This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/AceZ4ztMUcivJ_xyIQMtsPiEJ1o.roa File: AceZ4ztMUcivJ_xyIQMtsPiEJ1o.roa (raw, json) Hash identifier: t7OKP7yRyZbDYbA9pwMd+wM9Kk3yWygSaa0Xg3XD4EU= Subject key identifier: 01:C7:99:E3:3B:4C:51:C8:AF:27:FC:72:21:03:2D:B0:F8:84:27:5A Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Certificate serial: 019B78A3791AF259335221F1182EA8012060 Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/AceZ4ztMUcivJ_xyIQMtsPiEJ1o.roa Signing time: Thu 01 Jan 2026 08:18:57 +0000 ROA not before: Thu 01 Jan 2026 08:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202759 IP address blocks: 45.151.72.0/24 maxlen: 24 83.172.139.0/24 maxlen: 24 89.40.104.0/24 maxlen: 24 93.113.98.0/24 maxlen: 24 93.113.214.0/24 maxlen: 24 95.156.206.0/24 maxlen: 24 185.122.185.0/24 maxlen: 24 185.193.49.0/24 maxlen: 24 188.190.18.0/24 maxlen: 24 188.214.32.0/24 maxlen: 24 188.214.36.0/24 maxlen: 24 188.214.37.0/24 maxlen: 24 213.111.179.0/24 maxlen: 24 213.111.181.0/24 maxlen: 24 213.111.189.0/24 maxlen: 24 213.111.190.0/24 maxlen: 24 2a03:f80:372::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:79:1a:f2:59:33:52:21:f1:18:2e:a8:01:20:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a Validity Not Before: Jan 1 08:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=01c799e33b4c51c8af27fc7221032db0f884275a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f9:50:e1:61:27:2b:9b:8d:23:40:43:b0:65: 0d:62:f9:8b:9e:01:a3:12:80:fd:cd:96:06:4f:12: 5a:31:54:9a:c2:02:05:a9:ed:16:b5:f7:f8:58:9e: 6f:47:f3:4e:6e:a2:d5:6e:90:42:55:ce:18:63:ba: 27:cd:78:97:6d:f4:c5:f5:6e:72:ca:0d:a6:ea:a3: c2:d2:57:6f:e7:c0:75:fb:12:45:a6:25:24:d6:f2: 91:ef:77:d3:3e:25:9b:f4:23:ed:29:bd:b2:5c:d0: ae:16:dd:a5:e9:e6:af:93:82:a1:01:28:00:2e:ed: 3d:8f:3c:81:c9:2f:89:3c:69:4d:4c:24:48:0d:87: 6d:b4:43:bc:b5:1f:d0:78:a3:72:16:df:ab:c2:a0: 2b:4b:c1:d5:81:f6:a2:ca:d4:91:cc:87:4e:d0:a5: 04:95:eb:17:fe:4c:16:a6:71:78:b6:15:2b:c3:7b: 24:61:79:9c:0e:39:96:7a:33:d2:33:a8:68:08:35: f7:08:a1:63:3f:fa:93:05:31:b5:0c:d1:93:85:72: bb:cf:96:1a:73:5a:37:e3:33:d6:a0:66:5f:a5:ce: 7f:de:8d:a3:a9:66:e3:9b:6b:9d:11:46:f2:d9:6e: 67:9c:05:d5:66:e3:94:41:84:91:80:cc:e7:ca:52: 5a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:C7:99:E3:3B:4C:51:C8:AF:27:FC:72:21:03:2D:B0:F8:84:27:5A X509v3 Authority Key Identifier: keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/AceZ4ztMUcivJ_xyIQMtsPiEJ1o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.151.72.0/24 83.172.139.0/24 89.40.104.0/24 93.113.98.0/24 