This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/KyIL3asNoQ4Ad8qGZAr89eB7ca4.roa File: KyIL3asNoQ4Ad8qGZAr89eB7ca4.roa (raw, json) Hash identifier: ds+2+c6dFsxpOer7wRkA5m/ze2fRmfjRiONNK5szPXc= Subject key identifier: 2B:22:0B:DD:AB:0D:A1:0E:00:77:CA:86:64:0A:FC:F5:E0:7B:71:AE Certificate issuer: /CN=9f96ae2770265af32e7d4be86bab07a07c2d3353 Certificate serial: 019B77C66E88CF7758C443A886BFDC58222C Authority key identifier: 9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/KyIL3asNoQ4Ad8qGZAr89eB7ca4.roa Signing time: Thu 01 Jan 2026 04:17:31 +0000 ROA not before: Thu 01 Jan 2026 04:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21413 IP address blocks: 31.187.67.0/24 maxlen: 24 31.187.77.0/24 maxlen: 24 31.187.79.0/24 maxlen: 24 37.247.64.0/19 maxlen: 24 46.227.216.0/21 maxlen: 24 77.235.160.0/19 maxlen: 24 80.243.32.0/19 maxlen: 24 83.221.224.0/19 maxlen: 24 85.190.176.0/21 maxlen: 24 87.121.192.0/20 maxlen: 24 87.121.224.0/20 maxlen: 24 89.187.200.0/21 maxlen: 24 93.159.96.0/19 maxlen: 24 94.100.64.0/20 maxlen: 24 176.126.88.0/22 maxlen: 22 185.90.128.0/22 maxlen: 24 185.175.209.0/24 maxlen: 24 193.98.112.0/21 maxlen: 21 212.99.192.0/19 maxlen: 24 2a00:1ca0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.mft rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 10:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:6e:88:cf:77:58:c4:43:a8:86:bf:dc:58:22:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f96ae2770265af32e7d4be86bab07a07c2d3353 Validity Not Before: Jan 1 04:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b220bddab0da10e0077ca86640afcf5e07b71ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7d:65:34:6f:bf:fc:55:17:68:00:eb:db:eb: 0c:8e:d5:8f:df:1d:21:25:7e:60:3d:54:c9:ab:54: 41:83:0c:bf:2d:bd:2e:7b:c9:a0:2b:c1:22:06:0a: 7a:24:d3:f6:dc:8e:67:3f:84:e0:e1:1c:56:67:ce: 10:90:37:34:8a:a2:40:6c:fb:75:22:44:a5:8a:56: 05:9e:76:31:60:8d:ad:3b:0b:5f:05:06:a2:9d:16: 62:d4:0d:27:d7:94:96:57:c6:ff:63:26:21:b8:fa: c5:0e:77:90:66:46:cf:34:42:37:79:bf:ba:20:f4: 16:c7:2f:5b:72:ba:1e:1b:b9:c6:3f:16:91:fb:2b: cb:95:7e:cc:98:31:7f:4a:1c:07:64:c1:93:a7:12: 14:4e:54:7c:f1:d8:e6:a1:30:0c:6f:b8:c6:8a:32: ae:d9:f4:38:76:24:db:15:9e:7b:68:25:18:a8:df: 12:b3:31:15:1c:ed:12:0a:09:3d:fc:d9:04:10:70: bb:77:d1:67:cb:80:ba:d9:f2:ef:ee:7e:72:67:d0: 52:0f:bf:12:e8:18:be:6d:7e:0c:97:af:9f:5c:e5: d5:95:0c:66:75:9a:02:ba:02:31:67:b3:77:e4:a0: bb:57:15:c4:21:6e:c3:c9:2b:00:5a:09:03:b1:ff: 1b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:22:0B:DD:AB:0D:A1:0E:00:77:CA:86:64:0A:FC:F5:E0:7B:71:AE X509v3 Authority Key Identifier: keyid:9F:96:AE:27:70:26:5A:F3:2E:7D:4B:E8:6B:AB:07:A0:7C:2D:33:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n5auJ3AmWvMufUvoa6sHoHwtM1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/KyIL3asNoQ4Ad8qGZAr89eB7ca4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6bb5b1-1e6a-4455-9d75-e64c885f62ce/1/n5auJ3AmWvMufUvoa6sHoHwtM1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.187.67.0/24 