This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/P9iZqoxuCT_faQ_VmOItL5eeI3w.roa File: P9iZqoxuCT_faQ_VmOItL5eeI3w.roa (raw, json) Hash identifier: vyjNIFB4l6R6SblkqwaOxyYaaYx/koFd/Fz2EeWD6hY= Subject key identifier: 3F:D8:99:AA:8C:6E:09:3F:DF:69:0F:D5:98:E2:2D:2F:97:9E:23:7C Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b Certificate serial: 019B783564919E875CF14E98B94625542742 Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/P9iZqoxuCT_faQ_VmOItL5eeI3w.roa Signing time: Thu 01 Jan 2026 06:18:43 +0000 ROA not before: Thu 01 Jan 2026 06:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 398781 IP address blocks: 31.13.211.0/24 maxlen: 32 45.81.39.0/24 maxlen: 32 67.211.224.0/20 maxlen: 32 69.160.128.0/20 maxlen: 32 69.160.144.0/20 maxlen: 32 80.76.48.0/24 maxlen: 32 81.31.193.0/24 maxlen: 32 82.158.232.0/21 maxlen: 32 82.158.240.0/21 maxlen: 32 82.158.248.0/21 maxlen: 32 85.136.224.0/20 maxlen: 32 85.136.240.0/20 maxlen: 32 85.217.222.0/23 maxlen: 32 87.120.4.0/24 maxlen: 32 87.120.38.0/24 maxlen: 32 87.120.59.0/24 maxlen: 32 87.120.60.0/24 maxlen: 32 87.120.98.0/24 maxlen: 32 87.120.236.0/24 maxlen: 32 87.121.20.0/24 maxlen: 32 87.121.21.0/24 maxlen: 32 87.121.45.0/24 maxlen: 32 87.121.87.0/24 maxlen: 32 91.92.230.0/24 maxlen: 32 93.123.47.0/24 maxlen: 32 93.123.73.0/24 maxlen: 32 93.123.117.0/24 maxlen: 32 93.123.119.0/24 maxlen: 32 94.156.12.0/24 maxlen: 32 94.156.130.0/24 maxlen: 32 94.156.239.0/24 maxlen: 32 94.156.248.0/24 maxlen: 32 185.207.13.0/24 maxlen: 32 213.254.64.0/18 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 00:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:64:91:9e:87:5c:f1:4e:98:b9:46:25:54:27:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b Validity Not Before: Jan 1 06:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3fd899aa8c6e093fdf690fd598e22d2f979e237c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:3f:8b:06:d8:a1:91:5f:35:e9:b4:c2:33:a6: a7:95:f3:bc:ce:8c:1a:9c:66:35:39:28:55:38:74: 39:a3:1e:d5:e1:ee:08:3b:12:12:5c:a5:43:64:02: af:16:79:09:c3:7d:c3:4f:e0:7d:b3:87:e3:a9:ad: 5b:87:6f:6b:ea:26:22:92:9c:8f:89:a2:3c:79:33: 1b:ea:ac:7b:69:1b:54:8f:1d:d0:19:66:5c:d3:92: 89:41:3a:98:16:aa:7f:ad:fe:45:78:dc:e4:c0:d3: ea:ec:45:7c:a2:f8:d9:37:32:e3:f7:89:2b:b4:e6: 07:e4:42:23:86:a7:27:2b:6b:bb:92:97:a1:9e:4c: 90:c0:45:e5:2e:a6:d8:4c:58:fd:06:1b:50:02:ab: d4:4a:2b:73:8a:9e:2e:03:1d:59:2c:59:6b:3f:f1: 82:d6:5e:0e:dc:13:89:36:6e:55:d8:de:52:4b:a8: 46:0a:96:19:fa:52:7e:a2:a6:8a:91:d3:1d:d8:e8: b6:c4:ba:4b:02:8f:6e:3c:7d:c5:44:4d:13:89:2b: fc:c2:e9:14:50:56:a3:ad:29:94:f3:f5:90:e9:be: 2b:f2:ad:ce:33:e1:71:b8:21:bb:f8:57:61:dd:08: 62:9f:55:53:07:ad:bc:4d:f7:ba:bf:e0:5a:19:7f: 68:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:D8:99:AA:8C:6E:09:3F:DF:69:0F:D5:98:E2:2D:2F:97:9E:23:7C X509v3 Authority Key Identifier: keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/P9iZqoxuCT_faQ_VmOItL5eeI3w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.13.211.0/24 