This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/KECb19wTvJFUN2Wl5Wm9IZPheNE.roa File: KECb19wTvJFUN2Wl5Wm9IZPheNE.roa (raw, json) Hash identifier: KtmQ4sD1wYrdGpvHK8ZZgh2HKlI71W1QM+Wlf/Sxbpo= Subject key identifier: 28:40:9B:D7:DC:13:BC:91:54:37:65:A5:E5:69:BD:21:93:E1:78:D1 Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e Certificate serial: 019AB571ABADE4983CDD01C597E43A3393C3 Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/KECb19wTvJFUN2Wl5Wm9IZPheNE.roa Signing time: Mon 24 Nov 2025 10:38:36 +0000 ROA not before: Mon 24 Nov 2025 10:38:36 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 200736 IP address blocks: 45.66.40.0/22 maxlen: 24 45.66.40.0/24 maxlen: 24 45.66.41.0/24 maxlen: 24 45.66.42.0/24 maxlen: 24 45.66.43.0/24 maxlen: 24 195.20.114.0/24 maxlen: 24 195.214.208.0/22 maxlen: 24 195.214.208.0/24 maxlen: 24 195.214.211.0/24 maxlen: 24 2a10:9300::/29 maxlen: 42 2a10:9300::/36 maxlen: 42 2a10:9300:100::/42 maxlen: 42 2a10:9300:400::/42 maxlen: 42 2a10:9300:500::/42 maxlen: 42 2a10:9300:900::/42 maxlen: 42 2a10:9300:b00::/42 maxlen: 42 2a10:9300:c00::/42 maxlen: 42 2a10:9301::/36 maxlen: 42 2a10:9301:100::/42 maxlen: 42 2a10:9301:140::/42 maxlen: 42 2a10:9301:180::/42 maxlen: 42 2a10:9301:300::/42 maxlen: 42 2a10:9301:340::/42 maxlen: 42 2a10:9301:700::/42 maxlen: 42 2a10:9301:740::/42 maxlen: 42 2a10:9301:980::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.mft rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b5:71:ab:ad:e4:98:3c:dd:01:c5:97:e4:3a:33:93:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e Validity Not Before: Nov 24 10:38:36 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=28409bd7dc13bc91543765a5e569bd2193e178d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:94:88:dc:3a:73:de:ec:d0:fb:76:bd:5b:96: 85:3b:28:71:2f:ee:f3:65:2f:2b:d8:b4:28:ad:ad: 70:e8:6a:f9:ad:c8:e7:a4:81:44:c2:3b:bd:da:8c: 15:6a:e7:1e:ca:70:74:82:bf:a2:8b:44:51:76:58: d0:ef:d9:6c:bc:85:9a:95:1b:69:3a:b9:2c:31:44: 62:f9:9f:94:dc:f7:f6:57:59:42:f5:72:13:a7:75: 9e:c5:ed:8c:4c:3a:20:b3:f0:5f:24:1d:8b:c3:f2: 09:90:4f:65:a3:58:d1:8f:18:ef:ba:c5:b4:9e:84: f7:4c:83:e6:c5:f4:de:e1:d2:34:1c:a3:4f:6b:f3: d0:e5:3c:a9:f8:f1:b2:e7:81:81:7c:02:cc:0d:30: b8:d4:b9:a3:4f:b2:08:59:3f:0a:74:2a:fd:eb:be: 36:1b:a9:f1:3b:52:b3:91:39:14:7e:4a:52:a2:cc: 6e:54:a0:ed:18:49:05:6f:59:39:ea:f1:8d:1b:6f: 1c:c9:13:6d:33:ac:f0:00:aa:e1:73:cf:1c:3f:c1: c3:e9:56:08:ef:f4:3f:ac:5e:eb:2b:27:99:e2:9c: 27:80:57:ba:6f:ce:62:8a:e0:04:62:b2:56:ee:4f: d6:4a:90:d9:9a:67:64:91:6d:df:52:ce:b7:6f:fc: 