This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/_wGjPopaleb7rolTBZPWY4rLAR0.roa File: _wGjPopaleb7rolTBZPWY4rLAR0.roa (raw, json) Hash identifier: cxMklFmwljucLQ52IKrbd2Z95wZK3+gwqoZkVO4J3co= Subject key identifier: FF:01:A3:3E:8A:5A:95:E6:FB:AE:89:53:05:93:D6:63:8A:CB:01:1D Certificate issuer: /CN=1d9a09c5107e7e44ca78dc72d519737ed3dd311a Certificate serial: 019B7DCB462038FCF3553CB7A9FF07140302 Authority key identifier: 1D:9A:09:C5:10:7E:7E:44:CA:78:DC:72:D5:19:73:7E:D3:DD:31:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/_wGjPopaleb7rolTBZPWY4rLAR0.roa Signing time: Fri 02 Jan 2026 08:20:32 +0000 ROA not before: Fri 02 Jan 2026 08:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201035 IP address blocks: 46.253.240.0/20 maxlen: 24 46.253.240.0/23 maxlen: 23 46.253.240.0/24 maxlen: 24 46.253.241.0/24 maxlen: 24 46.253.244.0/22 maxlen: 22 46.253.244.0/23 maxlen: 23 46.253.244.0/24 maxlen: 24 46.253.245.0/24 maxlen: 24 46.253.246.0/23 maxlen: 23 46.253.246.0/24 maxlen: 24 46.253.247.0/24 maxlen: 24 46.253.248.0/23 maxlen: 23 46.253.248.0/24 maxlen: 24 46.253.249.0/24 maxlen: 24 46.253.254.0/23 maxlen: 23 46.253.254.0/24 maxlen: 24 46.253.255.0/24 maxlen: 24 185.209.104.0/22 maxlen: 22 185.209.104.0/23 maxlen: 23 185.209.104.0/24 maxlen: 24 185.209.105.0/24 maxlen: 24 185.209.106.0/23 maxlen: 23 185.209.106.0/24 maxlen: 24 185.209.107.0/24 maxlen: 24 2a04:1c40::/29 maxlen: 48 2a04:1c40::/30 maxlen: 30 2a04:1c40::/31 maxlen: 31 2a04:1c40::/32 maxlen: 32 2a04:1c40::/33 maxlen: 33 2a04:1c40:c000::/34 maxlen: 34 2a04:1c41::/33 maxlen: 33 2a04:1c42::/32 maxlen: 32 2a04:1c42::/34 maxlen: 34 2a04:1c42::/40 maxlen: 40 2a04:1c42:4000::/34 maxlen: 34 2a04:1c42:c000::/34 maxlen: 34 2a04:1c44::/32 maxlen: 34 2a04:1c47:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/HZoJxRB-fkTKeNxy1RlzftPdMRo.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/HZoJxRB-fkTKeNxy1RlzftPdMRo.mft rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:46:20:38:fc:f3:55:3c:b7:a9:ff:07:14:03:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d9a09c5107e7e44ca78dc72d519737ed3dd311a Validity Not Before: Jan 2 08:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff01a33e8a5a95e6fbae89530593d6638acb011d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:90:22:48:37:ef:d1:df:22:95:b4:18:de:be: 10:6d:14:d0:ca:3a:4b:fe:ed:41:ae:4a:0e:57:89: a1:b1:58:3a:f4:e9:c8:df:e1:1e:58:ce:c4:c6:b0: 93:e6:1d:11:27:1f:58:03:ad:bf:7b:00:c0:80:d9: 1c:f7:45:70:e9:d7:c8:24:6b:ea:82:f3:8b:44:80: d0:42:48:88:98:bb:b4:04:45:fe:c0:6f:38:84:76: bb:12:96:cd:bb:63:f7:bb:69:b0:06:01:94:84:56: b6:cd:46:e3:ad:fc:33:22:96:bd:55:22:2e:40:19: c8:50:ad:b1:87:b8:12:88:8c:13:3d:8b:d2:b1:c4: 6f:b5:e9:47:08:ba:c6:0d:d5:d6:f9:20:8e:5b:e0: 5a:27:22:0c:5e:c0:d0:7f:10:04:c1:b0:ac:92:23: b2:15:d6:1a:58:0b:09:03:fd:dc:66:55:29:ac:c4: d7:27:d5:da:4f:b2:2d:dd:7a:91:8b:f0:46:d4:5f: 3f:29:ac:62:fd:c4:e7:44:b6:08:36:92:93:dd:e0: 07:6e:73:9f:1f:9e:e3:d3:b6:ff:f7:84:b3:79:31: ff:b6:70:5e:33:4e:6f:04:7f:aa:cb:6e:4f:80:c2: 1b:ab:6a:b0:23:8d:35:4d:8e:33:bd:49:02:1e:06: 