roa (raw, json) Hash identifier: ce/ZSdPcqQpQ4tHUAOaeLNKJ+5AQGYwh/bF6ABa8NYM= Subject key identifier: 5D:D7:16:3C:1A:45:38:3F:28:7B:59:64:7B:EC:9B:8E:FC:0E:A4:B4 Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B4C90166EC96A689138DA0C5564850AC5 Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/XdcWPBpFOD8oe1lke-ybjvwOpLQ.roa Signing time: Tue 23 Dec 2025 18:54:29 +0000 ROA not before: Tue 23 Dec 2025 18:54:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48031 IP address blocks: 31.216.57.0/24 maxlen: 24 31.216.63.0/24 maxlen: 24 62.192.137.0/24 maxlen: 24 62.192.138.0/24 maxlen: 24 77.87.120.0/24 maxlen: 24 84.246.84.0/24 maxlen: 24 84.246.86.0/24 maxlen: 24 84.246.87.0/24 maxlen: 24 84.246.106.0/24 maxlen: 24 84.246.109.0/24 maxlen: 24 87.236.151.0/24 maxlen: 24 88.151.15.0/24 maxlen: 24 89.107.14.0/24 maxlen: 24 89.107.15.0/24 maxlen: 24 89.248.70.0/24 maxlen: 24 91.190.153.0/24 maxlen: 24 91.220.198.0/24 maxlen: 24 91.246.34.0/24 maxlen: 24 91.246.48.0/24 maxlen: 24 91.246.53.0/24 maxlen: 24 91.246.54.0/24 maxlen: 24 91.247.161.0/24 maxlen: 24 91.247.162.0/24 maxlen: 24 91.247.165.0/24 maxlen: 24 91.247.166.0/24 maxlen: 24 91.247.167.0/24 maxlen: 24 91.247.173.0/24 maxlen: 24 91.247.183.0/24 maxlen: 24 93.157.104.0/24 maxlen: 24 93.157.109.0/24 maxlen: 24 109.94.161.0/24 maxlen: 24 109.94.163.0/24 maxlen: 24 109.107.136.0/24 maxlen: 24 109.107.141.0/24 maxlen: 24 109.107.142.0/24 maxlen: 24 109.107.144.0/24 maxlen: 24 109.107.147.0/24 maxlen: 24 109.107.148.0/24 maxlen: 24 109.205.184.0/24 maxlen: 24 109.205.188.0/24 maxlen: 24 176.97.199.0/24 maxlen: 24 176.97.203.0/24 maxlen: 24 176.97.208.0/24 maxlen: 24 176.97.222.0/24 maxlen: 24 176.97.223.0/24 maxlen: 24 176.116.3.0/24 maxlen: 24 193.160.219.0/24 maxlen: 24 193.163.22.0/24 maxlen: 24 194.26.134.0/24 maxlen: 24 194.26.224.0/24 maxlen: 24 194.26.227.0/24 maxlen: 24 194.105.60.0/24 maxlen: 24 194.107.92.0/24 maxlen: 24 195.88.220.0/24 maxlen: 24 195.96.144.0/24 maxlen: 24 195.96.147.0/24 maxlen: 24 195.96.154.0/24 maxlen: 24 212.18.126.0/24 maxlen: 24 212.52.25.0/24 maxlen: 24 212.52.26.0/24 maxlen: 24 213.217.11.0/24 maxlen: 24 217.198.176.0/24 maxlen: 24 217.198.178.0/24 maxlen: 24 217.198.179.0/24 maxlen: 24 217.198.180.0/24 maxlen: 24 217.198.181.0/24 maxlen: 24 217.198.182.