This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/10zWBAG3yHk6LZ2cT_OBKxWFNWM.roa File: 10zWBAG3yHk6LZ2cT_OBKxWFNWM.roa (raw, json) Hash identifier: 3CyCzPInmv1M2HVwGxzJQ9jqmdcvQHPMZfCVee8QVmg= Subject key identifier: D7:4C:D6:04:01:B7:C8:79:3A:2D:9D:9C:4F:F3:81:2B:15:85:35:63 Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad Certificate serial: 019B7D5BE3539A51014986C0F0E5AE68EB99 Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/10zWBAG3yHk6LZ2cT_OBKxWFNWM.roa Signing time: Fri 02 Jan 2026 06:18:52 +0000 ROA not before: Fri 02 Jan 2026 06:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 5.63.192.0/18 maxlen: 24 5.148.192.0/18 maxlen: 24 5.206.128.0/18 maxlen: 24 37.188.80.0/21 maxlen: 24 37.191.0.0/18 maxlen: 24 37.220.192.0/18 maxlen: 24 78.139.0.0/18 maxlen: 24 80.98.0.0/15 maxlen: 24 80.244.96.0/20 maxlen: 24 86.101.0.0/16 maxlen: 24 88.87.240.0/21 maxlen: 24 89.132.0.0/14 maxlen: 24 89.223.128.0/17 maxlen: 24 94.44.0.0/16 maxlen: 24 130.43.192.0/18 maxlen: 24 151.0.64.0/18 maxlen: 24 176.63.0.0/16 maxlen: 24 178.48.0.0/16 maxlen: 24 185.10.124.0/22 maxlen: 24 185.33.80.0/23 maxlen: 24 185.123.28.0/22 maxlen: 24 188.142.160.0/19 maxlen: 24 188.142.192.0/18 maxlen: 24 195.184.160.0/19 maxlen: 24 212.48.240.0/20 maxlen: 24 212.96.32.0/19 maxlen: 24 213.222.128.0/18 maxlen: 24 2a02:ab80::/28 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.mft rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:e3:53:9a:51:01:49:86:c0:f0:e5:ae:68:eb:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad Validity Not Before: Jan 2 06:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d74cd60401b7c8793a2d9d9c4ff3812b15853563 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:e9:61:11:44:69:cc:13:66:88:66:32:32:90: 76:0c:e4:d4:ad:bc:8f:92:e1:90:41:8e:5b:32:ae: ff:ff:90:fa:c6:c0:8a:63:6e:d5:50:a5:ba:ca:bd: f3:21:8d:f0:95:15:9c:95:b6:91:c4:2a:31:81:f5: 83:1f:86:9d:12:da:62:76:fe:4a:5d:7b:51:39:ea: 4a:fb:bc:94:70:1c:91:8f:65:b9:41:59:bd:75:d0: 4e:28:7e:f3:f5:e8:66:3b:ab:d6:7d:a5:9d:16:48: ac:3c:41:5c:af:bf:a5:99:74:c8:90:3d:99:64:af: eb:8b:01:55:44:5b:3c:70:cf:c9:f7:94:98:65:7b: 34:73:85:f6:7c:cb:75:3f:9d:8a:f9:5f:f7:45:64: a7:40:27:0b:14:8b:c5:bb:91:72:34:95:50:95:74: 97:1f:3f:b6:27:24:a4:9b:5b:45:60:02:80:e0:b9: 25:ff:d3:a5:b6:d2:3a:49:2a:1f:f8:f9:04:2a:3e: 9a:19:f7:90:4b:45:16:34:a4:78:00:3d:f8:1f:79: 80:92:e7:16:af:9a:88:c2:61:a3:6e:81:10:8f:6e: 97:6c:66:ff:dd:fb:aa:3c:a7:3c:fb:2d:d5:bb:73: 30:63:ac:a3:c9:81:9f:bd:c7:5c:65:4d:38:2e:04: 03:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:4C:D6:04:01:B7:C8:79:3A:2D:9D:9C:4F:F3:81:2B:15:85:35:63 X509v3 Authority Key Identifier: keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/10zWBAG3yHk6LZ2cT_OBKxWFNWM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.63.192.0/18 