45.81.39.0/24 67.211.224.0/20 69.160.128.0/19 80.76.48.0/24 81.31.193.0/24 82.158.232.0-82.158.255.255 85.136.224.0/19 85.217.222.0/23 87.120.4.0/24 87.120.38.0/24 87.120.59.0-87.120.60.255 87.120.98.0/24 87.120.236.0/24 87.121.20.0/23 87.121.45.0/24 87.121.87.0/24 91.92.230.0/24 93.123.47.0/24 93.123.73.0/24 93.123.117.0/24 93.123.119.0/24 94.156.12.0/24 94.156.130.0/24 94.156.239.0/24 94.156.248.0/24 185.207.13.0/24 213.254.64.0/18 Signature Algorithm: sha256WithRSAEncryption a5:cb:ac:11:19:81:aa:23:52:01:b3:7f:61:90:94:83:2d:e3: d3:ea:75:f7:f8:d2:25:c0:03:91:91:4f:4f:44:ec:4b:e5:2a: 64:67:96:30:91:81:89:b1:79:e0:a2:56:06:d7:5e:5d:96:34: 0a:16:5f:a5:dc:07:2b:87:4a:54:de:88:d6:aa:f7:5a:cb:21: 2c:f5:50:8d:0a:a7:9f:95:e6:e6:f8:08:f1:09:e7:0c:7c:2f: 3f:f7:6f:d4:5c:7a:b7:24:bd:6c:94:58:d4:b1:56:c8:21:13: fb:e2:8d:64:93:e9:89:fb:65:ca:47:2a:ca:e5:1f:bc:86:4d: f2:60:ea:d8:ff:da:6d:78:8d:19:b9:41:25:43:c3:01:5c:73: 45:60:54:54:3d:0b:75:38:57:e9:9f:18:d2:54:78:7f:8a:78: 92:ae:ee:cf:ec:73:5b:76:dc:6c:96:2c:7b:41:60:c3:9d:a8: a3:ec:9e:a5:03:57:c1:a3:c5:9a:73:cf:de:84:5e:5e:36:bd: a7:1a:67:67:cb:31:a7:2a:2b:76:9f:a5:e3:a0:6d:5d:5d:b4: e3:de:87:72:0b:b7:05:98:3f:c0:48:95:19:8a:d0:06:38:43: 4b:7c:0c:c4:1a:b0:a4:be:60:92:39:6b:00:81:f5:84:c5:c2: f2:7d:55:8a -----BEGIN CERTIFICATE----- MIIFszCCBJugAwIBAgISAZt4NWSRnodc8U6YuUYlVCdCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl NzczNWIwHhcNMjYwMTAxMDYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmQ4OTlhYThjNmUwOTNmZGY2OTBmZDU5OGUyMmQyZjk3OWUyMzdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7j+LBtihkV816bTCM6anlfO8zowa nGY1OShVOHQ5ox7V4e4IOxISXKVDZAKvFnkJw33DT+B9s4fjqa1bh29r6iYikpyP iaI8eTMb6qx7aRtUjx3QGWZc05KJQTqYFqp/rf5FeNzkwNPq7EV8ovjZNzLj94kr tOYH5EIjhqcnK2u7kpehnkyQwEXlLqbYTFj9BhtQAqvUSitzip4uAx1ZLFlrP/GC 1l4O3BOJNm5V2N5SS6hGCpYZ+lJ+oqaKkdMd2Oi2xLpLAo9uPH3FRE0TiSv8wukU UFajrSmU8/WQ6b4r8q3OM+FxuCG7+Fdh3Qhin1VTB628Tfe6v+BaGX9ouQIDAQAB o4ICvzCCArswHQYDVR0OBBYEFD/YmaqMbgk/32kP1ZjiLS+XniN8MB8GA1UdIwQY MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt ZWVkZDk0ZWMxMjhjLzEvUDlpWnFveHVDVF9mYVFfVm1PSXRMNWVlSTN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBvgQCAAEwgbcDBAAf DdMDBAAtUScDBARD0+ADBAVFoIADBABQTDADBABRH8EwCwMEA1Ke6AMDAFKeAwQF VYjgAwQBVdneAwQAV3gEAwQAV3gmMAwDBABXeDsDBABXeDwDBABXeGIDBABXeOwD BAFXeRQDBABXeS0DBABXeVcDBABbXOYDBABdey8DBABde0kDBABde3UDBABde3cD BABenAwDBABenIIDBABenO8DBABenPgDBAC5zw0DBAbV/kAwDQYJKoZIhvcNAQEL BQADggEBAKXLrBEZgaojUgGzf2GQlIMt49Pqdff40iXAA5GRT09E7EvlKmRnljCR gYmxeeCiVgbXXl2WNAoWX6XcByuHSlTeiNaq91rLISz1UI0Kp5+V5ub4CPEJ5wx8 Lz/3b9RcerckvWyUWNSxVsghE/vijWST6Yn7ZcpHKsrlH7yGTfJg6tj/2m14jRm5 QSVDwwFcc0VgVFQ9C3U4V+mfGNJUeH+KeJKu7s/sc1t23GyWLHtBYMOdqKPsnqUD V8GjxZpzz96EXl42vacaZ2fLMacqK3afpeOgbV1dtOPeh3ILtwWYP8BIlRmK0AY4 Q0t8DMQasKS+YJI5awCB9YTFwvJ9VYo= -----END CERTIFICATE-----Generated at Fri Jan 2 09:50:10 2026 by rpki-client