This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/X2yZO2edNKoReeE3NkBnnhmtntU.roa File: X2yZO2edNKoReeE3NkBnnhmtntU.roa (raw, json) Hash identifier: sfJzWSG7BV00ScgX4fUDxiq+ugnNF5D43yAp8P+p9UE= Subject key identifier: 5F:6C:99:3B:67:9D:34:AA:11:79:E1:37:36:40:67:9E:19:AD:9E:D5 Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Certificate serial: 019B037E07DD2A1D1B9A61DA6ADB5257C896 Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/X2yZO2edNKoReeE3NkBnnhmtntU.roa Signing time: Tue 09 Dec 2025 14:22:29 +0000 ROA not before: Tue 09 Dec 2025 14:22:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31034 IP address blocks: 5.249.128.0/19 maxlen: 24 31.11.32.0/21 maxlen: 24 31.14.128.0/20 maxlen: 24 46.37.0.0/19 maxlen: 24 62.149.128.0/17 maxlen: 24 66.71.128.0/18 maxlen: 24 66.71.128.0/19 maxlen: 24 66.71.176.0/20 maxlen: 24 77.81.224.0/20 maxlen: 24 80.73.224.0/21 maxlen: 24 80.88.80.0/20 maxlen: 24 80.211.0.0/16 maxlen: 24 85.235.128.0/19 maxlen: 24 89.36.208.0/22 maxlen: 24 89.46.64.0/20 maxlen: 24 89.46.104.0/21 maxlen: 24 89.46.192.0/21 maxlen: 24 93.186.240.0/21 maxlen: 24 93.186.248.0/21 maxlen: 24 94.177.160.0/19 maxlen: 24 94.177.192.0/18 maxlen: 24 95.110.128.0/17 maxlen: 24 109.70.240.0/22 maxlen: 24 109.70.244.0/22 maxlen: 24 176.107.144.0/21 maxlen: 24 185.56.8.0/22 maxlen: 24 185.58.116.0/22 maxlen: 24 185.58.192.0/22 maxlen: 24 188.213.160.0/20 maxlen: 24 193.254.240.0/23 maxlen: 24 194.182.110.0/23 maxlen: 24 195.128.234.0/23 maxlen: 24 195.225.168.0/22 maxlen: 24 195.231.0.0/17 maxlen: 24 195.231.64.0/20 maxlen: 24 195.231.80.0/21 maxlen: 24 195.231.88.0/21 maxlen: 24 195.234.171.0/24 maxlen: 24 195.250.34.0/24 maxlen: 24 209.227.224.0/20 maxlen: 24 212.237.0.0/18 maxlen: 24 217.61.0.0/18 maxlen: 24 217.61.56.0/21 maxlen: 24 217.61.120.0/21 maxlen: 24 217.73.224.0/20 maxlen: 24 2a00:6d40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 20:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:03:7e:07:dd:2a:1d:1b:9a:61:da:6a:db:52:57:c8:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Validity Not Before: Dec 9 14:22:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5f6c993b679d34aa1179e1373640679e19ad9ed5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:14:70:f7:37:c1:38:02:2e:cc:e4:bf:48:3e: a2:c6:71:80:ae:62:8a:2d:5e:12:cf:62:b9:3c:95: f0:e7:d8:a3:d3:e6:9c:57:81:7e:ba:4f:b2:ec:97: e2:10:d3:0b:be:5f:de:e1:c5:31:2e:e0:48:9f:7d: 6d:be:33:df:32:8b:ed:a8:db:b9:42:0d:82:83:5b: 3b:03:6e:34:06:89:b3:b8:50:dd:5d:6f:16:e6:d4: 1a:de:74:93:7a:5b:1d:8d:f3:61:e6:f4:cb:be:dc: 3e:06:10:64:af:55:ae:07:be:f2:c5:92:6a:bb:45: 7b:df:aa:04:c6:1c:3b:36:bb:ea:81:ef:9a:aa:ae: e1:0e:7c:48:68:1a:0e:d8:58:88:82:0a:6e:08:29: b5:e7:1c:b0:30:9c:d9:82:3f:e3:1f:83:f9:09:16: 94:a2:f7:21:53:8d:a9:8a:a1:d0:d9:3c:99:63:a3: e1:f7:b6:09:4b:1a:9a:6b:32:e8:70:f5:d5:31:aa: 75:3c:e4:d6:17:5e:51:e0:47:17:a8:29:e6:ce:9a: 08:b9:cb:42:c7:e8:c3:87:30:d2:d5:78:59:67:d0: 6d:8e:dc:e0:2f:f7:3b:b2:60:ed:4c:85:b8:66:d0: 2b:6b:b0:e7:09:47:86:d6:cd:e1:a4:70:7a:d4:14: 63:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:6C:99:3B:67:9D:34:AA:11:79:E1:37:36:40:67:9E:19:AD:9E:D5 X509v3 Authority Key Identifier: keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/X2yZO2edNKoReeE3NkBnnhmtntU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.249.128.0/19 31.11.32.0/21 31.14.128.0/20 46.37.0.0/19 62.149.128.0/17 66.71.128.0/18 77.81.224.0/20 80.73.224.0/21 80.88.80.0/20 80.211.0.0/16 85.235.128.0/19 89.36.208.0/22 89.46.64.0/20 89.46.104.0/21 89.46.192.0/21 93.186.240.0/20 94.177.160.0-94.177.255.255 95.110.128.0/17 109.70.240.0/21 176.107.144.0/21 185.56.8.0/22 185.58.116.0/22 185.58.192.0/22 188.213.160.0/20 193.254.240.0/23 194.182.110.0/23 195.128.234.0/23 195.225.168.0/22 195.231.0.0/17 195.234.171.0/24 195.250.34.0/24 209.227.224.0/20 212.237.0.0/18 217.61.0.0/18 217.61.120.0/21 217.73.224.0/20 IPv6: 2a00:6d40::/29 Signature Algorithm: sha256WithRSAEncryption 9d:30:4a:8b:ca:ab:9a:a2:68:ab:43:2f:4c:93:48:cb:1f:2e: 10:5c:0f:cb:b2:f1:6d:f7:be:15:2e:29:9f:f3:35:44:da:d7: 2a:c7:a9:9b:bd:93:24:81:a5:66:51:32:04:7d:db:b4:e8:0a: c2:fc:88:ff:1c:42:05:be:45:fc:2e:48:de:37:fb:c4:25:e8: 99:a3:af:a2:d5:dd:f3:7b:72:8a:62:3c:b8:a5:c6:6e:17:f4: da:67:b7:66:12:f6:78:68:51:f0:0d:ab:ca:c1:8e:52:61:da: 2d:91:63:bf:e1:d2:d2:3f:ae:7c:d9:a9:2e:2f:e4:16:a9:77: 66:0f:39:9f:16:67:1a:84:b1:ca:8f:64:46:75:39:6d:c6:c2: 71:39:13:97:8d:3b:e8:d6:dd:04:05:81:39:01:a2:09:14:24: 93:86:ec:6c:db:54:cb:cf:96:3f:d9:09:ff:6e:42:fc:f9:11: 1d:a9:a5:f8:07:f1:34:ff:f4:9e:db:92:8c:30:97:a3:f6:3a: 37:5b:37:00:8b:e8:0b:53:87:38:f0:85:2b:0c:91:d9:c2:2d: 84:a6:85:cd:1b:16:a3:63:33:36:55:13:80:ad:87:1a:0b:f4: 93:b5:55:6b:d7:ad:21:43:75:83:aa:c0:97:3b:38:9b:4c:8b: 67:71:1d:8e -----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgISAZsDfgfdKh0bmmHaattSV8iWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5 Mzg2MWMwHhcNMjUxMjA5MTQyMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZjZjOTkzYjY3OWQzNGFhMTE3OWUxMzczNjQwNjc5ZTE5YWQ5ZWQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRRw9zfBOAIuzOS/SD6ixnGArmKK LV4Sz2K5PJXw59ij0+acV4F+uk+y7JfiENMLvl/e4cUxLuBIn31tvjPfMovtqNu5 Qg2Cg1s7A240BomzuFDdXW8W5tQa3nSTelsdjfNh5vTLvtw+BhBkr1WuB77yxZJq u0V736oExhw7Nrvqge+aqq7hDnxIaBoO2FiIggpuCCm15xywMJzZgj/jH4P5CRaU ovchU42piqHQ2TyZY6Ph97YJSxqaazLocPXVMap1POTWF15R4EcXqCnmzpoIuctC x+jDhzDS1XhZZ9BtjtzgL/c7smDtTIW4ZtAra7DnCUeG1s3hpHB61BRj+QIDAQAB o4IC9jCCAvIwHQYDVR0OBBYEFF9smTtnnTSqEXnhNzZAZ54ZrZ7VMB8GA1UdIwQY MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt ODQyNjk0MTJkNTYxLzEvWDJ5Wk8yZWROS29SZWVFM05rQm5uaG10bnRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBCgYIKwYBBQUHAQcBAf8EgfowgfcwgeUEAgABMIHeAwQF BfmAAwQDHwsgAwQEHw6AAwQFLiUAAwQHPpWAAwQGQkeAAwQETVHgAwQDUEngAwQE UFhQAwMAUNMDBAVV64ADBAJZJNADBARZLkADBANZLmgDBANZLsADBARduvAwCwME BV6xoAMDAV6wAwQHX26AAwQDbUbwAwQDsGuQAwQCuTgIAwQCuTp0AwQCuTrAAwQE vNWgAwQBwf7wAwQBwrZuAwQBw4DqAwQCw+GoAwQHw+cAAwQAw+qrAwQAw/oiAwQE 0ePgAwQG1O0AAwQG2T0AAwQD2T14AwQE2UngMA0EAgACMAcDBQMqAG1AMA0GCSqG SIb3DQEBCwUAA4IBAQCdMEqLyquaomirQy9Mk0jLHy4QXA/LsvFt974VLimf8zVE 2tcqx6mbvZMkgaVmUTIEfdu06ArC/Ij/HEIFvkX8LkjeN/vEJeiZo6+i1d3ze3KK Yjy4pcZuF/TaZ7dmEvZ4aFHwDavKwY5SYdotkWO/4dLSP6582akuL+QWqXdmDzmf FmcahLHKj2RGdTltxsJxOROXjTvo1t0EBYE5AaIJFCSThuxs21TLz5Y/2Qn/bkL8 +REdqaX4B/E0//Se25KMMJej9jo3WzcAi+gLU4c48IUrDJHZwi2EpoXNGxajYzM2 VROArYcaC/STtVVr160hQ3WDqsCXOzibTItncR2O -----END CERTIFICATE-----Generated at Fri Dec 12 05:15:22 2025 by rpki-client