This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/14cEr7aw02iRpmKpyvIitczolkE.roa File: 14cEr7aw02iRpmKpyvIitczolkE.roa (raw, json) Hash identifier: tnVtFBhFwWzq6hl069GjNphOkbpm/TSjb8WTv76Dy+o= Subject key identifier: D7:87:04:AF:B6:B0:D3:68:91:A6:62:A9:CA:F2:22:B5:CC:E8:96:41 Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea Certificate serial: 019B994FAC603E7D102B4D018B2AA9997545 Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/14cEr7aw02iRpmKpyvIitczolkE.roa Signing time: Wed 07 Jan 2026 16:34:54 +0000 ROA not before: Wed 07 Jan 2026 16:34:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 46261 IP address blocks: 5.44.255.0/24 maxlen: 24 46.253.130.0/24 maxlen: 24 59.152.124.0/22 maxlen: 24 61.14.224.0/22 maxlen: 24 62.106.64.0/24 maxlen: 24 79.110.176.0/21 maxlen: 24 79.110.181.0/24 maxlen: 24 85.8.148.0/22 maxlen: 24 85.202.172.0/22 maxlen: 24 85.202.173.0/24 maxlen: 24 91.132.84.0/22 maxlen: 24 103.203.40.0/22 maxlen: 24 103.205.84.0/22 maxlen: 24 103.207.160.0/22 maxlen: 24 103.207.163.0/24 maxlen: 24 121.46.124.0/22 maxlen: 24 146.19.82.0/24 maxlen: 24 160.238.96.0/22 maxlen: 24 185.93.4.0/24 maxlen: 24 185.105.10.0/24 maxlen: 24 185.118.132.0/22 maxlen: 24 185.118.135.0/24 maxlen: 24 185.145.44.0/22 maxlen: 24 185.147.156.0/22 maxlen: 24 185.147.158.0/24 maxlen: 24 185.157.232.0/22 maxlen: 24 185.158.136.0/22 maxlen: 24 185.176.88.0/22 maxlen: 24 185.176.90.0/24 maxlen: 24 185.190.56.0/22 maxlen: 24 185.196.24.0/23 maxlen: 24 185.196.26.0/23 maxlen: 24 185.202.44.0/23 maxlen: 24 185.202.46.0/23 maxlen: 24 185.206.20.0/23 maxlen: 24 185.206.20.0/24 maxlen: 24 185.206.22.0/23 maxlen: 24 185.209.128.0/23 maxlen: 24 185.209.128.0/24 maxlen: 24 185.209.130.0/23 maxlen: 24 185.213.16.0/23 maxlen: 24 185.213.18.0/23 maxlen: 24 185.214.140.0/22 maxlen: 24 185.214.142.0/23 maxlen: 24 185.214.240.0/23 maxlen: 24 185.214.240.0/24 maxlen: 24 185.214.242.0/23 maxlen: 24 185.218.185.0/24 maxlen: 24 185.219.20.0/22 maxlen: 24 185.219.23.0/24 maxlen: 24 185.225.12.0/23 maxlen: 24 185.225.14.0/23 maxlen: 24 185.227.252.0/23 maxlen: 24 185.227.252.0/24 maxlen: 24 185.227.254.0/23 maxlen: 24 185.227.254.0/24 maxlen: 24 185.228.44.0/22 maxlen: 24 185.232.42.0/24 maxlen: 24 185.235.120.0/22 maxlen: 24 185.235.122.0/24 maxlen: 24 185.235.123.0/24 maxlen: 24 185.238.115.0/24 maxlen: 24 185.242.185.0/24 maxlen: 24 193.3.16.0/24 maxlen: 24 193.31.112.0/22 maxlen: 24 193.31.114.0/24 maxlen: 24 193.163.35.0/24 maxlen: 24 193.176.116.0/22 maxlen: 24 193.187.180.0/22 maxlen: 24 194.8.134.0/24 maxlen: 24 194.50.192.0/22 maxlen: 24 