This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/OGsGKrGGE97XlQsmZDU4xetpVHg.roa File: OGsGKrGGE97XlQsmZDU4xetpVHg.roa (raw, json) Hash identifier: d085YTeruHdi/HveCuwD/Kwjz7uRfsHFlkpaifzXbLg= Subject key identifier: 38:6B:06:2A:B1:86:13:DE:D7:95:0B:26:64:35:38:C5:EB:69:54:78 Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8 Certificate serial: 019B31571744C48F87CAB85C4123217A161D Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/OGsGKrGGE97XlQsmZDU4xetpVHg.roa Signing time: Thu 18 Dec 2025 12:02:29 +0000 ROA not before: Thu 18 Dec 2025 12:02:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 25144 IP address blocks: 31.223.128.0/19 maxlen: 19 31.223.128.0/21 maxlen: 21 31.223.136.0/21 maxlen: 21 31.223.144.0/21 maxlen: 21 31.223.152.0/21 maxlen: 21 45.131.116.0/22 maxlen: 23 45.131.118.0/23 maxlen: 23 46.239.0.0/18 maxlen: 18 46.239.0.0/22 maxlen: 22 46.239.4.0/22 maxlen: 22 46.239.32.0/19 maxlen: 19 62.101.144.0/20 maxlen: 20 81.93.64.0/19 maxlen: 19 81.93.66.0/24 maxlen: 24 81.93.67.0/24 maxlen: 24 81.93.69.0/24 maxlen: 24 81.93.73.0/24 maxlen: 24 81.93.84.0/24 maxlen: 24 81.93.86.0/24 maxlen: 24 81.93.91.0/24 maxlen: 24 81.93.92.0/24 maxlen: 24 89.111.192.0/18 maxlen: 18 89.111.192.0/19 maxlen: 19 89.111.192.0/24 maxlen: 24 89.111.200.0/24 maxlen: 24 89.111.224.0/19 maxlen: 19 89.111.225.0/24 maxlen: 24 89.111.226.0/24 maxlen: 24 89.111.227.0/24 maxlen: 24 89.111.231.0/24 maxlen: 24 89.111.235.0/24 maxlen: 24 89.111.236.0/24 maxlen: 24 89.111.240.0/24 maxlen: 24 89.111.244.0/22 maxlen: 22 89.111.246.0/24 maxlen: 24 89.111.248.0/22 maxlen: 22 94.250.0.0/18 maxlen: 18 94.250.18.0/24 maxlen: 24 94.250.64.0/18 maxlen: 18 109.165.128.0/17 maxlen: 17 185.35.156.0/22 maxlen: 22 185.125.120.0/22 maxlen: 22 217.24.128.0/20 maxlen: 20 2a00:cb00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:57:17:44:c4:8f:87:ca:b8:5c:41:23:21:7a:16:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8 Validity Not Before: Dec 18 12:02:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=386b062ab18613ded7950b26643538c5eb695478 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:c8:31:ba:2a:97:38:ca:21:16:8a:ff:57:e5: 5e:bc:b4:12:23:7b:dc:2a:bb:59:79:94:9f:f1:87: 45:09:02:f3:28:e2:77:68:01:58:41:29:4a:bf:e7: 85:e3:da:da:ee:81:42:ac:1c:09:68:b7:0e:2e:b3: 66:ed:91:a6:96:a5:a8:ee:3e:06:fd:ca:d0:ba:ec: 20:53:a1:7d:73:73:99:14:86:96:49:5f:7a:d8:7d: 88:96:72:55:e4:55:d2:f3:0a:bb:e0:de:a2:45:60: f2:bb:b2:0a:e9:3e:56:02:13:d0:ad:60:24:50:c2: a9:cf:3f:29:c0:5c:d3:3b:6d:26:59:bd:c2:93:b8: 49:15:9f:6a:22:7d:c7:5f:37:0d:13:e9:c1:c1:0e: 9c:88:fa:a7:14:a3:be:25:87:3e:8f:dd:9c:aa:28: 3b:3b:a8:f0:6e:12:07:82:cb:c2:9b:4e:d3:25:10: a9:32:1d:eb:b4:2f:78:3e:8f:1d:4a:45:2b:92:09: f2:38:59:59:3e:69:5e:b2:ce:86:0d:a5:b4:e9:a7: 14:bc:bd:84:c0:93:89:09:73:08:56:61:68:c1:65: c3:fb:94:2c:c6:ca:35:82:bb:b9:2f:d2:92:a3:f9: 