This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/1ZMsVQGAWg2it-JAEuC_i_hCIyc.roa File: 1ZMsVQGAWg2it-JAEuC_i_hCIyc.roa (raw, json) Hash identifier: ZLAKov/0hadhlGoY/KwpJKZ7o/B0xm108yvYfzR8PiE= Subject key identifier: D5:93:2C:55:01:80:5A:0D:A2:B7:E2:40:12:E0:BF:8B:F8:42:23:27 Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e Certificate serial: 019B7EA73873F2DCFC1BF2729DF5DE6CE8D1 Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/1ZMsVQGAWg2it-JAEuC_i_hCIyc.roa Signing time: Fri 02 Jan 2026 12:20:46 +0000 ROA not before: Fri 02 Jan 2026 12:20:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 136787 IP address blocks: 45.66.252.0/24 maxlen: 24 45.66.253.0/24 maxlen: 24 45.66.254.0/24 maxlen: 24 45.66.255.0/24 maxlen: 24 91.217.6.0/24 maxlen: 24 91.217.7.0/24 maxlen: 24 103.69.32.0/24 maxlen: 32 103.69.33.0/24 maxlen: 32 103.69.34.0/24 maxlen: 32 103.69.35.0/24 maxlen: 32 103.254.240.0/24 maxlen: 24 103.254.241.0/24 maxlen: 24 103.254.242.0/24 maxlen: 24 103.254.243.0/24 maxlen: 24 109.74.28.0/24 maxlen: 24 109.74.29.0/24 maxlen: 24 109.74.30.0/24 maxlen: 24 109.74.31.0/24 maxlen: 24 209.23.32.0/24 maxlen: 32 209.23.33.0/24 maxlen: 32 209.23.34.0/24 maxlen: 32 209.23.35.0/24 maxlen: 32 209.23.36.0/24 maxlen: 32 209.23.37.0/24 maxlen: 32 209.23.38.0/24 maxlen: 32 209.23.39.0/24 maxlen: 32 209.23.40.0/24 maxlen: 32 209.23.41.0/24 maxlen: 32 209.23.42.0/24 maxlen: 32 209.23.43.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:38:73:f2:dc:fc:1b:f2:72:9d:f5:de:6c:e8:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e Validity Not Before: Jan 2 12:20:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5932c5501805a0da2b7e24012e0bf8bf8422327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:e6:9d:7a:74:12:c1:06:49:d2:c8:8a:d7:7c: 19:14:80:5c:2a:aa:c6:9c:12:28:6d:fd:e7:72:63: 48:17:99:18:6a:d9:4e:1f:9e:08:bb:1e:08:4c:60: 29:27:90:16:53:b5:91:a9:fe:7c:f9:cf:36:b5:da: b1:7e:71:7c:73:ea:96:7c:91:4a:85:55:f4:48:65: e8:11:94:0c:c8:c3:3c:ff:d2:02:65:b5:99:4e:49: e3:79:ab:50:e2:b1:d8:4c:bf:78:d6:4d:52:5d:30: 05:a7:1b:f2:a9:6d:3f:79:04:5e:dc:b5:19:94:83: 1c:f3:b4:26:13:4f:ad:cf:4c:0b:a2:08:b9:fd:f8: 88:db:88:5a:55:39:3f:bd:32:a4:e8:4e:c5:b8:e3: 92:59:45:bf:0f:4b:63:7d:ca:67:52:0a:21:bc:7d: 52:72:ef:81:50:a6:47:29:f5:98:8e:0b:60:48:fe: 56:b8:d2:1d:62:1a:57:84:f1:c0:15:0f:a0:cd:ef: 43:ab:72:d3:e2:7e:08:c5:1a:0a:cf:65:fa:ea:f0: 6d:00:5c:5f:f9:95:cd:20:eb:6e:d1:0e:3d:f8:7c: 1f:31:eb:59:b8:c9:85:8c:85:b6:1c:4b:5a:5f:5f: 1d:29:43:7b:80:6d:5c:4d:cf:b0:f3:14:45:e4:69: 