This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/5QmOeOcUdY7PgR2mhomMmURmuqs.roa File: 5QmOeOcUdY7PgR2mhomMmURmuqs.roa (raw, json) Hash identifier: nAdOMEid1C3Yq0ETT9B3VCzoGTlapbIXU3Ku/VQ6Zh4= Subject key identifier: E5:09:8E:78:E7:14:75:8E:CF:81:1D:A6:86:89:8C:99:44:66:BA:AB Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f Certificate serial: 019B797E34BF7560BFBBA0BA5A9AB57FF4A5 Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/5QmOeOcUdY7PgR2mhomMmURmuqs.roa Signing time: Thu 01 Jan 2026 12:17:52 +0000 ROA not before: Thu 01 Jan 2026 12:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49675 IP address blocks: 46.17.200.0/21 maxlen: 21 46.17.200.0/24 maxlen: 24 46.17.201.0/24 maxlen: 24 46.17.202.0/24 maxlen: 24 46.17.203.0/24 maxlen: 24 46.17.204.0/24 maxlen: 24 46.17.205.0/24 maxlen: 24 46.17.206.0/24 maxlen: 24 46.17.207.0/24 maxlen: 24 89.169.16.0/22 maxlen: 22 89.169.16.0/24 maxlen: 24 89.169.17.0/24 maxlen: 24 89.169.18.0/24 maxlen: 24 89.169.19.0/24 maxlen: 24 185.161.180.0/22 maxlen: 22 185.161.180.0/24 maxlen: 24 185.161.181.0/24 maxlen: 24 185.161.182.0/24 maxlen: 24 185.161.183.0/24 maxlen: 24 2a02:26a8:3::/48 maxlen: 48 2a02:26a8:f001::/48 maxlen: 48 2a02:26a8:fffe::/48 maxlen: 48 2a02:26a8:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.mft rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:34:bf:75:60:bf:bb:a0:ba:5a:9a:b5:7f:f4:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f Validity Not Before: Jan 1 12:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e5098e78e714758ecf811da686898c994466baab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:70:7e:12:92:b9:8b:6c:80:ae:fd:bb:97:8c: f3:1a:1b:59:17:86:bb:c0:b4:e9:ad:a0:56:f2:29: b3:0a:58:31:37:05:05:66:6f:ef:2a:48:ce:30:eb: c6:5a:4a:a8:32:5f:91:a5:3f:d8:0f:01:2c:a8:ff: d4:f0:54:a1:61:0b:84:81:7d:27:d0:8e:c1:a3:5b: 06:00:8f:8b:7c:cc:76:81:17:54:14:ab:9f:74:78: a6:77:85:9c:3f:cf:44:cc:f2:bd:56:46:c9:7f:4e: 6c:2d:bc:53:29:11:51:7c:7c:e1:ae:8d:cd:17:97: 30:32:c4:a7:1f:a2:af:a9:27:e5:bc:c1:15:14:7b: 9a:59:44:e3:4e:6c:6f:52:3e:ac:11:be:1c:0e:bb: 7d:db:52:20:b8:31:b4:d1:7c:f8:7f:5a:9c:2a:de: cb:db:35:9d:b3:3d:da:19:42:11:df:af:b0:6a:20: 9b:f5:40:0b:53:3b:ef:c2:f1:75:a5:36:6e:93:b8: 41:b6:ff:2d:92:a7:82:53:f6:6d:3d:f6:f5:9f:aa: 7d:c7:2d:e5:f2:43:19:60:bd:cc:8c:bb:e7:4c:07: 17:bc:bc:18:27:07:51:11:1f:82:a7:c4:2b:c6:03: 48:28:17:6a:c2:c4:b8:f0:4a:fc:40:11:6e:c5:0d: 53:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:09:8E:78:E7:14:75:8E:CF:81:1D:A6:86:89:8C:99:44:66:BA:AB X509v3 