This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/pf67aXCsTeM7_4TjxXUetdfZrpQ.roa File: pf67aXCsTeM7_4TjxXUetdfZrpQ.roa (raw, json) Hash identifier: mLhUEmXDDwujvnZ5FywWYPBQNtDMI33ozAwZ5PxzgJ4= Subject key identifier: A5:FE:BB:69:70:AC:4D:E3:3B:FF:84:E3:C5:75:1E:B5:D7:D9:AE:94 Certificate issuer: /CN=83bce35561f541bda97e777e6879a1d704e7b42f Certificate serial: 019B7F855C36B9BE4591E4B0F0CB4FB174BD Authority key identifier: 83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/pf67aXCsTeM7_4TjxXUetdfZrpQ.roa Signing time: Fri 02 Jan 2026 16:23:24 +0000 ROA not before: Fri 02 Jan 2026 16:23:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3259 IP address blocks: 31.44.208.0/20 maxlen: 20 31.44.208.0/24 maxlen: 24 31.44.209.0/24 maxlen: 24 31.44.210.0/24 maxlen: 24 31.44.211.0/24 maxlen: 24 31.44.212.0/24 maxlen: 24 31.44.213.0/24 maxlen: 24 31.44.216.0/24 maxlen: 24 31.44.217.0/24 maxlen: 24 31.44.218.0/24 maxlen: 24 31.44.219.0/24 maxlen: 24 45.156.132.0/22 maxlen: 22 194.5.108.0/22 maxlen: 24 194.5.108.0/24 maxlen: 24 194.5.109.0/24 maxlen: 24 194.5.110.0/24 maxlen: 24 194.5.111.0/24 maxlen: 24 194.5.112.0/21 maxlen: 21 194.5.112.0/24 maxlen: 24 194.5.113.0/24 maxlen: 24 194.5.114.0/24 maxlen: 24 194.5.115.0/24 maxlen: 24 194.5.116.0/24 maxlen: 24 194.5.117.0/24 maxlen: 24 194.5.118.0/24 maxlen: 24 194.5.119.0/24 maxlen: 24 194.5.120.0/22 maxlen: 22 194.5.120.0/24 maxlen: 24 194.5.121.0/24 maxlen: 24 194.5.122.0/24 maxlen: 24 194.5.123.0/24 maxlen: 24 194.5.124.0/23 maxlen: 23 194.5.124.0/24 maxlen: 24 194.5.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.mft rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 16:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:5c:36:b9:be:45:91:e4:b0:f0:cb:4f:b1:74:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83bce35561f541bda97e777e6879a1d704e7b42f Validity Not Before: Jan 2 16:23:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a5febb6970ac4de33bff84e3c5751eb5d7d9ae94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:5c:9b:c0:62:e8:9f:a0:e8:b8:52:c4:bc:8a: 6a:dc:07:f8:53:0e:a7:10:b8:8d:e3:68:06:f7:af: 8d:c9:1a:aa:62:ef:16:ae:ae:35:3b:f9:c0:a6:66: e8:6c:cf:49:fc:7e:e0:74:dd:df:c1:8b:41:d8:60: 95:b0:59:54:2f:6f:74:c4:83:ad:3e:65:0e:d4:19: a8:87:8e:72:a9:2e:39:7c:0b:6a:e2:95:ee:ce:ca: 30:ed:fe:4f:4e:60:5a:ae:f1:e4:95:6a:4a:0b:a3: 2d:34:64:62:7f:4c:a0:3b:d9:8e:82:40:ac:e2:e8: da:ba:22:3f:ba:6f:d3:66:61:40:28:9d:b9:66:e1: 69:d0:ae:d7:2e:89:58:bc:16:7c:9c:2d:a2:9f:d1: 33:51:f9:57:89:38:04:79:28:09:fd:c9:37:a7:62: 45:44:c4:01:7b:1f:8b:5d:09:c5:d7:e9:58:89:98: 29:0d:e7:a2:a6:32:56:ac:73:a5:df:5d:35:e2:d2: f9:e7:a4:c9:99:5e:2c:3c:e6:e9:95:70:b5:77:98: 52:28:d0:ed:82:3a:de:15:ec:9d:fc:ef:0b:9b:fa: 55:39:3c:3b:60:57:39:5f:bc:2f:d1:f7:e9:cd:22: a0:26:31:56:2d:e5:b2:b7:15:66:ed:4e:db:07:f4: d4:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:FE:BB:69:70:AC:4D:E3:3B:FF:84:E3:C5:75:1E:B5:D7:D9:AE:94 X509v3 