4c:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:01:A3:3E:8A:5A:95:E6:FB:AE:89:53:05:93:D6:63:8A:CB:01:1D X509v3 Authority Key Identifier: keyid:1D:9A:09:C5:10:7E:7E:44:CA:78:DC:72:D5:19:73:7E:D3:DD:31:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/_wGjPopaleb7rolTBZPWY4rLAR0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/HZoJxRB-fkTKeNxy1RlzftPdMRo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.253.240.0/20 185.209.104.0/22 IPv6: 2a04:1c40::/29 Signature Algorithm: sha256WithRSAEncryption 43:a2:f0:9e:fe:07:04:fc:f5:b3:f0:53:a4:7e:d6:9c:e8:a7: 31:d9:fd:f8:f7:1f:5f:6f:a1:28:f8:05:45:cb:3f:14:3c:33: 3d:9c:4b:f7:d9:04:38:d8:8f:fc:0a:ef:38:dd:fa:20:c9:91: b9:ab:77:65:c6:b1:c5:9b:95:fd:0e:7a:a4:c9:9b:c1:ae:24: 25:0e:53:55:40:c0:70:3c:0a:b8:e8:16:ae:c3:16:5d:3c:a3: 4f:8d:15:24:1e:a2:c2:e0:51:32:80:2f:32:1d:ec:6f:26:50: 49:c9:2a:ef:f5:42:7e:49:6a:58:ca:8f:e3:e4:55:52:99:bd: e0:4b:ff:02:b4:4b:47:5e:9f:ba:98:4c:59:f8:82:4a:c8:67: 43:98:d2:56:c8:ae:e7:be:68:4f:e5:48:7e:24:e6:66:d9:59: 4b:51:4f:8d:a8:e9:de:33:2c:9f:8a:2e:e5:f8:13:53:f5:a5: 7e:e8:34:cf:29:8d:3e:cc:5e:3c:63:f2:03:20:22:c2:7a:8c: 99:b4:c1:71:31:37:0d:4a:99:d1:1b:3e:56:80:13:9b:9c:95: 52:6e:5b:1c:c2:fd:af:f9:97:7e:73:bf:5b:3f:db:ca:30:fa: 08:a1:82:ad:0d:d0:0a:47:70:28:41:90:06:e4:4f:f1:25:bc: 8b:62:c5:c0 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9y0YgOPzzVTy3qf8HFAMCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkOWEwOWM1MTA3ZTdlNDRjYTc4ZGM3MmQ1MTk3MzdlZDNk ZDMxMWEwHhcNMjYwMTAyMDgyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjAxYTMzZThhNWE5NWU2ZmJhZTg5NTMwNTkzZDY2MzhhY2IwMTFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5AiSDfv0d8ilbQY3r4QbRTQyjpL /u1BrkoOV4mhsVg69OnI3+EeWM7ExrCT5h0RJx9YA62/ewDAgNkc90Vw6dfIJGvq gvOLRIDQQkiImLu0BEX+wG84hHa7EpbNu2P3u2mwBgGUhFa2zUbjrfwzIpa9VSIu QBnIUK2xh7gSiIwTPYvSscRvtelHCLrGDdXW+SCOW+BaJyIMXsDQfxAEwbCskiOy FdYaWAsJA/3cZlUprMTXJ9XaT7It3XqRi/BG1F8/Kaxi/cTnRLYINpKT3eAHbnOf H57j07b/94SzeTH/tnBeM05vBH+qy25PgMIbq2qwI401TY4zvUkCHgZM8QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFP8Boz6KWpXm+66JUwWT1mOKywEdMB8GA1UdIwQY MBaAFB2aCcUQfn5EynjcctUZc37T3TEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFpvSnhSQi1ma1RLZU54eTFSbHpmdFBkTVJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xZjMyNWUtNGRlNy00NzdlLThiNTct NjMyMGEzNTZlNDM0LzEvX3dHalBvcGFsZWI3cm9sVEJaUFdZNHJMQVIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC8xZjMyNWUtNGRlNy00NzdlLThiNTctNjMyMGEzNTZlNDM0 LzEvSFpvSnhSQi1ma1RLZU54eTFSbHpmdFBkTVJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELv3wAwQC udFoMA0EAgACMAcDBQMqBBxAMA0GCSqGSIb3DQEBCwUAA4IBAQBDovCe/gcE/PWz 8FOkftac6Kcx2f349x9fb6Eo+AVFyz8UPDM9nEv32QQ42I/8Cu843fogyZG5q3dl xrHFm5X9DnqkyZvBriQlDlNVQMBwPAq46BauwxZdPKNPjRUkHqLC4FEygC8yHexv JlBJySrv9UJ+SWpYyo/j5FVSmb3gS/8CtEtHXp+6mExZ+IJKyGdDmNJWyK7nvmhP 5Uh+JOZm2VlLUU+NqOneMyyfii7l+BNT9aV+6DTPKY0+zF48Y/IDICLCeoyZtMFx MTcNSpnRGz5WgBObnJVSblscwv2v+Zd+c79bP9vKMPoIoYKtDdAKR3AoQZAG5E/x JbyLYsXA -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:10 2026 by rpki-client