This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/PY323kbvCRFsNrwGFI26gXv0gpE.roa File: PY323kbvCRFsNrwGFI26gXv0gpE.roa (raw, json) Hash identifier: U0ksXLpw7uH4vwqe/cNwV58+FVim6JoHjXiFGt1giNE= Subject key identifier: 3D:8D:F6:DE:46:EF:09:11:6C:36:BC:06:14:8D:BA:81:7B:F4:82:91 Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39 Certificate serial: 019B7AC804C0734ACABE05B51AA435761569 Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/PY323kbvCRFsNrwGFI26gXv0gpE.roa Signing time: Thu 01 Jan 2026 18:18:07 +0000 ROA not before: Thu 01 Jan 2026 18:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 2.59.144.0/22 maxlen: 24 5.10.128.0/21 maxlen: 24 5.183.248.0/22 maxlen: 24 23.90.192.0/18 maxlen: 24 31.204.80.0/21 maxlen: 24 45.80.252.0/22 maxlen: 24 45.86.96.0/22 maxlen: 24 45.89.76.0/22 maxlen: 24 45.92.180.0/22 maxlen: 24 45.129.216.0/24 maxlen: 24 45.129.217.0/24 maxlen: 24 45.129.218.0/24 maxlen: 24 45.133.68.0/22 maxlen: 24 45.142.108.0/22 maxlen: 24 45.152.16.0/22 maxlen: 24 46.18.120.0/22 maxlen: 24 46.18.124.0/24 maxlen: 24 46.18.125.0/24 maxlen: 24 46.18.126.0/23 maxlen: 24 62.192.156.0/22 maxlen: 24 79.99.160.0/21 maxlen: 24 88.86.224.0/19 maxlen: 19 88.218.12.0/22 maxlen: 24 92.119.232.0/22 maxlen: 24 94.154.4.0/24 maxlen: 24 94.187.128.0/19 maxlen: 24 168.220.128.0/19 maxlen: 24 185.20.16.0/22 maxlen: 24 185.48.252.0/22 maxlen: 24 185.86.88.0/22 maxlen: 24 185.87.100.0/22 maxlen: 24 185.98.116.0/22 maxlen: 24 185.132.64.0/22 maxlen: 24 185.133.80.0/22 maxlen: 24 185.134.156.0/22 maxlen: 24 185.135.176.0/22 maxlen: 24 185.138.116.0/22 maxlen: 24 185.163.136.0/22 maxlen: 24 185.163.212.0/22 maxlen: 24 185.163.220.0/22 maxlen: 24 185.163.228.0/22 maxlen: 24 185.169.156.0/22 maxlen: 24 185.186.88.0/22 maxlen: 24 185.191.36.0/22 maxlen: 24 185.197.108.0/22 maxlen: 24 185.241.140.0/22 maxlen: 24 185.254.8.0/22 maxlen: 24 192.214.192.0/19 maxlen: 24 195.216.140.0/22 maxlen: 24 2a00:41e0::/29 maxlen: 48 2a00:6780::/29 maxlen: 48 2a01:648::/29 maxlen: 48 2a05:b780::/29 maxlen: 48 2a05:c100::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 21:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:04:c0:73:4a:ca:be:05:b5:1a:a4:35:76:15:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39 Validity Not Before: Jan 1 18:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d8df6de46ef09116c36bc06148dba817bf48291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:20:3f:30:c6:90:64:59:68:65:73:28:35:78: 4a:26:90:35:02:1f:7a:66:03:dc:55:5d:64:7b:c2: 94:21:6d:49:cf:83:bc:7b:67:65:44:70:11:0e:59: 07:2f:02:18:7a:b8:cf:78:db:aa:89:cc:5e:ad:de: b4:3f:a5:36:a8:96:4d:1a:1a:d4:db:99:6d:96:20: 8a:06:a3:6c:0d:fc:f0:1c:25:fb:46:db:e7:90:37: 29:8b:33:5d:fe:86:a6:a4:f0:0a:b6:c7:28:6f:93: 93:9d:5e:77:91:1b:b8:da:26:45:86:1a:e6:9e:83: 29:df:b4:f5:9e:cf:3c:9f:6d:15:8c:8c:90:d9:55: 05:31:41:30:54:45:ed:fa:f6:62:6d:27:d0:ea:bd: d0:1b:8d:fb:cc:eb:8b:de:f3:42:20:0b:34:b7:25: 6a:70:55:1e:84:29:a0:dc:4b:d0:b5:23:4d:1c:fe: e5:b5:ff:29:64:05:0b:22:a5:c1:d3:20:e0:79:55: 21:76:53:6f:1c:f8:15:3b:db:40:9c:2e:3b:2a:02: 34:e8:18:b9:2a:b9:2b:b7:a3:5e:94:ed:14:0b:55: 23:4b:5c:fd:1f:e0:cf:d2:6a:93:78:65:d0:73:3e: 8e:c1:de:38:a6:83:9f:be:32:a4:48:6a:69:4d:45: 78:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:8D:F6:DE:46:EF:09:11:6C:36:BC:06:14:8D:BA:81:7B:F4:82:91 X509v3 Authority Key Identifier: keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/PY323kbvCRFsNrwGFI26gXv0gpE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.144.0/22 5.10.128.0/21 5.183.248.0/22 23.90.192.0/18 31.204.80.0/21 45.80.252.0/22 45.86.96.0/22 45.89.76.0/22 45.92.180.0/22 45.129.216.0-45.129.218.255 45.133.68.0/22 45.142.108.0/22 45.152.16.0/22 46.18.120.0/21 62.192.156.0/22 79.99.160.0/21 88.86.224.0/19 88.218.12.0/22 92.119.232.0/22 94.154.4.0/24 94.187.128.0/19 168.220.128.0/19 185.20.16.0/22 185.48.252.0/22 185.86.88.0/22 185.87.100.0/22 185.98.116.0/22 185.132.64.0/22 185.133.80.0/22 185.134.156.0/22 185.135.176.0/22 185.138.116.0/22 185.163.136.0/22 185.163.212.0/22 185.163.220.0/22 185.163.228.0/22 185.169.156.0/22 185.186.88.0/22 185.191.36.0/22 185.197.108.0/22 185.241.140.0/22 185.254.8.0/22 192.214.192.0/19 195.216.140.0/22 IPv6: 2a00:41e0::/29 2a00:6780::/29 2a01:648::/29 2a05:b780::/29 2a05:c100::/29 Signature Algorithm: sha256WithRSAEncryption 27:81:24:94:86:40:e5:1f:88:6b:b6:cd:7a:ce:2d:60:ac:21: b7:e8:e3:7b:9e:13:c7:40:f6:b7:46:b0:e0:dc:32:e5:e8:ff: 3a:a6:12:55:02:65:0f:c8:7a:6c:6a:b0:21:c3:c3:31:81:41: 06:5a:4d:47:1f:cb:61:0c:e5:a0:7e:ec:da:bd:5c:99:94:8f: 87:79:fb:f2:16:b0:b8:3e:8c:ea:9b:18:ca:d4:90:e1:07:77: df:aa:72:45:7f:e9:90:4b:b1:28:a1:36:dc:3b:78:3d:78:53: e6:55:29:50:06:7a:94:fd:66:03:8b:91:64:82:b8:65:a5:12: b2:4e:65:78:d1:b9:57:d0:73:09:d5:a5:d7:e6:9a:3f:95:b7: b5:1d:61:ee:6e:cc:6f:e8:8a:4d:cf:23:9e:63:38:33:ef:3f: b8:86:e5:f4:45:eb:f3:fb:71:fd:e1:0f:e2:33:49:19:43:11: ab:11:e0:55:3b:ed:d8:b6:e6:a5:3a:17:13:43:e7:3f:02:44: 79:3e:01:c4:14:7c:01:d7:52:f1:64:d9:2a:89:cd:d5:35:3d: b0:76:47:74:b6:f2:48:e3:11:68:b8:0a:bb:d5:10:7e:86:55: aa:d9:c6:77:0b:9e:25:9c:9c:07:ad:91:29:48:2a:9d:d5:83: b0:93:0e:69 -----BEGIN CERTIFICATE----- MIIGPDCCBSSgAwIBAgISAZt6yATAc0rKvgW1GqQ1dhVpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh YjJkMzkwHhcNMjYwMTAxMTgxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDhkZjZkZTQ2ZWYwOTExNmMzNmJjMDYxNDhkYmE4MTdiZjQ4MjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyA/MMaQZFloZXMoNXhKJpA1Ah96 ZgPcVV1ke8KUIW1Jz4O8e2dlRHARDlkHLwIYerjPeNuqicxerd60P6U2qJZNGhrU 25ltliCKBqNsDfzwHCX7RtvnkDcpizNd/oampPAKtscob5OTnV53kRu42iZFhhrm noMp37T1ns88n20VjIyQ2VUFMUEwVEXt+vZibSfQ6r3QG437zOuL3vNCIAs0tyVq cFUehCmg3EvQtSNNHP7ltf8pZAULIqXB0yDgeVUhdlNvHPgVO9tAnC47KgI06Bi5 Krkrt6NelO0UC1UjS1z9H+DP0mqTeGXQcz6Owd44poOfvjKkSGppTUV4lwIDAQAB o4IDSDCCA0QwHQYDVR0OBBYEFD2N9t5G7wkRbDa8BhSNuoF79IKRMB8GA1UdIwQY MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt YjhlOGIzNGRiMjkwLzEvUFkzMjNrYnZDUkZzTnJ3R0ZJMjZnWHYwZ3BFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCARgEAgABMIIB EAMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC PsCcAwQDT2OgAwQFWFbgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQC uRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQC uYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQC ub8kAwQCucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHg AwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEA J4EklIZA5R+Ia7bNes4tYKwht+jje54Tx0D2t0aw4Nwy5ej/OqYSVQJlD8h6bGqw IcPDMYFBBlpNRx/LYQzloH7s2r1cmZSPh3n78hawuD6M6psYytSQ4Qd336pyRX/p kEuxKKE23Dt4PXhT5lUpUAZ6lP1mA4uRZIK4ZaUSsk5leNG5V9BzCdWl1+aaP5W3 tR1h7m7Mb+iKTc8jnmM4M+8/uIbl9EXr8/tx/eEP4jNJGUMRqxHgVTvt2LbmpToX E0PnPwJEeT4BxBR8AddS8WTZKonN1TU9sHZHdLbySOMRaLgKu9UQfoZVqtnGdwue JZycB62RKUgqndWDsJMOaQ== -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:23 2026 by rpki-client