Authority Key Identifier: keyid:83:BC:E3:55:61:F5:41:BD:A9:7E:77:7E:68:79:A1:D7:04:E7:B4:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7zjVWH1Qb2pfnd-aHmh1wTntC8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/pf67aXCsTeM7_4TjxXUetdfZrpQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/35064b-7a5a-4c74-8743-fd8660c4fd6e/1/g7zjVWH1Qb2pfnd-aHmh1wTntC8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.44.208.0/20 45.156.132.0/22 194.5.108.0-194.5.125.255 Signature Algorithm: sha256WithRSAEncryption c4:a2:a7:05:ee:61:bc:b1:fd:ef:2c:8b:51:d8:a9:2b:a2:75: 8e:fb:b8:64:3a:cd:a0:1c:43:06:f4:d4:12:98:13:04:1b:c4: b5:b5:e7:2d:a1:de:01:9f:50:94:e9:6a:4a:48:bf:ac:dd:94: 1a:5f:5e:ec:49:cd:b4:c0:eb:e9:7a:4e:e4:5a:e6:73:29:b7: 17:0f:eb:87:e3:34:ec:7d:71:66:c3:ee:0b:8b:1c:05:d5:b4: 81:9d:64:f9:25:73:98:e1:83:84:93:b7:6c:7d:f7:73:97:92: 40:8e:61:a7:ec:8d:7a:d6:56:7d:74:ed:50:db:50:9a:0f:a0: ed:2c:49:fe:85:a7:65:67:3f:81:8e:33:d0:b7:54:08:ed:01: 89:44:b7:65:8e:45:63:a7:19:4a:fc:98:8c:a6:f7:0c:0f:14: 04:7b:75:c1:95:ad:32:6d:22:d5:93:5c:f6:83:9a:14:6c:7f: 07:16:c6:12:91:55:a6:a2:18:06:4e:35:e5:ae:d9:f8:c0:53: 5c:5d:13:7f:7c:7a:7f:d8:f4:4c:f8:47:fc:26:65:f1:a3:92: ba:cb:88:81:49:5e:1c:fd:4a:8e:bb:16:57:9c:32:49:83:b5: 8c:ed:bf:a3:b7:a4:b7:40:00:f5:45:bc:eb:fa:02:be:c9:04: a1:61:0b:15 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt/hVw2ub5FkeSw8MtPsXS9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzYmNlMzU1NjFmNTQxYmRhOTdlNzc3ZTY4NzlhMWQ3MDRl N2I0MmYwHhcNMjYwMTAyMTYyMzI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNWZlYmI2OTcwYWM0ZGUzM2JmZjg0ZTNjNTc1MWViNWQ3ZDlhZTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFybwGLon6DouFLEvIpq3Af4Uw6n ELiN42gG96+NyRqqYu8Wrq41O/nApmbobM9J/H7gdN3fwYtB2GCVsFlUL290xIOt PmUO1Bmoh45yqS45fAtq4pXuzsow7f5PTmBarvHklWpKC6MtNGRif0ygO9mOgkCs 4ujauiI/um/TZmFAKJ25ZuFp0K7XLolYvBZ8nC2in9EzUflXiTgEeSgJ/ck3p2JF RMQBex+LXQnF1+lYiZgpDeeipjJWrHOl31014tL556TJmV4sPObplXC1d5hSKNDt gjreFeyd/O8Lm/pVOTw7YFc5X7wv0ffpzSKgJjFWLeWytxVm7U7bB/TU8wIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFKX+u2lwrE3jO/+E48V1HrXX2a6UMB8GA1UdIwQY MBaAFIO841Vh9UG9qX53fmh5odcE57QvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMt ZmQ4NjYwYzRmZDZlLzEvcGY2N2FYQ3NUZU03XzRUanhYVWV0ZGZacnBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS8zNTA2NGItN2E1YS00Yzc0LTg3NDMtZmQ4NjYwYzRmZDZl LzEvZzd6alZXSDFRYjJwZm5kLWFIbWgxd1RudEM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEHyzQAwQC LZyEMAwDBALCBWwDBAHCBXwwDQYJKoZIhvcNAQELBQADggEBAMSipwXuYbyx/e8s i1HYqSuidY77uGQ6zaAcQwb01BKYEwQbxLW15y2h3gGfUJTpakpIv6zdlBpfXuxJ zbTA6+l6TuRa5nMptxcP64fjNOx9cWbD7guLHAXVtIGdZPklc5jhg4STt2x993OX kkCOYafsjXrWVn107VDbUJoPoO0sSf6Fp2VnP4GOM9C3VAjtAYlEt2WORWOnGUr8 mIym9wwPFAR7dcGVrTJtItWTXPaDmhRsfwcWxhKRVaaiGAZONeWu2fjAU1xdE398 en/Y9Ez4R/wmZfGjkrrLiIFJXhz9So67FlecMkmDtYztv6O3pLdAAPVFvOv6Ar7J BKFhCxU= -----END CERTIFICATE-----Generated at Mon Jan 12 01:04:34 2026 by rpki-client