This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/htGqvDuZ1yl5QjiQWAwubWCZy2A.roa File: htGqvDuZ1yl5QjiQWAwubWCZy2A.roa (raw, json) Hash identifier: jbw+jRpmU5f9XaNZCWs1NsoQYNjn1y1IEBJ02/pIxJU= Subject key identifier: 86:D1:AA:BC:3B:99:D7:29:79:42:38:90:58:0C:2E:6D:60:99:CB:60 Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47 Certificate serial: 019B7BA37378FBC6D53EB8BB2ACA2D153D2C Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/htGqvDuZ1yl5QjiQWAwubWCZy2A.roa Signing time: Thu 01 Jan 2026 22:17:48 +0000 ROA not before: Thu 01 Jan 2026 22:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206264 IP address blocks: 2.57.214.0/24 maxlen: 24 2.57.215.0/24 maxlen: 24 5.61.208.0/24 maxlen: 24 5.61.209.0/24 maxlen: 24 5.183.209.0/24 maxlen: 24 5.187.35.0/24 maxlen: 24 45.129.84.0/24 maxlen: 24 45.139.122.0/24 maxlen: 24 80.251.152.0/23 maxlen: 24 89.42.231.0/24 maxlen: 24 89.249.49.0/24 maxlen: 24 93.123.72.0/24 maxlen: 24 94.156.33.0/24 maxlen: 24 185.177.74.0/24 maxlen: 24 185.177.75.0/24 maxlen: 24 185.191.124.0/24 maxlen: 24 185.191.125.0/24 maxlen: 24 185.191.126.0/24 maxlen: 24 185.191.127.0/24 maxlen: 24 2a0d:1000::/29 maxlen: 29 2a0d:1000::/30 maxlen: 30 2a0d:1004::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.mft rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:73:78:fb:c6:d5:3e:b8:bb:2a:ca:2d:15:3d:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47 Validity Not Before: Jan 1 22:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=86d1aabc3b99d72979423890580c2e6d6099cb60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:19:93:b2:ea:41:a4:dc:2d:ca:50:de:a6:db: 03:74:a2:62:81:97:5e:d0:6e:c3:5f:26:7a:15:81: 2b:97:40:d9:aa:91:c2:86:17:83:b5:51:3f:59:a2: da:24:a0:9c:3a:05:58:4b:63:50:37:79:8e:14:e3: 8f:31:74:5c:82:0d:c4:da:b3:7b:1f:cd:16:ee:fd: 31:87:f7:55:c1:66:bf:85:e3:c6:ab:de:4f:8e:a9: cc:6a:13:7a:69:68:d3:bc:bf:de:8d:14:f9:9f:87: 06:1f:86:22:a2:e1:ce:64:2f:78:5f:9a:15:77:a5: 51:c6:cc:d2:42:de:f3:4e:c2:d8:a2:a3:0f:99:1d: 33:b9:35:0d:8a:3c:8c:d2:b8:62:96:47:c2:80:63: 3e:be:fa:6a:4b:cc:a2:44:8b:c0:32:cd:38:01:1f: 69:39:3f:af:91:d7:95:a2:2c:3d:be:42:4a:b6:82: 6d:84:7d:eb:36:af:c5:b7:0c:74:bc:74:d3:24:c3: 9a:4e:f5:42:4d:40:79:ef:73:5f:0b:2e:61:90:1f: 51:d8:c7:41:26:c6:75:a4:ec:fc:46:91:cf:90:88: 40:83:61:82:d3:88:7d:51:0c:c7:15:68:1f:e2:5b: 27:e5:8d:eb:40:dd:7b:03:6b:6c:ae:9f:7b:b2:23: e5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:D1:AA:BC:3B:99:D7:29:79:42:38:90:58:0C:2E:6D:60:99:CB:60 X509v3 Authority Key Identifier: keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/htGqvDuZ1yl5QjiQWAwubWCZy2A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.214.0/23 5.61.208.0/23 5.183.209.0/24 5.187.35.0/24 45.129.84.0/24 45.139.122.0/24 80.251.152.0/23 89.42.231.0/24 89.249.49.0/24 93.123.72.0/24 94.156.33.0/24 185.177.74.0/23 185.191.124.0/22 IPv6: 2a0d:1000::/29 Signature Algorithm: sha256WithRSAEncryption 72:01:20:3d:3a:40:fd:70:9a:fc:b0:70:a3:25:97:89:0a:a8: ed:e8:85:c2:d7:ba:f6:3b:76:82:88:05:e6:df:4c:dc:30:56: ee:e5:8f:c5:a6:80:95:b5:03:d2:51:1f:69:ba:1d:62:b2:04: 93:83:19:a7:2d:8e:93:ca:ee:cd:1e:88:27:ec:c9:d3:a0:19: 8d:6f:ef:7f:67:e6:07:cd:18:8a:9c:7e:48:73:28:0f:00:78: de:09:68:a0:ea:c4:b1:0b:9f:f1:a9:0c:dc:57:ba:cd:6f:79: 30:a7:f1:ad:17:2a:95:49:02:13:2d:d4:a9:53:93:cc:cf:89: 90:71:a1:e3:2d:59:c2:9d:35:7e:ee:ba:ed:1d:e4:74:88:35: c4:2e:d0:a9:c9:3e:f9:e6:15:a4:8e:eb:d4:36:86:fa:b3:4a: 84:28:2e:85:5c:01:6d:b5:6b:64:b7:b6:17:b3:b7:f2:12:12: 28:35:92:04:40:f4:87:84:8c:80:e7:69:37:67:d7:05:f9:65: 2c:69:fe:38:cd:af:5a:83:e7:58:9d:07:19:70:8d:9b:a1:80: e7:54:d5:b2:ba:dd:10:58:ed:5d:bb:d7:e3:31:a7:ea:0b:cf: 91:03:96:29:53:ec:99:0f:c2:06:cd:f1:16:81:a7:f1:c9:d3: 72:8d:1d:54 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgISAZt7o3N4+8bVPri7KsotFT0sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz YmFjNDcwHhcNMjYwMTAxMjIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NmQxYWFiYzNiOTlkNzI5Nzk0MjM4OTA1ODBjMmU2ZDYwOTljYjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBmTsupBpNwtylDeptsDdKJigZde 0G7DXyZ6FYErl0DZqpHChheDtVE/WaLaJKCcOgVYS2NQN3mOFOOPMXRcgg3E2rN7 H80W7v0xh/dVwWa/hePGq95PjqnMahN6aWjTvL/ejRT5n4cGH4YiouHOZC94X5oV d6VRxszSQt7zTsLYoqMPmR0zuTUNijyM0rhilkfCgGM+vvpqS8yiRIvAMs04AR9p OT+vkdeVoiw9vkJKtoJthH3rNq/Ftwx0vHTTJMOaTvVCTUB573NfCy5hkB9R2MdB JsZ1pOz8RpHPkIhAg2GC04h9UQzHFWgf4lsn5Y3rQN17A2tsrp97siPljQIDAQAB o4ICYDCCAlwwHQYDVR0OBBYEFIbRqrw7mdcpeUI4kFgMLm1gmctgMB8GA1UdIwQY MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt ZjlhZDM4MDUxMjIwLzEvaHRHcXZEdVoxeWw1UWppUVdBd3ViV0NaeTJBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQBAjnWAwQB BT3QAwQABbfRAwQABbsjAwQALYFUAwQALYt6AwQBUPuYAwQAWSrnAwQAWfkxAwQA XXtIAwQAXpwhAwQBubFKAwQCub98MA0EAgACMAcDBQMqDRAAMA0GCSqGSIb3DQEB CwUAA4IBAQByASA9OkD9cJr8sHCjJZeJCqjt6IXC17r2O3aCiAXm30zcMFbu5Y/F poCVtQPSUR9puh1isgSTgxmnLY6Tyu7NHogn7MnToBmNb+9/Z+YHzRiKnH5IcygP AHjeCWig6sSxC5/xqQzcV7rNb3kwp/GtFyqVSQITLdSpU5PMz4mQcaHjLVnCnTV+ 7rrtHeR0iDXELtCpyT755hWkjuvUNob6s0qEKC6FXAFttWtkt7YXs7fyEhIoNZIE QPSHhIyA52k3Z9cF+WUsaf44za9ag+dYnQcZcI2boYDnVNWyut0QWO1du9fjMafq C8+RA5YpU+yZD8IGzfEWgafxydNyjR1U -----END CERTIFICATE-----Generated at Wed Jan 21 12:47:16 2026 by rpki-client