This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/19m5MDbUFOo2nenyTAHaAJWRktg.roa File: 19m5MDbUFOo2nenyTAHaAJWRktg.roa (raw, json) Hash identifier: ifiLYIYFLAmYeXVeugFRbq75qlpi3IBXffi18Sxi0dE= Subject key identifier: D7:D9:B9:30:36:D4:14:EA:36:9D:E9:F2:4C:01:DA:00:95:91:92:D8 Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00 Certificate serial: 019B7EA6C2281B9251B66CDC2829EC2100B3 Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/19m5MDbUFOo2nenyTAHaAJWRktg.roa Signing time: Fri 02 Jan 2026 12:20:16 +0000 ROA not before: Fri 02 Jan 2026 12:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211552 IP address blocks: 45.157.1.0/24 maxlen: 24 74.220.16.0/21 maxlen: 21 2a10:c881::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:c2:28:1b:92:51:b6:6c:dc:28:29:ec:21:00:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00 Validity Not Before: Jan 2 12:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d7d9b93036d414ea369de9f24c01da00959192d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d7:80:a6:53:b3:17:92:c3:c7:2c:26:0a:4d: 20:28:84:00:58:55:51:22:c2:09:0f:ef:79:7a:23: 9f:e2:e4:1f:08:f7:d2:1b:7a:dd:19:ed:12:d7:5d: a0:e5:0c:84:cd:10:95:44:57:70:86:85:a0:f1:26: cd:33:7a:bb:00:04:04:c3:12:ef:6d:b3:32:0a:94: ed:c2:20:34:40:54:28:78:cb:12:5f:5c:c8:42:8c: 21:b5:ce:4c:08:72:31:d1:f4:48:3f:2c:65:5f:6b: a3:c6:26:ac:66:7b:c9:37:2d:f7:6b:1f:c3:6c:8c: f6:77:fe:26:6c:ca:96:84:ae:5d:c3:1f:b8:00:2e: a0:af:7c:44:6f:14:92:8e:70:7b:75:29:89:90:b2: 33:24:0c:e4:0c:4e:32:9e:8d:ab:89:8d:d1:90:55: 62:7c:8f:f2:a0:55:5a:2a:84:45:db:82:fb:88:b3: bc:30:33:86:81:cd:68:8a:4d:6d:03:d8:2b:f8:5b: 5a:86:90:db:b1:9e:71:d3:a0:5f:6d:22:0e:4b:2a: 72:23:33:46:a4:57:d1:ef:0e:e4:58:f9:cb:33:13: 4b:12:9e:7e:aa:61:7d:2f:f4:ae:55:b1:f6:d8:dd: 60:51:2b:40:c6:11:53:8f:1b:cf:cd:5c:e9:a7:30: cc:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:D9:B9:30:36:D4:14:EA:36:9D:E9:F2:4C:01:DA:00:95:91:92:D8 X509v3 Authority Key Identifier: keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/19m5MDbUFOo2nenyTAHaAJWRktg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.157.1.0/24 74.220.16.0/21 IPv6: 2a10:c881::/32 Signature Algorithm: sha256WithRSAEncryption 7f:1d:e4:9f:c7:7a:56:65:5b:a7:70:e9:c3:98:4a:29:94:77: 94:e7:ca:ac:6f:6f:48:49:81:69:57:a6:9c:ca:a8:29:e9:d1: cd:4b:2f:d1:be:f9:89:1a:53:c5:95:d8:aa:24:30:90:b7:4a: d9:61:ac:01:ed:4e:3d:a9:ab:2f:63:6e:9c:4c:77:f5:e2:88: 06:e1:37:00:c7:51:84:16:90:3d:56:b1:6c:92:f1:15:43:9e: dd:a1:cb:49:e7:37:11:26:df:1a:df:f3:48:52:b3:ff:47:dc: 18:1f:1d:3e:4d:0c:42:6d:b1:3b:3c:0a:c4:8c:3f:11:b3:d8: fe:ae:6d:03:da:16:6c:27:aa:49:86:5f:33:76:26:4c:55:f3: 15:1b:d8:30:bc:87:d0:b3:78:10:85:ff:cc:f2:25:99:6a:c1: 6c:92:0f:e6:70:64:fa:3e:a0:df:49:31:ce:f0:50:fa:16:b0: 08:a2:3c:1a:3e:ed:ce:66:51:30:ba:b3:61:d8:41:81:30:17: 0e:37:d1:c6:df:0a:48:e9:cb:7b:a1:e9:fe:05:c2:f5:04:6e: 37:0a:3a:23:8c:4e:57:89:07:fe:28:5b:5f:12:5a:d9:55:cc: 92:5d:79:27:9c:dd:b9:82:ed:a5:a0:02:f3:11:a1:ba:11:8a: bb:8b:20:c2 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+psIoG5JRtmzcKCnsIQCzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh YjRmMDAwHhcNMjYwMTAyMTIyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkN2Q5YjkzMDM2ZDQxNGVhMzY5ZGU5ZjI0YzAxZGEwMDk1OTE5MmQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9eAplOzF5LDxywmCk0gKIQAWFVR IsIJD+95eiOf4uQfCPfSG3rdGe0S112g5QyEzRCVRFdwhoWg8SbNM3q7AAQEwxLv bbMyCpTtwiA0QFQoeMsSX1zIQowhtc5MCHIx0fRIPyxlX2ujxiasZnvJNy33ax/D bIz2d/4mbMqWhK5dwx+4AC6gr3xEbxSSjnB7dSmJkLIzJAzkDE4yno2riY3RkFVi fI/yoFVaKoRF24L7iLO8MDOGgc1oik1tA9gr+FtahpDbsZ5x06BfbSIOSypyIzNG pFfR7w7kWPnLMxNLEp5+qmF9L/SuVbH22N1gUStAxhFTjxvPzVzppzDMGwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNfZuTA21BTqNp3p8kwB2gCVkZLYMB8GA1UdIwQY MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct MDM3NWE5YzMyYjAwLzEvMTltNU1EYlVGT28ybmVueVRBSGFBSldSa3RnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZ0BAwQD StwQMA0EAgACMAcDBQAqEMiBMA0GCSqGSIb3DQEBCwUAA4IBAQB/HeSfx3pWZVun cOnDmEoplHeU58qsb29ISYFpV6acyqgp6dHNSy/RvvmJGlPFldiqJDCQt0rZYawB 7U49qasvY26cTHf14ogG4TcAx1GEFpA9VrFskvEVQ57doctJ5zcRJt8a3/NIUrP/ R9wYHx0+TQxCbbE7PArEjD8Rs9j+rm0D2hZsJ6pJhl8zdiZMVfMVG9gwvIfQs3gQ hf/M8iWZasFskg/mcGT6PqDfSTHO8FD6FrAIojwaPu3OZlEwurNh2EGBMBcON9HG 3wpI6ct7oen+BcL1BG43CjojjE5XiQf+KFtfElrZVcySXXknnN25gu2loALzEaG6 EYq7iyDC -----END CERTIFICATE-----Generated at Sun Jan 25 21:28:22 2026 by rpki-client