This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9QrsnmBEE6N_E4uILTIAREB5SKE.roa File: 9QrsnmBEE6N_E4uILTIAREB5SKE.roa (raw, json) Hash identifier: tJ4zIV/psnQDST23Y4Ocwn8llUi2UB5XCFmrat5YT5s= Subject key identifier: F5:0A:EC:9E:60:44:13:A3:7F:13:8B:88:2D:32:00:44:40:79:48:A1 Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Certificate serial: 019B76EAEB5268CA37E39CA852C836394FA6 Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9QrsnmBEE6N_E4uILTIAREB5SKE.roa Signing time: Thu 01 Jan 2026 00:17:45 +0000 ROA not before: Thu 01 Jan 2026 00:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 38136 IP address blocks: 5.34.216.0/21 maxlen: 24 5.226.48.0/22 maxlen: 24 45.137.180.0/22 maxlen: 24 155.254.104.0/21 maxlen: 24 155.254.120.0/21 maxlen: 24 178.236.36.0/22 maxlen: 24 185.36.192.0/22 maxlen: 24 185.220.236.0/22 maxlen: 24 185.248.184.0/22 maxlen: 24 188.253.4.0/22 maxlen: 24 188.253.12.0/22 maxlen: 24 188.253.112.0/21 maxlen: 24 188.253.120.0/21 maxlen: 24 212.87.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:eb:52:68:ca:37:e3:9c:a8:52:c8:36:39:4f:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Validity Not Before: Jan 1 00:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f50aec9e604413a37f138b882d320044407948a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d0:0f:ab:4a:ca:23:c4:fc:8e:e5:31:59:e7: 66:98:49:e1:ad:21:30:75:90:43:fb:13:b7:90:3d: 07:7b:dd:2c:7d:19:1e:a2:35:af:e2:49:4b:15:20: 55:3a:17:e3:5d:a2:38:e9:35:ba:be:5f:8a:d0:8b: d1:f1:9f:ed:b4:fb:98:28:ad:e5:4a:07:4e:3a:88: 5f:6e:4c:dd:bc:22:2d:37:e3:a3:a2:50:3a:c6:20: 29:67:12:5f:f4:4e:40:53:7b:f6:48:bb:3b:46:d1: 26:90:7e:45:b9:d8:12:a3:a8:84:e5:32:ba:bb:ad: 04:ed:6f:60:81:8e:55:ba:22:c6:0d:a4:63:e3:79: b7:6c:11:00:3a:05:81:5e:e3:13:1a:af:40:5b:65: ac:16:10:c2:94:f4:ae:34:d0:90:4b:cf:f1:0b:ac: 31:ae:9c:73:e7:92:00:3f:49:34:e5:3c:d8:e6:aa: 16:fb:ba:d3:ba:f3:97:5b:63:5d:15:c7:47:43:b2: 4e:a8:d5:4c:e4:21:54:76:55:b5:3a:d0:c8:ce:64: 73:0b:8a:2f:e8:57:2e:72:ae:68:72:ab:33:fe:af: de:b6:73:d9:c1:ae:9b:89:7f:cb:ea:81:66:c8:41: 85:2b:81:0a:2c:78:ac:12:63:16:f1:e0:04:cc:02: 55:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:0A:EC:9E:60:44:13:A3:7F:13:8B:88:2D:32:00:44:40:79:48:A1 X509v3 Authority Key Identifier: keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/9QrsnmBEE6N_E4uILTIAREB5SKE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.34.216.0/21 5.226.48.0/22 45.137.180.0/22 155.254.104.0/21 155.254.120.0/21 178.236.36.0/22 185.36.192.0/22 185.220.236.0/22 185.248.184.0/22 188.253.4.0/22 188.253.12.0/22 188.253.112.0/20 212.87.192.