This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/8GTqxn7gEbfVcrTo_203jWSQqyQ.roa File: 8GTqxn7gEbfVcrTo_203jWSQqyQ.roa (raw, json) Hash identifier: FBwIvrh4fkJq3441dM0QezB27aCU253T8SzW2IFWPFU= Subject key identifier: F0:64:EA:C6:7E:E0:11:B7:D5:72:B4:E8:FF:6D:37:8D:64:90:AB:24 Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611 Certificate serial: 019B7B3686E755BFB7F9106026C1B3550EED Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/8GTqxn7gEbfVcrTo_203jWSQqyQ.roa Signing time: Thu 01 Jan 2026 20:18:49 +0000 ROA not before: Thu 01 Jan 2026 20:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56329 IP address blocks: 46.227.144.0/21 maxlen: 21 78.143.192.0/19 maxlen: 19 82.163.144.0/20 maxlen: 20 82.163.184.0/21 maxlen: 21 82.163.252.0/22 maxlen: 22 83.151.200.0/21 maxlen: 21 88.202.128.0/19 maxlen: 19 88.202.192.0/20 maxlen: 20 88.202.232.0/22 maxlen: 22 88.202.240.0/20 maxlen: 20 88.212.164.0/22 maxlen: 22 88.212.168.0/21 maxlen: 21 88.212.176.0/21 maxlen: 21 88.212.184.0/22 maxlen: 22 185.82.156.0/22 maxlen: 22 185.111.224.0/22 maxlen: 22 185.147.88.0/22 maxlen: 22 188.95.40.0/21 maxlen: 21 194.233.152.0/21 maxlen: 21 194.233.152.0/22 maxlen: 22 194.233.156.0/22 maxlen: 22 194.233.224.0/20 maxlen: 20 195.180.16.0/20 maxlen: 20 195.180.32.0/21 maxlen: 21 195.180.32.0/22 maxlen: 22 195.180.36.0/22 maxlen: 22 195.180.48.0/20 maxlen: 20 212.132.32.0/19 maxlen: 19 212.237.220.0/22 maxlen: 22 213.18.128.0/18 maxlen: 18 216.213.128.0/18 maxlen: 18 2a00:d200::/29 maxlen: 29 2a02:fb8::/32 maxlen: 32 2a06:61c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.mft rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:86:e7:55:bf:b7:f9:10:60:26:c1:b3:55:0e:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611 Validity Not Before: Jan 1 20:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f064eac67ee011b7d572b4e8ff6d378d6490ab24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:19:11:07:f1:f1:9d:06:ea:71:37:ed:b0:be: e7:a2:61:71:3b:74:64:f4:25:ca:01:6b:4a:d6:01: 55:61:07:b6:fa:5c:04:2f:3b:b3:d7:7a:e3:95:79: 4e:ce:42:e9:45:e5:ae:79:42:5f:6e:1d:62:ed:c0: d6:7e:3e:d4:d1:2d:9a:fc:cd:8f:e0:fc:bd:97:93: ce:5f:85:4c:e5:b8:97:c0:0a:7c:fd:fa:59:0d:1d: cd:08:1b:20:a9:95:fa:90:23:35:5e:2c:25:d7:51: 3d:3f:cc:96:ed:4d:bc:18:80:ba:b9:30:64:10:19: a8:84:f0:05:9e:fe:87:90:ce:4f:30:f0:0e:39:ba: 01:d0:2d:5e:9e:dc:73:0c:6e:9a:87:ea:f4:c5:da: ca:ec:39:1b:ba:9f:cb:84:8e:07:a7:39:92:98:ff: d2:3b:08:e5:e5:43:2b:13:a5:9b:38:f0:4f:64:34: f4:05:05:2c:b6:54:b8:4a:75:e7:fc:f7:db:0a:ea: 08:2f:6d:9f:f9:3e:1c:69:69:fa:60:a2:a5:97:d0: 91:33:9d:7f:0a:8b:4e:1c:6e:f7:62:20:ab:1d:35: 77:e5:ce:38:2e:38:17:bc:53:aa:7e:ea:65:8c:90: 4c:00:90:8b:d4:ff:86:ce:68:b2:b2:6d:33:76:02: a5:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:64:EA:C6:7E:E0:11:B7:D5:72:B4:E8:FF:6D:37:8D:64:90:AB:24 X509v3 Authority Key Identifier: keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/8GTqxn7gEbfVcrTo_203jWSQqyQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.227.144.0/21 78.143.192.0/19 82.163.144.0/20 82.163.184.0/21 82.163.252.0/22 83.151.200.0/21 88.202.128.0/19 88.202.192.0/20 88.202.232.0/22 88.202.240.0/20 88.212.164.0-88.212.187.255 185.82.156.0/22 185.111.224.0/22 185.147.88.0/22 188.95.40.0/21 194.233.152.0/21 194.233.224.0/20 195.180.16.0-195.180.39.255 195.180.48.0/20 212.132.32.0/19 212.237.220.0/22 213.18.128.0/18 216.213.128.0/18 IPv6: 2a00:d200::/29 2a02:fb8::/32 2a06:61c0::/29 Signature Algorithm: sha256WithRSAEncryption 15:42:2f:82:4b:5d:5c:d1:ce:97:f0:3c:1c:40:d9:da:40:bd: 1c:eb:b9:05:4c:b2:1c:53:4a:13:50:66:e4:3e:dc:a7:a1:ac: 27:87:5f:03:aa:e6:6a:49:b5:53:2a:7a:b3:96:93:19:ae:b8: 10:78:34:a3:fd:da:87:a3:11:af:ac:5c:0b:34:8f:f1:90:f2: 67:ea:b6:d6:50:8e:e5:b6:2d:52:4d:17:76:a0:fb:00:2f:4b: bd:8f:07:c5:ef:64:91:11:b5:91:0a:d1:9e:ac:c2:f6:d9:46: 45:76:62:b1:3e:3d:5f:3d:64:f6:cd:71:71:5e:68:89:81:7b: 83:ac:ed:46:ab:27:c4:55:2a:27:c0:ee:f7:19:17:a5:28:85: 36:e1:fb:06:a6:ef:ba:c4:09:44:09:4d:28:2b:10:97:de:48: 43:e5:d0:07:a8:32:0b:3b:03:ec:1f:0a:39:dc:8f:03:46:bc: 8c:7e:5c:0d:ad:bf:23:d1:b8:15:1d:03:71:45:b9:d8:c0:fe: 34:c7:bb:2b:cd:3a:d1:4c:9b:49:46:ac:c1:71:c3:99:51:59: b2:be:64:2e:d9:68:18:2c:1c:e5:18:6e:29:2b:e5:d2:84:3d: 29:ca:2e:08:f5:30:6e:da:a1:96:40:a9:6d:2a:95:4c:7b:5f: d0:4c:00:df -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgISAZt7NobnVb+3+RBgJsGzVQ7tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh MmQ2MTEwHhcNMjYwMTAxMjAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMDY0ZWFjNjdlZTAxMWI3ZDU3MmI0ZThmZjZkMzc4ZDY0OTBhYjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRkRB/HxnQbqcTftsL7nomFxO3Rk 9CXKAWtK1gFVYQe2+lwELzuz13rjlXlOzkLpReWueUJfbh1i7cDWfj7U0S2a/M2P 4Py9l5POX4VM5biXwAp8/fpZDR3NCBsgqZX6kCM1Xiwl11E9P8yW7U28GIC6uTBk EBmohPAFnv6HkM5PMPAOOboB0C1entxzDG6ah+r0xdrK7Dkbup/LhI4HpzmSmP/S Owjl5UMrE6WbOPBPZDT0BQUstlS4SnXn/PfbCuoIL22f+T4caWn6YKKll9CRM51/ CotOHG73YiCrHTV35c44LjgXvFOqfupljJBMAJCL1P+Gzmiysm0zdgKlXQIDAQAB o4ICvzCCArswHQYDVR0OBBYEFPBk6sZ+4BG31XK06P9tN41kkKskMB8GA1UdIwQY MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt YmZiZTFiYzE1ZmMyLzEvOEdUcXhuN2dFYmZWY3JUb18yMDNqV1NRcXlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDBAMu 45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQF1IQgAwQC1O3cAwQG1RKA AwQG2NWAMBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQEL BQADggEBABVCL4JLXVzRzpfwPBxA2dpAvRzruQVMshxTShNQZuQ+3KehrCeHXwOq 5mpJtVMqerOWkxmuuBB4NKP92oejEa+sXAs0j/GQ8mfqttZQjuW2LVJNF3ag+wAv S72PB8XvZJERtZEK0Z6swvbZRkV2YrE+PV89ZPbNcXFeaImBe4Os7UarJ8RVKifA 7vcZF6UohTbh+wam77rECUQJTSgrEJfeSEPl0AeoMgs7A+wfCjncjwNGvIx+XA2t vyPRuBUdA3FFudjA/jTHuyvNOtFMm0lGrMFxw5lRWbK+ZC7ZaBgsHOUYbikr5dKE PSnKLgj1MG7aoZZAqW0qlUx7X9BMAN8= -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:56 2026 by rpki-client