This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/k18lVXCHbb1-8v6yyvWMJ8VYVHU.roa File: k18lVXCHbb1-8v6yyvWMJ8VYVHU.roa (raw, json) Hash identifier: In1eQKHvGTUmAaOtsHiEQVzo1kSRudjkKkxMelV/95Y= Subject key identifier: 93:5F:25:55:70:87:6D:BD:7E:F2:FE:B2:CA:F5:8C:27:C5:58:54:75 Certificate issuer: /CN=ff40d8a2ea9676369e6e817679490e4e505c89f3 Certificate serial: 019B79ED470E4463313892530DBE1670459C Authority key identifier: FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/k18lVXCHbb1-8v6yyvWMJ8VYVHU.roa Signing time: Thu 01 Jan 2026 14:19:11 +0000 ROA not before: Thu 01 Jan 2026 14:19:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35612 IP address blocks: 5.157.96.0/19 maxlen: 19 49.236.0.0/18 maxlen: 21 77.32.0.0/17 maxlen: 21 78.134.0.0/17 maxlen: 20 78.134.28.0/22 maxlen: 22 78.134.44.0/22 maxlen: 22 78.134.108.0/22 maxlen: 22 81.174.0.0/18 maxlen: 18 81.174.48.0/22 maxlen: 22 84.33.64.0/18 maxlen: 21 84.33.128.0/18 maxlen: 21 88.147.0.0/17 maxlen: 21 88.147.80.0/22 maxlen: 22 88.147.84.0/22 maxlen: 22 88.149.128.0/17 maxlen: 17 88.149.240.0/22 maxlen: 22 88.149.244.0/22 maxlen: 22 128.116.128.0/17 maxlen: 17 146.241.0.0/16 maxlen: 21 147.53.128.0/17 maxlen: 20 185.11.20.0/22 maxlen: 22 212.124.160.0/19 maxlen: 19 216.247.128.0/18 maxlen: 18 2001:4c90::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.mft rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:47:0e:44:63:31:38:92:53:0d:be:16:70:45:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff40d8a2ea9676369e6e817679490e4e505c89f3 Validity Not Before: Jan 1 14:19:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=935f255570876dbd7ef2feb2caf58c27c5585475 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:2d:a4:ec:f7:cd:b5:a7:ff:a7:82:fa:04:df: 0e:11:0c:6d:64:a6:31:37:96:f2:99:74:7f:59:a2: e7:e7:4d:88:76:db:c6:b7:8d:55:ad:bd:4f:39:63: bb:9c:ba:f2:25:0c:4e:3d:83:d3:f1:48:7e:31:4e: 27:6c:36:49:22:a2:da:a6:bf:9c:8c:2e:d4:b9:d8: 58:e4:21:46:24:93:25:cb:cf:e0:42:44:fa:9d:8c: c0:28:39:39:fc:9f:45:d7:07:c8:2e:ab:45:ec:18: 4c:df:53:4e:33:1b:11:a2:4b:37:ad:45:08:77:b2: f4:27:4c:11:f7:fe:a6:0c:ed:45:55:fb:0b:b0:01: 1d:61:0f:18:03:bc:b3:cc:3a:4c:84:43:04:6a:a0: 67:c5:82:c0:75:63:c8:8b:84:60:17:20:23:a4:1e: 14:44:da:0c:a2:da:2d:1d:6a:2a:ca:f4:4c:ac:ab: c5:1e:cf:71:bb:01:7f:0e:ad:11:bb:e4:0c:cc:72: a4:42:fb:51:29:cc:4c:f1:87:c3:49:ba:b8:41:b1: 90:cf:a9:49:a9:c8:5c:e2:0f:e8:4e:52:95:ae:ef: 9e:42:c9:11:c9:0c:dc:df:73:11:94:ad:cc:15:5a: 8d:c8:4d:98:b1:19:88:8d:49:48:4f:75:bb:6a:26: 8e:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:5F:25:55:70:87:6D:BD:7E:F2:FE:B2:CA:F5:8C:27:C5:58:54:75 X509v3 Authority Key Identifier: keyid:FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/k18lVXCHbb1-8v6yyvWMJ8VYVHU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.157.96.0/19 49.236.0.0/18 77.32.0.0/17 78.134.0.0/17 