This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/j1LnzihLWpEHbVivIKleh48juQY.roa File: j1LnzihLWpEHbVivIKleh48juQY.roa (raw, json) Hash identifier: lSBEl6VaQ8BKt1Y/BfkhK36reElNLrWjumdNs9QCL94= Subject key identifier: 8F:52:E7:CE:28:4B:5A:91:07:6D:58:AF:20:A9:5E:87:8F:23:B9:06 Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Certificate serial: 019B7A5AAF93857B9AE36866049EA6428B2D Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/j1LnzihLWpEHbVivIKleh48juQY.roa Signing time: Thu 01 Jan 2026 16:18:42 +0000 ROA not before: Thu 01 Jan 2026 16:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44486 IP address blocks: 37.114.32.0/24 maxlen: 24 37.114.34.0/24 maxlen: 24 37.114.35.0/24 maxlen: 24 37.114.36.0/24 maxlen: 24 37.114.38.0/23 maxlen: 24 37.114.42.0/24 maxlen: 24 37.114.43.0/24 maxlen: 24 37.114.45.0/24 maxlen: 24 37.114.47.0/24 maxlen: 24 37.114.48.0/24 maxlen: 24 37.114.49.0/24 maxlen: 24 37.114.51.0/24 maxlen: 24 37.114.52.0/24 maxlen: 24 37.114.53.0/24 maxlen: 24 37.114.54.0/24 maxlen: 24 37.114.55.0/24 maxlen: 24 37.114.56.0/24 maxlen: 24 37.114.57.0/24 maxlen: 24 37.114.59.0/24 maxlen: 24 37.114.60.0/24 maxlen: 24 37.114.61.0/24 maxlen: 24 37.114.62.0/24 maxlen: 24 103.252.88.0/22 maxlen: 22 176.100.32.0/24 maxlen: 24 176.100.33.0/24 maxlen: 24 176.100.34.0/24 maxlen: 24 176.100.35.0/24 maxlen: 24 176.100.38.0/24 maxlen: 24 185.14.94.0/24 maxlen: 24 185.14.95.0/24 maxlen: 24 2a00:ccc1:100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:af:93:85:7b:9a:e3:68:66:04:9e:a6:42:8b:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Validity Not Before: Jan 1 16:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8f52e7ce284b5a91076d58af20a95e878f23b906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c4:17:10:5a:a9:5e:c3:c4:8d:bd:10:e2:2c: 38:d7:be:c9:1e:08:d7:2d:7c:da:fa:72:b9:b8:8f: 50:ac:fc:8e:b2:e2:1b:3f:71:f5:1f:07:12:de:8e: 3d:96:a3:0c:07:eb:cc:e7:f4:fd:51:91:fe:da:97: 6e:83:78:40:66:55:b6:13:d0:a6:58:aa:62:58:51: 93:54:ca:d2:9e:80:00:9f:51:14:da:03:2c:dc:c0: 8c:8d:59:69:43:56:9f:31:38:b5:44:2a:8b:79:a5: 65:fd:45:b7:1a:b2:3a:79:af:fe:29:b7:e8:33:f1: d4:16:e5:2f:20:d8:ab:8b:e1:a2:a4:89:f7:78:d5: cc:be:6b:64:6e:08:d1:c1:c2:4f:f8:31:45:f6:34: 8c:cf:2a:a1:40:b1:36:8b:d1:23:f9:34:5b:fb:1e: f1:82:65:d1:f2:88:ca:ad:ed:2f:da:5c:99:0a:ee: f8:67:13:a9:08:1d:b9:f7:b0:c7:94:3d:bd:fe:bd: d9:bd:95:b1:27:52:b2:8b:bb:bf:6f:76:61:45:d7: 12:41:e1:eb:42:59:df:54:ad:56:e2:77:8e:53:58: 9b:5a:dd:25:b6:1c:dd:69:14:65:fd:ef:bd:d9:09: ab:2a:6f:cb:c1:82:5b:40:28:33:af:26:ff:07:b4: cb:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:52:E7:CE:28:4B:5A:91:07:6D:58:AF:20:A9:5E:87:8F:23:B9:06 X509v3 Authority Key Identifier: keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/j1LnzihLWpEHbVivIKleh48juQY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.32.0/24 37.114.34.0-37.114.36.255 37.114.38.0/23 37.114.42.0/23 37.114.45.0/24 37.114.47.0-37.114.49.255 37.114.51.0-37.114.57.255 37.114.59.0-37.114.62.255 103.252.88.0/22 176.100.32.0/22 176.100.38.0/24 185.14.94.0/23 IPv6: 2a00:ccc1:100::/40 Signature Algorithm: sha256WithRSAEncryption 03:9f:91:5e:ea:a5:9b:db:f5:89:3c:82:52:de:06:ba:b2:d2: 47:bf:d2:bb:91:5f:23:f7:9e:33:11:30:a1:59:2f:76:26:e2: e6:6b:61:67:51:e9:d5:b5:e0:7d:d6:b3:54:e9:93:1b:8c:a0: 8a:33:58:f4:bd:26:1e:3b:ed:fe:00:92:07:e6:17:6b:16:ad: ef:02:5c:62:6e:36:79:8f:59:d4:54:73:94:a6:0b:2b:2a:8d: f3:46:1b:8b:30:96:6b:88:94:8e:92:d1:5c:0e:88:65:02:8a: f5:99:d7:97:d6:f3:77:22:5b:8f:1d:1b:b0:bb:b0:d4:00:42: 0f:57:a1:4c:e0:ac:e6:39:51:ed:f0:77:92:29:0d:e6:9f:5f: fb:66:bb:d8:7a:79:cc:2c:6e:23:a3:55:34:ac:be:76:83:ed: ec:5d:f2:7d:05:be:d9:9c:19:6e:48:17:95:50:e7:2f:77:40: c6:79:9c:ee:ed:bd:79:4d:a8:c1:36:82:d7:d6:3e:57:68:42: fc:1d:3b:1a:d2:bd:81:34:2b:a9:1c:22:7d:da:c6:06:4e:77: 97:ce:49:ba:a4:59:6e:68:f7:72:88:9d:68:da:41:b5:31:3c: c7:38:87:05:90:c0:b9:17:aa:cd:5a:22:50:2a:1f:ee:32:b9: 51:0e:cb:f6 -----BEGIN CERTIFICATE----- MIIFcjCCBFqgAwIBAgISAZt6Wq+ThXua42hmBJ6mQostMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj YmU3ZWMwHhcNMjYwMTAxMTYxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZjUyZTdjZTI4NGI1YTkxMDc2ZDU4YWYyMGE5NWU4NzhmMjNiOTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MQXEFqpXsPEjb0Q4iw4177JHgjX LXza+nK5uI9QrPyOsuIbP3H1HwcS3o49lqMMB+vM5/T9UZH+2pdug3hAZlW2E9Cm WKpiWFGTVMrSnoAAn1EU2gMs3MCMjVlpQ1afMTi1RCqLeaVl/UW3GrI6ea/+Kbfo M/HUFuUvINiri+GipIn3eNXMvmtkbgjRwcJP+DFF9jSMzyqhQLE2i9Ej+TRb+x7x gmXR8ojKre0v2lyZCu74ZxOpCB2597DHlD29/r3ZvZWxJ1Kyi7u/b3ZhRdcSQeHr QlnfVK1W4neOU1ibWt0lthzdaRRl/e+92QmrKm/LwYJbQCgzryb/B7TLFwIDAQAB o4ICfjCCAnowHQYDVR0OBBYEFI9S584oS1qRB21YryCpXoePI7kGMB8GA1UdIwQY MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt MWI3Y2JiMDhkNzNmLzEvajFMbnppaExXcEVIYlZpdklLbGVoNDhqdVFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBuBAIAATBoAwQAJXIg MAwDBAElciIDBAAlciQDBAElciYDBAElcioDBAAlci0wDAMEACVyLwMEASVyMDAM AwQAJXIzAwQBJXI4MAwDBAAlcjsDBAAlcj4DBAJn/FgDBAKwZCADBACwZCYDBAG5 Dl4wDgQCAAIwCAMGACoAzMEBMA0GCSqGSIb3DQEBCwUAA4IBAQADn5Fe6qWb2/WJ PIJS3ga6stJHv9K7kV8j954zETChWS92JuLma2FnUenVteB91rNU6ZMbjKCKM1j0 vSYeO+3+AJIH5hdrFq3vAlxibjZ5j1nUVHOUpgsrKo3zRhuLMJZriJSOktFcDohl Aor1mdeX1vN3IluPHRuwu7DUAEIPV6FM4KzmOVHt8HeSKQ3mn1/7ZrvYennMLG4j o1U0rL52g+3sXfJ9Bb7ZnBluSBeVUOcvd0DGeZzu7b15TajBNoLX1j5XaEL8HTsa 0r2BNCupHCJ92sYGTneXzkm6pFluaPdyiJ1o2kG1MTzHOIcFkMC5F6rNWiJQKh/u MrlRDsv2 -----END CERTIFICATE-----Generated at Sun Jan 18 08:34:09 2026 by rpki-client