2c:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:40:9B:D7:DC:13:BC:91:54:37:65:A5:E5:69:BD:21:93:E1:78:D1 X509v3 Authority Key Identifier: keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/KECb19wTvJFUN2Wl5Wm9IZPheNE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.40.0/22 195.20.114.0/24 195.214.208.0/22 IPv6: 2a10:9300::/29 Signature Algorithm: sha256WithRSAEncryption 33:4b:c8:6e:c9:a1:0d:cc:8d:8d:c8:11:94:81:52:d2:50:66: 8f:b3:14:7e:88:22:74:89:97:a3:13:90:ee:92:66:e0:3c:d8: 01:70:c8:77:39:79:87:5b:1d:63:77:9a:88:6c:a5:72:6e:6e: 02:62:86:88:a1:42:ce:15:3f:ca:7a:e9:3b:fb:b6:72:9c:2f: 87:a4:48:0f:45:e4:c9:e1:aa:66:a4:01:58:aa:61:2b:5e:9f: 4c:a6:84:20:e5:20:40:c3:c7:86:23:7e:6b:66:12:22:e6:da: 9d:e2:a0:7e:7e:cc:60:9a:e7:1a:8b:4d:90:01:6e:42:04:da: 48:2a:2c:fa:4a:f9:b6:96:1f:0f:a7:39:6a:e9:38:af:50:a0: 1b:b0:1f:5b:09:3b:11:92:0f:30:9c:b3:5b:28:92:69:d4:b7: 8b:ae:ad:e6:6c:6b:82:07:d3:4b:3e:98:40:8d:d6:9e:62:4c: 80:c5:d5:69:4c:eb:a4:6a:a7:e9:95:7d:6a:48:18:57:7b:32: 75:3d:1e:e3:54:7a:7f:5c:70:53:a3:61:f6:83:1f:3d:d8:1d: 78:55:d7:10:00:89:95:04:3e:5c:ad:1c:f1:d2:01:e2:91:ad: de:e1:1f:c6:25:c9:c3:6a:d4:fb:eb:1a:b3:8f:b1:ac:d9:bf: 16:1a:62:f6 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZq1caut5Jg83QHFl+Q6M5PDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm YTg3NGUwHhcNMjUxMTI0MTAzODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyODQwOWJkN2RjMTNiYzkxNTQzNzY1YTVlNTY5YmQyMTkzZTE3OGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5SI3Dpz3uzQ+3a9W5aFOyhxL+7z ZS8r2LQora1w6Gr5rcjnpIFEwju92owVauceynB0gr+ii0RRdljQ79lsvIWalRtp OrksMURi+Z+U3Pf2V1lC9XITp3Wexe2MTDogs/BfJB2Lw/IJkE9lo1jRjxjvusW0 noT3TIPmxfTe4dI0HKNPa/PQ5Typ+PGy54GBfALMDTC41LmjT7IIWT8KdCr96742 G6nxO1KzkTkUfkpSosxuVKDtGEkFb1k56vGNG28cyRNtM6zwAKrhc88cP8HD6VYI 7/Q/rF7rKyeZ4pwngFe6b85iiuAEYrJW7k/WSpDZmmdkkW3fUs63b/wsBwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFChAm9fcE7yRVDdlpeVpvSGT4XjRMB8GA1UdIwQY MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt ZThhZGE1MWVlOGZmLzEvS0VDYjE5d1R2SkZVTjJXbDVXbTlJWlBoZU5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLUIoAwQA wxRyAwQCw9bQMA0EAgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IBAQAzS8hu yaENzI2NyBGUgVLSUGaPsxR+iCJ0iZejE5DukmbgPNgBcMh3OXmHWx1jd5qIbKVy bm4CYoaIoULOFT/Keuk7+7ZynC+HpEgPReTJ4apmpAFYqmErXp9MpoQg5SBAw8eG I35rZhIi5tqd4qB+fsxgmucai02QAW5CBNpIKiz6Svm2lh8Ppzlq6TivUKAbsB9b CTsRkg8wnLNbKJJp1LeLrq3mbGuCB9NLPphAjdaeYkyAxdVpTOukaqfplX1qSBhX ezJ1PR7jVHp/XHBTo2H2gx892B14VdcQAImVBD5crRzx0gHika3e4R/GJcnDatT7 6xqzj7Gs2b8WGmL2 -----END CERTIFICATE-----Generated at Sat Dec 6 18:47:14 2025 by rpki-client