This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/vrN1ckiG11RIjmLBs3NUdn3vLXw.roa File: vrN1ckiG11RIjmLBs3NUdn3vLXw.roa (raw, json) Hash identifier: r1+gve8otRlqQvYmhKMUDpHufcQSUz4Vi42HDaDr78E= Subject key identifier: BE:B3:75:72:48:86:D7:54:48:8E:62:C1:B3:73:54:76:7D:EF:2D:7C Certificate issuer: /CN=4568d0a7204560b6356d837bbf1510d9636df63a Certificate serial: 019B7CECEBB5BB0FB76768AE52C8A584A11E Authority key identifier: 45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/vrN1ckiG11RIjmLBs3NUdn3vLXw.roa Signing time: Fri 02 Jan 2026 04:17:40 +0000 ROA not before: Fri 02 Jan 2026 04:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203 IP address blocks: 37.114.72.0/21 maxlen: 32 78.110.16.0/20 maxlen: 32 80.245.208.0/20 maxlen: 32 95.131.232.0/21 maxlen: 32 185.56.252.0/22 maxlen: 32 195.38.30.0/24 maxlen: 32 217.168.160.0/20 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.mft rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ec:eb:b5:bb:0f:b7:67:68:ae:52:c8:a5:84:a1:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4568d0a7204560b6356d837bbf1510d9636df63a Validity Not Before: Jan 2 04:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=beb375724886d754488e62c1b37354767def2d7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ab:e5:91:03:8b:94:c1:ea:da:99:5d:4e:b6: f8:e5:a6:b3:c6:92:da:20:fd:59:ab:bd:09:46:a4: 1d:af:91:b0:c5:1d:27:b0:6d:d2:e5:e6:16:10:93: 13:b9:09:31:e4:87:e7:b0:9a:6a:c5:34:46:42:86: a0:dc:1f:63:0d:44:d0:e9:ae:6a:74:a2:be:7d:16: 51:43:74:11:42:27:6c:78:0c:ba:a1:9f:9f:60:04: 2f:a8:6d:24:d6:15:02:1c:23:fa:52:81:00:57:43: 73:f3:33:34:2d:91:cc:c5:b5:ee:01:d1:e7:d6:9b: f6:94:3b:b9:68:60:39:af:9f:89:81:db:81:79:88: d4:81:c5:38:ad:b8:25:20:e6:65:bf:18:2d:63:1b: 4d:76:e4:2d:bc:9a:25:c2:bb:0d:9d:cf:84:8f:83: 69:dc:ee:79:6a:e2:bc:ed:ef:e3:43:17:a8:93:57: 26:af:75:ad:43:15:48:d1:0e:61:d5:83:73:4a:2a: 6d:2b:26:95:17:d1:90:56:86:87:c4:a8:cf:a9:f3: 97:45:21:be:0d:b8:25:41:14:ad:21:c8:dd:42:0e: 34:7d:02:0f:9f:42:3e:3d:0a:07:ee:9f:ff:f4:32: 02:3e:6e:0e:1c:e5:eb:5c:b5:30:0a:36:8d:df:d9: f5:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:B3:75:72:48:86:D7:54:48:8E:62:C1:B3:73:54:76:7D:EF:2D:7C X509v3 Authority Key Identifier: keyid:45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/vrN1ckiG11RIjmLBs3NUdn3vLXw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.72.0/21 78.110.16.0/20 80.245.208.0/20 95.131.232.0/21 185.56.252.0/22 195.38.30.0/24 