This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/mml4Uqg4g6wWXxziibvi2cN4dKo.roa File: mml4Uqg4g6wWXxziibvi2cN4dKo.roa (raw, json) Hash identifier: dPOI8A+f26uDC/FvK6tkLHp4MjDYhuNh/Jr2NwRyHY0= Subject key identifier: 9A:69:78:52:A8:38:83:AC:16:5F:1C:E2:89:BB:E2:D9:C3:78:74:AA Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa Certificate serial: 019B7D5B026DCC934AB3AE3B6B770CD51444 Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/mml4Uqg4g6wWXxziibvi2cN4dKo.roa Signing time: Fri 02 Jan 2026 06:17:54 +0000 ROA not before: Fri 02 Jan 2026 06:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 77.76.4.0/22 maxlen: 22 78.128.2.0/23 maxlen: 23 78.128.10.0/23 maxlen: 23 78.128.12.0/22 maxlen: 22 78.128.16.0/20 maxlen: 20 78.128.41.0/24 maxlen: 24 78.128.52.0/22 maxlen: 22 78.128.56.0/22 maxlen: 22 78.128.82.0/23 maxlen: 23 78.128.84.0/22 maxlen: 22 78.128.88.0/22 maxlen: 22 78.128.97.0/24 maxlen: 24 78.128.100.0/22 maxlen: 22 78.128.104.0/22 maxlen: 22 78.128.116.0/23 maxlen: 23 78.142.10.0/23 maxlen: 23 78.142.12.0/22 maxlen: 22 78.142.31.0/24 maxlen: 24 83.222.190.0/23 maxlen: 23 84.201.224.0/20 maxlen: 20 91.148.162.0/23 maxlen: 23 91.148.164.0/23 maxlen: 23 91.148.169.0/24 maxlen: 24 91.148.170.0/23 maxlen: 23 91.148.172.0/22 maxlen: 22 91.148.176.0/21 maxlen: 21 130.185.227.0/24 maxlen: 24 130.185.234.0/24 maxlen: 24 185.81.120.0/24 maxlen: 24 193.24.240.0/22 maxlen: 22 193.200.14.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:02:6d:cc:93:4a:b3:ae:3b:6b:77:0c:d5:14:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa Validity Not Before: Jan 2 06:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9a697852a83883ac165f1ce289bbe2d9c37874aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b9:35:85:68:cf:de:1b:70:46:dd:c9:17:0c: 81:a6:6f:15:c8:04:c2:ea:7a:a7:ac:aa:0e:f1:63: e8:1d:98:9a:0a:07:e4:60:5f:82:4d:a3:04:ea:ba: 5a:a5:7e:24:d1:92:37:bb:c2:f2:ed:b4:08:10:76: 79:81:f9:86:6b:d6:07:51:bb:f0:ac:4d:c6:71:7b: e5:f9:59:37:bf:3c:85:96:d1:dc:1e:8c:cb:cb:af: af:2d:eb:09:ca:16:0f:05:22:49:fc:38:31:f6:8a: ea:fc:b6:40:cd:90:c5:bf:71:aa:bf:6b:bb:e9:db: 13:a9:44:fd:c2:49:7f:b6:d5:1a:c5:2f:53:a8:d4: 4c:24:b7:80:ce:0e:39:da:9e:13:95:32:eb:1d:84: 9c:ec:83:70:b4:e8:97:66:66:41:19:39:ae:ba:f8: c5:0c:de:d3:bf:a0:47:4f:5a:53:19:e6:ff:e5:d6: f0:8c:7e:53:8f:35:bb:42:1e:93:73:1f:fb:16:a6: 5c:25:18:90:d5:ba:6d:18:10:17:39:87:0b:00:6a: 96:04:11:17:4c:08:ba:3d:8f:26:40:1b:83:04:8a: 14:c6:a6:37:d5:c6:46:ae:db:dc:d8:49:63:fd:24: da:ca:d6:b9:fd:67:e7:05:82:a8:a9:59:a7:b9:e4: b2:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:69:78:52:A8:38:83:AC:16:5F:1C:E2:89:BB:E2:D9:C3:78:74:AA X509v3 Authority Key Identifier: keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/mml4Uqg4g6wWXxziibvi2cN4dKo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.76.4.0/22 