Authority Key Identifier: keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/5QmOeOcUdY7PgR2mhomMmURmuqs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.17.200.0/21 89.169.16.0/22 185.161.180.0/22 IPv6: 2a02:26a8:3::/48 2a02:26a8:f001::/48 2a02:26a8:fffe::/47 Signature Algorithm: sha256WithRSAEncryption b1:db:b6:61:43:0a:eb:83:59:f6:02:4a:32:71:57:52:e6:12: 60:3e:7d:6b:65:f8:bc:88:3f:6d:14:c8:74:29:11:65:16:11: 8b:1b:40:ff:87:b6:da:34:89:38:ea:f9:5f:88:5e:6b:78:7f: 19:77:36:02:28:31:15:6d:0a:5e:4e:7f:52:56:12:b7:ba:7d: 8f:81:de:01:d8:9c:3b:7d:eb:11:dd:a0:36:ac:18:bb:2a:18: b7:09:8f:ac:88:3e:62:11:ef:51:03:75:88:5b:e9:a3:8f:68: ce:1f:10:72:e5:c1:13:c3:4b:a0:86:82:38:f3:58:ed:08:7c: 9b:c0:5a:c2:1f:97:1b:67:ce:fd:a9:32:96:37:9b:8d:75:7b: 47:8f:2f:02:e5:b2:6a:7a:93:69:0e:5f:05:fa:0d:7d:f6:40: 95:f7:a8:ea:ef:42:99:f3:2d:18:58:18:f2:ad:5c:f5:f7:75: 6d:3a:85:96:7c:f5:25:13:e7:09:96:3d:62:7a:1b:51:25:3a: 9e:e0:0e:4b:c7:15:81:21:06:d5:02:b9:00:85:5a:29:c5:20: 30:10:9c:fa:82:85:07:c8:98:0f:6c:28:67:0d:be:bb:8d:6c: 63:d0:84:a1:c0:db:30:5e:c2:43:b7:5a:69:f5:76:d7:13:5d: f1:80:ea:80 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt5fjS/dWC/u6C6Wpq1f/SlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0 MDZiM2YwHhcNMjYwMTAxMTIxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNTA5OGU3OGU3MTQ3NThlY2Y4MTFkYTY4Njg5OGM5OTQ0NjZiYWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3B+EpK5i2yArv27l4zzGhtZF4a7 wLTpraBW8imzClgxNwUFZm/vKkjOMOvGWkqoMl+RpT/YDwEsqP/U8FShYQuEgX0n 0I7Bo1sGAI+LfMx2gRdUFKufdHimd4WcP89EzPK9VkbJf05sLbxTKRFRfHzhro3N F5cwMsSnH6KvqSflvMEVFHuaWUTjTmxvUj6sEb4cDrt921IguDG00Xz4f1qcKt7L 2zWdsz3aGUIR36+waiCb9UALUzvvwvF1pTZuk7hBtv8tkqeCU/ZtPfb1n6p9xy3l 8kMZYL3MjLvnTAcXvLwYJwdRER+Cp8QrxgNIKBdqwsS48Er8QBFuxQ1TcQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFOUJjnjnFHWOz4EdpoaJjJlEZrqrMB8GA1UdIwQY MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt NTZiMDA2ZWYwZDNiLzEvNVFtT2VPY1VkWTdQZ1IybWhvbU1tVVJtdXFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQDLhHIAwQC WakQAwQCuaG0MCEEAgACMBsDBwAqAiaoAAMDBwAqAiao8AEDBwEqAiao//4wDQYJ KoZIhvcNAQELBQADggEBALHbtmFDCuuDWfYCSjJxV1LmEmA+fWtl+LyIP20UyHQp EWUWEYsbQP+Htto0iTjq+V+IXmt4fxl3NgIoMRVtCl5Of1JWEre6fY+B3gHYnDt9 6xHdoDasGLsqGLcJj6yIPmIR71EDdYhb6aOPaM4fEHLlwRPDS6CGgjjzWO0IfJvA WsIflxtnzv2pMpY3m411e0ePLwLlsmp6k2kOXwX6DX32QJX3qOrvQpnzLRhYGPKt XPX3dW06hZZ89SUT5wmWPWJ6G1ElOp7gDkvHFYEhBtUCuQCFWinFIDAQnPqChQfI mA9sKGcNvruNbGPQhKHA2zBewkO3Wmn1dtcTXfGA6oA= -----END CERTIFICATE-----Generated at Tue Feb 10 00:14:22 2026 by rpki-client