This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/cOOgTfeUDEMTH12FgsfATc70VpU.roa File: cOOgTfeUDEMTH12FgsfATc70VpU.roa (raw, json) Hash identifier: M3wjV6rwKEQJn04pkeYZAKa6kOWv8ol9iG8ZWPsCuY0= Subject key identifier: 70:E3:A0:4D:F7:94:0C:43:13:1F:5D:85:82:C7:C0:4D:CE:F4:56:95 Certificate issuer: /CN=ebdb225471f2d6e41060b34185725485481014b8 Certificate serial: 019B78A34180D793138D3139FB99D876139E Authority key identifier: EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/cOOgTfeUDEMTH12FgsfATc70VpU.roa Signing time: Thu 01 Jan 2026 08:18:43 +0000 ROA not before: Thu 01 Jan 2026 08:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12996 IP address blocks: 151.249.120.0/21 maxlen: 24 151.249.120.0/24 maxlen: 24 151.249.121.0/24 maxlen: 24 151.249.122.0/24 maxlen: 24 151.249.123.0/24 maxlen: 24 151.249.124.0/24 maxlen: 24 151.249.125.0/24 maxlen: 24 151.249.127.0/24 maxlen: 24 185.134.244.0/22 maxlen: 22 185.201.124.0/22 maxlen: 24 185.201.124.0/24 maxlen: 24 185.201.125.0/24 maxlen: 24 185.201.126.0/24 maxlen: 24 185.201.127.0/24 maxlen: 24 193.57.14.0/23 maxlen: 23 193.57.22.0/23 maxlen: 23 194.63.248.0/21 maxlen: 24 194.63.248.0/23 maxlen: 24 194.63.248.0/24 maxlen: 24 194.63.249.0/24 maxlen: 24 194.63.250.0/24 maxlen: 24 194.63.251.0/24 maxlen: 24 194.63.252.0/24 maxlen: 24 194.63.253.0/24 maxlen: 24 194.63.254.0/24 maxlen: 24 194.63.255.0/24 maxlen: 24 2a01:5b40::/32 maxlen: 48 2a01:5b40::/48 maxlen: 48 2a01:5b40:5::/48 maxlen: 48 2a01:5b40:c::/48 maxlen: 48 2a01:5b40:ac1::/48 maxlen: 48 2a01:5b40:ac2::/48 maxlen: 48 2a0a:c340::/32 maxlen: 32 2a0f:c180::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/69siVHHy1uQQYLNBhXJUhUgQFLg.crl rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/69siVHHy1uQQYLNBhXJUhUgQFLg.mft rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:41:80:d7:93:13:8d:31:39:fb:99:d8:76:13:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ebdb225471f2d6e41060b34185725485481014b8 Validity Not Before: Jan 1 08:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70e3a04df7940c43131f5d8582c7c04dcef45695 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:77:87:f1:ac:97:ca:60:af:62:05:db:82:a6: 9c:26:ae:70:be:e0:14:8f:94:de:a1:ff:f7:41:b7: 89:56:ae:88:1c:c0:f8:64:cf:9c:22:22:cf:37:ca: 5b:05:e4:18:c5:3c:7f:85:14:d6:64:9f:50:99:8c: b4:a7:d8:99:f2:64:a2:84:cd:3c:e1:6f:1d:8d:90: 9a:3a:c9:c1:f1:a9:65:31:4c:1d:fe:b9:9b:dc:94: ef:d8:4f:38:51:fd:3f:7d:ab:b5:86:c0:d8:cf:78: 54:8f:a4:1c:eb:04:e4:01:20:62:ac:57:ba:4c:13: 92:72:3c:da:42:b9:43:ad:99:f9:18:6a:57:d8:ff: b0:af:00:92:ec:bb:49:f1:63:81:d3:24:df:97:f2: de:0c:d2:60:d2:31:e8:de:41:3b:58:8d:f5:87:29: 47:e3:59:54:dd:63:e2:74:bd:2c:4d:2d:11:72:e5: 48:ef:13:2c:c6:b6:b0:73:99:fa:dc:58:b0:82:0e: c8:f1:b5:f7:b6:a7:75:a0:12:b7:6f:5e:bf:d2:f0: 34:ab:36:1f:44:eb:54:3b:64:a0:c6:a3:b0:43:57: ca:75:eb:5a:cc:d3:39:96:78:be:3e:e3:1b:cb:b9: 6f:76:18:0c:f8:73:9c:8e:60:b3:36:54:78:52:19: 90:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:E3:A0:4D:F7:94:0C:43:13:1F:5D:85:82:C7:C0:4D:CE:F4:56:95 