This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rXLsHixYlq3Kcw9EvhZkSV4zLvI.roa File: rXLsHixYlq3Kcw9EvhZkSV4zLvI.roa (raw, json) Hash identifier: xL1IzYaCYhuM2YhqoZfpmf/cRlZ3zbvhm0l28fnKcTk= Subject key identifier: AD:72:EC:1E:2C:58:96:AD:CA:73:0F:44:BE:16:64:49:5E:33:2E:F2 Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494 Certificate serial: 019B7A5A838AC5B0BCE45E0B055FC7E025E2 Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rXLsHixYlq3Kcw9EvhZkSV4zLvI.roa Signing time: Thu 01 Jan 2026 16:18:30 +0000 ROA not before: Thu 01 Jan 2026 16:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19905 IP address blocks: 85.187.128.0/19 maxlen: 24 114.129.128.0/19 maxlen: 24 185.52.148.0/22 maxlen: 24 185.62.136.0/22 maxlen: 24 185.132.4.0/22 maxlen: 24 185.133.20.0/22 maxlen: 24 185.141.188.0/22 maxlen: 24 185.143.44.0/22 maxlen: 24 185.146.20.0/22 maxlen: 24 185.146.28.0/22 maxlen: 24 185.148.44.0/22 maxlen: 24 185.148.128.0/22 maxlen: 24 185.149.112.0/22 maxlen: 24 185.151.48.0/22 maxlen: 24 185.160.65.0/24 maxlen: 24 185.160.66.0/23 maxlen: 24 185.166.145.0/24 maxlen: 24 185.166.146.0/23 maxlen: 24 185.168.108.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.mft rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:83:8a:c5:b0:bc:e4:5e:0b:05:5f:c7:e0:25:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494 Validity Not Before: Jan 1 16:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad72ec1e2c5896adca730f44be1664495e332ef2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3a:1b:eb:b0:c3:a8:4d:89:93:71:62:c7:65: c6:c3:8a:0f:52:1d:c2:63:e8:60:6a:c0:4a:99:54: 03:9d:04:ae:23:9c:6e:27:b9:d6:8a:d7:68:5f:9a: fb:6e:77:5c:a9:e7:a2:68:b2:59:57:48:67:e1:b7: d4:fd:26:59:0f:4c:e2:ec:fe:c5:87:3f:dd:79:ca: a3:85:39:72:97:cb:bc:0e:34:e2:78:56:18:63:bd: 84:cc:f7:ce:3e:14:84:c9:f7:ff:78:99:1b:90:fa: 66:0a:2a:96:a3:d9:81:e2:ab:b9:80:6b:02:b7:4b: b1:e9:2d:bf:71:a4:cd:bb:cf:a0:58:25:80:76:63: 85:56:8f:ea:42:e0:92:38:47:f4:02:94:c4:1c:d6: 69:51:14:48:ea:5c:5d:07:58:3c:e9:41:7d:c0:74: d2:b5:66:ae:7e:04:72:50:f2:82:4e:32:eb:a9:de: f2:7a:26:0b:7f:55:72:0f:c2:ab:3a:67:ba:da:99: 4c:a9:03:05:2e:07:8e:c0:8d:c3:2d:5c:2a:d8:ca: cf:36:f9:3c:70:e2:ab:62:f0:34:17:6a:32:c9:97: d6:50:de:b9:e0:85:44:e3:8a:0a:3a:f8:54:53:2a: 5b:de:1e:69:0d:9c:c0:bd:a0:89:d4:a9:51:5b:c2: ca:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:72:EC:1E:2C:58:96:AD:CA:73:0F:44:BE:16:64:49:5E:33:2E:F2 X509v3 Authority Key Identifier: keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rXLsHixYlq3Kcw9EvhZkSV4zLvI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.187.128.0/19 114.129.128.0/19 185.52.148.0/22 