This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/hSges_Ltmi2kLQbfthI0oLK2-Aw.roa File: hSges_Ltmi2kLQbfthI0oLK2-Aw.roa (raw, json) Hash identifier: ofUTm9TOC9YCPztyeJkIczU+y1/O6ZlOyL5d83VL7h0= Subject key identifier: 85:28:1E:B3:F2:ED:9A:2D:A4:2D:06:DF:B6:12:34:A0:B2:B6:F8:0C Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba Certificate serial: 019B7D5C5FC95B73FD0F8CDF993613600F3B Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/hSges_Ltmi2kLQbfthI0oLK2-Aw.roa Signing time: Fri 02 Jan 2026 06:19:24 +0000 ROA not before: Fri 02 Jan 2026 06:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30823 IP address blocks: 31.214.141.0/24 maxlen: 24 31.214.245.0/24 maxlen: 24 31.214.246.0/24 maxlen: 24 31.214.247.0/24 maxlen: 24 95.156.227.0/24 maxlen: 24 109.230.238.0/24 maxlen: 24 134.255.220.0/24 maxlen: 32 134.255.225.0/24 maxlen: 24 134.255.227.0/24 maxlen: 24 134.255.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.mft rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:5f:c9:5b:73:fd:0f:8c:df:99:36:13:60:0f:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba Validity Not Before: Jan 2 06:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85281eb3f2ed9a2da42d06dfb61234a0b2b6f80c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:24:1b:8a:38:56:0f:b7:f7:f6:e0:8e:3f:9c: 14:29:53:d6:48:96:93:93:95:7a:ff:3b:6c:7f:37: 65:03:c4:ad:d2:bf:12:a8:7f:5b:5a:38:08:44:3c: ce:45:a2:03:5c:18:b2:b6:bc:5e:c1:c0:f3:ac:2d: 74:58:06:4d:ea:51:09:7f:38:b5:2d:4a:d2:ae:c9: 80:87:c2:b9:58:d0:3a:06:6a:71:b3:5e:a5:f1:af: e1:d8:fb:ed:02:df:f2:88:54:f0:57:6f:66:1a:56: fe:06:75:a8:85:3e:6d:7c:ee:10:94:88:39:f5:50: cf:43:b1:5c:91:a8:23:fe:a9:fd:8f:c7:eb:31:89: 50:fc:c3:87:d6:8f:d0:63:cd:ac:d3:a2:98:76:e8: 32:9a:d2:09:8e:0d:00:0e:b6:47:52:74:fa:a5:94: b6:22:07:02:de:e0:17:d3:bd:22:41:a9:ac:67:cf: 1c:d1:22:40:96:e7:01:f4:4f:30:38:43:20:49:8c: da:15:78:9b:a4:88:c5:1c:d1:67:a7:9a:db:64:a9: b5:04:33:8e:ee:fc:87:b1:31:9d:9b:04:fa:ed:28: 08:9f:e5:df:6b:68:de:0b:68:b6:5e:55:b3:f0:28: d0:7a:e0:87:3b:77:ea:48:d2:97:d0:5f:10:2d:ed: c7:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:28:1E:B3:F2:ED:9A:2D:A4:2D:06:DF:B6:12:34:A0:B2:B6:F8:0C X509v3 Authority Key Identifier: keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/hSges_Ltmi2kLQbfthI0oLK2-Aw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.214.141.0/24 31.214.245.0-31.214.247.255 95.156.227.0/24 109.230.238.0/24 134.255.220.0/24 134.255.225.0/24 134.255.227.0/24 134.255.252.