X509v3 Authority Key Identifier: keyid:EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/cOOgTfeUDEMTH12FgsfATc70VpU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/69siVHHy1uQQYLNBhXJUhUgQFLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.249.120.0/21 185.134.244.0/22 185.201.124.0/22 193.57.14.0/23 193.57.22.0/23 194.63.248.0/21 IPv6: 2a01:5b40::/32 2a0a:c340::/32 2a0f:c180::/29 Signature Algorithm: sha256WithRSAEncryption 9f:ac:1c:f5:75:b8:1a:97:a9:3d:97:68:a4:b4:e7:d8:f8:16: 4d:f7:dd:ab:7f:fc:8e:30:74:47:b3:03:20:98:62:21:0e:4b: 7c:08:6d:f2:bb:72:c2:8d:2b:7b:3f:78:eb:c5:22:b6:26:6c: cc:c6:a5:6c:a3:24:67:dd:c6:6d:9f:99:52:d9:2d:11:e7:ed: 8a:7e:45:e9:cc:01:87:93:e1:a3:36:16:f9:8d:ae:27:7e:3d: 4a:ad:19:8d:bd:51:10:6e:ae:63:d5:71:7f:d0:74:5d:ca:e3: 60:d2:74:af:67:ac:bc:72:bc:4b:89:a9:73:b7:ac:b8:09:34: 36:f2:6e:6e:3b:7d:ef:98:79:c8:7c:92:17:34:95:b3:c4:fe: bd:7f:32:5e:c2:2a:b2:54:93:84:da:6e:42:8f:12:2c:75:e7: bd:5b:1b:0d:79:1c:b3:42:6f:97:9d:a4:70:8d:e7:76:6e:85: 0b:40:43:e7:16:a5:85:8c:85:10:d8:e5:c1:6a:75:ad:ee:03: d0:44:64:ab:9f:3a:3c:35:43:37:3f:54:92:a4:2e:40:3d:94: f7:3c:14:dc:39:cb:46:fb:23:b3:bc:17:5f:88:dd:7b:3f:19: c0:31:cb:e9:ec:37:10:2c:4d:f0:fe:63:0b:dd:0f:3a:f6:d1: 6b:bd:c3:42 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt4o0GA15MTjTE5+5nYdhOeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGViZGIyMjU0NzFmMmQ2ZTQxMDYwYjM0MTg1NzI1NDg1NDgx MDE0YjgwHhcNMjYwMTAxMDgxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGUzYTA0ZGY3OTQwYzQzMTMxZjVkODU4MmM3YzA0ZGNlZjQ1Njk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHeH8ayXymCvYgXbgqacJq5wvuAU j5Teof/3QbeJVq6IHMD4ZM+cIiLPN8pbBeQYxTx/hRTWZJ9QmYy0p9iZ8mSihM08 4W8djZCaOsnB8allMUwd/rmb3JTv2E84Uf0/fau1hsDYz3hUj6Qc6wTkASBirFe6 TBOScjzaQrlDrZn5GGpX2P+wrwCS7LtJ8WOB0yTfl/LeDNJg0jHo3kE7WI31hylH 41lU3WPidL0sTS0RcuVI7xMsxrawc5n63Fiwgg7I8bX3tqd1oBK3b16/0vA0qzYf ROtUO2SgxqOwQ1fKdetazNM5lni+PuMby7lvdhgM+HOcjmCzNlR4UhmQFQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFHDjoE33lAxDEx9dhYLHwE3O9FaVMB8GA1UdIwQY MBaAFOvbIlRx8tbkEGCzQYVyVIVIEBS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNjlzaVZISHkxdVFRWUxOQmhYSlVoVWdRRkxnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zNzY4NTMtMmFiZi00MjMyLTkxZmYt MDlhNWU4ZDk2MGRkLzEvY09PZ1RmZVVERU1USDEyRmdzZkFUYzcwVnBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC8zNzY4NTMtMmFiZi00MjMyLTkxZmYtMDlhNWU4ZDk2MGRk LzEvNjlzaVZISHkxdVFRWUxOQmhYSlVoVWdRRkxnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDl/l4AwQC uYb0AwQCucl8AwQBwTkOAwQBwTkWAwQDwj/4MBsEAgACMBUDBQAqAVtAAwUAKgrD QAMFAyoPwYAwDQYJKoZIhvcNAQELBQADggEBAJ+sHPV1uBqXqT2XaKS059j4Fk33 3at//I4wdEezAyCYYiEOS3wIbfK7csKNK3s/eOvFIrYmbMzGpWyjJGfdxm2fmVLZ LRHn7Yp+RenMAYeT4aM2FvmNrid+PUqtGY29URBurmPVcX/QdF3K42DSdK9nrLxy vEuJqXO3rLgJNDbybm47fe+Yech8khc0lbPE/r1/Ml7CKrJUk4TabkKPEix1571b Gw15HLNCb5edpHCN53ZuhQtAQ+cWpYWMhRDY5cFqda3uA9BEZKufOjw1Qzc/VJKk LkA9lPc8FNw5y0b7I7O8F1+I3Xs/GcAxy+nsNxAsTfD+YwvdDzr20Wu9w0I= -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:14 2026 by rpki-client