5.148.192.0/18 5.206.128.0/18 37.188.80.0/21 37.191.0.0/18 37.220.192.0/18 78.139.0.0/18 80.98.0.0/15 80.244.96.0/20 86.101.0.0/16 88.87.240.0/21 89.132.0.0/14 89.223.128.0/17 94.44.0.0/16 130.43.192.0/18 151.0.64.0/18 176.63.0.0/16 178.48.0.0/16 185.10.124.0/22 185.33.80.0/23 185.123.28.0/22 188.142.160.0-188.142.255.255 195.184.160.0/19 212.48.240.0/20 212.96.32.0/19 213.222.128.0/18 IPv6: 2a02:ab80::/28 Signature Algorithm: sha256WithRSAEncryption aa:f3:ce:6b:c3:fd:a6:2c:79:38:01:52:a4:4d:5f:97:ec:51: 20:cf:b2:5c:e3:ee:51:93:9e:8d:d0:f3:f9:2b:75:0a:9e:8b: 4b:3f:d7:c5:37:27:87:46:8d:9b:59:fd:e8:48:7c:98:47:e5: 9c:1e:55:81:d1:4d:ce:72:21:de:34:f4:6b:29:2c:c6:ab:bc: 85:b8:96:80:24:5b:2d:01:80:d1:59:d9:44:e3:29:bb:06:06: 9e:0d:be:31:68:0f:df:c8:b4:2f:8c:7e:ff:29:78:6c:5c:5a: 25:5a:98:fd:b3:41:60:93:e0:8e:41:22:a0:ff:44:9d:3c:72: 6d:b1:7a:f3:19:c9:d5:41:cf:07:13:58:3f:5e:fc:71:c2:cd: 1d:6e:14:37:1a:c8:4c:8e:0c:c1:41:b9:b6:22:fe:3c:cb:28: 73:d1:4b:b5:a9:31:94:3a:9a:0b:be:f1:ec:17:3e:9f:7f:f6: 30:e1:37:86:e7:72:67:f8:2a:88:63:dd:cd:7f:52:44:86:05: 8f:bf:4d:c7:35:69:53:b9:dd:ca:4e:b7:c0:24:a2:1c:27:15: 93:c4:b4:3d:30:f5:a6:de:fc:f1:18:7e:7a:f7:45:59:61:ca: 89:27:22:1d:3c:92:bd:af:6b:e7:47:6f:ca:17:82:69:ac:60: ee:ac:9c:d2 -----BEGIN CERTIFICATE----- MIIFqDCCBJCgAwIBAgISAZt9W+NTmlEBSYbA8OWuaOuZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4 NzYwYWQwHhcNMjYwMTAyMDYxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNzRjZDYwNDAxYjdjODc5M2EyZDlkOWM0ZmYzODEyYjE1ODUzNTYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ulhEURpzBNmiGYyMpB2DOTUrbyP kuGQQY5bMq7//5D6xsCKY27VUKW6yr3zIY3wlRWclbaRxCoxgfWDH4adEtpidv5K XXtROepK+7yUcByRj2W5QVm9ddBOKH7z9ehmO6vWfaWdFkisPEFcr7+lmXTIkD2Z ZK/riwFVRFs8cM/J95SYZXs0c4X2fMt1P52K+V/3RWSnQCcLFIvFu5FyNJVQlXSX Hz+2JySkm1tFYAKA4Lkl/9OlttI6SSof+PkEKj6aGfeQS0UWNKR4AD34H3mAkucW r5qIwmGjboEQj26XbGb/3fuqPKc8+y3Vu3MwY6yjyYGfvcdcZU04LgQDnwIDAQAB o4ICtDCCArAwHQYDVR0OBBYEFNdM1gQBt8h5Oi2dnE/zgSsVhTVjMB8GA1UdIwQY MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt MGZjYzZjMzAxMWZjLzEvMTB6V0JBRzN5SGs2TFoyY1RfT0JLeFdGTldNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAYF P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0 YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA sjADBAK5CnwDBAG5IVADBAK5exwwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF 1GAgAwQG1d6AMA0EAgACMAcDBQQqAquAMA0GCSqGSIb3DQEBCwUAA4IBAQCq885r w/2mLHk4AVKkTV+X7FEgz7Jc4+5Rk56N0PP5K3UKnotLP9fFNyeHRo2bWf3oSHyY R+WcHlWB0U3OciHeNPRrKSzGq7yFuJaAJFstAYDRWdlE4ym7BgaeDb4xaA/fyLQv jH7/KXhsXFolWpj9s0Fgk+COQSKg/0SdPHJtsXrzGcnVQc8HE1g/Xvxxws0dbhQ3 GshMjgzBQbm2Iv48yyhz0Uu1qTGUOpoLvvHsFz6ff/Yw4TeG53Jn+CqIY93Nf1JE hgWPv03HNWlTud3KTrfAJKIcJxWTxLQ9MPWm3vzxGH5690VZYcqJJyIdPJK9r2vn R2/KF4JprGDurJzS -----END CERTIFICATE-----Generated at Wed Jan 21 07:22:00 2026 by rpki-client