This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/vUHrTNIykiSnEmNGusQYaFxAqdw.roa File: vUHrTNIykiSnEmNGusQYaFxAqdw.roa (raw, json) Hash identifier: 1iGnZuZAbpNIqbdvK2c36DPr9j4iU15E9+caM/CdPU8= Subject key identifier: BD:41:EB:4C:D2:32:92:24:A7:12:63:46:BA:C4:18:68:5C:40:A9:DC Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837 Certificate serial: 019B797DE9810252D9E6C6847FED76235191 Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/vUHrTNIykiSnEmNGusQYaFxAqdw.roa Signing time: Thu 01 Jan 2026 12:17:33 +0000 ROA not before: Thu 01 Jan 2026 12:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207990 IP address blocks: 45.133.136.0/24 maxlen: 32 88.218.144.0/22 maxlen: 32 91.193.100.0/22 maxlen: 32 95.175.80.0/20 maxlen: 32 95.214.84.0/22 maxlen: 32 178.239.22.0/23 maxlen: 32 185.23.200.0/23 maxlen: 32 185.247.228.0/24 maxlen: 32 185.247.229.0/24 maxlen: 32 185.247.230.0/23 maxlen: 32 185.251.44.0/23 maxlen: 32 185.251.46.0/23 maxlen: 32 185.251.248.0/23 maxlen: 32 185.251.250.0/23 maxlen: 32 193.8.80.0/22 maxlen: 32 194.156.112.0/22 maxlen: 32 195.66.220.0/22 maxlen: 32 195.158.208.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.mft rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:e9:81:02:52:d9:e6:c6:84:7f:ed:76:23:51:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837 Validity Not Before: Jan 1 12:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd41eb4cd2329224a7126346bac418685c40a9dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:10:33:62:66:10:14:ec:8d:02:58:06:9f:c1: f7:bc:6d:89:6e:dd:0b:4b:18:91:0b:be:e2:0d:d9: 46:c5:0b:7a:55:e7:d0:9d:99:28:dc:a3:59:39:13: c1:c3:da:be:d5:ba:52:b0:42:46:6d:c3:02:bd:9f: ba:0f:5f:02:c1:f1:48:a7:df:c1:64:43:0a:3a:96: 8c:a5:b2:5e:ba:4c:6b:9b:49:41:4b:81:85:17:4a: 0c:64:23:1b:42:6e:21:18:b1:73:2b:40:9c:26:e2: a1:a0:f8:b5:c6:3c:da:59:94:4e:9a:4e:66:55:71: 01:da:f2:cd:d5:c5:c3:43:b5:77:d5:a3:aa:80:ec: 71:f5:59:30:1e:bc:3f:54:6e:54:53:6c:f3:ae:68: 18:ae:60:29:e7:c0:fd:ad:f5:49:00:dd:a5:be:62: f2:3e:d4:f1:cf:22:b6:4b:70:0b:33:1d:36:22:47: d1:8a:30:f3:0b:f9:ba:94:de:c3:24:55:9a:8c:f8: c9:f5:57:8a:fa:79:c3:78:2c:04:43:f2:da:35:04: b4:fb:be:0c:83:a0:66:a0:3d:97:8a:d3:3b:42:d7: 82:ae:7a:a8:00:31:72:3e:03:48:eb:8b:da:87:1a: 9b:49:68:78:a3:fd:30:4e:ee:e4:42:fe:d6:c1:b4: 5c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:41:EB:4C:D2:32:92:24:A7:12:63:46:BA:C4:18:68:5C:40:A9:DC X509v3 Authority Key Identifier: keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/vUHrTNIykiSnEmNGusQYaFxAqdw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.133.136.0/24 