This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/hgWgZNc93uMr4yIUUsOmk6c3_6c.roa File: hgWgZNc93uMr4yIUUsOmk6c3_6c.roa (raw, json) Hash identifier: HYxllMj2uGmGcr+jWdxWHj+UutuKRJTs4dBAArVNUp0= Subject key identifier: 86:05:A0:64:D7:3D:DE:E3:2B:E3:22:14:52:C3:A6:93:A7:37:FF:A7 Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10 Certificate serial: 019B7BA3C536A7CD3E5B4C4B958BD0949B02 Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/hgWgZNc93uMr4yIUUsOmk6c3_6c.roa Signing time: Thu 01 Jan 2026 22:18:09 +0000 ROA not before: Thu 01 Jan 2026 22:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15704 IP address blocks: 31.221.128.0/17 maxlen: 20 37.29.128.0/17 maxlen: 20 46.6.0.0/16 maxlen: 24 46.222.0.0/16 maxlen: 20 80.81.96.0/19 maxlen: 19 82.144.0.0/19 maxlen: 19 83.175.192.0/18 maxlen: 18 95.169.224.0/19 maxlen: 24 109.227.128.0/18 maxlen: 24 178.237.224.0/21 maxlen: 21 178.237.232.0/21 maxlen: 21 185.241.128.0/22 maxlen: 22 188.127.160.0/19 maxlen: 19 213.171.224.0/19 maxlen: 19 213.172.32.0/19 maxlen: 19 217.168.0.0/20 maxlen: 24 217.168.3.0/24 maxlen: 24 217.168.6.0/24 maxlen: 24 217.168.13.0/24 maxlen: 24 217.172.64.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.mft rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:c5:36:a7:cd:3e:5b:4c:4b:95:8b:d0:94:9b:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10 Validity Not Before: Jan 1 22:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8605a064d73ddee32be3221452c3a693a737ffa7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ae:86:7f:e6:94:cf:3f:c2:51:8f:69:d6:77: 46:73:4e:de:28:b1:96:f6:b6:6b:e9:6b:46:8f:cc: 33:63:27:b3:a2:1c:db:20:39:39:1f:20:9d:e4:5f: 8f:ce:da:72:1a:ef:23:08:5d:8c:ef:81:02:1d:b8: 3e:16:53:c8:5f:65:5b:ac:86:e1:a4:75:8b:50:17: 24:f3:e7:85:bc:ea:59:3e:7e:b4:0b:5c:be:16:5e: a2:73:51:38:a0:7b:15:3c:59:82:7e:4a:1d:59:c8: 3a:dd:8d:1b:5c:ec:b8:4f:77:01:16:ac:3f:4b:69: c1:35:68:38:c7:3b:f0:0f:aa:01:c0:5a:0d:95:3d: 8f:88:1b:bb:62:a1:97:58:dd:83:cc:d8:51:9c:2a: 07:29:aa:49:8b:b7:64:85:5f:35:b8:45:e7:1d:93: 20:03:ea:20:e8:8c:6a:41:66:b7:3b:42:5b:a1:4f: 48:a7:87:20:88:42:20:9c:f6:ab:32:c7:4e:6d:97: fd:7f:cb:17:f3:5f:ac:26:6b:9d:30:f0:06:22:2c: ac:c6:db:c4:a7:49:b1:1f:aa:f0:2d:07:32:92:27: f4:71:80:9d:9a:14:39:ff:6d:75:d7:ae:ae:4e:63: 3c:60:32:62:9a:ad:0c:71:cb:23:5c:db:cd:99:d4: bb:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:05:A0:64:D7:3D:DE:E3:2B:E3:22:14:52:C3:A6:93:A7:37:FF:A7 X509v3 Authority Key Identifier: keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/hgWgZNc93uMr4yIUUsOmk6c3_6c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.221.128.0/17 