This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/BM2Moga6uW9t4OydPnB8DTcOinw.roa File: BM2Moga6uW9t4OydPnB8DTcOinw.roa (raw, json) Hash identifier: IG1Kq6iyEsuHEjPMDq65TtiVsf5VzpCT3NE2QDKCuf0= Subject key identifier: 04:CD:8C:A2:06:BA:B9:6F:6D:E0:EC:9D:3E:70:7C:0D:37:0E:8A:7C Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f Certificate serial: 019AA2921A79A1ABF12EE12BCDBA76BBF92D Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/BM2Moga6uW9t4OydPnB8DTcOinw.roa Signing time: Thu 20 Nov 2025 18:41:15 +0000 ROA not before: Thu 20 Nov 2025 18:41:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 49544 IP address blocks: 5.180.216.0/23 maxlen: 23 5.180.218.0/23 maxlen: 23 5.200.0.0/19 maxlen: 24 31.204.128.0/19 maxlen: 24 31.204.132.0/22 maxlen: 22 31.204.136.0/23 maxlen: 23 31.204.140.0/22 maxlen: 22 31.204.144.0/24 maxlen: 24 31.204.156.0/23 maxlen: 23 89.104.168.0/23 maxlen: 23 89.104.170.0/23 maxlen: 23 89.104.172.0/22 maxlen: 22 89.104.176.0/23 maxlen: 23 89.104.178.0/23 maxlen: 23 89.104.180.0/24 maxlen: 24 91.195.234.0/23 maxlen: 23 91.198.152.0/24 maxlen: 24 91.216.207.0/24 maxlen: 24 104.153.84.0/22 maxlen: 22 109.200.192.0/19 maxlen: 24 109.200.194.0/23 maxlen: 23 109.200.208.0/22 maxlen: 22 138.128.136.0/22 maxlen: 22 138.128.140.0/22 maxlen: 22 146.247.76.0/22 maxlen: 22 162.244.52.0/22 maxlen: 23 162.245.204.0/22 maxlen: 22 185.41.140.0/22 maxlen: 22 185.50.104.0/22 maxlen: 22 185.52.12.0/22 maxlen: 24 185.179.200.0/23 maxlen: 24 185.179.202.0/23 maxlen: 24 185.197.24.0/22 maxlen: 23 188.122.64.0/19 maxlen: 24 193.43.218.0/23 maxlen: 23 193.43.218.0/24 maxlen: 24 212.19.224.0/22 maxlen: 22 213.163.64.0/19 maxlen: 24 213.179.192.0/19 maxlen: 19 213.179.192.0/22 maxlen: 22 213.179.196.0/22 maxlen: 22 213.179.200.0/22 maxlen: 22 213.179.204.0/22 maxlen: 22 213.179.209.0/24 maxlen: 24 213.179.210.0/23 maxlen: 23 213.179.212.0/22 maxlen: 22 213.179.216.0/22 maxlen: 22 213.179.220.0/23 maxlen: 23 2a00:1630::/29 maxlen: 32 2a00:1630::/32 maxlen: 48 2a00:1631::/32 maxlen: 32 2a00:1632::/32 maxlen: 32 2a00:1637::/32 maxlen: 32 2a00:1d20::/29 maxlen: 32 2a00:1d20::/34 maxlen: 34 2a00:1d20:4000::/34 maxlen: 34 2a00:1d20:8000::/34 maxlen: 34 2a00:1d26::/32 maxlen: 34 2a01:9580::/32 maxlen: 34 2a01:9580:c000::/34 maxlen: 34 2a04:c600::/29 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 09:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a2:92:1a:79:a1:ab:f1:2e:e1:2b:cd:ba:76:bb:f9:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f Validity Not Before: Nov 20 18:41:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=04cd8ca206bab96f6de0ec9d3e707c0d370e8a7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0c:b0:bf:b0:9a:a3:f9:3f:87:f4:ce:47:d8: 79:f2:16:8b:cd:ab:96:2a:80:b5:5e:78:b8:02:35: 8b:8c:b4:88:ba:e3:90:9f:41:44:0d:cd:b3:7e:59: 12:5d:1f:b3:13:83:e7:18:7c:f4:fb:27:a7:d4:63: 1b:21:c3:c0:0a:5f:ab:16:1e:b3:22:ab:f9:07:64: be:09:2b:bf:85:bc:71:7a:41:4b:d9:a4:d7:f2:9f: 1c:8b:4b:43:f0:01:78:21:01:a5:cc:85:63:ea:51: 09:8c:6a:1b:58:cc:f4:0e:76:2d:84:7f:9a:03:66: ef:db:f9:57:56:c1:e6:96:94:b9:c9:a8:c8:d9:5c: 7a:ff:df:0d:15:af:a7:70:53:65:b4:79:c5:0b:61: 5c:72:78:f0:a3:d4:94:e5:cc:e3:5d:ac:9a:49:61: 8d:32:2d:72:0b:9a:d9:d5:a4:08:fe:d6:ce:fd:1f: 06:29:b0:aa:d6:bc:d6:e7:2a:8b:af:74:6f:8d:ec: 4d:98:66:8f:d1:ba:b0:5c:1d:65:ea:8a:05:1f:5d: 