185.62.136.0/22 185.132.4.0/22 185.133.20.0/22 185.141.188.0/22 185.143.44.0/22 185.146.20.0/22 185.146.28.0/22 185.148.44.0/22 185.148.128.0/22 185.149.112.0/22 185.151.48.0/22 185.160.65.0-185.160.67.255 185.166.145.0-185.166.147.255 185.168.108.0/22 Signature Algorithm: sha256WithRSAEncryption 64:40:72:bf:e9:26:a3:ec:25:f3:9a:a9:48:f1:5a:f4:29:38: b6:d6:14:81:d1:36:9a:06:93:1c:ce:51:0f:7c:65:6f:84:00: 15:4e:d8:64:e8:25:90:d1:d5:a9:5e:2c:30:b5:81:72:e8:d0: b8:04:17:f1:53:6f:de:ea:35:85:75:39:ee:6e:48:7e:e4:90: 7e:36:8d:01:d3:c0:7e:e0:0e:bb:1b:7e:d9:f2:9f:71:63:b2: c0:29:c8:73:3f:7d:cf:35:bb:2c:0e:bf:03:34:98:b8:d7:8a: 58:1f:89:6c:a7:41:8e:44:a4:d3:52:d9:af:6c:d9:e9:17:d4: 0d:c0:1f:03:ec:7e:7f:86:24:71:c4:25:a9:f1:fe:18:81:54: 9f:02:a7:bd:72:70:45:99:1f:59:a4:eb:40:49:32:a6:c3:84: ff:63:54:39:29:74:6b:c7:b9:c5:26:7f:6f:b5:ea:72:10:21: 51:bb:59:3e:79:ac:f3:1a:de:8c:03:b4:26:bc:18:e6:41:75: 9a:e4:21:27:60:21:23:80:f7:5c:cc:24:36:0e:a3:e4:2f:9f: 79:ab:e1:5e:e3:6d:eb:91:9e:01:7d:25:98:b5:c8:41:00:2a: 29:2b:1c:cd:ae:28:4a:75:5e:5e:21:ba:8a:ce:99:b9:79:31: 5c:37:22:c7 -----BEGIN CERTIFICATE----- MIIFbzCCBFegAwIBAgISAZt6WoOKxbC85F4LBV/H4CXiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz NTg0OTQwHhcNMjYwMTAxMTYxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDcyZWMxZTJjNTg5NmFkY2E3MzBmNDRiZTE2NjQ0OTVlMzMyZWYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDob67DDqE2Jk3Fix2XGw4oPUh3C Y+hgasBKmVQDnQSuI5xuJ7nWitdoX5r7bndcqeeiaLJZV0hn4bfU/SZZD0zi7P7F hz/decqjhTlyl8u8DjTieFYYY72EzPfOPhSEyff/eJkbkPpmCiqWo9mB4qu5gGsC t0ux6S2/caTNu8+gWCWAdmOFVo/qQuCSOEf0ApTEHNZpURRI6lxdB1g86UF9wHTS tWaufgRyUPKCTjLrqd7yeiYLf1VyD8KrOme62plMqQMFLgeOwI3DLVwq2MrPNvk8 cOKrYvA0F2oyyZfWUN654IVE44oKOvhUUypb3h5pDZzAvaCJ1KlRW8LKnQIDAQAB o4ICezCCAncwHQYDVR0OBBYEFK1y7B4sWJatynMPRL4WZEleMy7yMB8GA1UdIwQY MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt YWYzZjc5NGFlNjA3LzEvclhMc0hpeFlscTNLY3c5RXZoWmtTVjR6THZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3 LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAVVu4AD BAVygYADBAK5NJQDBAK5PogDBAK5hAQDBAK5hRQDBAK5jbwDBAK5jywDBAK5khQD BAK5khwDBAK5lCwDBAK5lIADBAK5lXADBAK5lzAwDAMEALmgQQMEArmgQDAMAwQA uaaRAwQCuaaQAwQCuahsMA0GCSqGSIb3DQEBCwUAA4IBAQBkQHK/6Saj7CXzmqlI 8Vr0KTi21hSB0TaaBpMczlEPfGVvhAAVTthk6CWQ0dWpXiwwtYFy6NC4BBfxU2/e 6jWFdTnubkh+5JB+No0B08B+4A67G37Z8p9xY7LAKchzP33PNbssDr8DNJi414pY H4lsp0GORKTTUtmvbNnpF9QNwB8D7H5/hiRxxCWp8f4YgVSfAqe9cnBFmR9ZpOtA STKmw4T/Y1Q5KXRrx7nFJn9vtepyECFRu1k+eazzGt6MA7QmvBjmQXWa5CEnYCEj gPdczCQ2DqPkL595q+Fe423rkZ4BfSWYtchBACopKxzNrihKdV5eIbqKzpm5eTFc NyLH -----END CERTIFICATE-----Generated at Tue Jan 20 01:21:55 2026 by rpki-client