This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/07kKKUMgBwNlGH8ItBg5huXyjBo.roa File: 07kKKUMgBwNlGH8ItBg5huXyjBo.roa (raw, json) Hash identifier: 0Db0rW3HyxMoZLKg3qDXyoGcyEgSvoFlGL2izdT+lqA= Subject key identifier: D3:B9:0A:29:43:20:07:03:65:18:7F:08:B4:18:39:86:E5:F2:8C:1A Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208 Certificate serial: 019B78351179FC2AAE5ECDF2C99FDE126721 Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/07kKKUMgBwNlGH8ItBg5huXyjBo.roa Signing time: Thu 01 Jan 2026 06:18:22 +0000 ROA not before: Thu 01 Jan 2026 06:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25540 IP address blocks: 45.81.212.0/22 maxlen: 22 77.81.49.0/24 maxlen: 24 83.172.137.0/24 maxlen: 24 83.172.142.0/23 maxlen: 23 83.172.149.0/24 maxlen: 24 83.172.152.0/24 maxlen: 24 83.172.154.0/23 maxlen: 23 83.172.156.0/23 maxlen: 23 83.172.158.0/24 maxlen: 24 83.172.166.0/23 maxlen: 23 83.172.168.0/24 maxlen: 24 83.172.170.0/23 maxlen: 23 83.172.184.0/23 maxlen: 23 83.172.187.0/24 maxlen: 24 83.172.190.0/24 maxlen: 24 83.172.191.0/24 maxlen: 24 89.37.107.0/24 maxlen: 24 93.114.176.0/22 maxlen: 22 94.177.28.0/24 maxlen: 24 94.177.144.0/24 maxlen: 24 130.93.0.0/17 maxlen: 24 130.93.0.0/24 maxlen: 24 130.93.128.0/18 maxlen: 22 130.93.128.0/19 maxlen: 19 130.93.160.0/20 maxlen: 20 130.93.176.0/22 maxlen: 22 185.9.248.0/22 maxlen: 22 185.12.0.0/22 maxlen: 22 185.23.164.0/22 maxlen: 22 185.120.176.0/22 maxlen: 22 185.122.160.0/22 maxlen: 22 185.133.128.0/22 maxlen: 22 185.137.72.0/22 maxlen: 22 185.153.172.0/22 maxlen: 22 193.84.89.0/24 maxlen: 24 195.68.224.0/22 maxlen: 22 206.124.104.0/21 maxlen: 21 2a02:ec00::/29 maxlen: 29 2a0e:4180::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.mft rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:11:79:fc:2a:ae:5e:cd:f2:c9:9f:de:12:67:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208 Validity Not Before: Jan 1 06:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3b90a294320070365187f08b4183986e5f28c1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f2:e0:74:37:7e:13:d5:f0:e5:28:55:4b:c1: a3:9f:f8:83:30:a1:b9:da:ae:4e:f9:ef:b6:48:66: 2d:48:6a:2e:5a:7d:b4:5d:95:96:8d:ea:d6:9e:b5: d9:ca:1c:85:91:38:22:5c:61:0c:13:e7:23:2f:a7: 52:e9:ee:b8:38:b9:8c:b5:c9:20:bd:cc:76:aa:61: 9f:d1:68:1f:0f:11:de:44:2b:a1:01:e9:4c:7a:e8: 94:d8:80:64:47:df:97:9c:6e:17:6f:40:10:1d:4a: 4d:6e:8c:f9:3e:ac:67:1d:ec:fa:ba:79:dc:af:73: f0:73:4b:6a:91:d3:43:29:f8:51:bf:38:5c:76:c9: d8:9d:a0:94:01:b9:44:a6:04:41:ba:e4:f5:bf:6a: 50:e8:c4:40:a6:bf:20:ef:df:ac:93:0f:68:d6:2d: f0:ec:ee:42:cc:f1:e4:fe:f1:9b:d6:e7:17:15:eb: a0:34:02:7a:3f:24:a7:7b:c9:92:cd:01:7e:ce:3c: 61:30:a6:8d:d2:05:c2:c6:5b:ce:5a:38:01:5d:3c: ad:92:12:43:47:0e:5d:54:2e:50:07:cb:71:8d:43: f8:10:4d:08:f1:bd:60:92:64:02:56:f1:9d:5d:cd: 35:53:5e:42:7e:03:aa:9c:19:36:85:8f:11:65:20: 3b:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:B9:0A:29:43:20:07:03:65:18:7F:08:B4:18:39:86:E5:F2:8C:1A X509v3 Authority Key Identifier: keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/07kKKUMgBwNlGH8ItBg5huXyjBo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.81.212.0/22 