This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/hKdzSlgkizVpoLvfGaH8kRoUyB4.roa File: hKdzSlgkizVpoLvfGaH8kRoUyB4.roa (raw, json) Hash identifier: eKmXOdDdv5KCQd+EWAKp0FLk1/DsxSq3Ym4RiAI0fek= Subject key identifier: 84:A7:73:4A:58:24:8B:35:69:A0:BB:DF:19:A1:FC:91:1A:14:C8:1E Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20 Certificate serial: 019A9CC83487D69605B3F63013B993496B09 Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/hKdzSlgkizVpoLvfGaH8kRoUyB4.roa Signing time: Wed 19 Nov 2025 15:42:37 +0000 ROA not before: Wed 19 Nov 2025 15:42:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 200738 IP address blocks: 45.129.20.0/24 maxlen: 24 45.129.21.0/24 maxlen: 24 45.129.22.0/24 maxlen: 24 45.129.23.0/24 maxlen: 24 77.83.124.0/22 maxlen: 22 92.114.56.0/22 maxlen: 22 93.114.240.0/22 maxlen: 22 109.230.222.0/24 maxlen: 24 176.100.208.0/22 maxlen: 22 176.100.212.0/22 maxlen: 22 176.100.224.0/20 maxlen: 20 176.100.224.0/24 maxlen: 24 176.100.225.0/24 maxlen: 24 185.97.168.0/22 maxlen: 22 185.159.252.0/22 maxlen: 22 185.170.147.0/24 maxlen: 24 188.215.8.0/22 maxlen: 22 193.26.148.0/22 maxlen: 22 193.31.36.0/22 maxlen: 22 193.35.14.0/23 maxlen: 23 193.35.26.0/23 maxlen: 23 2a06:6c0::/48 maxlen: 48 2a06:6c0:1::/48 maxlen: 48 2a06:6c0:2::/48 maxlen: 48 2a06:6c0:3::/48 maxlen: 48 2a06:6c0:11::/48 maxlen: 48 2a06:6c0:12::/48 maxlen: 48 2a06:6c0:13::/48 maxlen: 48 2a06:6c0:21::/48 maxlen: 48 2a06:6c0:22::/48 maxlen: 48 2a06:6c0:23::/48 maxlen: 48 2a06:6c0:24::/48 maxlen: 48 2a06:6c0:25::/48 maxlen: 48 2a06:6c0:26::/48 maxlen: 48 2a06:6c0:254::/48 maxlen: 48 2a06:6c0:255::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9c:c8:34:87:d6:96:05:b3:f6:30:13:b9:93:49:6b:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20 Validity Not Before: Nov 19 15:42:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=84a7734a58248b3569a0bbdf19a1fc911a14c81e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:90:69:04:aa:14:33:fa:63:27:ce:ea:68:a9: 1c:bb:cd:f2:67:ab:14:20:83:2c:91:9f:60:15:f3: 0b:1b:a7:c1:61:4a:ca:6d:f9:30:26:95:24:04:71: 4e:c6:38:24:cf:75:a9:ea:ff:1e:8e:3a:55:f4:0b: 99:e4:d2:a3:fb:33:f6:26:43:36:bd:61:e6:fa:33: 40:68:33:ed:52:f4:e5:b5:21:a8:30:6a:05:55:ab: 15:fa:e3:4c:79:e7:f3:aa:91:f2:fb:96:9a:f0:d1: f9:5a:71:6d:85:8a:56:85:22:05:a3:bd:4f:30:c7: a7:62:e2:41:29:1f:a1:b1:f1:2b:c0:b7:17:c6:6c: b2:38:6d:bf:a9:27:fa:e7:2c:1a:ad:70:0f:37:fa: 3e:7a:19:33:67:6b:0b:67:bd:7e:e3:a6:3d:50:84: 98:45:7e:4a:c8:8e:71:c2:9d:5f:9f:ac:53:0c:e7: 1d:51:17:b4:2f:c5:ad:6e:f8:2d:33:62:9a:4b:02: a9:16:76:80:21:e4:fd:3e:ce:df:ce:17:d8:73:f9: 14:85:69:fb:85:8c:bb:e4:5e:f8:d0:dd:1f:56:15: c1:bd:06:23:fc:4f:5c:cc:db:14:d4:1d:ba:3d:28: 68:d6:f8:78:52:33:d6:3d:38:fa:41:dd:9d:c9:0e: d1:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:A7:73:4A:58:24:8B:35:69:A0:BB:DF:19:A1:FC:91:1A:14:C8:1E X509v3 Authority Key Identifier: keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/hKdzSlgkizVpoLvfGaH8kRoUyB4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.129.20.0/22 77.83.124.0/22 92.114.56.0/22 93.114.240.0/22 109.230.222.0/24 176.100.208.0/21 176.100.224.0/20 185.97.168.0/22 185.159.252.0/22 185.170.147.0/24 188.215.8.0/22 193.26.148.0/22 193.31.36.0/22 193.35.14.0/23 193.35.26.0/23 IPv6: 2a06:6c0::/46 2a06:6c0:11::-2a06:6c0:13:ffff:ffff:ffff:ffff:ffff 2a06:6c0:21::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff 2a06:6c0:254::/47 Signature Algorithm: sha256WithRSAEncryption 56:fa:c1:d0:78:ea:c1:6f:f1:62:6e:d4:af:e4:30:30:75:20: 10:f9:fd:33:5b:20:53:c9:70:2c:67:aa:f4:65:03:e1:46:6d: 70:19:5c:54:7e:23:4b:e6:ae:63:53:41:c0:df:58:41:b0:eb: 83:53:15:6b:7b:69:e7:c4:f7:e9:32:b5:ed:9e:fb:ad:c3:c0: c6:cd:a9:b9:65:14:a0:e0:fa:61:91:9a:34:14:fc:1e:3e:a8: 2f:0e:6d:43:54:23:25:16:36:9f:4d:9d:77:4c:f8:6a:04:40: 07:85:3e:64:60:6c:da:a7:2a:fa:6f:f6:9f:c5:f1:1f:0d:07: c9:ee:40:2a:71:45:de:1a:cf:2f:6e:82:0a:24:c7:13:db:f9: d5:db:a9:37:3f:7a:d1:c7:50:2a:e9:0f:0e:91:ad:c9:26:c4: cb:5c:00:81:ed:4b:28:b6:04:04:01:a9:50:22:d7:52:da:4e: a4:59:a7:9a:bd:ef:1d:17:15:8c:4c:ae:67:46:90:f5:fe:2b: e8:d1:6d:02:77:58:34:ae:16:9b:83:3c:c1:83:05:95:97:16: 68:02:60:70:41:81:6e:b4:b1:6f:12:9c:1b:ff:79:71:c9:6c: 96:e9:a7:99:1d:51:dc:a8:e2:b0:36:8e:ab:28:78:ce:c5:3f: 61:4a:99:94 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgISAZqcyDSH1pYFs/YwE7mTSWsJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5 MjNmMjAwHhcNMjUxMTE5MTU0MjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NGE3NzM0YTU4MjQ4YjM1NjlhMGJiZGYxOWExZmM5MTFhMTRjODFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJBpBKoUM/pjJ87qaKkcu83yZ6sU IIMskZ9gFfMLG6fBYUrKbfkwJpUkBHFOxjgkz3Wp6v8ejjpV9AuZ5NKj+zP2JkM2 vWHm+jNAaDPtUvTltSGoMGoFVasV+uNMeefzqpHy+5aa8NH5WnFthYpWhSIFo71P MMenYuJBKR+hsfErwLcXxmyyOG2/qSf65ywarXAPN/o+ehkzZ2sLZ71+46Y9UISY RX5KyI5xwp1fn6xTDOcdURe0L8WtbvgtM2KaSwKpFnaAIeT9Ps7fzhfYc/kUhWn7 hYy75F740N0fVhXBvQYj/E9czNsU1B26PSho1vh4UjPWPTj6Qd2dyQ7RgwIDAQAB o4ICojCCAp4wHQYDVR0OBBYEFISnc0pYJIs1aaC73xmh/JEaFMgeMB8GA1UdIwQY MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt Nzc3MzczZTYwNTVlLzEvaEtkelNsZ2tpelZwb0x2ZkdhSDhrUm9VeUI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDBgBAIAATBaAwQCLYEU AwQCTVN8AwQCXHI4AwQCXXLwAwQAbebeAwQDsGTQAwQEsGTgAwQCuWGoAwQCuZ/8 AwQAuaqTAwQCvNcIAwQCwRqUAwQCwR8kAwQBwSMOAwQBwSMaMEAEAgACMDoDBwIq BgbAAAAwEgMHACoGBsAAEQMHAioGBsAAEDASAwcAKgYGwAAhAwcAKgYGwAAmAwcB KgYGwAJUMA0GCSqGSIb3DQEBCwUAA4IBAQBW+sHQeOrBb/FibtSv5DAwdSAQ+f0z WyBTyXAsZ6r0ZQPhRm1wGVxUfiNL5q5jU0HA31hBsOuDUxVre2nnxPfpMrXtnvut w8DGzam5ZRSg4PphkZo0FPwePqgvDm1DVCMlFjafTZ13TPhqBEAHhT5kYGzapyr6 b/afxfEfDQfJ7kAqcUXeGs8vboIKJMcT2/nV26k3P3rRx1Aq6Q8Oka3JJsTLXACB 7UsotgQEAalQItdS2k6kWaeave8dFxWMTK5nRpD1/ivo0W0Cd1g0rhabgzzBgwWV lxZoAmBwQYFutLFvEpwb/3lxyWyW6aeZHVHcqOKwNo6rKHjOxT9hSpmU -----END CERTIFICATE-----Generated at Sun Dec 7 02:15:15 2025 by rpki-client