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:90:16:6e:c9:6a:68:91:38:da:0c:55:64:85:0a:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Dec 23 18:54:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5dd7163c1a45383f287b59647bec9b8efc0ea4b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:cc:31:48:38:d2:25:b6:7e:77:ca:b9:eb:5c: 5a:21:d5:37:7f:ad:f1:95:b8:f2:e2:82:b2:f6:c5: d2:6b:db:ad:6c:5b:91:fd:64:1b:a1:5b:fb:f9:89: 05:d0:a5:26:3b:d4:67:21:d9:23:ff:88:6d:c1:7b: 1a:45:01:c4:91:c9:0a:f9:fd:83:7e:82:6f:47:22: 87:11:5b:7d:44:1d:4a:dc:64:ee:db:2f:52:89:d4: 7e:f2:22:30:9c:70:d3:58:20:72:ec:2a:b6:ff:7a: 0c:85:37:b0:e4:95:a9:7b:cd:7c:8f:b5:0f:4b:d3: e5:e0:d5:ae:39:4a:18:74:87:1c:f8:22:0c:48:eb: e2:61:d3:4b:2a:98:07:38:20:50:e6:10:92:79:be: fd:eb:f0:57:d6:ac:94:b7:15:23:4a:f2:9d:3d:e4: 4e:10:b7:21:af:7b:df:eb:e8:cd:39:5a:80:5e:3f: 64:22:24:1f:d3:65:14:f1:bc:b7:53:a2:ef:15:b0: 1a:b7:b3:f7:ad:ac:ba:09:76:63:ae:2d:e2:5d:41: 8e:70:11:53:05:8a:c1:54:07:19:0d:c8:c5:7e:3d: b5:f1:b6:86:2a:03:65:94:13:fa:84:97:95:d1:2c: 39:4a:2f:d8:cd:b5:0e:ff:68:5b:46:48:22:8b:c1: c6:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:D7:16:3C:1A:45:38:3F:28:7B:59:64:7B:EC:9B:8E:FC:0E:A4:B4 X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/XdcWPBpFOD8oe1lke-ybjvwOpLQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.216.57.0/24 31.216.63.0/24 62.192.137.0-62.192.138.255 77.87.120.0/24 84.246.84.0/24 84.246.86.0/23 84.246.106.0/24 84.246.109.0/24 87.236.151.0/24 88.151.15.0/24 89.107.14.0/23 89.248.70.0/24 91.190.153.0/24 91.220.198.0/24 91.246.34.0/24 91.246.48.0/24 91.246.53.0-91.246.54.255 91.247.161.0-91.247.162.255 91.247.165.0-91.247.167.255 91.247.173.0/24 91.247.183.0/24 93.157.104.0/24 93.157.109.0/24 109.94.161.0/24 109.94.163.0/24 109.107.136.0/24 109.107.141.0-109.107.142.255 109.107.144.0/24 109.107.147.0-109.107.148.255 109.205.184.0/24 109.205.188.0/24 176.97.199.0/24 176.97.203.0/24 176.97.208.0/24 176.97.222.0/23 176.116.3.0/24 193.160.219.0/24 193.163.22.0/24 194.26.134.0/24 194.26.224.0/24 194.26.227.0/24 194.105.60.0/24 194.107.92.0/24 195.88.220.0/24 195.96.144.0/24 195.96.147.0/24 195.96.154.0/24 212.18.126.0/24 212.52.25.0-212.52.26.255 213.217.11.0/24 217.198.176.0/24 217.198.178.0-217.198.182.255 Signature Algorithm: sha256WithRSAEncryption 41:32:53:99:37:2f:e2:6b:b1:77:36:48:e1:52:de:65:86:6e: c7:9d:0e:f8:c1:d6:4d:bf:99:2c:91:24:7a:f1:f0:3e:4d:ec: 0c:4e:5c:d8:62:37:94:b9:a9:94:73:8a:cf:23:9a:db:40:8f: b6:fd:5e:dd:f9:17:79:c4:ea:ea:b1:04:fa:b0:51:eb:48:a5: cb:f1:63:c0:af:31:ee:d0:ac:36:43:19:1e:2f:51:d9:64:53: 25:f9:3d:f2:0e:41:5d:90:78:fa:80:dd:5c:c4:79:46:15:52: 09:14:a9:35:24:30:35:01:15:b8:e4:e3:ba:97:aa:ae:04:ac: 50:92:07:2c:a1:4b:af:60:ba:f6:62:1e:24:24:fc:c2:75:81: bd:88:a7:d7:42:2e:22:2d:5f:66:3c:7a:9a:e5:ca:d4:d7:56: b1:01:58:97:41:14:19:08:34:8f:23:f8:55:dc:3b:58:02:65: f3:3f:cd:39:88:5d:44:45:14:5d:57:63:15:e4:ff:71:f7:c5: 23:b3:16:b0:3b:d3:83:ea:f3:92:a9:a3:40:5b:3d:5a:4c:05: a6:84:d0:83:28:41:52:f3:ec:9e:d1:87:ca:47:33:41:4f:8b: 38:97:21:58:a4:e7:f3:47:ac:29:17:ed:2f:16:b2:a7:71:64: 34:cb:a5:e7 -----BEGIN CERTIFICATE----- MIIGeTCCBWGgAwIBAgISAZtMkBZuyWpokTjaDFVkhQrFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjUxMjIzMTg1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGQ3MTYzYzFhNDUzODNmMjg3YjU5NjQ3YmVjOWI4ZWZjMGVhNGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMwxSDjSJbZ+d8q561xaIdU3f63x lbjy4oKy9sXSa9utbFuR/WQboVv7+YkF0KUmO9RnIdkj/4htwXsaRQHEkckK+f2D foJvRyKHEVt9RB1K3GTu2y9SidR+8iIwnHDTWCBy7Cq2/3oMhTew5JWpe818j7UP S9Pl4NWuOUoYdIcc+CIMSOviYdNLKpgHOCBQ5hCSeb796/BX1qyUtxUjSvKdPeRO ELchr3vf6+jNOVqAXj9kIiQf02UU8by3U6LvFbAat7P3ray6CXZjri3iXUGOcBFT BYrBVAcZDcjFfj218baGKgNllBP6hJeV0Sw5Si/YzbUO/2hbRkgii8HG3QIDAQAB o4IDhTCCA4EwHQYDVR0OBBYEFF3XFjwaRTg/KHtZZHvsm478DqS0MB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvWGRjV1BCcEZPRDhvZTFsa2UteWJqdndPcExRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBmQYIKwYBBQUHAQcBAf8EggGIMIIBhDCCAYAEAgABMIIB eAMEAB/YOQMEAB/YPzAMAwQAPsCJAwQAPsCKAwQATVd4AwQAVPZUAwQBVPZWAwQA VPZqAwQAVPZtAwQAV+yXAwQAWJcPAwQBWWsOAwQAWfhGAwQAW76ZAwQAW9zGAwQA W/YiAwQAW/YwMAwDBABb9jUDBABb9jYwDAMEAFv3oQMEAFv3ojAMAwQAW/elAwQD W/egAwQAW/etAwQAW/e3AwQAXZ1oAwQAXZ1tAwQAbV6hAwQAbV6jAwQAbWuIMAwD BABta40DBABta44DBABta5AwDAMEAG1rkwMEAG1rlAMEAG3NuAMEAG3NvAMEALBh xwMEALBhywMEALBh0AMEAbBh3gMEALB0AwMEAMGg2wMEAMGjFgMEAMIahgMEAMIa 4AMEAMIa4wMEAMJpPAMEAMJrXAMEAMNY3AMEAMNgkAMEAMNgkwMEAMNgmgMEANQS fjAMAwQA1DQZAwQA1DQaAwQA1dkLAwQA2cawMAwDBAHZxrIDBADZxrYwDQYJKoZI hvcNAQELBQADggEBAEEyU5k3L+JrsXc2SOFS3mWGbsedDvjB1k2/mSyRJHrx8D5N 7AxOXNhiN5S5qZRzis8jmttAj7b9Xt35F3nE6uqxBPqwUetIpcvxY8CvMe7QrDZD GR4vUdlkUyX5PfIOQV2QePqA3VzEeUYVUgkUqTUkMDUBFbjk47qXqq4ErFCSByyh S69guvZiHiQk/MJ1gb2Ip9dCLiItX2Y8eprlytTXVrEBWJdBFBkINI8j+FXcO1gC ZfM/zTmIXURFFF1XYxXk/3H3xSOzFrA704Pq85Kpo0BbPVpMBaaE0IMoQVLz7J7R h8pHM0FPiziXIVik5/NHrCkX7S8WsqdxZDTLpec= -----END CERTIFICATE-----Generated at Wed Dec 24 21:16:55 2025 by rpki-client