This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/pnFO1a6gizeUc-Mp5yF3aD9GKrY.roa File: pnFO1a6gizeUc-Mp5yF3aD9GKrY.roa (raw, json) Hash identifier: 12+yB/uNotyYBuazoRPVxuRnI9x9XM3niLtRN4n27c0= Subject key identifier: A6:71:4E:D5:AE:A0:8B:37:94:73:E3:29:E7:21:77:68:3F:46:2A:B6 Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d Certificate serial: 019B7E38B7BEE5038C3FFDDAED73065F67C3 Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/pnFO1a6gizeUc-Mp5yF3aD9GKrY.roa Signing time: Fri 02 Jan 2026 10:20:04 +0000 ROA not before: Fri 02 Jan 2026 10:20:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5503 IP address blocks: 62.171.192.0/19 maxlen: 24 62.171.224.0/22 maxlen: 24 62.171.252.0/22 maxlen: 24 185.192.228.0/22 maxlen: 24 194.154.0.0/20 maxlen: 24 194.154.16.0/21 maxlen: 24 194.238.32.0/21 maxlen: 24 194.238.48.0/21 maxlen: 24 194.238.60.0/22 maxlen: 24 194.238.64.0/21 maxlen: 24 213.18.248.0/21 maxlen: 24 217.177.16.0/20 maxlen: 24 217.177.36.0/22 maxlen: 24 217.177.56.0/21 maxlen: 24 217.177.64.0/21 maxlen: 24 217.177.76.0/22 maxlen: 24 217.177.88.0/21 maxlen: 24 217.179.0.0/22 maxlen: 24 217.179.8.0/21 maxlen: 24 217.179.16.0/20 maxlen: 24 217.179.32.0/20 maxlen: 24 217.179.52.0/22 maxlen: 24 217.179.60.0/22 maxlen: 24 217.179.64.0/21 maxlen: 24 217.179.76.0/22 maxlen: 24 217.179.84.0/22 maxlen: 24 217.179.92.0/22 maxlen: 24 217.179.96.0/20 maxlen: 24 217.179.112.0/21 maxlen: 24 217.179.120.0/22 maxlen: 24 217.179.192.0/20 maxlen: 24 217.179.208.0/21 maxlen: 24 217.179.216.0/22 maxlen: 24 217.179.224.0/22 maxlen: 24 217.179.232.0/21 maxlen: 24 217.179.240.0/20 maxlen: 24 217.180.0.0/21 maxlen: 24 217.180.8.0/22 maxlen: 24 217.180.24.0/21 maxlen: 24 217.180.32.0/22 maxlen: 24 217.180.48.0/22 maxlen: 24 217.181.0.0/18 maxlen: 24 2a02:fb0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 14 Jan 2026 16:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:b7:be:e5:03:8c:3f:fd:da:ed:73:06:5f:67:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d Validity Not Before: Jan 2 10:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a6714ed5aea08b379473e329e72177683f462ab6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:50:3f:17:fc:97:b1:24:a2:7a:1c:43:a9:13: cc:8e:e5:b0:b3:02:db:d2:e9:8b:fa:2b:8e:ff:44: 1f:19:d9:d8:b0:32:59:17:35:0c:90:55:4f:2b:fb: 64:71:85:21:f8:6d:ab:2d:af:36:86:6b:3a:ec:2a: 14:dd:e9:c2:f8:ff:4a:96:69:cc:8e:71:e2:3e:fc: 36:c5:d9:8c:82:75:8b:8f:03:04:2f:64:32:fe:97: 87:ff:99:be:1f:f8:b7:6a:be:5d:2e:7b:2a:81:78: a2:55:64:8e:ff:75:4e:be:e9:57:3d:c1:79:4c:68: 71:7c:4e:0a:e8:f3:cb:7f:65:c7:74:de:05:1f:cc: ec:c7:fb:fb:df:9f:7d:91:0c:3b:b6:74:ef:98:54: 72:86:8e:69:b0:4d:5f:85:57:9e:28:e7:54:68:2d: 4c:af:33:80:0c:27:7c:48:7b:a7:41:6b:fb:a0:c9: f1:58:ba:83:e5:22:0b:2d:c9:12:83:aa:f8:81:a6: b7:20:2a:c9:f0:d4:63:65:d6:22:5b:d5:b9:12:0c: 06:75:87:83:4a:74:42:76:5b:3b:e7:34:da:47:9b: b8:61:66:3e:f8:b4:55:9c:45:4d:52:ab:70:7f:06: 10:42:81:57:a9:d0:59:a7:13:2b:6b:7b:9d:08:fc: 45:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:71:4E:D5:AE:A0:8B:37:94:73:E3:29:E7:21:77:68:3F:46:2A:B6 X509v3 Authority Key Identifier: keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/pnFO1a6gizeUc-Mp5yF3aD9GKrY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.171.192.0-62.171.227.255 62.171.252.0/22 185.192.228.0/22 194.154.0.0-194.154.23.255 194.238.32.0/21 194.238.48.0/21 194.238.60.0-194.238.71.255 213.18.248.0/21 217.177.16.0/20 217.177.36.0/22 217.177.56.0-217.177.71.255 217.177.76.0/22 217.177.88.0/21 217.179.0.0/22 217.179.8.0-217.179.47.255 217.179.52.0/22 217.179.60.0-217.179.71.255 217.179.76.0/22 217.179.84.0/22 217.179.92.0-217.179.123.255 217.179.192.0-217.179.219.255 217.179.224.0/22 217.179.232.0-217.180.11.255 217.180.24.0-217.180.35.255 217.180.48.0/22 217.181.0.0/18 IPv6: 2a02:fb0::/32 Signature Algorithm: sha256WithRSAEncryption 79:f7:f1:bf:f2:3c:e3:bb:ec:03:4d:1f:c6:6f:77:a6:13:18: 17:17:cb:7f:65:b2:d0:50:f1:42:2e:b6:d4:2c:f3:bb:55:a0: cb:23:29:41:71:1e:3d:d8:1e:87:61:d0:df:f7:47:64:71:3a: 2c:a2:d7:32:15:b8:9b:ee:29:1d:2d:b2:4e:3a:67:0b:b5:5a: 4f:d0:99:41:63:5e:b5:48:3b:f3:87:1a:1d:77:38:f8:32:9e: 44:71:b4:4c:5f:0a:da:ea:bb:51:a9:59:d0:e5:9c:ef:32:26: 85:68:45:67:19:83:28:37:ec:17:1e:72:42:72:d3:e7:69:38: 7c:0f:d3:9d:f2:fd:d1:b4:7c:5e:a5:75:b7:c2:e9:26:17:2b: 68:54:24:6b:6a:4e:94:3c:c3:67:9b:78:70:27:a1:5a:fa:b9: a7:7d:ad:93:67:69:f2:d2:e6:0d:e4:2a:d0:0f:ec:55:14:32: 3d:86:3c:21:9b:1c:f3:c8:c9:f6:69:c3:f9:da:b6:59:da:4a: 21:ef:da:89:ff:c4:cd:37:d7:1f:c7:f1:d7:4c:01:63:3a:c9: 0d:cf:e2:89:f7:80:aa:f2:55:bc:0c:71:bf:f0:4d:22:e8:30: 30:42:e1:e2:89:6b:11:6f:08:13:a3:ca:0d:f8:d2:da:cc:b5: 4c:89:70:af -----BEGIN CERTIFICATE----- MIIF+TCCBOGgAwIBAgISAZt+OLe+5QOMP/3a7XMGX2fDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy ZGE3NGQwHhcNMjYwMTAyMTAyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNjcxNGVkNWFlYTA4YjM3OTQ3M2UzMjllNzIxNzc2ODNmNDYyYWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklA/F/yXsSSiehxDqRPMjuWwswLb 0umL+iuO/0QfGdnYsDJZFzUMkFVPK/tkcYUh+G2rLa82hms67CoU3enC+P9KlmnM jnHiPvw2xdmMgnWLjwMEL2Qy/peH/5m+H/i3ar5dLnsqgXiiVWSO/3VOvulXPcF5 TGhxfE4K6PPLf2XHdN4FH8zsx/v73599kQw7tnTvmFRyho5psE1fhVeeKOdUaC1M rzOADCd8SHunQWv7oMnxWLqD5SILLckSg6r4gaa3ICrJ8NRjZdYiW9W5EgwGdYeD SnRCdls75zTaR5u4YWY++LRVnEVNUqtwfwYQQoFXqdBZpxMra3udCPxFhQIDAQAB o4IDBTCCAwEwHQYDVR0OBBYEFKZxTtWuoIs3lHPjKechd2g/Riq2MB8GA1UdIwQY MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt YzE5OTQyNzM3ZTZkLzEvcG5GTzFhNmdpemVVYy1NcDV5RjNhRDlHS3JZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCB8gQCAAEwgesw DAMEBj6rwAMEAj6r4AMEAj6r/AMEArnA5DALAwMBwpoDBAPCmhADBAPC7iADBAPC 7jAwDAMEAsLuPAMEA8LuQAMEA9US+AMEBNmxEAMEAtmxJDAMAwQD2bE4AwQD2bFA AwQC2bFMAwQD2bFYAwQC2bMAMAwDBAPZswgDBATZsyADBALZszQwDAMEAtmzPAME A9mzQAMEAtmzTAMEAtmzVDAMAwQC2bNcAwQC2bN4MAwDBAbZs8ADBALZs9gDBALZ s+AwDAMEA9mz6AMEAtm0CDAMAwQD2bQYAwQC2bQgAwQC2bQwAwQG2bUAMA0EAgAC MAcDBQAqAg+wMA0GCSqGSIb3DQEBCwUAA4IBAQB59/G/8jzju+wDTR/Gb3emExgX F8t/ZbLQUPFCLrbULPO7VaDLIylBcR492B6HYdDf90dkcTosotcyFbib7ikdLbJO OmcLtVpP0JlBY161SDvzhxoddzj4Mp5EcbRMXwra6rtRqVnQ5ZzvMiaFaEVnGYMo N+wXHnJCctPnaTh8D9Od8v3RtHxepXW3wukmFytoVCRrak6UPMNnm3hwJ6Fa+rmn fa2TZ2ny0uYN5CrQD+xVFDI9hjwhmxzzyMn2acP52rZZ2koh79qJ/8TNN9cfx/HX TAFjOskNz+KJ94Cq8lW8DHG/8E0i6DAwQuHiiWsRbwgTo8oN+NLazLVMiXCv -----END CERTIFICATE-----Generated at Tue Jan 13 21:11:15 2026 by rpki-client