37.29.128.0/17 46.6.0.0/16 46.222.0.0/16 80.81.96.0/19 82.144.0.0/19 83.175.192.0/18 95.169.224.0/19 109.227.128.0/18 178.237.224.0/20 185.241.128.0/22 188.127.160.0/19 213.171.224.0/19 213.172.32.0/19 217.168.0.0/20 217.172.64.0/20 Signature Algorithm: sha256WithRSAEncryption 28:47:8a:71:e5:2d:90:ff:92:32:55:64:ab:2c:2b:a9:e0:5f: 8d:89:38:79:57:84:43:25:c0:3a:08:f4:d5:42:d4:6f:b7:9e: fb:89:cf:79:39:e3:9e:57:47:15:17:97:5e:60:5d:f4:72:91: 14:13:e6:b2:1b:10:09:7c:f2:ff:04:fe:a4:20:6f:e5:56:04: 7e:f5:ed:c0:81:d6:1a:42:c2:6a:26:18:3e:73:75:aa:a6:f9: 85:3b:7f:8a:b3:5a:06:eb:2c:87:18:48:7f:9b:81:cf:9e:d4: 44:a7:06:f9:ad:bc:1f:45:ce:50:8a:f6:7f:12:45:44:82:de: bd:ff:70:0f:e5:a0:cc:e1:d7:10:b4:2a:6e:01:cc:7b:2e:2a: 6d:cd:c9:ae:09:ed:5b:69:b8:30:65:7c:a8:c4:b5:c6:08:98: 25:e0:13:14:db:80:8c:ff:7c:83:7b:d9:6e:df:f8:74:ec:5f: cc:33:5b:c3:b2:23:df:e2:e0:d4:1c:c7:47:9c:3b:bc:50:6f: 5f:3d:a9:b9:f2:2b:85:d6:9e:32:fa:40:ca:2d:fa:79:6e:b7: 38:ce:3e:26:1f:1b:e8:28:e4:af:c9:6a:50:a3:0c:8c:f8:48: a7:e7:49:0b:5e:9d:9e:8e:c1:ba:7d:13:56:fc:72:c0:32:e0: d1:a9:a2:87 -----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgISAZt7o8U2p80+W0xLlYvQlJsCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1 YjRiMTAwHhcNMjYwMTAxMjIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjA1YTA2NGQ3M2RkZWUzMmJlMzIyMTQ1MmMzYTY5M2E3MzdmZmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq6Gf+aUzz/CUY9p1ndGc07eKLGW 9rZr6WtGj8wzYyezohzbIDk5HyCd5F+PztpyGu8jCF2M74ECHbg+FlPIX2VbrIbh pHWLUBck8+eFvOpZPn60C1y+Fl6ic1E4oHsVPFmCfkodWcg63Y0bXOy4T3cBFqw/ S2nBNWg4xzvwD6oBwFoNlT2PiBu7YqGXWN2DzNhRnCoHKapJi7dkhV81uEXnHZMg A+og6IxqQWa3O0JboU9Ip4cgiEIgnParMsdObZf9f8sX81+sJmudMPAGIiysxtvE p0mxH6rwLQcykif0cYCdmhQ5/211166uTmM8YDJimq0MccsjXNvNmdS7iwIDAQAB o4ICYTCCAl0wHQYDVR0OBBYEFIYFoGTXPd7jK+MiFFLDppOnN/+nMB8GA1UdIwQY MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt ZDYwYjNiNmNjYTZlLzEvaGdXZ1pOYzkzdU1yNHlJVVVzT21rNmMzXzZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQHH92AAwQH JR2AAwMALgYDAwAu3gMEBVBRYAMEBVKQAAMEBlOvwAMEBV+p4AMEBm3jgAMEBLLt 4AMEArnxgAMEBbx/oAMEBdWr4AMEBdWsIAMEBNmoAAMEBNmsQDANBgkqhkiG9w0B AQsFAAOCAQEAKEeKceUtkP+SMlVkqywrqeBfjYk4eVeEQyXAOgj01ULUb7ee+4nP eTnjnldHFReXXmBd9HKRFBPmshsQCXzy/wT+pCBv5VYEfvXtwIHWGkLCaiYYPnN1 qqb5hTt/irNaBusshxhIf5uBz57URKcG+a28H0XOUIr2fxJFRILevf9wD+WgzOHX ELQqbgHMey4qbc3JrgntW2m4MGV8qMS1xgiYJeATFNuAjP98g3vZbt/4dOxfzDNb w7Ij3+Lg1BzHR5w7vFBvXz2pufIrhdaeMvpAyi36eW63OM4+Jh8b6Cjkr8lqUKMM jPhIp+dJC16dno7Bun0TVvxywDLg0amihw== -----END CERTIFICATE-----Generated at Mon Jan 26 23:44:14 2026 by rpki-client