1d:29:58:70:01:00:11:4d:ac:34:02:ca:41:cf:de: a9:b8:7e:e0:a3:10:d3:a1:ce:4a:f9:17:c8:df:30: 51:b7:2f:d5:e7:93:fd:db:a7:c1:82:5d:7b:4d:73: ab:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:CD:8C:A2:06:BA:B9:6F:6D:E0:EC:9D:3E:70:7C:0D:37:0E:8A:7C X509v3 Authority Key Identifier: keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/BM2Moga6uW9t4OydPnB8DTcOinw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.180.216.0/22 5.200.0.0/19 31.204.128.0/19 89.104.168.0-89.104.180.255 91.195.234.0/23 91.198.152.0/24 91.216.207.0/24 104.153.84.0/22 109.200.192.0/19 138.128.136.0/21 146.247.76.0/22 162.244.52.0/22 162.245.204.0/22 185.41.140.0/22 185.50.104.0/22 185.52.12.0/22 185.179.200.0/22 185.197.24.0/22 188.122.64.0/19 193.43.218.0/23 212.19.224.0/22 213.163.64.0/19 213.179.192.0/19 IPv6: 2a00:1630::/29 2a00:1d20::/29 2a01:9580::/32 2a04:c600::/29 Signature Algorithm: sha256WithRSAEncryption 05:db:8f:78:3d:42:7d:79:3e:b3:2c:42:c2:46:b1:ea:c0:91: eb:f6:4a:bd:b0:72:65:26:52:37:46:03:ee:5b:9e:e2:06:86: 89:ca:50:05:f6:80:49:6f:38:b8:a2:f5:c4:81:98:df:22:53: 32:54:f7:25:8d:9b:b1:d6:fd:f7:a4:7b:58:2b:ba:e9:35:77: fe:3c:52:88:5e:00:a5:c4:b1:ed:74:ad:17:bd:f5:87:9a:9a: 43:b5:6c:17:2e:cb:c2:fd:5d:c0:57:71:d7:d8:b2:46:54:9c: 77:b4:ed:19:67:1e:ee:7f:8a:26:5b:83:60:c1:84:72:6f:6d: 79:a0:c4:08:b3:96:a1:09:7d:b5:57:bf:7c:29:d0:5f:d2:65: 99:cf:ac:ae:ca:53:04:18:66:bb:ce:09:e8:0f:fb:33:9c:59: a0:40:b9:d9:17:71:00:4b:68:8f:c4:99:b9:2c:d5:81:f7:6d: db:16:ef:a5:38:e6:b4:39:2b:b5:73:47:22:ab:26:c9:5d:df: 11:6c:79:0f:d7:d3:8d:b4:29:66:9d:50:d7:2b:db:f1:85:fb: 4e:96:9b:d9:b8:dc:5b:8e:06:7b:d8:22:e0:d5:55:3e:9f:cd: ba:f2:98:00:b0:4f:2b:08:9e:a4:ba:04:e0:aa:90:e7:5c:83: 6d:ba:dd:dc -----BEGIN CERTIFICATE----- MIIFsjCCBJqgAwIBAgISAZqikhp5oavxLuErzbp2u/ktMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5 YzIzOGYwHhcNMjUxMTIwMTg0MTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNGNkOGNhMjA2YmFiOTZmNmRlMGVjOWQzZTcwN2MwZDM3MGU4YTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wywv7Cao/k/h/TOR9h58haLzauW KoC1Xni4AjWLjLSIuuOQn0FEDc2zflkSXR+zE4PnGHz0+yen1GMbIcPACl+rFh6z Iqv5B2S+CSu/hbxxekFL2aTX8p8ci0tD8AF4IQGlzIVj6lEJjGobWMz0DnYthH+a A2bv2/lXVsHmlpS5yajI2Vx6/98NFa+ncFNltHnFC2Fccnjwo9SU5czjXayaSWGN Mi1yC5rZ1aQI/tbO/R8GKbCq1rzW5yqLr3RvjexNmGaP0bqwXB1l6ooFH10dKVhw AQARTaw0AspBz96puH7goxDToc5K+RfI3zBRty/V55P926fBgl17TXOr+QIDAQAB o4ICvjCCArowHQYDVR0OBBYEFATNjKIGurlvbeDsnT5wfA03Dop8MB8GA1UdIwQY MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt NDhkMzFjNzVmMzFlLzEvQk0yTW9nYTZ1Vzl0NE95ZFBuQjhEVGNPaW53LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBmQQCAAEwgZIDBAIF tNgDBAUFyAADBAUfzIAwDAMEA1loqAMEAFlotAMEAVvD6gMEAFvGmAMEAFvYzwME AmiZVAMEBW3IwAMEA4qAiAMEApL3TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAME Ark0DAMEArmzyAMEArnFGAMEBbx6QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAi BAIAAjAcAwUDKgAWMAMFAyoAHSADBQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsF AAOCAQEABduPeD1CfXk+syxCwkax6sCR6/ZKvbByZSZSN0YD7lue4gaGicpQBfaA SW84uKL1xIGY3yJTMlT3JY2bsdb996R7WCu66TV3/jxSiF4ApcSx7XStF731h5qa Q7VsFy7Lwv1dwFdx19iyRlScd7TtGWce7n+KJluDYMGEcm9teaDECLOWoQl9tVe/ fCnQX9Jlmc+srspTBBhmu84J6A/7M5xZoEC52RdxAEtoj8SZuSzVgfdt2xbvpTjm tDkrtXNHIqsmyV3fEWx5D9fTjbQpZp1Q1yvb8YX7Tpab2bjcW44Ge9gi4NVVPp/N uvKYALBPKwiepLoE4KqQ51yDbbrd3A== -----END CERTIFICATE-----Generated at Fri Dec 5 18:33:12 2025 by rpki-client