194.69.161.0/24 maxlen: 24 195.216.148.0/22 maxlen: 24 195.245.74.0/23 maxlen: 24 213.109.157.0/24 maxlen: 24 217.18.56.0/22 maxlen: 24 2a07:4580::/29 maxlen: 29 2a07:4580::/32 maxlen: 48 2a07:4580:b0d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:99:4f:ac:60:3e:7d:10:2b:4d:01:8b:2a:a9:99:75:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea Validity Not Before: Jan 7 16:34:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d78704afb6b0d36891a662a9caf222b5cce89641 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:c6:84:d3:ef:d3:24:8a:d9:2f:bc:65:5b:de: 40:37:ab:b5:17:c2:71:ee:d5:9c:bb:2e:19:52:6d: 1f:e1:f9:90:e8:64:27:ae:3a:22:8f:3c:b7:95:1d: 05:45:b6:a7:94:5e:92:65:6a:f7:57:42:f5:8e:b5: be:d3:9c:00:a7:67:e6:10:4e:98:c0:61:b2:ad:55: 79:f8:6d:aa:60:08:e4:9c:97:e9:98:a4:6a:16:a9: d7:e9:50:67:9d:0e:5a:bd:3c:42:80:33:48:0f:f7: f0:5b:ba:41:be:f8:dd:7b:10:17:87:60:3d:eb:41: 62:c4:1a:41:71:d2:c2:95:e4:63:5a:79:b8:ab:79: 0c:1d:7f:79:2f:09:4c:52:f2:79:8d:62:fb:1f:02: 1c:a8:e0:19:b1:1c:66:17:42:90:f4:4f:aa:15:98: da:6c:9a:e8:a2:14:1d:65:34:18:fc:86:60:b5:53: a9:7b:5e:62:9f:63:fd:1e:dc:87:ac:68:96:bd:31: ba:21:2c:88:a4:b2:4d:ae:18:e8:0c:e3:bc:73:26: 60:1c:fc:23:49:a2:df:40:e1:9f:9c:9b:ae:0d:80: 68:11:c9:f5:79:66:23:aa:32:24:e9:bf:8a:a5:aa: b6:6d:37:4a:05:af:50:af:d2:5b:83:32:6e:0a:5a: 11:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:87:04:AF:B6:B0:D3:68:91:A6:62:A9:CA:F2:22:B5:CC:E8:96:41 X509v3 Authority Key Identifier: keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/14cEr7aw02iRpmKpyvIitczolkE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.44.255.0/24 46.253.130.0/24 59.152.124.0/22 61.14.224.0/22 62.106.64.0/24 79.110.176.0/21 85.8.148.0/22 85.202.172.0/22 91.132.84.0/22 103.203.40.0/22 103.205.84.0/22 103.207.160.0/22 121.46.124.0/22 146.19.82.0/24 160.238.96.0/22 185.93.4.0/24 185.105.10.0/24 185.118.132.0/22 185.145.44.0/22 185.147.156.0/22 185.157.232.0/22 185.158.136.0/22 185.176.88.0/22 185.190.56.0/22 185.196.24.0/22 185.202.44.0/22 185.206.20.0/22 185.209.128.0/22 185.213.16.0/22 185.214.140.0/22 185.214.240.0/22 185.218.185.0/24 185.219.20.0/22 185.225.12.0/22 185.227.252.0/22 185.228.44.0/22 185.232.42.0/24 185.235.120.0/22 185.238.115.0/24 185.242.185.0/24 193.3.16.0/24 193.31.112.0/22 193.163.35.0/24 193.176.116.0/22 193.187.180.0/22 194.8.134.0/24 194.50.192.0/22 194.69.161.0/24 195.216.148.0/22 195.245.74.0/23 213.109.157.0/24 217.18.56.0/22 IPv6: 2a07:4580::/29 Signature Algorithm: sha256WithRSAEncryption 06:d5:67:0b:8a:fa:3c:c7:ab:9c:7d:9d:06:de:ff:fd:8d:d1: 3a:d8:4e:48:3a:ef:62:62:eb:2a:25:08:b0:f2:d0:64:b3:da: 