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:e8:4d:c2:d1:56:83:b6:48:47:36:c7:d1:c2:c0:df:d8:32: ab:ab:7a:56:cb:e5:7b:3b:90:47:a3:5e:06:ee:23:95:33:db: f7:f7:ef:17:25:fe:83:f7:d5:85:b2:81:dc:e6:3b:78:24:59: e2:b4:5f:78:15:e2:8b:55:6c:18:45:18:ce:e6:ed:cc:1e:0e: ec:52:5f:ab:4b:16:10:23:f8:57:ed:4e:b4:65:65:e2:8b:a7: 55:ce:53:63:9d:df:c5:0a:a4:53:cf:53:8a:85:a0:23:e8:f1: 25:3d:02:b6:26:cb:5d:4e:ba:bd:9a:74:17:70:64:84:31:a0: 31:c7:2e:5f:6e:ed:c6:3c:40:f1:dc:42:da:b1:6a:b4:96:b4: db:3c:05:45:3f:00:23:e0:0c:14:a0:4b:ec:f3:23:d5:2e:c3: 45:e5:ac:79:47:30:b9:54:7b:f8:c2:29:4e:91:47:0b:01:17: fc:55:db:17:74:8d:8c:82:95:67:fa:97:eb:83:4a:00:5b:30: 1e:ea:c9:dd:9b:f0:e5:0e:e2:0c:19:15:0b:94:0d:30:44:92: 77:9b:1d:78:ee:ee:fc:a1:84:4f:6a:1c:d5:2f:61:da:91:a0: 48:11:a2:ef:3c:df:84:6d:d2:5b:73:e7:c8:2f:63:6d:71:f0: 07:49:bc:fb -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZt26utSaMo345yoUsg2OU+mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2 NWE0NzgwHhcNMjYwMTAxMDAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNTBhZWM5ZTYwNDQxM2EzN2YxMzhiODgyZDMyMDA0NDQwNzk0OGExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNAPq0rKI8T8juUxWedmmEnhrSEw dZBD+xO3kD0He90sfRkeojWv4klLFSBVOhfjXaI46TW6vl+K0IvR8Z/ttPuYKK3l SgdOOohfbkzdvCItN+OjolA6xiApZxJf9E5AU3v2SLs7RtEmkH5FudgSo6iE5TK6 u60E7W9ggY5VuiLGDaRj43m3bBEAOgWBXuMTGq9AW2WsFhDClPSuNNCQS8/xC6wx rpxz55IAP0k05TzY5qoW+7rTuvOXW2NdFcdHQ7JOqNVM5CFUdlW1OtDIzmRzC4ov 6Fcucq5ocqsz/q/etnPZwa6biX/L6oFmyEGFK4EKLHisEmMW8eAEzAJVWQIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFPUK7J5gRBOjfxOLiC0yAERAeUihMB8GA1UdIwQY MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt ZmUwNjU5MTc2YTU2LzEvOVFyc25tQkVFNk5fRTR1SUxUSUFSRUI1U0tFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2 LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQDBSLYAwQC BeIwAwQCLYm0AwQDm/5oAwQDm/54AwQCsuwkAwQCuSTAAwQCudzsAwQCufi4AwQC vP0EAwQCvP0MAwQEvP1wAwQC1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQAO6E3C0VaD tkhHNsfRwsDf2DKrq3pWy+V7O5BHo14G7iOVM9v39+8XJf6D99WFsoHc5jt4JFni tF94FeKLVWwYRRjO5u3MHg7sUl+rSxYQI/hX7U60ZWXii6dVzlNjnd/FCqRTz1OK haAj6PElPQK2JstdTrq9mnQXcGSEMaAxxy5fbu3GPEDx3ELasWq0lrTbPAVFPwAj 4AwUoEvs8yPVLsNF5ax5RzC5VHv4wilOkUcLARf8VdsXdI2MgpVn+pfrg0oAWzAe 6sndm/DlDuIMGRULlA0wRJJ3mx147u78oYRPahzVL2HakaBIEaLvPN+EbdJbc+fI L2NtcfAHSbz7 -----END CERTIFICATE-----Generated at Tue Jan 20 06:03:49 2026 by rpki-client