This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/kY4ksQndz-gzhcTuoaFdmgV3m0I.roa File: kY4ksQndz-gzhcTuoaFdmgV3m0I.roa (raw, json) Hash identifier: XUtGLpQDwtXcDannHPXpznlOTiV+ukRM8Rgy6xwFoxY= Subject key identifier: 91:8E:24:B1:09:DD:CF:E8:33:85:C4:EE:A1:A1:5D:9A:05:77:9B:42 Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56 Certificate serial: 019B7C80669FF25579EC0F8893E5F52388C8 Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/kY4ksQndz-gzhcTuoaFdmgV3m0I.roa Signing time: Fri 02 Jan 2026 02:19:08 +0000 ROA not before: Fri 02 Jan 2026 02:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62240 IP address blocks: 2.57.148.0/24 maxlen: 24 5.133.110.0/24 maxlen: 24 45.88.82.0/24 maxlen: 24 45.88.83.0/24 maxlen: 24 45.91.161.0/24 maxlen: 24 45.132.207.0/24 maxlen: 24 45.136.248.0/24 maxlen: 24 45.138.145.0/24 maxlen: 24 45.143.140.0/24 maxlen: 24 45.147.244.0/24 maxlen: 24 45.147.245.0/24 maxlen: 24 45.147.247.0/24 maxlen: 24 80.242.62.0/24 maxlen: 24 87.247.143.0/24 maxlen: 24 103.145.21.0/24 maxlen: 24 109.94.216.0/24 maxlen: 24 109.94.217.0/24 maxlen: 24 109.94.218.0/24 maxlen: 24 109.94.219.0/24 maxlen: 24 192.144.16.0/24 maxlen: 24 194.59.12.0/24 maxlen: 24 194.156.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:66:9f:f2:55:79:ec:0f:88:93:e5:f5:23:88:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56 Validity Not Before: Jan 2 02:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=918e24b109ddcfe83385c4eea1a15d9a05779b42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a2:85:b3:a7:ed:f8:9f:bf:1f:73:38:28:0b: 71:9e:ad:39:33:33:3b:29:75:9e:9e:a9:d7:57:8b: ae:14:7e:69:7f:68:8f:bd:57:c9:a1:2f:c7:0b:b0: d9:a3:17:44:40:b8:34:5f:84:73:cc:80:79:59:d2: a5:d8:ef:6f:b7:0b:ae:df:1b:b8:73:a4:a5:92:ff: f5:aa:d0:bb:f0:86:cd:bb:ed:d1:52:27:8f:c2:5a: 44:b4:76:a2:2b:35:e6:4c:1a:51:d2:cc:e7:9a:53: 1f:cc:dd:bf:f2:3b:18:14:ef:e7:91:0f:78:2e:db: a2:83:b9:19:fe:c4:4f:61:7c:4f:86:60:46:10:e1: 08:17:8b:91:ed:96:35:3e:16:a0:21:14:7c:bf:db: 28:61:43:e7:9f:7d:99:b7:aa:87:44:b6:12:89:f0: 08:c9:63:93:42:65:ca:8a:06:fd:5c:15:01:38:e5: 28:d3:00:fd:24:27:5a:2b:1e:2a:c3:59:0f:28:35: 77:24:bb:ea:7a:ea:a0:85:7c:a2:3f:f1:34:1b:69: e2:ef:6f:8e:ca:31:ee:59:cc:93:bb:c8:e5:ae:0a: 5d:aa:3a:7b:67:ce:55:61:84:cb:5c:65:b4:70:e4: 96:34:d9:c5:ea:37:5e:16:0b:d2:03:af:8d:44:c2: 10:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:8E:24:B1:09:DD:CF:E8:33:85:C4:EE:A1:A1:5D:9A:05:77:9B:42 X509v3 Authority Key Identifier: keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/kY4ksQndz-gzhcTuoaFdmgV3m0I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.148.0/24 5.133.110.0/24 45.88.82.0/23 45.91.161.0/24 45.132.207.0/24 45.136.248.0/24 45.138.145.0/24 45.143.140.0/24 45.147.244.0/23 45.147.247.0/24 80.242.62.0/24 87.247.143.0/24 103.145.21.0/24 109.94.216.0/22 192.144.16.0/24 194.59.12.0/24 194.156.1.