88.218.144.0/22 91.193.100.0/22 95.175.80.0/20 95.214.84.0/22 178.239.22.0/23 185.23.200.0/23 185.247.228.0/22 185.251.44.0/22 185.251.248.0/22 193.8.80.0/22 194.156.112.0/22 195.66.220.0/22 195.158.208.0/22 Signature Algorithm: sha256WithRSAEncryption 17:0e:bd:02:09:3a:87:c8:7a:08:13:54:30:91:23:f9:2c:25: e3:fa:09:c9:b2:5b:a7:cd:46:1d:de:50:1c:1f:fe:0f:9c:23: a2:37:8d:d6:69:28:53:4f:3a:be:6e:57:62:75:b9:de:79:72: fb:fa:5d:a4:7f:60:64:f3:19:ee:92:eb:84:db:80:8c:e0:ed: 16:97:59:a5:ff:4e:49:97:40:70:98:d0:34:9e:b1:1f:43:6b: 13:9b:4b:a3:8b:90:bc:4f:48:94:d8:dc:57:a9:19:6a:73:2d: b5:c2:72:79:16:49:9a:5f:25:05:55:77:43:bf:b0:ca:cf:58: da:43:02:d5:4a:74:69:7e:ea:89:1d:91:0d:f6:53:13:83:85: 2c:33:4a:e7:cf:1c:f5:53:af:ab:a7:8e:e3:89:bb:7a:66:71: e7:ac:55:e9:ab:58:89:69:10:07:05:81:68:35:d3:a0:12:26: 8f:c0:bf:88:35:47:94:2f:c0:1a:b3:47:70:86:3c:37:84:12: 32:d0:3c:c7:9a:6d:aa:f4:b4:b8:9a:3a:cf:a5:b5:5f:74:7a: dc:7b:57:21:40:be:dc:7f:2b:4c:6d:8d:24:be:34:46:ba:72: 2a:c8:6f:73:7c:e0:e7:e8:45:bb:78:55:57:fe:59:88:f9:91: ad:ef:f0:23 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZt5femBAlLZ5saEf+12I1GRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2 YmM4MzcwHhcNMjYwMTAxMTIxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDQxZWI0Y2QyMzI5MjI0YTcxMjYzNDZiYWM0MTg2ODVjNDBhOWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBAzYmYQFOyNAlgGn8H3vG2Jbt0L SxiRC77iDdlGxQt6VefQnZko3KNZORPBw9q+1bpSsEJGbcMCvZ+6D18CwfFIp9/B ZEMKOpaMpbJeukxrm0lBS4GFF0oMZCMbQm4hGLFzK0CcJuKhoPi1xjzaWZROmk5m VXEB2vLN1cXDQ7V31aOqgOxx9VkwHrw/VG5UU2zzrmgYrmAp58D9rfVJAN2lvmLy PtTxzyK2S3ALMx02IkfRijDzC/m6lN7DJFWajPjJ9VeK+nnDeCwEQ/LaNQS0+74M g6BmoD2XitM7QteCrnqoADFyPgNI64vahxqbSWh4o/0wTu7kQv7WwbRc7QIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFL1B60zSMpIkpxJjRrrEGGhcQKncMB8GA1UdIwQY MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt MjYyZWIzOWJiZTc2LzEvdlVIclROSXlraVNuRW1OR3VzUVlhRnhBcWR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2 LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYWIAwQC WNqQAwQCW8FkAwQEX69QAwQCX9ZUAwQBsu8WAwQBuRfIAwQCuffkAwQCufssAwQC ufv4AwQCwQhQAwQCwpxwAwQCw0LcAwQCw57QMA0GCSqGSIb3DQEBCwUAA4IBAQAX Dr0CCTqHyHoIE1QwkSP5LCXj+gnJslunzUYd3lAcH/4PnCOiN43WaShTTzq+bldi dbneeXL7+l2kf2Bk8xnukuuE24CM4O0Wl1ml/05Jl0BwmNA0nrEfQ2sTm0uji5C8 T0iU2NxXqRlqcy21wnJ5FkmaXyUFVXdDv7DKz1jaQwLVSnRpfuqJHZEN9lMTg4Us M0rnzxz1U6+rp47jibt6ZnHnrFXpq1iJaRAHBYFoNdOgEiaPwL+INUeUL8Aas0dw hjw3hBIy0DzHmm2q9LS4mjrPpbVfdHrce1chQL7cfytMbY0kvjRGunIqyG9zfODn 6EW7eFVX/lmI+ZGt7/Aj -----END CERTIFICATE-----Generated at Mon Jan 26 22:59:35 2026 by rpki-client