This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/kX0ln8n5R4ckT5blpr2Q8T6dxyw.roa File: kX0ln8n5R4ckT5blpr2Q8T6dxyw.roa (raw, json) Hash identifier: m+DqRW/7H7lJLeLV4xP2QSBsOS0wlhVWEX4nGDQ/zJc= Subject key identifier: 91:7D:25:9F:C9:F9:47:87:24:4F:96:E5:A6:BD:90:F1:3E:9D:C7:2C Certificate issuer: /CN=daf0a39cfadf910f6b132ad228e606561887a06c Certificate serial: 019B783537EF25C9827DB24341508A7EFC83 Authority key identifier: DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/kX0ln8n5R4ckT5blpr2Q8T6dxyw.roa Signing time: Thu 01 Jan 2026 06:18:32 +0000 ROA not before: Thu 01 Jan 2026 06:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29413 IP address blocks: 31.187.80.0/22 maxlen: 24 31.187.88.0/22 maxlen: 24 37.156.80.0/20 maxlen: 24 46.31.216.0/21 maxlen: 24 88.133.160.0/20 maxlen: 24 88.133.224.0/21 maxlen: 24 91.217.176.0/24 maxlen: 24 185.31.60.0/22 maxlen: 24 185.91.48.0/22 maxlen: 24 213.149.80.0/20 maxlen: 24 213.178.16.0/20 maxlen: 24 217.72.208.0/20 maxlen: 24 2a02:2488::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.crl rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.mft rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:37:ef:25:c9:82:7d:b2:43:41:50:8a:7e:fc:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daf0a39cfadf910f6b132ad228e606561887a06c Validity Not Before: Jan 1 06:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=917d259fc9f94787244f96e5a6bd90f13e9dc72c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:8b:fe:bd:45:75:ee:d3:6b:ed:c3:87:8f:4e: 57:c6:c4:c7:34:49:c5:6f:1e:a6:60:ba:45:81:e7: 64:df:c9:ae:b6:36:c1:60:5f:a5:ff:ee:bf:05:aa: e6:c6:ec:a6:08:7f:5e:56:a4:a2:2c:34:c1:bf:1e: 9f:78:d1:b5:f5:96:4a:f5:16:55:ff:3e:04:06:fb: 5a:30:46:ef:7d:a9:40:84:ae:31:60:46:fe:2e:b5: ae:4e:b2:69:bb:71:9a:5c:3e:51:17:29:92:2f:7d: 75:50:bb:1c:b4:9c:7a:f4:ea:3d:5f:de:2c:7f:09: e2:15:b0:3e:35:7e:79:98:cd:df:0a:8a:82:c2:0b: 65:9d:53:3a:e0:4a:8d:3b:c8:4a:85:b7:b8:76:38: 4f:c1:be:b6:3d:73:5d:81:d0:fa:fc:f1:b9:52:d9: 5b:b4:19:71:9a:92:05:36:f3:78:75:8d:b5:bf:41: 3e:fd:1a:88:ae:5a:8f:ff:fd:e1:db:ca:db:81:1c: 48:6d:a6:dc:83:bb:69:c0:1b:50:1a:68:28:c7:2a: 4c:d6:e8:85:6e:58:57:7e:ab:f4:24:7a:12:be:75: c4:91:00:72:bc:c4:ca:dc:f6:a7:0c:36:69:e3:b2: cc:c0:f8:93:b7:0b:2d:34:56:bb:64:77:dc:3f:91: ad:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:7D:25:9F:C9:F9:47:87:24:4F:96:E5:A6:BD:90:F1:3E:9D:C7:2C X509v3 Authority Key Identifier: keyid:DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/kX0ln8n5R4ckT5blpr2Q8T6dxyw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.187.80.0/22 31.187.88.0/22 37.156.80.0/20 