This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Opi30sdjrG9y6hz36Z42PxWTDUU.roa File: Opi30sdjrG9y6hz36Z42PxWTDUU.roa (raw, json) Hash identifier: WJCHzKFTRrVvP5KeR+6KRTbsCT7S3wqPOsU3B9ouBfA= Subject key identifier: 3A:98:B7:D2:C7:63:AC:6F:72:EA:1C:F7:E9:9E:36:3F:15:93:0D:45 Certificate issuer: /CN=1daf46a40c246d6540d992c321b1cc3623d65995 Certificate serial: 019B12012FE4C52DDA6162348A924EBD02D6 Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Opi30sdjrG9y6hz36Z42PxWTDUU.roa Signing time: Fri 12 Dec 2025 10:00:26 +0000 ROA not before: Fri 12 Dec 2025 10:00:26 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 62370 IP address blocks: 5.104.224.0/24 maxlen: 24 5.104.225.0/24 maxlen: 24 5.104.226.0/24 maxlen: 24 5.104.228.0/24 maxlen: 24 37.148.160.0/24 maxlen: 24 37.148.161.0/24 maxlen: 24 37.148.162.0/24 maxlen: 24 37.148.163.0/24 maxlen: 24 37.148.165.0/24 maxlen: 24 77.95.225.0/24 maxlen: 24 77.95.228.0/24 maxlen: 24 77.95.229.0/24 maxlen: 24 77.95.231.0/24 maxlen: 24 78.41.201.0/24 maxlen: 24 78.41.203.0/24 maxlen: 24 78.41.204.0/24 maxlen: 24 78.41.205.0/24 maxlen: 24 78.41.206.0/24 maxlen: 24 78.41.207.0/24 maxlen: 24 89.207.128.0/24 maxlen: 24 89.207.129.0/24 maxlen: 24 89.207.130.0/24 maxlen: 24 89.207.131.0/24 maxlen: 24 89.207.132.0/24 maxlen: 24 89.207.134.0/24 maxlen: 24 89.207.135.0/24 maxlen: 24 128.204.192.0/24 maxlen: 24 128.204.194.0/24 maxlen: 24 128.204.199.0/24 maxlen: 24 185.62.56.0/24 maxlen: 24 185.62.57.0/24 maxlen: 24 185.62.58.0/24 maxlen: 24 185.62.59.0/24 maxlen: 24 193.33.60.0/24 maxlen: 24 193.33.61.0/24 maxlen: 24 193.34.166.0/24 maxlen: 24 193.34.167.0/24 maxlen: 24 2a00:7b80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.mft rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:01:2f:e4:c5:2d:da:61:62:34:8a:92:4e:bd:02:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995 Validity Not Before: Dec 12 10:00:26 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3a98b7d2c763ac6f72ea1cf7e99e363f15930d45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:9a:cd:4e:bb:e6:47:da:b4:0b:79:7b:16:73: e7:47:6a:ae:7f:ce:85:93:48:7e:f0:10:82:33:81: 4e:f8:45:db:84:26:14:17:f7:f4:b9:a7:d0:bc:f6: c5:30:5d:83:29:79:75:c7:af:ae:f6:d1:ed:19:ad: 7d:ed:72:c0:f9:70:ee:02:88:ce:67:29:0f:b0:bc: 55:5a:8b:68:34:a9:62:2f:ec:bb:1a:a4:a3:b4:35: ed:9c:ab:85:75:b4:9f:53:50:c9:a3:64:3c:17:be: f2:24:47:7b:b3:b4:5c:56:27:a3:e6:32:e0:78:73: ed:df:14:ce:c3:56:07:36:e8:59:06:ab:50:32:9a: ef:32:ee:c7:55:a1:dd:20:08:76:2c:8a:82:48:5f: ec:b4:ff:5e:af:4b:58:3e:76:48:90:b1:ac:55:e4: ac:fc:fd:ab:aa:3a:33:82:7e:8d:3e:e2:7a:04:6a: c6:2c:8a:55:98:42:16:af:a5:e6:5c:cb:71:09:40: 84:d2:ad:1b:5b:83:bf:7b:e3:b3:31:6a:d6:e4:a4: 87:dd:58:58:76:b1:45:f0:a3:c5:4f:ea:18:a3:67: d7:3f:37:b3:f6:27:17:4f:c9:3d:41:02:f9:7f:55: ae:73:1e:53:9a:c6:b5:9a:8a:f7:4a:52:d4:7a:71: 06:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:98:B7:D2:C7:63:AC:6F:72:EA:1C:F7:E9:9E:36:3F:15:93:0D:45 X509v3 Authority Key Identifier: keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Opi30sdjrG9y6hz36Z42PxWTDUU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.104.224.0-5.104.226.255 5.104.228.0/24 37.148.160.0/22 37.148.165.0/24 77.95.225.0/24 77.95.228.0/23 77.95.231.0/24 78.41.201.0/24 78.41.203.0-78.41.207.255 89.207.128.0-89.207.132.255 89.207.134.0/23 128.204.192.0/24 128.204.194.0/24 128.204.199.0/24 185.62.56.0/22 193.33.60.0/23 193.34.166.0/23 IPv6: 2a00:7b80::/32 Signature Algorithm: sha256WithRSAEncryption 39:c6:bb:31:a6:b4:c9:c3:18:23:d7:12:49:1a:76:14:dc:3a: af:f0:99:53:c4:47:b2:16:48:04:b8:45:c1:53:e6:f1:a4:ce: 03:70:95:ee:da:bc:02:a6:29:dc:f5:c3:17:ad:f2:8a:bc:35: e0:d5:ce:44:b6:28:07:7d:4d:68:a5:d8:e1:ea:9d:29:75:bc: 4b:2e:d1:62:9b:fc:87:d1:c7:a3:43:7e:a9:ce:2e:29:c0:9f: 5e:e5:d0:84:71:3c:c2:1d:c2:df:fc:f4:8b:17:33:3c:6e:a4: 7e:b9:01:45:37:6c:eb:ff:77:4a:04:54:5e:30:25:f9:1d:57: ca:b1:d8:fa:dc:51:7b:80:79:da:9b:28:f9:cb:95:0a:36:b3: 06:e6:43:78:2b:1a:f2:bf:09:48:78:0f:f5:fe:e3:0c:3b:7a: f1:fe:f9:6e:76:2d:7d:56:1e:c8:cf:f8:3f:55:3b:ff:5d:b1: a6:3d:02:7d:3c:a9:4a:17:f1:e9:6f:21:e8:b6:a9:af:4a:fb: af:43:48:4b:3c:9b:cf:4b:70:5c:1e:2b:18:78:14:b3:33:e6: 47:95:16:02:8e:f0:8b:6d:11:20:38:be:67:3e:92:08:c9:75: 74:81:8d:03:fb:9b:6e:35:68:0f:f2:16:61:57:1f:39:c2:2b: ad:ce:fe:df -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgISAZsSAS/kxS3aYWI0ipJOvQLWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkYWY0NmE0MGMyNDZkNjU0MGQ5OTJjMzIxYjFjYzM2MjNk NjU5OTUwHhcNMjUxMjEyMTAwMDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTk4YjdkMmM3NjNhYzZmNzJlYTFjZjdlOTllMzYzZjE1OTMwZDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5rNTrvmR9q0C3l7FnPnR2quf86F k0h+8BCCM4FO+EXbhCYUF/f0uafQvPbFMF2DKXl1x6+u9tHtGa197XLA+XDuAojO ZykPsLxVWotoNKliL+y7GqSjtDXtnKuFdbSfU1DJo2Q8F77yJEd7s7RcViej5jLg eHPt3xTOw1YHNuhZBqtQMprvMu7HVaHdIAh2LIqCSF/stP9er0tYPnZIkLGsVeSs /P2rqjozgn6NPuJ6BGrGLIpVmEIWr6XmXMtxCUCE0q0bW4O/e+OzMWrW5KSH3VhY drFF8KPFT+oYo2fXPzez9icXT8k9QQL5f1Wucx5Tmsa1mor3SlLUenEGfwIDAQAB o4IClDCCApAwHQYDVR0OBBYEFDqYt9LHY6xvcuoc9+meNj8Vkw1FMB8GA1UdIwQY MBaAFB2vRqQMJG1lQNmSwyGxzDYj1lmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYt NzlmMDQ4YmQyYTdhLzEvT3BpMzBzZGpyRzl5Nmh6MzZaNDJQeFdURFVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYtNzlmMDQ4YmQyYTdh LzEvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfjAMAwQF BWjgAwQABWjiAwQABWjkAwQCJZSgAwQAJZSlAwQATV/hAwQBTV/kAwQATV/nAwQA TinJMAwDBABOKcsDBAROKcAwDAMEB1nPgAMEAFnPhAMEAVnPhgMEAIDMwAMEAIDM wgMEAIDMxwMEArk+OAMEAcEhPAMEAcEipjANBAIAAjAHAwUAKgB7gDANBgkqhkiG 9w0BAQsFAAOCAQEAOca7Maa0ycMYI9cSSRp2FNw6r/CZU8RHshZIBLhFwVPm8aTO A3CV7tq8AqYp3PXDF63yirw14NXORLYoB31NaKXY4eqdKXW8Sy7RYpv8h9HHo0N+ qc4uKcCfXuXQhHE8wh3C3/z0ixczPG6kfrkBRTds6/93SgRUXjAl+R1XyrHY+txR e4B52pso+cuVCjazBuZDeCsa8r8JSHgP9f7jDDt68f75bnYtfVYeyM/4P1U7/12x pj0CfTypShfx6W8h6Lapr0r7r0NISzybz0twXB4rGHgUszPmR5UWAo7wi20RIDi+ Zz6SCMl1dIGNA/ubbjVoD/IWYVcfOcIrrc7+3w== -----END CERTIFICATE-----Generated at Fri Dec 12 13:00:46 2025 by rpki-client