78.128.2.0/23 78.128.10.0-78.128.31.255 78.128.41.0/24 78.128.52.0-78.128.59.255 78.128.82.0-78.128.91.255 78.128.97.0/24 78.128.100.0-78.128.107.255 78.128.116.0/23 78.142.10.0-78.142.15.255 78.142.31.0/24 83.222.190.0/23 84.201.224.0/20 91.148.162.0-91.148.165.255 91.148.169.0-91.148.183.255 130.185.227.0/24 130.185.234.0/24 185.81.120.0/24 193.24.240.0/22 193.200.14.0/23 Signature Algorithm: sha256WithRSAEncryption 80:c1:5b:c3:50:18:72:4c:5d:7e:a8:be:e6:72:f6:b4:2b:d7: 0f:c3:65:d3:d4:16:32:ac:c6:58:52:f1:a8:36:a2:5a:8e:e3: bd:b8:1e:f5:64:10:80:30:21:62:6d:d3:bf:f5:d4:e2:49:c6: 6f:a5:1e:eb:ea:16:d7:a7:a6:89:43:c3:12:b2:97:78:fb:89: 6b:15:83:4f:4e:b3:ca:a5:c9:a5:d1:f5:d4:9b:93:06:f5:cd: 49:ba:b6:e2:e9:4b:df:44:b3:67:2f:54:6d:b2:e0:88:15:6e: af:bc:11:9d:87:f4:e4:9b:05:9a:64:7c:76:82:6d:b1:ae:7f: 1c:1e:86:16:30:d2:1b:fd:11:d3:74:0f:fe:a7:54:4c:2e:c9: e1:e2:e8:6f:69:c8:39:ce:68:64:69:dd:1f:62:b7:70:2f:fe: 36:ec:01:a1:72:48:ce:50:e9:36:2b:d4:95:89:0c:5d:bf:3b: f1:d7:36:c5:80:f5:18:00:b7:7c:aa:fa:ef:72:cd:e3:f1:cf: ca:d3:1c:d8:3c:b5:c0:bd:94:9e:d6:7f:dd:5a:c1:18:6d:7b: a2:8d:40:9b:d9:e9:0c:d2:91:8e:61:51:ab:4c:71:07:d3:47: 5a:69:81:97:82:3b:98:d3:f8:d9:f1:8c:ab:e4:52:63:83:ca: fa:49:b8:10 -----BEGIN CERTIFICATE----- MIIFrDCCBJSgAwIBAgISAZt9WwJtzJNKs647a3cM1RREMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1 Y2IyYWEwHhcNMjYwMTAyMDYxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YTY5Nzg1MmE4Mzg4M2FjMTY1ZjFjZTI4OWJiZTJkOWMzNzg3NGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrk1hWjP3htwRt3JFwyBpm8VyATC 6nqnrKoO8WPoHZiaCgfkYF+CTaME6rpapX4k0ZI3u8Ly7bQIEHZ5gfmGa9YHUbvw rE3GcXvl+Vk3vzyFltHcHozLy6+vLesJyhYPBSJJ/Dgx9orq/LZAzZDFv3Gqv2u7 6dsTqUT9wkl/ttUaxS9TqNRMJLeAzg452p4TlTLrHYSc7INwtOiXZmZBGTmuuvjF DN7Tv6BHT1pTGeb/5dbwjH5TjzW7Qh6Tcx/7FqZcJRiQ1bptGBAXOYcLAGqWBBEX TAi6PY8mQBuDBIoUxqY31cZGrtvc2Elj/STayta5/WfnBYKoqVmnueSyXQIDAQAB o4ICuDCCArQwHQYDVR0OBBYEFJppeFKoOIOsFl8c4om74tnDeHSqMB8GA1UdIwQY MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt ZGFjYjVmMzU2ZWEzLzEvbW1sNFVxZzRnNndXWHh6aWlidmkyY040ZEtvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAJN TAQDBAFOgAIwDAMEAU6ACgMEBU6AAAMEAE6AKTAMAwQCToA0AwQCToA4MAwDBAFO gFIDBAJOgFgDBABOgGEwDAMEAk6AZAMEAk6AaAMEAU6AdDAMAwQBTo4KAwQETo4A AwQATo4fAwQBU96+AwQEVMngMAwDBAFblKIDBAFblKQwDAMEAFuUqQMEA1uUsAME AIK54wMEAIK56gMEALlReAMEAsEY8AMEAcHIDjANBgkqhkiG9w0BAQsFAAOCAQEA gMFbw1AYckxdfqi+5nL2tCvXD8Nl09QWMqzGWFLxqDaiWo7jvbge9WQQgDAhYm3T v/XU4knGb6Ue6+oW16emiUPDErKXePuJaxWDT06zyqXJpdH11JuTBvXNSbq24ulL 30SzZy9UbbLgiBVur7wRnYf05JsFmmR8doJtsa5/HB6GFjDSG/0R03QP/qdUTC7J 4eLob2nIOc5oZGndH2K3cC/+NuwBoXJIzlDpNivUlYkMXb878dc2xYD1GAC3fKr6 73LN4/HPytMc2Dy1wL2UntZ/3VrBGG17oo1Am9npDNKRjmFRq0xxB9NHWmmBl4I7 mNP42fGMq+RSY4PK+km4EA== -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:34 2026 by rpki-client