93.113.214.0/24 95.156.206.0/24 185.122.185.0/24 185.193.49.0/24 188.190.18.0/24 188.214.32.0/24 188.214.36.0/23 213.111.179.0/24 213.111.181.0/24 213.111.189.0-213.111.190.255 IPv6: 2a03:f80:372::/48 Signature Algorithm: sha256WithRSAEncryption 19:f3:d6:df:8f:5e:67:3f:1d:1a:ea:80:2d:de:df:d9:10:9b: 7d:02:f0:94:df:31:30:9f:af:31:24:9b:e6:26:cd:ff:bb:99: 3e:d8:14:8a:53:e4:f7:d2:35:56:dd:11:6e:2e:55:cb:01:01: db:5c:38:69:a6:a4:fc:e7:83:be:da:1f:83:47:69:5c:41:70: 24:ab:3a:36:0b:0e:ee:e4:4b:44:6f:bd:63:58:0a:e2:3a:46: 32:e1:cc:7e:c6:07:36:20:eb:57:15:a9:85:92:38:29:db:59: 1f:97:9f:aa:59:0c:4d:40:75:c3:e2:30:68:0d:17:73:91:19: 81:35:b8:e9:c4:d6:85:a5:fa:65:18:5c:d9:16:cc:17:29:5a: 99:24:23:f4:3a:02:90:80:02:ee:17:33:1a:84:4a:70:86:c5: 50:82:80:0d:13:e3:8e:51:41:9c:71:43:75:7f:91:8d:95:c1: 7a:a2:6c:d8:4d:f3:60:d4:07:b4:3a:98:e5:c4:ba:d3:c6:66: 7a:46:8c:2b:36:f1:76:91:78:b1:53:4e:25:8e:e9:85:f6:69: 27:11:2a:27:69:6d:9e:9e:da:c9:e4:49:31:3d:56:08:10:43: ed:b7:df:0d:c8:7c:12:4b:d2:8a:c1:c1:9f:5a:27:c4:8a:bb: a4:b9:bf:16 -----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgISAZt4o3ka8lkzUiHxGC6oASBgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj MjhmNmEwHhcNMjYwMTAxMDgxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMWM3OTllMzNiNGM1MWM4YWYyN2ZjNzIyMTAzMmRiMGY4ODQyNzVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/lQ4WEnK5uNI0BDsGUNYvmLngGj EoD9zZYGTxJaMVSawgIFqe0Wtff4WJ5vR/NObqLVbpBCVc4YY7onzXiXbfTF9W5y yg2m6qPC0ldv58B1+xJFpiUk1vKR73fTPiWb9CPtKb2yXNCuFt2l6eavk4KhASgA Lu09jzyByS+JPGlNTCRIDYdttEO8tR/QeKNyFt+rwqArS8HVgfaiytSRzIdO0KUE lesX/kwWpnF4thUrw3skYXmcDjmWejPSM6hoCDX3CKFjP/qTBTG1DNGThXK7z5Ya c1o34zPWoGZfpc5/3o2jqWbjm2udEUby2W5nnAXVZuOUQYSRgMznylJa3wIDAQAB o4ICcTCCAm0wHQYDVR0OBBYEFAHHmeM7TFHIryf8ciEDLbD4hCdaMB8GA1UdIwQY MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt YjM4ZTI2NzdiM2RjLzEvQWNlWjR6dE1VY2l2Sl94eUlRTXRzUGlFSjFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwYgQCAAEwXAMEAC2XSAME AFOsiwMEAFkoaAMEAF1xYgMEAF1x1gMEAF+czgMEALl6uQMEALnBMQMEALy+EgME ALzWIAMEAbzWJAMEANVvswMEANVvtTAMAwQA1W+9AwQA1W++MA8EAgACMAkDBwAq Aw+AA3IwDQYJKoZIhvcNAQELBQADggEBABnz1t+PXmc/HRrqgC3e39kQm30C8JTf MTCfrzEkm+Ymzf+7mT7YFIpT5PfSNVbdEW4uVcsBAdtcOGmmpPzng77aH4NHaVxB cCSrOjYLDu7kS0RvvWNYCuI6RjLhzH7GBzYg61cVqYWSOCnbWR+Xn6pZDE1AdcPi MGgNF3ORGYE1uOnE1oWl+mUYXNkWzBcpWpkkI/Q6ApCAAu4XMxqESnCGxVCCgA0T 445RQZxxQ3V/kY2VwXqibNhN82DUB7Q6mOXEutPGZnpGjCs28XaReLFTTiWO6YX2 aScRKidpbZ6e2snkSTE9VggQQ+233w3IfBJL0orBwZ9aJ8SKu6S5vxY= -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:02 2026 by rpki-client