This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/4Vb2Z58skB5iaPHsQ2kB44NxzFQ.roa File: 4Vb2Z58skB5iaPHsQ2kB44NxzFQ.roa (raw, json) Hash identifier: 5A5FJnxgAX+cotWcxBj+MU91tiU2mlONPgMHabpzNSY= Subject key identifier: E1:56:F6:67:9F:2C:90:1E:62:68:F1:EC:43:69:01:E3:83:71:CC:54 Certificate issuer: /CN=662f55d377127f28ce26b78fd83becf41becad4b Certificate serial: 019B7F82ECDCE76F4E74A3AB09B43ACCA93F Authority key identifier: 66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/4Vb2Z58skB5iaPHsQ2kB44NxzFQ.roa Signing time: Fri 02 Jan 2026 16:20:45 +0000 ROA not before: Fri 02 Jan 2026 16:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49683 IP address blocks: 31.25.234.0/24 maxlen: 24 31.25.235.0/24 maxlen: 24 31.25.236.0/22 maxlen: 24 31.25.236.0/24 maxlen: 24 31.25.237.0/24 maxlen: 24 31.25.239.0/24 maxlen: 24 171.22.172.0/24 maxlen: 24 171.22.173.0/24 maxlen: 24 171.22.174.0/24 maxlen: 24 171.22.175.0/24 maxlen: 24 185.44.64.0/24 maxlen: 24 185.44.65.0/24 maxlen: 24 185.44.66.0/24 maxlen: 24 185.44.67.0/24 maxlen: 24 185.85.240.0/24 maxlen: 24 185.85.241.0/24 maxlen: 24 185.85.242.0/24 maxlen: 24 185.85.243.0/24 maxlen: 24 185.116.236.0/24 maxlen: 24 185.116.237.0/24 maxlen: 24 185.116.238.0/24 maxlen: 24 185.116.239.0/24 maxlen: 24 185.122.164.0/24 maxlen: 24 185.122.165.0/24 maxlen: 24 185.122.166.0/24 maxlen: 24 185.122.167.0/24 maxlen: 24 185.168.192.0/24 maxlen: 24 185.168.193.0/24 maxlen: 24 185.168.194.0/24 maxlen: 24 185.168.195.0/24 maxlen: 24 185.184.68.0/24 maxlen: 24 185.184.69.0/24 maxlen: 24 185.184.70.0/24 maxlen: 24 185.184.71.0/24 maxlen: 24 185.189.56.0/24 maxlen: 24 185.189.57.0/24 maxlen: 24 185.189.58.0/24 maxlen: 24 185.189.59.0/24 maxlen: 24 2a0a:2f00:1::/48 maxlen: 48 2a0a:2f00:2::/48 maxlen: 48 2a0a:2f00:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.mft rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:ec:dc:e7:6f:4e:74:a3:ab:09:b4:3a:cc:a9:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=662f55d377127f28ce26b78fd83becf41becad4b Validity Not Before: Jan 2 16:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e156f6679f2c901e6268f1ec436901e38371cc54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:9e:e3:0e:70:a6:ba:1b:3a:ba:04:f1:55:02: 7d:c3:d3:51:c4:5a:b4:f3:da:47:02:1c:43:a4:ea: 37:61:c1:46:9f:f5:53:8a:2a:ff:d8:dd:52:cd:7d: 24:a7:69:c0:a7:44:bb:71:16:30:17:14:34:b7:f5: 75:98:53:f3:8f:6d:5d:53:13:99:b1:b2:56:0f:1d: ed:74:39:e4:a3:b3:f1:e7:69:2a:8f:f8:0b:ae:d4: fa:55:a8:e3:f7:4a:d0:c6:00:74:79:0c:66:f6:41: 71:2f:be:df:b8:aa:e3:9e:6c:06:28:7b:1d:37:29: 45:c3:bb:ae:4b:ba:22:c1:c6:34:3d:0c:0e:5f:aa: 21:16:b4:42:14:22:ac:50:8d:bc:42:e7:18:7e:bd: 96:30:a2:aa:87:f8:72:0b:d5:91:6c:36:fb:17:1e: 77:e0:f8:d0:23:3e:d7:dc:4e:2e:6e:99:87:35:d2: a3:b7:b8:3b:4a:6d:a2:d1:ba:3a:e9:8a:3e:53:22: 41:6c:78:1f:08:04:e5:91:04:81:70:f7:3b:ad:42: de:6d:25:6a:42:c8:d3:65:f8:5e:01:fd:50:8e:a9: 94:90:c2:eb:ea:45:49:78:12:9d:00:ad:00:95:1a: bc:84:10:21:47:67:73:a3:dc:9c:cc:f9:fd:ae:4f: e5:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:56:F6:67:9F:2C:90:1E:62:68:F1:EC:43:69:01:E3:83:71:CC:54 X509v3 Authority Key Identifier: keyid:66:2F:55:D3:77:12:7F:28:CE:26:B7:8F:D8:3B:EC:F4:1B:EC:AD:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zi9V03cSfyjOJreP2Dvs9BvsrUs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/4Vb2Z58skB5iaPHsQ2kB44NxzFQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/388c70-e4c7-420d-8188-8be146253356/1/Zi9V03cSfyjOJreP2Dvs9BvsrUs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.25.234.0-31.25.239.255 171.22.172.0/22 185.44.64.0/22 185.85.240.0/22 185.116.236.0/22 185.122.164.0/22 185.168.192.0/22 185.184.68.0/22 185.189.56.0/22 IPv6: 2a0a:2f00:1::-2a0a:2f00:3:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3b:d3:be:3d:5c:5a:c6:2d:fc:64:e4:1e:99:e9:40:4c:c4:02: f2:a4:69:60:d3:ad:b2:90:6c:74:00:0b:d0:51:cc:96:c7:c9: 3a:b2:d8:0a:52:ba:14:5b:af:4b:1c:b4:f8:71:10:c1:cd:54: 2f:40:9b:90:5f:25:be:a7:ae:b8:27:25:58:e9:d1:f8:ac:b4: 46:fc:c2:d7:a3:74:26:55:44:d8:6f:af:17:09:14:66:4d:fa: 24:db:8a:5f:f1:c3:31:3d:60:57:93:b7:8d:a2:89:b2:d0:a2: 75:22:93:82:d5:ba:a4:cb:87:22:3d:0a:43:30:59:0f:31:2f: 04:05:ee:05:0e:fc:8c:4b:73:a7:e0:01:59:1e:bd:88:69:88: ed:72:04:14:0d:e5:9c:25:d0:90:e0:0f:f0:21:32:6c:6a:26: e6:ea:bb:94:16:8b:ef:39:55:19:db:6e:32:08:31:92:29:e3: 07:ef:8a:8d:de:ad:53:2c:10:73:d8:34:bc:b2:9a:8f:42:50: d9:90:4c:94:cc:1f:94:2a:3a:a4:2b:5a:60:b1:c0:27:bf:fb: fd:c8:c3:55:d4:ea:98:44:b7:7a:07:07:cb:51:6f:b7:00:35: 23:92:bd:93:e4:a8:12:21:40:6e:f4:22:c7:b0:58:3b:70:ea: ee:96:58:57 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgISAZt/guzc529OdKOrCbQ6zKk/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MmY1NWQzNzcxMjdmMjhjZTI2Yjc4ZmQ4M2JlY2Y0MWJl Y2FkNGIwHhcNMjYwMTAyMTYyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMTU2ZjY2NzlmMmM5MDFlNjI2OGYxZWM0MzY5MDFlMzgzNzFjYzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk57jDnCmuhs6ugTxVQJ9w9NRxFq0 89pHAhxDpOo3YcFGn/VTiir/2N1SzX0kp2nAp0S7cRYwFxQ0t/V1mFPzj21dUxOZ sbJWDx3tdDnko7Px52kqj/gLrtT6Vajj90rQxgB0eQxm9kFxL77fuKrjnmwGKHsd NylFw7uuS7oiwcY0PQwOX6ohFrRCFCKsUI28QucYfr2WMKKqh/hyC9WRbDb7Fx53 4PjQIz7X3E4ubpmHNdKjt7g7Sm2i0bo66Yo+UyJBbHgfCATlkQSBcPc7rULebSVq QsjTZfheAf1QjqmUkMLr6kVJeBKdAK0AlRq8hBAhR2dzo9yczPn9rk/lFwIDAQAB o4ICXTCCAlkwHQYDVR0OBBYEFOFW9mefLJAeYmjx7ENpAeODccxUMB8GA1UdIwQY MBaAFGYvVdN3En8ozia3j9g77PQb7K1LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgt OGJlMTQ2MjUzMzU2LzEvNFZiMlo1OHNrQjVpYVBIc1Eya0I0NE54ekZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi8zODhjNzAtZTRjNy00MjBkLTgxODgtOGJlMTQ2MjUzMzU2 LzEvWmk5VjAzY1NmeWpPSnJlUDJEdnM5QnZzclVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBEBAIAATA+MAwDBAEfGeoD BAQfGeADBAKrFqwDBAK5LEADBAK5VfADBAK5dOwDBAK5eqQDBAK5qMADBAK5uEQD BAK5vTgwGgQCAAIwFDASAwcAKgovAAABAwcCKgovAAAAMA0GCSqGSIb3DQEBCwUA A4IBAQA70749XFrGLfxk5B6Z6UBMxALypGlg062ykGx0AAvQUcyWx8k6stgKUroU W69LHLT4cRDBzVQvQJuQXyW+p664JyVY6dH4rLRG/MLXo3QmVUTYb68XCRRmTfok 24pf8cMxPWBXk7eNoomy0KJ1IpOC1bqky4ciPQpDMFkPMS8EBe4FDvyMS3On4AFZ Hr2IaYjtcgQUDeWcJdCQ4A/wITJsaibm6ruUFovvOVUZ224yCDGSKeMH74qN3q1T LBBz2DS8spqPQlDZkEyUzB+UKjqkK1pgscAnv/v9yMNV1OqYRLd6BwfLUW+3ADUj kr2T5KgSIUBu9CLHsFg7cOrullhX -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:57 2026 by rpki-client