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:a9:2e:a7:eb:ef:17:81:f3:e1:3a:86:0f:d8:a8:1d:aa:71: 7c:f0:1b:18:96:44:e5:81:d9:f3:3b:50:ac:16:50:1d:a6:56: 78:99:0f:68:70:2e:27:1f:ba:8c:a0:dd:7c:7a:8e:97:41:5f: da:2d:fc:c9:ff:a3:73:a1:df:d8:d6:f5:98:5a:86:e8:fa:fa: 62:ff:e3:17:91:a6:02:7a:c8:ef:97:c1:f3:b2:3a:e8:bb:de: 84:83:84:e5:34:38:36:2b:77:bf:aa:91:bc:80:38:df:5a:89: 12:95:08:ed:b0:6f:9c:01:b1:5d:8c:d2:40:26:43:15:14:aa: 7d:b0:d9:2d:10:83:d8:45:79:2c:a8:83:6f:5b:6c:eb:4b:68: fc:3b:7d:71:36:67:c2:c6:05:e5:53:42:45:1c:49:a4:85:92: ac:7f:50:0c:4f:f3:33:bf:f0:52:2e:e5:4f:37:7e:31:f5:ca: a7:74:e0:dc:86:3a:43:a9:ef:02:e8:c7:6c:43:63:49:d0:bc: 88:0c:cd:e1:c1:2c:08:22:ea:2d:f5:e3:bf:61:1f:f6:ec:12: 68:05:13:a1:5f:cd:23:ad:85:af:b9:e3:9f:a3:1e:7a:93:ea: 5c:c4:57:0b:84:46:d7:e7:bd:34:b8:eb:23:17:20:06:a4:dd: 9a:ba:55:ea -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgISAZt9XF/JW3P9D4zfmTYTYA87MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx NTNjYmEwHhcNMjYwMTAyMDYxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTI4MWViM2YyZWQ5YTJkYTQyZDA2ZGZiNjEyMzRhMGIyYjZmODBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCQbijhWD7f39uCOP5wUKVPWSJaT k5V6/ztsfzdlA8St0r8SqH9bWjgIRDzORaIDXBiytrxewcDzrC10WAZN6lEJfzi1 LUrSrsmAh8K5WNA6Bmpxs16l8a/h2PvtAt/yiFTwV29mGlb+BnWohT5tfO4QlIg5 9VDPQ7Fckagj/qn9j8frMYlQ/MOH1o/QY82s06KYdugymtIJjg0ADrZHUnT6pZS2 IgcC3uAX070iQamsZ88c0SJAlucB9E8wOEMgSYzaFXibpIjFHNFnp5rbZKm1BDOO 7vyHsTGdmwT67SgIn+Xfa2jeC2i2XlWz8CjQeuCHO3fqSNKX0F8QLe3HuwIDAQAB o4ICOzCCAjcwHQYDVR0OBBYEFIUoHrPy7ZotpC0G37YSNKCytvgMMB8GA1UdIwQY MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt NjViZTU1MDMxNjVkLzEvaFNnZXNfTHRtaTJrTFFiZnRoSTBvTEsyLUF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH9aNMAwD BAAf1vUDBAMf1vADBABfnOMDBABt5u4DBACG/9wDBACG/+EDBACG/+MDBACG//ww DQYJKoZIhvcNAQELBQADggEBAAqpLqfr7xeB8+E6hg/YqB2qcXzwGxiWROWB2fM7 UKwWUB2mVniZD2hwLicfuoyg3Xx6jpdBX9ot/Mn/o3Oh39jW9Zhahuj6+mL/4xeR pgJ6yO+XwfOyOui73oSDhOU0ODYrd7+qkbyAON9aiRKVCO2wb5wBsV2M0kAmQxUU qn2w2S0Qg9hFeSyog29bbOtLaPw7fXE2Z8LGBeVTQkUcSaSFkqx/UAxP8zO/8FIu 5U83fjH1yqd04NyGOkOp7wLox2xDY0nQvIgMzeHBLAgi6i31479hH/bsEmgFE6Ff zSOtha+545+jHnqT6lzEVwuERtfnvTS46yMXIAak3Zq6Veo= -----END CERTIFICATE-----Generated at Mon Jan 19 23:21:48 2026 by rpki-client