1e:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:93:2C:55:01:80:5A:0D:A2:B7:E2:40:12:E0:BF:8B:F8:42:23:27 X509v3 Authority Key Identifier: keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/1ZMsVQGAWg2it-JAEuC_i_hCIyc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.252.0/22 91.217.6.0/23 103.69.32.0/22 103.254.240.0/22 109.74.28.0/22 209.23.32.0-209.23.43.255 Signature Algorithm: sha256WithRSAEncryption 38:47:8d:83:f9:0a:61:a3:19:7f:e0:52:38:af:54:fa:97:f3: 41:20:5b:86:cc:36:81:f6:d8:dd:df:7d:be:8b:13:54:f5:54: 22:23:1c:e1:f7:98:ce:a6:3f:ce:91:57:db:9d:d8:dc:31:4d: 9d:92:94:83:e8:01:9e:e3:2b:33:1c:60:84:29:34:e4:9f:c0: 0f:9c:da:59:00:30:2a:79:16:69:9d:68:0e:a2:23:ee:2b:85: 86:be:34:b7:e7:00:a5:06:c7:b1:14:68:57:3b:fb:d1:0d:00: 07:ce:32:72:c1:3c:63:fb:8b:ed:97:5d:89:94:c6:a5:99:85: 6b:e0:1b:7e:d8:a7:7e:64:b8:9d:05:01:a7:eb:11:8f:25:e7: a9:78:23:04:f4:83:15:15:a8:f1:b5:ca:03:67:d1:a5:fb:cc: 4c:7d:c9:ad:26:a7:70:48:0d:eb:3e:0c:65:4a:91:21:b9:a2: 39:36:a8:74:22:cc:a3:20:0c:39:f4:dd:56:82:06:d5:4f:a7: 93:3a:ba:e1:2a:39:39:6b:51:28:04:09:19:9e:07:48:66:71: e4:38:5f:d7:79:f7:fb:f4:c3:81:7a:a4:2d:c6:99:3e:59:0f: 7e:7a:7b:ed:dc:61:fb:83:e7:3f:fd:a4:a8:a0:c7:82:7f:39: 98:66:d8:87 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt+pzhz8tz8G/JynfXebOjRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh ZmU0NGUwHhcNMjYwMTAyMTIyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTkzMmM1NTAxODA1YTBkYTJiN2UyNDAxMmUwYmY4YmY4NDIyMzI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuadenQSwQZJ0siK13wZFIBcKqrG nBIobf3ncmNIF5kYatlOH54Iux4ITGApJ5AWU7WRqf58+c82tdqxfnF8c+qWfJFK hVX0SGXoEZQMyMM8/9ICZbWZTknjeatQ4rHYTL941k1SXTAFpxvyqW0/eQRe3LUZ lIMc87QmE0+tz0wLogi5/fiI24haVTk/vTKk6E7FuOOSWUW/D0tjfcpnUgohvH1S cu+BUKZHKfWYjgtgSP5WuNIdYhpXhPHAFQ+gze9Dq3LT4n4IxRoKz2X66vBtAFxf +ZXNIOtu0Q49+HwfMetZuMmFjIW2HEtaX18dKUN7gG1cTc+w8xRF5Gke8wIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFNWTLFUBgFoNorfiQBLgv4v4QiMnMB8GA1UdIwQY MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct ZmI1OTQ5ODA4ZGRjLzEvMVpNc1ZRR0FXZzJpdC1KQUV1Q19pX2hDSXljLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLUL8AwQB W9kGAwQCZ0UgAwQCZ/7wAwQCbUocMAwDBAXRFyADBALRFygwDQYJKoZIhvcNAQEL BQADggEBADhHjYP5CmGjGX/gUjivVPqX80EgW4bMNoH22N3ffb6LE1T1VCIjHOH3 mM6mP86RV9ud2NwxTZ2SlIPoAZ7jKzMcYIQpNOSfwA+c2lkAMCp5FmmdaA6iI+4r hYa+NLfnAKUGx7EUaFc7+9ENAAfOMnLBPGP7i+2XXYmUxqWZhWvgG37Yp35kuJ0F AafrEY8l56l4IwT0gxUVqPG1ygNn0aX7zEx9ya0mp3BIDes+DGVKkSG5ojk2qHQi zKMgDDn03VaCBtVPp5M6uuEqOTlrUSgECRmeB0hmceQ4X9d59/v0w4F6pC3GmT5Z D356e+3cYfuD5z/9pKigx4J/OZhm2Ic= -----END CERTIFICATE-----Generated at Sun Jan 25 17:35:59 2026 by rpki-client