81.174.0.0/18 84.33.64.0-84.33.191.255 88.147.0.0/17 88.149.128.0/17 128.116.128.0/17 146.241.0.0/16 147.53.128.0/17 185.11.20.0/22 212.124.160.0/19 216.247.128.0/18 IPv6: 2001:4c90::/29 Signature Algorithm: sha256WithRSAEncryption 6e:6d:a7:b3:6e:db:79:7a:cb:5b:89:94:8f:4d:43:59:39:f9: 69:18:9e:29:ec:68:1f:32:87:b7:ed:a4:37:52:a5:b0:de:03: b8:4c:bb:1a:83:be:25:45:ab:f0:6b:43:f5:f1:2a:97:c9:6d: 05:59:40:7f:d7:41:01:7e:3b:9e:fa:10:6f:e6:61:6c:c9:69: 86:b3:95:2a:68:89:7f:9d:ca:f5:c3:3f:70:17:2b:2b:eb:4b: 86:68:18:11:05:54:99:90:50:1c:fe:c7:09:38:be:33:ac:8f: eb:de:ea:0f:17:ec:10:a6:c3:2b:8a:04:8e:c4:fc:46:7c:45: 86:92:7b:0a:80:4b:f8:6b:74:9f:22:64:8c:89:e4:c8:b5:9a: de:9e:03:34:9e:5d:b3:31:22:31:1a:31:ea:48:80:d8:1f:94: 5e:09:57:c1:4a:32:da:56:29:a6:1b:e2:f2:57:6a:f6:d1:a5: bf:db:fe:0f:72:4e:6d:6f:fb:10:06:b7:dc:30:fd:94:8c:36: 39:d9:8e:9e:3d:14:64:3d:26:cb:a9:4e:1a:d6:bb:a9:2e:43: 89:c3:52:5e:22:35:94:a3:31:19:fd:dd:f7:f8:d4:af:13:2c: ec:71:d0:6f:0c:70:07:86:a9:60:d2:85:89:15:4f:cc:3b:e9: 78:65:f8:3d -----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgISAZt57UcORGMxOJJTDb4WcEWcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmNDBkOGEyZWE5Njc2MzY5ZTZlODE3Njc5NDkwZTRlNTA1 Yzg5ZjMwHhcNMjYwMTAxMTQxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzVmMjU1NTcwODc2ZGJkN2VmMmZlYjJjYWY1OGMyN2M1NTg1NDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC2k7PfNtaf/p4L6BN8OEQxtZKYx N5bymXR/WaLn502IdtvGt41Vrb1POWO7nLryJQxOPYPT8Uh+MU4nbDZJIqLapr+c jC7UudhY5CFGJJMly8/gQkT6nYzAKDk5/J9F1wfILqtF7BhM31NOMxsRoks3rUUI d7L0J0wR9/6mDO1FVfsLsAEdYQ8YA7yzzDpMhEMEaqBnxYLAdWPIi4RgFyAjpB4U RNoMototHWoqyvRMrKvFHs9xuwF/Dq0Ru+QMzHKkQvtRKcxM8YfDSbq4QbGQz6lJ qchc4g/oTlKVru+eQskRyQzc33MRlK3MFVqNyE2YsRmIjUlIT3W7aiaOLQIDAQAB o4ICbjCCAmowHQYDVR0OBBYEFJNfJVVwh229fvL+ssr1jCfFWFR1MB8GA1UdIwQY MBaAFP9A2KLqlnY2nm6BdnlJDk5QXInzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzBEWW91cVdkamFlYm9GMmVVa09UbEJjaWZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83YWJmM2MtMjlmMy00M2M4LTk3OGUt YjA1MGMxMTI5MTI2LzEvazE4bFZYQ0hiYjEtOHY2eXl2V01KOFZZVkhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS83YWJmM2MtMjlmMy00M2M4LTk3OGUtYjA1MGMxMTI5MTI2 LzEvXzBEWW91cVdkamFlYm9GMmVVa09UbEJjaWZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwYQQCAAEwWwMEBQWdYAME BjHsAAMEB00gAAMEB06GAAMEBlGuADAMAwQGVCFAAwQGVCGAAwQHWJMAAwQHWJWA AwQHgHSAAwMAkvEDBAeTNYADBAK5CxQDBAXUfKADBAbY94AwDQQCAAIwBwMFAyAB TJAwDQYJKoZIhvcNAQELBQADggEBAG5tp7Nu23l6y1uJlI9NQ1k5+WkYninsaB8y h7ftpDdSpbDeA7hMuxqDviVFq/BrQ/XxKpfJbQVZQH/XQQF+O576EG/mYWzJaYaz lSpoiX+dyvXDP3AXKyvrS4ZoGBEFVJmQUBz+xwk4vjOsj+ve6g8X7BCmwyuKBI7E /EZ8RYaSewqAS/hrdJ8iZIyJ5Mi1mt6eAzSeXbMxIjEaMepIgNgflF4JV8FKMtpW KaYb4vJXavbRpb/b/g9yTm1v+xAGt9ww/ZSMNjnZjp49FGQ9JsupThrWu6kuQ4nD Ul4iNZSjMRn93ff41K8TLOxx0G8McAeGqWDShYkVT8w76Xhl+D0= -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:31 2026 by rpki-client