46.31.216.0/21 88.133.160.0/20 88.133.224.0/21 91.217.176.0/24 185.31.60.0/22 185.91.48.0/22 213.149.80.0/20 213.178.16.0/20 217.72.208.0/20 IPv6: 2a02:2488::/32 Signature Algorithm: sha256WithRSAEncryption 6a:5c:99:3f:5c:79:b3:6f:67:e6:e5:57:82:f5:7d:6b:c5:7d: 5f:2f:47:39:47:3d:f1:9f:59:2e:c7:21:a2:67:51:bd:3f:c9: 97:83:21:58:ec:b7:84:a5:48:49:19:e7:0b:df:91:55:ff:86: aa:a5:83:bd:63:68:4e:5e:36:75:22:a1:dd:e7:17:1c:c0:79: 17:ea:fe:80:00:61:08:44:9f:e8:c9:58:c9:5c:2c:99:62:4f: 95:cf:70:10:b9:fb:f7:66:5d:ee:a6:59:51:26:d3:f9:86:d8: 76:9e:40:d0:87:92:27:4f:cd:0c:79:5c:47:ac:74:fb:c0:6f: 51:d6:cf:80:d8:14:41:40:42:05:ac:8e:1a:ae:4d:ee:35:40: f6:95:79:59:15:41:84:63:05:0f:43:7e:ec:34:36:e3:85:ee: 7a:de:db:2a:91:43:d5:50:76:ab:35:fc:0b:de:96:f2:6f:a9: 92:46:cc:23:78:65:3e:05:25:cd:d3:35:a5:b0:74:59:53:55: b2:8a:f1:f4:2e:e8:68:55:a7:b8:77:a9:ff:f5:4d:a4:46:b8: 43:4e:87:61:ba:31:1c:38:09:b1:3e:9e:8a:e8:08:85:61:a6: a1:46:43:be:34:6f:a0:d0:7d:f2:7e:20:0f:3b:c6:ca:e8:2b: ad:3a:01:29 -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgISAZt4NTfvJcmCfbJDQVCKfvyDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhZjBhMzljZmFkZjkxMGY2YjEzMmFkMjI4ZTYwNjU2MTg4 N2EwNmMwHhcNMjYwMTAxMDYxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTdkMjU5ZmM5Zjk0Nzg3MjQ0Zjk2ZTVhNmJkOTBmMTNlOWRjNzJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4v+vUV17tNr7cOHj05XxsTHNEnF bx6mYLpFgedk38mutjbBYF+l/+6/BarmxuymCH9eVqSiLDTBvx6feNG19ZZK9RZV /z4EBvtaMEbvfalAhK4xYEb+LrWuTrJpu3GaXD5RFymSL311ULsctJx69Oo9X94s fwniFbA+NX55mM3fCoqCwgtlnVM64EqNO8hKhbe4djhPwb62PXNdgdD6/PG5Utlb tBlxmpIFNvN4dY21v0E+/RqIrlqP//3h28rbgRxIbabcg7tpwBtQGmgoxypM1uiF blhXfqv0JHoSvnXEkQByvMTK3PanDDZp47LMwPiTtwstNFa7ZHfcP5Gt9wIDAQAB o4ICWjCCAlYwHQYDVR0OBBYEFJF9JZ/J+UeHJE+W5aa9kPE+nccsMB8GA1UdIwQY MBaAFNrwo5z635EPaxMq0ijmBlYYh6BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMt OTJiMjA3ZjY0MWIxLzEva1gwbG44bjVSNGNrVDVibHByMlE4VDZkeHl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMtOTJiMjA3ZjY0MWIx LzEvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH7tQAwQC H7tYAwQEJZxQAwQDLh/YAwQEWIWgAwQDWIXgAwQAW9mwAwQCuR88AwQCuVswAwQE 1ZVQAwQE1bIQAwQE2UjQMA0EAgACMAcDBQAqAiSIMA0GCSqGSIb3DQEBCwUAA4IB AQBqXJk/XHmzb2fm5VeC9X1rxX1fL0c5Rz3xn1kuxyGiZ1G9P8mXgyFY7LeEpUhJ GecL35FV/4aqpYO9Y2hOXjZ1IqHd5xccwHkX6v6AAGEIRJ/oyVjJXCyZYk+Vz3AQ ufv3Zl3upllRJtP5hth2nkDQh5InT80MeVxHrHT7wG9R1s+A2BRBQEIFrI4ark3u NUD2lXlZFUGEYwUPQ37sNDbjhe563tsqkUPVUHarNfwL3pbyb6mSRswjeGU+BSXN 0zWlsHRZU1WyivH0LuhoVae4d6n/9U2kRrhDTodhujEcOAmxPp6K6AiFYaahRkO+ NG+g0H3yfiAPO8bK6CutOgEp -----END CERTIFICATE-----Generated at Mon Jan 12 13:29:00 2026 by rpki-client