92:5a:fe:b8:fa:d4:17:80:23:2f:ef:69:96:34:70: e4:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:6B:06:2A:B1:86:13:DE:D7:95:0B:26:64:35:38:C5:EB:69:54:78 X509v3 Authority Key Identifier: keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/OGsGKrGGE97XlQsmZDU4xetpVHg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.223.128.0/19 45.131.116.0/22 46.239.0.0/18 62.101.144.0/20 81.93.64.0/19 89.111.192.0/18 94.250.0.0/17 109.165.128.0/17 185.35.156.0/22 185.125.120.0/22 217.24.128.0/20 IPv6: 2a00:cb00::/32 Signature Algorithm: sha256WithRSAEncryption 02:78:f4:e2:a4:c4:35:67:d3:90:62:0d:37:ef:78:fd:8c:0e: e1:d8:e0:0d:57:19:0f:b0:e6:3b:9e:e2:61:aa:c8:fc:76:8c: a0:51:58:26:60:48:89:a5:f6:6b:60:8b:f0:a4:64:b0:95:09: 1a:39:52:63:cb:4f:e2:e6:f0:b2:50:69:99:31:88:8a:1a:81: b7:e5:e2:a2:42:61:cf:6a:2b:e5:f6:45:c7:f4:ca:69:d6:75: 1b:23:d0:15:63:00:88:4d:fa:d6:a2:e8:de:f4:df:eb:ae:39: df:14:db:27:db:2f:eb:90:cb:81:ff:58:e0:37:e9:ca:4d:46: d7:bc:5c:ec:23:e3:05:a2:a8:c8:d6:82:41:55:3d:6d:ec:40: 0a:9b:08:48:b6:7e:a4:c5:c5:19:f1:17:8e:83:b9:c6:71:db: 38:3f:50:6a:e2:8c:13:6a:42:27:78:3e:0c:48:e9:37:35:02: cf:b7:e2:4a:65:77:19:a7:de:e3:76:f2:8f:a9:d7:09:62:79: 9d:00:a4:23:2b:6a:d6:7a:2c:66:b0:a9:57:dd:22:79:be:a8: e6:94:ea:ca:24:2c:8e:01:91:36:ce:48:8f:31:43:eb:f1:33: ca:6f:5c:e6:a4:f0:1e:6d:ca:d1:4c:39:45:44:2d:56:03:b1: 6d:c9:d4:cf -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgISAZsxVxdExI+HyrhcQSMhehYdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1 ZGVlZTgwHhcNMjUxMjE4MTIwMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODZiMDYyYWIxODYxM2RlZDc5NTBiMjY2NDM1MzhjNWViNjk1NDc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMgxuiqXOMohFor/V+VevLQSI3vc KrtZeZSf8YdFCQLzKOJ3aAFYQSlKv+eF49ra7oFCrBwJaLcOLrNm7ZGmlqWo7j4G /crQuuwgU6F9c3OZFIaWSV962H2IlnJV5FXS8wq74N6iRWDyu7IK6T5WAhPQrWAk UMKpzz8pwFzTO20mWb3Ck7hJFZ9qIn3HXzcNE+nBwQ6ciPqnFKO+JYc+j92cqig7 O6jwbhIHgsvCm07TJRCpMh3rtC94Po8dSkUrkgnyOFlZPmless6GDaW06acUvL2E wJOJCXMIVmFowWXD+5Qsxso1gru5L9KSo/mSWv64+tQXgCMv72mWNHDkPwIDAQAB o4ICVDCCAlAwHQYDVR0OBBYEFDhrBiqxhhPe15ULJmQ1OMXraVR4MB8GA1UdIwQY MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt ZDliNTMzZjdmYmMzLzEvT0dzR0tyR0dFOTdYbFFzbVpEVTR4ZXRwVkhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQFH9+AAwQC LYN0AwQGLu8AAwQEPmWQAwQFUV1AAwQGWW/AAwQHXvoAAwQHbaWAAwQCuSOcAwQC uX14AwQE2RiAMA0EAgACMAcDBQAqAMsAMA0GCSqGSIb3DQEBCwUAA4IBAQACePTi pMQ1Z9OQYg0373j9jA7h2OANVxkPsOY7nuJhqsj8doygUVgmYEiJpfZrYIvwpGSw lQkaOVJjy0/i5vCyUGmZMYiKGoG35eKiQmHPaivl9kXH9Mpp1nUbI9AVYwCITfrW ouje9N/rrjnfFNsn2y/rkMuB/1jgN+nKTUbXvFzsI+MFoqjI1oJBVT1t7EAKmwhI tn6kxcUZ8ReOg7nGcds4P1Bq4owTakIneD4MSOk3NQLPt+JKZXcZp97jdvKPqdcJ YnmdAKQjK2rWeixmsKlX3SJ5vqjmlOrKJCyOAZE2zkiPMUPr8TPKb1zmpPAebcrR TDlFRC1WA7FtydTP -----END CERTIFICATE-----Generated at Sun Dec 21 07:17:17 2025 by rpki-client