This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aRFvWhFAyItfdBgBLMx0UuGRp84.roa File: aRFvWhFAyItfdBgBLMx0UuGRp84.roa (raw, json) Hash identifier: ndyEVaZ81Rtonl5JKUiPpOcuBHSWSuqdTlsxAbvzEc4= Subject key identifier: 69:11:6F:5A:11:40:C8:8B:5F:74:18:01:2C:CC:74:52:E1:91:A7:CE Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019C0982293DF5CE8BA74A03BABC08C003B3 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aRFvWhFAyItfdBgBLMx0UuGRp84.roa Signing time: Thu 29 Jan 2026 11:27:30 +0000 ROA not before: Thu 29 Jan 2026 11:27:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29802 IP address blocks: 82.152.57.0/24 maxlen: 24 82.152.58.0/24 maxlen: 24 82.152.73.0/24 maxlen: 24 82.152.75.0/24 maxlen: 24 82.152.76.0/23 maxlen: 24 82.152.79.0/24 maxlen: 24 82.152.86.0/23 maxlen: 24 82.152.88.0/24 maxlen: 24 82.152.109.0/24 maxlen: 24 82.152.226.0/24 maxlen: 24 82.152.240.0/24 maxlen: 24 82.152.243.0/24 maxlen: 24 82.153.38.0/24 maxlen: 24 82.153.56.0/24 maxlen: 24 82.153.61.0/24 maxlen: 24 82.153.79.0/24 maxlen: 24 82.153.83.0/24 maxlen: 24 82.153.84.0/24 maxlen: 24 82.153.132.0/24 maxlen: 24 82.153.152.0/24 maxlen: 24 82.153.186.0/24 maxlen: 24 82.153.201.0/24 maxlen: 24 82.153.239.0/24 maxlen: 24 89.213.98.0/24 maxlen: 24 89.213.232.0/23 maxlen: 24 89.213.234.0/23 maxlen: 24 89.213.236.0/23 maxlen: 24 109.176.27.0/24 maxlen: 24 109.176.32.0/21 maxlen: 24 109.176.40.0/21 maxlen: 24 109.176.48.0/21 maxlen: 24 109.176.56.0/21 maxlen: 24 109.176.235.0/24 maxlen: 24 213.130.130.0/24 maxlen: 24 213.130.149.0/24 maxlen: 24 213.218.214.0/24 maxlen: 24 213.218.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 12:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:09:82:29:3d:f5:ce:8b:a7:4a:03:ba:bc:08:c0:03:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 29 11:27:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69116f5a1140c88b5f7418012ccc7452e191a7ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:c7:d5:22:35:88:93:94:1f:e4:2f:b3:ca:7a: 3b:a4:ee:08:d3:27:a4:98:47:71:8c:1f:6b:c5:19: 97:d6:23:86:1c:43:79:3b:6c:cb:5e:c9:8f:e7:83: 40:a3:55:91:65:ba:c1:6a:09:b6:a9:9b:91:b9:d2: 8c:73:0f:11:39:b6:08:24:aa:0f:c0:05:31:b3:22: 7b:13:04:91:24:3a:9a:f3:14:28:23:d7:0e:46:91: 06:b1:94:ed:bf:35:c6:07:0c:f8:ed:8c:c4:21:28: 19:6e:d6:fe:8d:e1:c6:37:0b:d3:31:ca:7e:6e:40: 86:4b:3f:11:0f:1b:e7:00:70:72:27:9b:ad:57:7d: 79:66:76:cd:f2:0b:65:9e:0d:b2:55:5e:41:d0:1b: 26:75:c0:19:34:a4:60:8c:8a:d1:bb:84:7b:84:ef: d2:dc:4e:13:c1:11:d9:87:46:20:a6:e1:52:bd:3a: 87:52:bc:1e:d5:82:91:37:22:23:a2:59:cd:db:0b: fe:9f:ca:5d:25:46:7e:c3:bd:86:31:80:76:3b:a1: 50:a7:d2:dc:7c:90:10:fb:09:c0:dc:84:82:4f:45: 72:d0:e4:4e:ee:8a:94:c1:fd:e3:8c:7a:fa:81:da: cb:bd:6d:67:b6:eb:c8:bb:63:5a:99:a8:58:87:9d: f1:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:11:6F:5A:11:40:C8:8B:5F:74:18:01:2C:CC:74:52:E1:91:A7:CE X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aRFvWhFAyItfdBgBLMx0UuGRp84.