31.187.77.0/24 31.187.79.0/24 37.247.64.0/19 46.227.216.0/21 77.235.160.0/19 80.243.32.0/19 83.221.224.0/19 85.190.176.0/21 87.121.192.0/20 87.121.224.0/20 89.187.200.0/21 93.159.96.0/19 94.100.64.0/20 176.126.88.0/22 185.90.128.0/22 185.175.209.0/24 193.98.112.0/21 212.99.192.0/19 IPv6: 2a00:1ca0::/32 Signature Algorithm: sha256WithRSAEncryption 51:49:e6:56:90:62:3d:b3:a1:c2:a7:35:65:77:49:46:93:ad: b5:af:57:e9:b8:bf:5a:03:bd:90:e1:bd:bc:5f:d8:d1:81:11: 00:43:8f:70:24:4a:6f:16:35:f2:e3:03:7b:e9:2c:6e:d3:79: 2b:e3:6b:3f:2d:49:13:c3:86:9b:f6:47:10:03:d3:23:0e:54: e4:8c:36:36:cc:02:87:44:e4:55:bf:f3:c3:19:e3:69:98:27: 82:5e:75:dd:36:2e:ea:e8:68:3e:2c:6b:e2:19:12:f2:f1:ee: 07:17:81:34:b5:95:39:29:a3:fd:0d:44:f4:34:92:f3:0e:5d: 2b:b1:65:21:76:95:8b:f1:25:a8:83:a8:fe:23:3e:28:6e:dc: 05:6b:12:80:e8:7a:fb:30:44:f2:8f:d2:cb:3c:5c:40:06:b2: e6:24:b5:98:4d:d3:25:32:5e:a3:7d:72:84:90:5c:55:c5:cc: 56:bb:40:c0:5c:5e:6c:9b:a0:0a:9f:67:90:04:70:10:81:d0: e7:b2:0d:a7:a5:5a:19:27:5e:02:48:49:7c:f6:02:8b:e7:66: de:9f:18:b5:4f:46:f9:b7:71:6f:76:a3:64:c9:3a:d9:32:08: 5f:e7:5a:81:63:2f:a2:ac:c5:8b:81:69:90:01:e2:dc:06:67: b8:0d:8e:6c -----BEGIN CERTIFICATE----- MIIFezCCBGOgAwIBAgISAZt3xm6Iz3dYxEOohr/cWCIsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmOTZhZTI3NzAyNjVhZjMyZTdkNGJlODZiYWIwN2EwN2My ZDMzNTMwHhcNMjYwMTAxMDQxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjIyMGJkZGFiMGRhMTBlMDA3N2NhODY2NDBhZmNmNWUwN2I3MWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7X1lNG+//FUXaADr2+sMjtWP3x0h JX5gPVTJq1RBgwy/Lb0ue8mgK8EiBgp6JNP23I5nP4Tg4RxWZ84QkDc0iqJAbPt1 IkSlilYFnnYxYI2tOwtfBQainRZi1A0n15SWV8b/YyYhuPrFDneQZkbPNEI3eb+6 IPQWxy9bcroeG7nGPxaR+yvLlX7MmDF/ShwHZMGTpxIUTlR88djmoTAMb7jGijKu 2fQ4diTbFZ57aCUYqN8SszEVHO0SCgk9/NkEEHC7d9Fny4C62fLv7n5yZ9BSD78S 6Bi+bX4Ml6+fXOXVlQxmdZoCugIxZ7N35KC7VxXEIW7DySsAWgkDsf8bFwIDAQAB o4IChzCCAoMwHQYDVR0OBBYEFCsiC92rDaEOAHfKhmQK/PXge3GuMB8GA1UdIwQY MBaAFJ+WridwJlrzLn1L6GurB6B8LTNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUt ZTY0Yzg4NWY2MmNlLzEvS3lJTDNhc05vUTRBZDhxR1pBcjg5ZUI3Y2E0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC82YmI1YjEtMWU2YS00NDU1LTlkNzUtZTY0Yzg4NWY2MmNl LzEvbjVhdUozQW1Xdk11ZlV2b2E2c0hvSHd0TTFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQAH7tD AwQAH7tNAwQAH7tPAwQFJfdAAwQDLuPYAwQFTeugAwQFUPMgAwQFU93gAwQDVb6w AwQEV3nAAwQEV3ngAwQDWbvIAwQFXZ9gAwQEXmRAAwQCsH5YAwQCuVqAAwQAua/R AwQDwWJwAwQF1GPAMA0EAgACMAcDBQAqABygMA0GCSqGSIb3DQEBCwUAA4IBAQBR SeZWkGI9s6HCpzVld0lGk621r1fpuL9aA72Q4b28X9jRgREAQ49wJEpvFjXy4wN7 6Sxu03kr42s/LUkTw4ab9kcQA9MjDlTkjDY2zAKHRORVv/PDGeNpmCeCXnXdNi7q 6Gg+LGviGRLy8e4HF4E0tZU5KaP9DUT0NJLzDl0rsWUhdpWL8SWog6j+Iz4obtwF axKA6Hr7METyj9LLPFxABrLmJLWYTdMlMl6jfXKEkFxVxcxWu0DAXF5sm6AKn2eQ BHAQgdDnsg2npVoZJ14CSEl89gKL52benxi1T0b5t3FvdqNkyTrZMghf51qBYy+i rMWLgWmQAeLcBme4DY5s -----END CERTIFICATE-----Generated at Wed Jan 21 17:15:40 2026 by rpki-client