This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/cD_uFT-kTapfuxpK7AHJ-T-GM5U.roa File: cD_uFT-kTapfuxpK7AHJ-T-GM5U.roa (raw, json) Hash identifier: xnN2+r5sXxZBGsxlc2VxrhNLd6wrjJggfMUTLHByC7E= Subject key identifier: 70:3F:EE:15:3F:A4:4D:AA:5F:BB:1A:4A:EC:01:C9:F9:3F:86:33:95 Certificate issuer: /CN=b46320188098520c366277f749a4f77a1d444439 Certificate serial: 019B7CED2BB10DD817033DCEF14B1EEB0873 Authority key identifier: B4:63:20:18:80:98:52:0C:36:62:77:F7:49:A4:F7:7A:1D:44:44:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/cD_uFT-kTapfuxpK7AHJ-T-GM5U.roa Signing time: Fri 02 Jan 2026 04:17:56 +0000 ROA not before: Fri 02 Jan 2026 04:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50957 IP address blocks: 5.153.248.0/21 maxlen: 21 31.25.184.0/21 maxlen: 21 37.128.128.0/21 maxlen: 21 77.73.0.0/21 maxlen: 21 78.31.104.0/21 maxlen: 21 89.200.136.0/21 maxlen: 21 185.98.196.0/22 maxlen: 22 213.170.0.0/19 maxlen: 19 2a02:24e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.mft rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:2b:b1:0d:d8:17:03:3d:ce:f1:4b:1e:eb:08:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b46320188098520c366277f749a4f77a1d444439 Validity Not Before: Jan 2 04:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=703fee153fa44daa5fbb1a4aec01c9f93f863395 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:d5:20:e6:19:de:64:e0:01:17:9b:4a:a8:89: a3:d9:80:7a:76:26:3b:5c:6d:d7:5d:7f:9f:66:91: fe:d5:82:fe:d8:ef:ef:22:0f:fc:7b:90:3a:ae:3d: e5:30:d3:57:e8:a8:16:26:13:95:9e:54:a2:b4:ef: 1d:70:77:a2:f6:bf:e6:7d:f8:53:48:c7:d5:52:00: 5c:3c:c1:97:e6:43:46:0c:67:4c:25:df:ad:71:cb: f1:b6:2a:52:f7:bf:08:8f:41:ef:22:0f:9b:66:d1: fa:7e:99:89:fe:73:1e:ab:bb:c3:14:29:8e:55:91: 6f:83:e3:18:4b:6e:24:2f:c7:14:87:91:06:20:92: 82:34:a2:46:79:42:c0:0d:aa:93:b6:f2:9e:14:c4: 8d:dd:f4:7f:6e:65:d9:f9:f0:ce:3c:d2:b6:3a:67: 07:aa:0c:30:0d:a1:36:b5:3e:1a:de:db:b7:c3:29: a8:d2:4f:74:bd:9a:8c:ee:8f:3e:f9:5d:2b:d4:64: 83:ed:3a:ab:37:12:13:35:a1:51:a5:5b:79:79:35: 36:f1:a2:72:6d:9e:9a:ca:43:03:38:3c:8e:9b:66: 0e:be:90:e2:aa:05:c2:54:29:ac:1f:09:9f:c7:2b: 66:ac:37:8d:9b:62:c3:35:67:d2:1b:3f:6e:ae:4f: e0:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:3F:EE:15:3F:A4:4D:AA:5F:BB:1A:4A:EC:01:C9:F9:3F:86:33:95 X509v3 Authority Key Identifier: keyid:B4:63:20:18:80:98:52:0C:36:62:77:F7:49:A4:F7:7A:1D:44:44:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGMgGICYUgw2Ynf3SaT3eh1ERDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/cD_uFT-kTapfuxpK7AHJ-T-GM5U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4acb83-f940-4766-bca9-608e7d779bc7/1/tGMgGICYUgw2Ynf3SaT3eh1ERDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.153.248.0/21 31.25.184.0/21 