60:24:dc:84:01:bd:7a:36:65:5d:05:cd:bf:ac:b6:ad:f8:65: 0f:79:5b:7c:4f:fb:2b:29:9b:bf:da:97:53:7c:22:81:30:5b: 9a:78:bb:ef:93:36:8d:04:82:c2:39:cd:92:6e:65:67:18:7f: 02:f6:ef:9f:99:71:9e:e5:85:41:b9:b9:53:7b:c9:94:3c:d2: 43:8d:cb:b2:b3:2f:f4:d2:e9:db:42:39:bd:9f:1b:28:0d:00: 9b:1b:2b:a9:92:27:94:03:b4:a3:29:e0:8d:a5:5c:0c:9e:18: 9d:13:ee:1b:bd:62:8b:9f:1c:3b:25:01:18:b9:6e:22:00:6c: 22:6a:93:a6:67:ce:01:32:b1:0c:5c:28:f9:d9:fd:01:b6:3c: e9:e9:0e:ac:08:47:65:77:6f:71:65:31:f1:2b:c7:6b:9c:87: 2f:64:fb:08:85:cc:89:2f:12:8e:2d:62:af:80:b4:7d:1b:7d: d5:f5:53:48:d0:af:4b:7d:a4:5b:4e:cc:bd:f4:45:bc:f4:10: ec:7b:63:2c:61:01:ee:c2:ad:29:62:7a:c7:df:b1:3f:2e:c6: 42:14:6c:b0 -----BEGIN CERTIFICATE----- MIIGSDCCBTCgAwIBAgISAZuZT6xgPn0QK00BiyqpmXVFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz ZTIwZWEwHhcNMjYwMTA3MTYzNDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNzg3MDRhZmI2YjBkMzY4OTFhNjYyYTljYWYyMjJiNWNjZTg5NjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscaE0+/TJIrZL7xlW95AN6u1F8Jx 7tWcuy4ZUm0f4fmQ6GQnrjoijzy3lR0FRbanlF6SZWr3V0L1jrW+05wAp2fmEE6Y wGGyrVV5+G2qYAjknJfpmKRqFqnX6VBnnQ5avTxCgDNID/fwW7pBvvjdexAXh2A9 60FixBpBcdLCleRjWnm4q3kMHX95LwlMUvJ5jWL7HwIcqOAZsRxmF0KQ9E+qFZja bJroohQdZTQY/IZgtVOpe15in2P9HtyHrGiWvTG6ISyIpLJNrhjoDOO8cyZgHPwj SaLfQOGfnJuuDYBoEcn1eWYjqjIk6b+Kpaq2bTdKBa9Qr9JbgzJuCloRBwIDAQAB o4IDVDCCA1AwHQYDVR0OBBYEFNeHBK+2sNNokaZiqcryIrXM6JZBMB8GA1UdIwQY MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt NTU2MDhiNjk0NDU2LzEvMTRjRXI3YXcwMmlScG1LcHl2SWl0Y3pvbGtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2 LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBaAYIKwYBBQUHAQcBAf8EggFXMIIBUzCCAUAEAgABMIIB OAMEAAUs/wMEAC79ggMEAjuYfAMEAj0O4AMEAD5qQAMEA09usAMEAlUIlAMEAlXK rAMEAluEVAMEAmfLKAMEAmfNVAMEAmfPoAMEAnkufAMEAJITUgMEAqDuYAMEALld BAMEALlpCgMEArl2hAMEArmRLAMEArmTnAMEArmd6AMEArmeiAMEArmwWAMEArm+ OAMEArnEGAMEArnKLAMEArnOFAMEArnRgAMEArnVEAMEArnWjAMEArnW8AMEALna uQMEArnbFAMEArnhDAMEArnj/AMEArnkLAMEALnoKgMEArnreAMEALnucwMEALny uQMEAMEDEAMEAsEfcAMEAMGjIwMEAsGwdAMEAsG7tAMEAMIIhgMEAsIywAMEAMJF oQMEAsPYlAMEAcP1SgMEANVtnQMEAtkSODANBAIAAjAHAwUDKgdFgDANBgkqhkiG 9w0BAQsFAAOCAQEABtVnC4r6PMernH2dBt7//Y3ROthOSDrvYmLrKiUIsPLQZLPa YCTchAG9ejZlXQXNv6y2rfhlD3lbfE/7Kymbv9qXU3wigTBbmni775M2jQSCwjnN km5lZxh/Avbvn5lxnuWFQbm5U3vJlDzSQ43LsrMv9NLp20I5vZ8bKA0AmxsrqZIn lAO0oyngjaVcDJ4YnRPuG71ii58cOyUBGLluIgBsImqTpmfOATKxDFwo+dn9AbY8 6ekOrAhHZXdvcWUx8SvHa5yHL2T7CIXMiS8Sji1ir4C0fRt91fVTSNCvS32kW07M vfRFvPQQ7HtjLGEB7sKtKWJ6x9+xPy7GQhRssA== -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:28 2026 by rpki-client