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.57.0-82.152.58.255 82.152.73.0/24 82.152.75.0-82.152.77.255 82.152.79.0/24 82.152.86.0-82.152.88.255 82.152.109.0/24 82.152.226.0/24 82.152.240.0/24 82.152.243.0/24 82.153.38.0/24 82.153.56.0/24 82.153.61.0/24 82.153.79.0/24 82.153.83.0-82.153.84.255 82.153.132.0/24 82.153.152.0/24 82.153.186.0/24 82.153.201.0/24 82.153.239.0/24 89.213.98.0/24 89.213.232.0-89.213.237.255 109.176.27.0/24 109.176.32.0/19 109.176.235.0/24 213.130.130.0/24 213.130.149.0/24 213.218.214.0/24 213.218.231.0/24 Signature Algorithm: sha256WithRSAEncryption 29:6c:c3:ea:2b:4a:4f:a4:90:3f:a5:cf:fa:32:f1:88:2e:a1: 1f:6d:c6:fe:03:fc:14:06:d4:59:c9:83:93:03:6f:d9:95:c0: 08:23:bc:a6:d8:95:fc:85:fa:61:4a:62:aa:41:81:d6:c3:0b: fa:10:99:2f:7e:7d:a6:c5:f4:bd:7f:35:76:7b:4b:df:3e:47: c8:63:76:0c:fd:2c:cd:55:83:0d:92:93:fd:94:4b:ee:21:b6: 08:3c:65:f2:77:d4:5f:2e:68:bd:d5:43:82:f0:18:26:19:be: 90:02:45:f6:67:56:4f:95:9b:39:2c:c7:c1:74:f4:5a:d0:c1: 57:6b:bb:eb:73:ba:fd:88:d9:8c:6f:e0:b8:d0:56:e2:30:21: 29:79:36:04:ba:09:f7:e1:ce:e2:15:f3:f7:02:bb:d5:3d:dc: 27:3a:aa:e8:1b:ed:71:fd:be:54:e5:98:4d:09:8c:24:c1:fc: 87:73:bc:18:23:69:7a:ff:1e:49:6c:be:de:f0:dd:6d:b9:d0: 61:36:a3:7d:54:68:ad:fb:ea:ce:24:d7:23:a3:a3:b1:20:d8: 6a:6f:89:f8:5a:69:ce:99:2c:c1:fc:5b:8e:c9:22:70:32:a5: 80:72:5d:89:ef:c6:89:62:1b:06:ce:1f:5f:a8:0b:68:3c:06: 78:91:f3:1f -----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgISAZwJgik99c6Lp0oDurwIwAOzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTI5MTEyNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTExNmY1YTExNDBjODhiNWY3NDE4MDEyY2NjNzQ1MmUxOTFhN2NlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sfVIjWIk5Qf5C+zyno7pO4I0yek mEdxjB9rxRmX1iOGHEN5O2zLXsmP54NAo1WRZbrBagm2qZuRudKMcw8RObYIJKoP wAUxsyJ7EwSRJDqa8xQoI9cORpEGsZTtvzXGBwz47YzEISgZbtb+jeHGNwvTMcp+ bkCGSz8RDxvnAHByJ5utV315ZnbN8gtlng2yVV5B0BsmdcAZNKRgjIrRu4R7hO/S 3E4TwRHZh0YgpuFSvTqHUrwe1YKRNyIjolnN2wv+n8pdJUZ+w72GMYB2O6FQp9Lc fJAQ+wnA3ISCT0Vy0ORO7oqUwf3jjHr6gdrLvW1ntuvIu2NamahYh53xpwIDAQAB o4IC2DCCAtQwHQYDVR0OBBYEFGkRb1oRQMiLX3QYASzMdFLhkafOMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvYVJGdldoRkF5SXRmZEJnQkxNeDBVdUdScDg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdAwDAME AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0DBABS mU8wDAMEAFKZUwMEAFKZVAMEAFKZhAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wME AFnVYjAMAwQDWdXoAwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDrAwQA1YKCAwQA1YKV AwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQApbMPqK0pPpJA/pc/6MvGI LqEfbcb+A/wUBtRZyYOTA2/ZlcAII7ym2JX8hfphSmKqQYHWwwv6EJkvfn2mxfS9 fzV2e0vfPkfIY3YM/SzNVYMNkpP9lEvuIbYIPGXyd9RfLmi91UOC8BgmGb6QAkX2 Z1ZPlZs5LMfBdPRa0MFXa7vrc7r9iNmMb+C40FbiMCEpeTYEugn34c7iFfP3ArvV PdwnOqroG+1x/b5U5ZhNCYwkwfyHc7wYI2l6/x5JbL7e8N1tudBhNqN9VGit++rO JNcjo6OxINhqb4n4WmnOmSzB/FuOySJwMqWAcl2J78aJYhsGzh9fqAtoPAZ4kfMf -----END CERTIFICATE-----Generated at Thu Jan 29 17:47:40 2026 by rpki-client