This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/AFjgj3wO0E3u1GwdCpnSug8abRE.roa File: AFjgj3wO0E3u1GwdCpnSug8abRE.roa (raw, json) Hash identifier: /NnUBYyLAGJ7vpempT7h0f0+FEt6PcJJLRluwujlzWI= Subject key identifier: 00:58:E0:8F:7C:0E:D0:4D:EE:D4:6C:1D:0A:99:D2:BA:0F:1A:6D:11 Certificate issuer: /CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25 Certificate serial: 019B78A2119D285D1615F0376DB513E699B2 Authority key identifier: 78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/AFjgj3wO0E3u1GwdCpnSug8abRE.roa Signing time: Thu 01 Jan 2026 08:17:25 +0000 ROA not before: Thu 01 Jan 2026 08:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41275 IP address blocks: 5.35.112.0/22 maxlen: 22 5.35.112.0/23 maxlen: 23 5.35.113.0/24 maxlen: 24 5.35.114.0/23 maxlen: 23 62.217.184.0/21 maxlen: 21 84.22.132.0/22 maxlen: 22 85.198.104.0/23 maxlen: 23 89.169.48.0/22 maxlen: 22 89.169.48.0/23 maxlen: 23 89.169.50.0/23 maxlen: 23 89.207.216.0/21 maxlen: 21 89.207.216.0/22 maxlen: 22 89.207.216.0/24 maxlen: 24 89.207.217.0/24 maxlen: 24 89.207.220.0/22 maxlen: 22 89.207.221.0/24 maxlen: 24 93.157.244.0/22 maxlen: 22 93.157.247.0/24 maxlen: 24 95.130.128.0/22 maxlen: 22 95.131.144.0/21 maxlen: 21 95.131.144.0/22 maxlen: 22 95.131.144.0/24 maxlen: 24 95.131.148.0/22 maxlen: 22 185.43.198.0/23 maxlen: 23 185.136.76.0/22 maxlen: 22 185.136.76.0/23 maxlen: 23 185.136.78.0/23 maxlen: 23 185.155.17.0/24 maxlen: 24 185.155.18.0/23 maxlen: 23 195.170.192.0/22 maxlen: 22 217.150.200.0/23 maxlen: 23 217.150.200.0/24 maxlen: 24 217.150.201.0/24 maxlen: 24 2a02:5fe0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.mft rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 05:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:11:9d:28:5d:16:15:f0:37:6d:b5:13:e6:99:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=785b490d766f4b1c211d7dadd6efa770f6eb9e25 Validity Not Before: Jan 1 08:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0058e08f7c0ed04deed46c1d0a99d2ba0f1a6d11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:4d:1e:6b:15:6f:7d:3b:a2:7e:fd:e8:3e:a6: e5:00:ba:e6:2b:6c:87:7a:43:78:97:47:fb:f5:9b: 17:8a:20:ef:3d:21:7f:a5:9f:ce:3f:97:48:60:e0: 77:12:d2:22:90:e9:59:c8:64:8f:43:9e:5b:9e:36: 0f:03:ea:10:63:02:93:03:2e:27:2c:64:e5:7d:b2: eb:33:76:8a:4c:1d:f6:a3:25:fd:92:be:b5:24:4e: c5:d0:b4:dd:89:23:cc:e5:cf:8d:c9:b3:f1:65:1c: 63:17:1e:cc:7a:4a:f3:c4:93:df:4c:8d:51:b9:0c: 46:6d:6c:55:cf:8b:18:0a:23:96:09:60:25:da:7d: e6:e9:bb:b5:78:50:e4:65:38:51:59:21:a8:3b:7a: 72:05:79:ed:8a:e5:9d:69:55:f2:73:95:4a:2f:ad: a8:e0:ed:c8:60:96:47:5e:1b:bb:49:bf:24:d2:f3: af:e1:d3:04:8a:7d:64:a3:cf:25:c2:e1:05:a8:53: ad:45:72:1c:f7:6b:23:0b:09:6d:1c:2c:64:68:7d: c3:2a:79:e0:e0:7e:8e:29:05:be:e9:6d:3f:37:ab: 3b:c5:80:93:d1:92:74:51:8f:25:98:5f:ad:30:3a: bc:80:96:5c:21:11:00:b8:b0:33:cd:8b:b9:03:43: d4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:58:E0:8F:7C:0E:D0:4D:EE:D4:6C:1D:0A:99:D2:BA:0F:1A:6D:11 X509v3 Authority Key Identifier: keyid:78:5B:49:0D:76:6F:4B:1C:21:1D:7D:AD:D6:EF:A7:70:F6:EB:9E:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFtJDXZvSxwhHX2t1u-ncPbrniU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/AFjgj3wO0E3u1GwdCpnSug8abRE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/5f343d-9b42-44b4-9067-7cae040e49e8/1/eFtJDXZvSxwhHX2t1u-ncPbrniU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.35.112.0/22 62.217.184.0/21 84.22.132.0/22 85.198.104.0/23 89.169.48.0/22 89.207.216.0/21 93.157.244.0/22 95.130.128.0/22 95.131.144.0/21 185.43.198.0/23 185.136.76.0/22 185.155.17.0-185.155.19.255 195.170.192.0/22 217.150.200.0/23 IPv6: 2a02:5fe0::/29 Signature Algorithm: sha256WithRSAEncryption 8a:68:21:c7:3e:4c:a3:ca:76:c3:ef:78:f5:d5:78:c9:34:ec: 4e:36:df:1d:89:7d:ac:a3:1c:24:cd:21:d7:c7:9a:a7:ed:a9: 23:ef:05:da:1d:36:a9:bf:a6:5f:c4:5a:46:bd:cc:07:2c:cf: f9:9b:75:2d:50:f8:60:dd:33:e4:eb:63:7d:91:1c:25:a9:a4: 70:f8:12:4d:3d:57:f5:2a:06:ca:d5:e5:61:be:02:41:39:9e: 30:a6:25:f5:41:0b:81:49:e0:68:5f:d8:f7:08:af:1e:37:71: 57:d8:67:5d:ed:6e:3c:40:d1:50:00:da:e9:8d:72:09:05:72: 79:05:95:7d:8f:1f:0c:d4:76:b0:1d:a6:80:bc:3b:37:3a:59: da:e7:ac:52:19:e6:17:ec:b2:7a:91:5d:70:e3:78:c9:43:ce: 3a:7f:3a:21:43:f9:73:29:0f:16:11:5d:fc:64:12:93:22:3a: f7:ef:e8:75:f6:1e:93:b9:d4:19:a3:cd:4f:65:ba:74:2c:ac: 44:c9:6f:29:2e:d2:a3:be:af:da:e9:45:f6:0f:2b:99:c5:08: a2:78:2c:2f:56:84:0e:6e:19:4b:19:71:f2:dc:02:b7:76:1f: 55:2e:77:b4:fb:32:ce:a4:e8:c7:1c:6f:87:de:b8:59:2c:1e: 87:8e:92:8a -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgISAZt4ohGdKF0WFfA3bbUT5pmyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4NWI0OTBkNzY2ZjRiMWMyMTFkN2RhZGQ2ZWZhNzcwZjZl YjllMjUwHhcNMjYwMTAxMDgxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDU4ZTA4ZjdjMGVkMDRkZWVkNDZjMWQwYTk5ZDJiYTBmMWE2ZDExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhU0eaxVvfTuifv3oPqblALrmK2yH ekN4l0f79ZsXiiDvPSF/pZ/OP5dIYOB3EtIikOlZyGSPQ55bnjYPA+oQYwKTAy4n LGTlfbLrM3aKTB32oyX9kr61JE7F0LTdiSPM5c+NybPxZRxjFx7MekrzxJPfTI1R uQxGbWxVz4sYCiOWCWAl2n3m6bu1eFDkZThRWSGoO3pyBXntiuWdaVXyc5VKL62o 4O3IYJZHXhu7Sb8k0vOv4dMEin1ko88lwuEFqFOtRXIc92sjCwltHCxkaH3DKnng 4H6OKQW+6W0/N6s7xYCT0ZJ0UY8lmF+tMDq8gJZcIREAuLAzzYu5A0PU4QIDAQAB o4ICbzCCAmswHQYDVR0OBBYEFABY4I98DtBN7tRsHQqZ0roPGm0RMB8GA1UdIwQY MBaAFHhbSQ12b0scIR19rdbvp3D2654lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjct N2NhZTA0MGU0OWU4LzEvQUZqZ2ozd08wRTN1MUd3ZENwblN1ZzhhYlJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi81ZjM0M2QtOWI0Mi00NGI0LTkwNjctN2NhZTA0MGU0OWU4 LzEvZUZ0SkRYWnZTeHdoSFgydDF1LW5jUGJybmlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAgUjcAME Az7ZuAMEAlQWhAMEAVXGaAMEAlmpMAMEA1nP2AMEAl2d9AMEAl+CgAMEA1+DkAME AbkrxgMEArmITDAMAwQAuZsRAwQCuZsQAwQCw6rAAwQB2ZbIMA0EAgACMAcDBQMq Al/gMA0GCSqGSIb3DQEBCwUAA4IBAQCKaCHHPkyjynbD73j11XjJNOxONt8diX2s oxwkzSHXx5qn7akj7wXaHTapv6ZfxFpGvcwHLM/5m3UtUPhg3TPk62N9kRwlqaRw +BJNPVf1KgbK1eVhvgJBOZ4wpiX1QQuBSeBoX9j3CK8eN3FX2Gdd7W48QNFQANrp jXIJBXJ5BZV9jx8M1HawHaaAvDs3Olna56xSGeYX7LJ6kV1w43jJQ846fzohQ/lz KQ8WEV38ZBKTIjr37+h19h6TudQZo81PZbp0LKxEyW8pLtKjvq/a6UX2DyuZxQii eCwvVoQObhlLGXHy3AK3dh9VLne0+zLOpOjHHG+H3rhZLB6HjpKK -----END CERTIFICATE-----Generated at Mon Jan 12 15:21:22 2026 by rpki-client