This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/bEp4q3eRxtCrKkldbP5iiHofK2I.roa File: bEp4q3eRxtCrKkldbP5iiHofK2I.roa (raw, json) Hash identifier: jnzjXIVICkzhxXr1jhhzWEsyM0Q7g0CUgll+bIUz99Y= Subject key identifier: 6C:4A:78:AB:77:91:C6:D0:AB:2A:49:5D:6C:FE:62:88:7A:1F:2B:62 Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Certificate serial: 019B7F845B214366D13AE6FE92CFD1CEF1A0 Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/bEp4q3eRxtCrKkldbP5iiHofK2I.roa Signing time: Fri 02 Jan 2026 16:22:19 +0000 ROA not before: Fri 02 Jan 2026 16:22:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6453 IP address blocks: 31.44.192.0/20 maxlen: 24 46.34.64.0/24 maxlen: 24 46.34.90.0/23 maxlen: 24 84.51.0.0/18 maxlen: 24 85.153.128.0/17 maxlen: 24 91.93.0.0/16 maxlen: 24 176.88.0.0/16 maxlen: 24 176.232.0.0/14 maxlen: 24 176.236.0.0/16 maxlen: 24 195.33.192.0/18 maxlen: 24 195.142.4.0/22 maxlen: 24 195.142.8.0/21 maxlen: 24 195.142.16.0/20 maxlen: 24 195.142.32.0/19 maxlen: 24 195.142.64.0/19 maxlen: 24 195.142.96.0/21 maxlen: 24 195.142.112.0/20 maxlen: 24 195.142.128.0/22 maxlen: 24 195.142.136.0/21 maxlen: 24 195.142.138.0/24 maxlen: 24 195.142.144.0/21 maxlen: 24 195.142.160.0/20 maxlen: 24 195.142.176.0/21 maxlen: 24 195.142.188.0/22 maxlen: 24 195.142.196.0/22 maxlen: 24 195.142.204.0/22 maxlen: 24 195.142.208.0/22 maxlen: 24 195.142.216.0/21 maxlen: 24 195.142.224.0/20 maxlen: 24 195.142.240.0/22 maxlen: 24 195.142.248.0/21 maxlen: 24 195.155.100.0/22 maxlen: 24 195.155.104.0/21 maxlen: 24 195.155.112.0/20 maxlen: 24 195.155.160.0/19 maxlen: 24 195.155.192.0/18 maxlen: 24 212.252.0.0/15 maxlen: 24 213.14.0.0/16 maxlen: 24 213.14.207.0/24 maxlen: 24 213.74.0.0/16 maxlen: 24 213.254.128.0/19 maxlen: 24 217.131.0.0/16 maxlen: 24 2a01:188::/32 maxlen: 48 2a01:730::/32 maxlen: 48 2a03:3c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:5b:21:43:66:d1:3a:e6:fe:92:cf:d1:ce:f1:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9 Validity Not Before: Jan 2 16:22:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6c4a78ab7791c6d0ab2a495d6cfe62887a1f2b62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b5:64:be:8c:0b:e9:33:5f:db:f0:0c:04:1c: 11:9a:86:82:5a:8c:58:9b:ec:d7:e8:10:0f:73:aa: 65:38:5e:c2:08:90:3d:74:79:26:d5:5a:5a:f9:f6: a4:78:4c:1d:3d:88:e3:48:52:2d:b0:b5:e9:2d:a1: f3:6e:4c:f9:86:a6:b9:79:40:51:75:3c:86:51:46: 12:f6:0d:fc:f3:ea:56:81:47:38:a8:60:63:be:7f: 49:a0:e1:88:ff:89:8b:5d:5d:6b:5e:14:bb:8d:36: e6:88:f5:9b:da:7d:37:6a:b8:6f:d1:4b:e2:3b:74: f3:ce:9d:59:59:6a:6c:4f:86:65:6f:c1:ed:ba:db: a6:35:9f:16:08:12:69:0a:34:0f:b5:a5:14:5b:32: 5b:ab:dd:e1:31:ae:2b:cc:a7:ee:d0:64:ca:67:7a: aa:be:09:aa:f1:53:e7:26:89:27:27:15:57:e0:18: 2c:43:80:12:59:24:4f:c4:bf:3a:c5:cf:17:e6:d9: 2c:82:21:a8:78:68:1e:3d:08:5d:ff:33:ba:e6:67: 7b:b0:cd:5d:64:86:0a:93:9d:d1:8e:58:09:9e:a7: ab:b5:d1:04:1c:36:2a:50:95:e6:6a:64:d3:26:0d: 99:f6:3a:90:86:9c:e0:96:36:17:8b:44:51:8c:39: bb:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:4A:78:AB:77:91:C6:D0:AB:2A:49:5D:6C:FE:62:88:7A:1F:2B:62 X509v3 Authority Key Identifier: keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/bEp4q3eRxtCrKkldbP5iiHofK2I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.44.192.0/20 46.34.64.0/24 46.34.90.0/23 84.51.0.0/18 85.153.128.0/17 91.93.0.0/16 176.88.0.0/16 176.232.0.0-176.236.255.255 195.33.192.0/18 195.142.4.0-195.142.103.255 195.142.112.0-195.142.131.255 195.142.136.0-195.142.151.255 195.142.160.0-195.142.183.255 195.142.188.0/22 195.142.196.0/22 195.142.204.0-195.142.211.255 195.142.216.0-195.142.243.255 195.142.248.0/21 195.155.100.0-195.155.127.255 195.155.160.0-195.155.255.255 212.252.0.0/15 213.14.0.0/16 213.74.0.0/16 213.254.128.0/19 217.131.0.0/16 IPv6: 2a01:188::/32 2a01:730::/32 2a03:3c0::/32 Signature Algorithm: sha256WithRSAEncryption 69:ea:ba:a1:37:f7:88:6d:4d:ac:d6:2c:f1:8a:01:e4:91:fa: 71:1f:d8:7d:e0:bf:9d:67:5f:4e:b3:09:95:8e:8e:52:aa:d9: 6c:8b:21:12:35:51:a8:49:dd:4f:27:da:69:03:e6:2b:c4:dc: fd:31:11:74:ec:17:45:80:12:a4:16:5c:93:e0:a3:da:fb:21: cb:f9:48:5c:84:66:69:6d:54:c2:1f:9c:58:bd:f1:0c:11:dd: 76:61:91:48:70:dc:b6:9a:88:68:6f:6b:d4:6c:80:06:74:24: d9:03:74:45:d7:ad:ac:30:ba:ec:65:a1:a3:83:9c:c0:98:c6: c2:0e:51:4e:9c:8d:0c:41:0c:34:34:5a:9d:fd:ba:c6:4b:d0: f7:6d:fb:4a:ff:6a:6a:2f:2f:b1:af:1e:70:de:65:22:1d:06: 03:07:6c:b0:ed:50:0f:a9:27:a7:f6:0d:d7:3e:ff:6e:b9:da: ce:f1:5f:b0:ce:55:a4:6d:f9:c4:66:fb:78:ec:93:76:e1:f4: 55:0b:64:b0:3f:a9:c5:3a:32:ef:51:ea:f7:19:96:ec:d6:ec: 3f:06:7f:66:85:bd:d3:84:80:77:ac:b8:38:d6:df:77:a6:89: 95:f6:97:d7:20:00:36:24:f5:2f:c9:44:29:4e:13:f4:50:eb: 72:80:c1:c5 -----BEGIN CERTIFICATE----- MIIF7zCCBNegAwIBAgISAZt/hFshQ2bROub+ks/RzvGgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm YmQzZTkwHhcNMjYwMTAyMTYyMjE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YzRhNzhhYjc3OTFjNmQwYWIyYTQ5NWQ2Y2ZlNjI4ODdhMWYyYjYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLVkvowL6TNf2/AMBBwRmoaCWoxY m+zX6BAPc6plOF7CCJA9dHkm1Vpa+fakeEwdPYjjSFItsLXpLaHzbkz5hqa5eUBR dTyGUUYS9g388+pWgUc4qGBjvn9JoOGI/4mLXV1rXhS7jTbmiPWb2n03arhv0Uvi O3Tzzp1ZWWpsT4Zlb8HtutumNZ8WCBJpCjQPtaUUWzJbq93hMa4rzKfu0GTKZ3qq vgmq8VPnJoknJxVX4BgsQ4ASWSRPxL86xc8X5tksgiGoeGgePQhd/zO65md7sM1d ZIYKk53RjlgJnqertdEEHDYqUJXmamTTJg2Z9jqQhpzgljYXi0RRjDm7PwIDAQAB o4IC+zCCAvcwHQYDVR0OBBYEFGxKeKt3kcbQqypJXWz+Yoh6HytiMB8GA1UdIwQY MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt ZjJiZTlmNmM2NjRjLzEvYkVwNHEzZVJ4dENyS2tsZGJQNWlpSG9mSzJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgdwEAgABMIHVAwQE HyzAAwQALiJAAwQBLiJaAwQGVDMAAwQHVZmAAwMAW10DAwCwWDAKAwMDsOgDAwCw 7AMEBsMhwDAMAwQCw44EAwQDw45gMAwDBATDjnADBALDjoAwDAMEA8OOiAMEA8OO kDAMAwQFw46gAwQDw46wAwQCw468AwQCw47EMAwDBALDjswDBALDjtAwDAMEA8OO 2AMEAsOO8AMEA8OO+DAMAwQCw5tkAwQHw5sAMAsDBAXDm6ADAwLDmAMDAdT8AwMA 1Q4DAwDVSgMEBdX+gAMDANmDMBsEAgACMBUDBQAqAQGIAwUAKgEHMAMFACoDA8Aw DQYJKoZIhvcNAQELBQADggEBAGnquqE394htTazWLPGKAeSR+nEf2H3gv51nX06z CZWOjlKq2WyLIRI1UahJ3U8n2mkD5ivE3P0xEXTsF0WAEqQWXJPgo9r7Icv5SFyE ZmltVMIfnFi98QwR3XZhkUhw3LaaiGhva9RsgAZ0JNkDdEXXrawwuuxloaODnMCY xsIOUU6cjQxBDDQ0Wp39usZL0Pdt+0r/amovL7GvHnDeZSIdBgMHbLDtUA+pJ6f2 Ddc+/2652s7xX7DOVaRt+cRm+3jsk3bh9FULZLA/qcU6Mu9R6vcZluzW7D8Gf2aF vdOEgHesuDjW33emiZX2l9cgADYk9S/JRClOE/RQ63KAwcU= -----END CERTIFICATE-----Generated at Wed Jan 21 13:17:57 2026 by rpki-client