77.81.49.0/24 83.172.137.0/24 83.172.142.0/23 83.172.149.0/24 83.172.152.0/24 83.172.154.0-83.172.158.255 83.172.166.0-83.172.168.255 83.172.170.0/23 83.172.184.0/23 83.172.187.0/24 83.172.190.0/23 89.37.107.0/24 93.114.176.0/22 94.177.28.0/24 94.177.144.0/24 130.93.0.0-130.93.191.255 185.9.248.0/22 185.12.0.0/22 185.23.164.0/22 185.120.176.0/22 185.122.160.0/22 185.133.128.0/22 185.137.72.0/22 185.153.172.0/22 193.84.89.0/24 195.68.224.0/22 206.124.104.0/21 IPv6: 2a02:ec00::/29 2a0e:4180::/29 Signature Algorithm: sha256WithRSAEncryption 12:93:16:ad:0d:39:b7:ef:6e:08:ba:8a:78:27:ae:2f:9f:4e: 5a:f7:b8:7b:93:45:a9:b7:f8:d1:b6:68:8b:ab:82:a0:cd:de: 81:34:50:7f:2d:02:70:39:b7:80:35:c6:85:b7:4d:6c:b9:86: 66:d4:b6:df:b6:5b:91:dd:ce:c8:43:da:19:04:a1:bf:41:30: e5:fe:d8:fc:22:89:bc:14:ad:1d:5a:b6:56:5c:bc:03:f7:68: 4e:5d:93:e7:c7:2b:51:b6:c7:6b:61:75:a2:ad:d9:76:da:66: 9f:e2:92:90:3e:ca:25:51:f3:c9:91:5c:a3:29:62:6e:76:45: af:69:1e:e5:ac:97:df:46:63:1f:30:f7:a2:e2:fb:6e:f7:00: 71:19:b7:53:33:03:df:4e:74:b5:b1:e1:b2:9f:00:42:cf:9d: f8:f6:91:24:52:c6:2a:f0:cd:bb:f6:00:62:d7:82:8f:30:a0: c8:23:98:3f:ab:34:fd:40:09:79:65:bf:6a:3b:fe:da:cb:62: 78:01:7d:e0:d4:c0:00:e3:1b:a2:d4:ae:b3:68:37:7c:a8:96: 68:88:06:1c:d3:e4:ee:3b:64:b4:6c:8f:8e:7b:b5:85:9e:af: 94:1a:7b:e0:b3:7a:73:55:92:27:45:e7:06:19:7d:7b:ed:bf: 97:2f:7a:29 -----BEGIN CERTIFICATE----- MIIF0TCCBLmgAwIBAgISAZt4NRF5/CquXs3yyZ/eEmchMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw NjcyMDgwHhcNMjYwMTAxMDYxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkM2I5MGEyOTQzMjAwNzAzNjUxODdmMDhiNDE4Mzk4NmU1ZjI4YzFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvLgdDd+E9Xw5ShVS8Gjn/iDMKG5 2q5O+e+2SGYtSGouWn20XZWWjerWnrXZyhyFkTgiXGEME+cjL6dS6e64OLmMtckg vcx2qmGf0WgfDxHeRCuhAelMeuiU2IBkR9+XnG4Xb0AQHUpNboz5PqxnHez6unnc r3Pwc0tqkdNDKfhRvzhcdsnYnaCUAblEpgRBuuT1v2pQ6MRApr8g79+skw9o1i3w 7O5CzPHk/vGb1ucXFeugNAJ6PySne8mSzQF+zjxhMKaN0gXCxlvOWjgBXTytkhJD Rw5dVC5QB8txjUP4EE0I8b1gkmQCVvGdXc01U15CfgOqnBk2hY8RZSA7sQIDAQAB o4IC3TCCAtkwHQYDVR0OBBYEFNO5CilDIAcDZRh/CLQYOYbl8owaMB8GA1UdIwQY MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt YmM1NGIxMjExYjYwLzEvMDdrS0tVTWdCd05sR0g4SXRCZzVodVh5akJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBxgQCAAEwgb8DBAIt UdQDBABNUTEDBABTrIkDBAFTrI4DBABTrJUDBABTrJgwDAMEAVOsmgMEAFOsnjAM AwQBU6ymAwQAU6yoAwQBU6yqAwQBU6y4AwQAU6y7AwQBU6y+AwQAWSVrAwQCXXKw AwQAXrEcAwQAXrGQMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArkXpAMEArl4 sAMEArl6oAMEArmFgAMEArmJSAMEArmZrAMEAMFUWQMEAsNE4AMEA858aDAUBAIA AjAOAwUDKgLsAAMFAyoOQYAwDQYJKoZIhvcNAQELBQADggEBABKTFq0NObfvbgi6 ingnri+fTlr3uHuTRam3+NG2aIurgqDN3oE0UH8tAnA5t4A1xoW3TWy5hmbUtt+2 W5HdzshD2hkEob9BMOX+2PwiibwUrR1atlZcvAP3aE5dk+fHK1G2x2thdaKt2Xba Zp/ikpA+yiVR88mRXKMpYm52Ra9pHuWsl99GYx8w96Li+273AHEZt1MzA99OdLWx 4bKfAELPnfj2kSRSxirwzbv2AGLXgo8woMgjmD+rNP1ACXllv2o7/trLYngBfeDU wADjG6LUrrNoN3yolmiIBhzT5O47ZLRsj457tYWer5Qae+CzenNVkidF5wYZfXvt v5cveik= -----END CERTIFICATE-----Generated at Mon Jan 26 04:51:33 2026 by rpki-client