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:50:06:6f:40:f5:d5:67:bd:0f:55:69:35:0d:b7:58:00:4f: 84:86:c3:43:c0:ea:2a:c9:0f:4d:1d:bb:fa:e9:ed:2b:90:dc: 26:75:5b:95:b8:24:df:d7:0a:ce:11:70:40:15:8a:19:6f:68: 25:91:1c:eb:dd:8e:b2:6e:76:e3:a8:b1:1f:a3:ff:a4:c9:3a: 24:11:56:0e:48:01:67:b4:ab:e7:62:56:ef:1c:ca:f7:1c:64: b0:79:5b:0f:81:01:6e:f6:8d:9b:3a:9b:b0:ee:30:d4:db:2c: f8:58:ff:4f:01:15:b0:4a:0f:41:a9:35:14:c6:12:9e:fb:99: ca:2f:07:19:4d:23:df:ef:19:38:39:e5:66:cb:2b:ec:ec:64: 1f:16:98:18:fb:8f:17:9c:12:b0:c9:f7:ac:75:ab:7a:d1:1d: f5:02:c0:5e:dd:55:74:61:bf:05:11:f5:d3:08:86:40:38:28: ad:b5:bf:ae:76:98:28:b8:eb:8d:6e:2a:48:60:e8:82:41:8d: 0d:c1:49:4d:80:33:6a:45:55:32:31:5b:e6:1e:0c:9b:a8:a3: 44:9a:a2:f5:5d:6e:3d:fe:6f:97:36:f9:06:a2:43:bb:a6:8c: 32:fe:9c:e5:94:91:34:7f:72:3e:26:42:e9:db:e7:a2:79:b8: a9:a0:e8:b5 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgISAZt8gGaf8lV57A+Ik+X1I4jIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0 ZjVlNTYwHhcNMjYwMTAyMDIxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MThlMjRiMTA5ZGRjZmU4MzM4NWM0ZWVhMWExNWQ5YTA1Nzc5YjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaKFs6ft+J+/H3M4KAtxnq05MzM7 KXWenqnXV4uuFH5pf2iPvVfJoS/HC7DZoxdEQLg0X4RzzIB5WdKl2O9vtwuu3xu4 c6Slkv/1qtC78IbNu+3RUiePwlpEtHaiKzXmTBpR0sznmlMfzN2/8jsYFO/nkQ94 Ltuig7kZ/sRPYXxPhmBGEOEIF4uR7ZY1PhagIRR8v9soYUPnn32Zt6qHRLYSifAI yWOTQmXKigb9XBUBOOUo0wD9JCdaKx4qw1kPKDV3JLvqeuqghXyiP/E0G2ni72+O yjHuWcyTu8jlrgpdqjp7Z85VYYTLXGW0cOSWNNnF6jdeFgvSA6+NRMIQbwIDAQAB o4ICaTCCAmUwHQYDVR0OBBYEFJGOJLEJ3c/oM4XE7qGhXZoFd5tCMB8GA1UdIwQY MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt YmE5OGYxMTIyMTIxLzEva1k0a3NRbmR6LWd6aGNUdW9hRmRtZ1YzbTBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAAjmUAwQA BYVuAwQBLVhSAwQALVuhAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQA LZP3AwQAUPI+AwQAV/ePAwQAZ5EVAwQCbV7YAwQAwJAQAwQAwjsMAwQAwpwBMA0G CSqGSIb3DQEBCwUAA4IBAQBfUAZvQPXVZ70PVWk1DbdYAE+EhsNDwOoqyQ9NHbv6 6e0rkNwmdVuVuCTf1wrOEXBAFYoZb2glkRzr3Y6ybnbjqLEfo/+kyTokEVYOSAFn tKvnYlbvHMr3HGSweVsPgQFu9o2bOpuw7jDU2yz4WP9PARWwSg9BqTUUxhKe+5nK LwcZTSPf7xk4OeVmyyvs7GQfFpgY+48XnBKwyfesdat60R31AsBe3VV0Yb8FEfXT CIZAOCittb+udpgouOuNbipIYOiCQY0NwUlNgDNqRVUyMVvmHgybqKNEmqL1XW49 /m+XNvkGokO7powy/pzllJE0f3I+JkLp2+eiebipoOi1 -----END CERTIFICATE-----Generated at Sat Jan 10 03:59:14 2026 by rpki-client