37.128.128.0/21 77.73.0.0/21 78.31.104.0/21 89.200.136.0/21 185.98.196.0/22 213.170.0.0/19 IPv6: 2a02:24e0::/32 Signature Algorithm: sha256WithRSAEncryption 0f:57:dd:6f:1e:f5:2e:56:f8:5e:8f:0d:b1:e9:1e:2c:34:8e: 88:4a:54:de:4b:d8:4b:f9:6a:9b:ee:c4:56:ac:19:5a:d2:63: 40:e2:9b:c1:7c:58:57:4c:b4:44:65:d5:83:03:01:89:ce:e7: 91:8f:12:fd:37:ee:d8:e7:5b:58:d5:1d:67:74:dd:ff:a4:f5: d8:e6:5d:3d:6b:8e:70:44:2b:00:1f:65:98:26:d2:5b:3d:88: a0:ee:0c:90:96:61:4b:cc:14:bf:37:02:62:94:b8:be:b6:83: 88:1a:78:c2:1f:18:a9:66:5f:68:51:e6:79:4b:f7:33:ce:09: e0:b6:0d:c1:e8:bb:5a:a0:4f:40:28:72:7d:32:76:1c:cf:77: 24:cd:58:53:c7:03:91:d3:59:96:8f:fc:44:a9:c3:90:cd:3c: 00:c6:38:99:3a:06:6f:ad:a0:38:48:ac:7b:d6:85:b3:88:4c: 54:60:c6:6f:c6:0e:41:65:db:33:47:c5:c7:bd:70:81:3a:5a: a4:b1:94:b8:70:32:50:96:92:0e:ff:c5:2a:1f:80:ed:36:49: 37:2e:ac:1e:26:8a:25:6f:e1:e1:58:56:b7:cb:8d:1b:0d:ac: bc:6b:aa:7e:9d:3f:38:41:84:ef:07:9f:05:52:5a:90:f0:86: 05:b1:18:51 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt87SuxDdgXAz3O8Use6whzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NjMyMDE4ODA5ODUyMGMzNjYyNzdmNzQ5YTRmNzdhMWQ0 NDQ0MzkwHhcNMjYwMTAyMDQxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDNmZWUxNTNmYTQ0ZGFhNWZiYjFhNGFlYzAxYzlmOTNmODYzMzk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9Ug5hneZOABF5tKqImj2YB6diY7 XG3XXX+fZpH+1YL+2O/vIg/8e5A6rj3lMNNX6KgWJhOVnlSitO8dcHei9r/mffhT SMfVUgBcPMGX5kNGDGdMJd+tccvxtipS978Ij0HvIg+bZtH6fpmJ/nMeq7vDFCmO VZFvg+MYS24kL8cUh5EGIJKCNKJGeULADaqTtvKeFMSN3fR/bmXZ+fDOPNK2OmcH qgwwDaE2tT4a3tu3wymo0k90vZqM7o8++V0r1GSD7TqrNxITNaFRpVt5eTU28aJy bZ6aykMDODyOm2YOvpDiqgXCVCmsHwmfxytmrDeNm2LDNWfSGz9urk/g6wIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFHA/7hU/pE2qX7saSuwByfk/hjOVMB8GA1UdIwQY MBaAFLRjIBiAmFIMNmJ390mk93odREQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEdNZ0dJQ1lVZ3cyWW5mM1NhVDNlaDFFUkRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC80YWNiODMtZjk0MC00NzY2LWJjYTkt NjA4ZTdkNzc5YmM3LzEvY0RfdUZULWtUYXBmdXhwSzdBSEotVC1HTTVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC80YWNiODMtZjk0MC00NzY2LWJjYTktNjA4ZTdkNzc5YmM3 LzEvdEdNZ0dJQ1lVZ3cyWW5mM1NhVDNlaDFFUkRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBZn4AwQD Hxm4AwQDJYCAAwQDTUkAAwQDTh9oAwQDWciIAwQCuWLEAwQF1aoAMA0EAgACMAcD BQAqAiTgMA0GCSqGSIb3DQEBCwUAA4IBAQAPV91vHvUuVvhejw2x6R4sNI6ISlTe S9hL+Wqb7sRWrBla0mNA4pvBfFhXTLREZdWDAwGJzueRjxL9N+7Y51tY1R1ndN3/ pPXY5l09a45wRCsAH2WYJtJbPYig7gyQlmFLzBS/NwJilLi+toOIGnjCHxipZl9o UeZ5S/czzgngtg3B6LtaoE9AKHJ9MnYcz3ckzVhTxwOR01mWj/xEqcOQzTwAxjiZ OgZvraA4SKx71oWziExUYMZvxg5BZdszR8XHvXCBOlqksZS4cDJQlpIO/8UqH4Dt Nkk3LqweJoolb+HhWFa3y40bDay8a6p+nT84QYTvB58FUlqQ8IYFsRhR -----END CERTIFICATE-----Generated at Mon Feb 9 21:25:45 2026 by rpki-client