217.168.160.0/20 Signature Algorithm: sha256WithRSAEncryption a9:82:b9:5e:cd:80:f4:08:07:a8:71:03:89:47:26:25:28:58: 1e:04:16:23:8a:f9:ee:7b:61:84:44:55:b0:a8:fd:8c:06:be: ef:56:7c:f4:ff:91:03:9a:0a:b2:5b:ee:22:ed:2b:af:41:9a: a7:3d:55:b8:f9:d6:40:2a:2d:8f:56:d7:91:ee:81:c0:17:2d: 96:d6:4c:48:22:c5:9e:9b:f9:e8:2c:0e:d3:95:4b:31:41:11: e2:7f:e4:2e:5b:3e:41:e8:3b:65:7f:18:d6:2b:08:5e:34:23: 01:2a:04:30:fd:f0:a9:07:97:c6:ac:d7:cb:6a:5d:92:0c:49: 1d:24:86:d3:77:39:ac:b8:e8:fb:79:08:3e:8a:6e:09:8b:f5: dc:00:d2:3e:58:57:38:4a:8b:8b:5a:54:5c:c5:01:67:29:89: d7:66:31:35:75:1e:d6:3a:10:69:85:80:5c:00:02:10:70:e5: 19:cd:2d:2d:5e:d0:f8:b8:18:00:81:9f:06:86:04:aa:94:74: df:b4:89:b5:cc:28:6a:08:ac:88:6a:2b:0b:c2:8b:24:29:88: 3f:e9:ce:32:4d:3e:cd:d8:a1:3a:4e:d0:20:a5:e9:1e:6d:f5: 86:25:11:a6:d9:fe:c3:c2:1e:bf:94:eb:4a:5e:88:52:6f:d2: 24:5a:32:69 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZt87Ou1uw+3Z2iuUsilhKEeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1NjhkMGE3MjA0NTYwYjYzNTZkODM3YmJmMTUxMGQ5NjM2 ZGY2M2EwHhcNMjYwMTAyMDQxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZWIzNzU3MjQ4ODZkNzU0NDg4ZTYyYzFiMzczNTQ3NjdkZWYyZDdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKvlkQOLlMHq2pldTrb45aazxpLa IP1Zq70JRqQdr5GwxR0nsG3S5eYWEJMTuQkx5IfnsJpqxTRGQoag3B9jDUTQ6a5q dKK+fRZRQ3QRQidseAy6oZ+fYAQvqG0k1hUCHCP6UoEAV0Nz8zM0LZHMxbXuAdHn 1pv2lDu5aGA5r5+JgduBeYjUgcU4rbglIOZlvxgtYxtNduQtvJolwrsNnc+Ej4Np 3O55auK87e/jQxeok1cmr3WtQxVI0Q5h1YNzSiptKyaVF9GQVoaHxKjPqfOXRSG+ DbglQRStIcjdQg40fQIPn0I+PQoH7p//9DICPm4OHOXrXLUwCjaN39n1+QIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFL6zdXJIhtdUSI5iwbNzVHZ97y18MB8GA1UdIwQY MBaAFEVo0KcgRWC2NW2De78VENljbfY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgt NmZlMzVhZTU0YTViLzEvdnJOMWNraUcxMVJJam1MQnMzTlVkbjN2TFh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgtNmZlMzVhZTU0YTVi LzEvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXJIAwQE Tm4QAwQEUPXQAwQDX4PoAwQCuTj8AwQAwyYeAwQE2aigMA0GCSqGSIb3DQEBCwUA A4IBAQCpgrlezYD0CAeocQOJRyYlKFgeBBYjivnue2GERFWwqP2MBr7vVnz0/5ED mgqyW+4i7SuvQZqnPVW4+dZAKi2PVteR7oHAFy2W1kxIIsWem/noLA7TlUsxQRHi f+QuWz5B6DtlfxjWKwheNCMBKgQw/fCpB5fGrNfLal2SDEkdJIbTdzmsuOj7eQg+ im4Ji/XcANI+WFc4SouLWlRcxQFnKYnXZjE1dR7WOhBphYBcAAIQcOUZzS0tXtD4 uBgAgZ8GhgSqlHTftIm1zChqCKyIaisLwoskKYg/6c4yTT7N2KE6TtAgpekebfWG JRGm2f7Dwh6/lOtKXohSb9IkWjJp -----END CERTIFICATE-----Generated at Thu Jan 22 09:48:33 2026 by rpki-client