This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/PsYwk0RCo4-NGQkivQ24swWzsAE.roa File: PsYwk0RCo4-NGQkivQ24swWzsAE.roa (raw, json) Hash identifier: KKbuatZB78bNN9aUEx4rRnhz0y373PaTfQEuw6Uwxzc= Subject key identifier: 3E:C6:30:93:44:42:A3:8F:8D:19:09:22:BD:0D:B8:B3:05:B3:B0:01 Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc Certificate serial: 019B7FF0719919023DB34088346949CF8469 Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/PsYwk0RCo4-NGQkivQ24swWzsAE.roa Signing time: Fri 02 Jan 2026 18:20:22 +0000 ROA not before: Fri 02 Jan 2026 18:20:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16371 IP address blocks: 45.6.48.0/22 maxlen: 23 77.240.112.0/20 maxlen: 20 77.240.112.0/21 maxlen: 21 77.240.120.0/21 maxlen: 21 77.240.124.0/23 maxlen: 23 77.240.124.0/24 maxlen: 24 77.240.125.0/24 maxlen: 24 77.240.126.0/24 maxlen: 24 79.139.120.0/21 maxlen: 21 79.139.120.0/22 maxlen: 22 79.139.124.0/22 maxlen: 22 82.194.64.0/19 maxlen: 19 82.194.64.0/20 maxlen: 20 82.194.64.0/24 maxlen: 24 82.194.80.0/20 maxlen: 20 85.187.56.0/22 maxlen: 22 85.187.56.0/23 maxlen: 23 85.187.58.0/23 maxlen: 23 86.109.96.0/19 maxlen: 19 86.109.96.0/20 maxlen: 20 86.109.97.0/24 maxlen: 24 86.109.99.0/24 maxlen: 24 86.109.102.0/24 maxlen: 24 86.109.112.0/20 maxlen: 20 86.109.124.0/22 maxlen: 22 86.109.124.0/23 maxlen: 23 86.109.126.0/23 maxlen: 23 87.238.88.0/21 maxlen: 22 89.17.192.0/20 maxlen: 20 89.17.192.0/21 maxlen: 21 89.17.200.0/21 maxlen: 21 89.17.208.0/20 maxlen: 20 89.17.208.0/21 maxlen: 21 89.17.216.0/21 maxlen: 21 89.37.224.0/23 maxlen: 23 89.37.224.0/24 maxlen: 24 89.37.225.0/24 maxlen: 24 93.90.16.0/20 maxlen: 20 93.90.16.0/21 maxlen: 21 93.90.24.0/21 maxlen: 21 93.90.28.0/22 maxlen: 22 93.90.28.0/23 maxlen: 23 93.90.30.0/23 maxlen: 23 109.70.32.0/21 maxlen: 21 109.70.32.0/22 maxlen: 22 109.70.32.0/24 maxlen: 24 109.70.36.0/22 maxlen: 22 176.28.96.0/19 maxlen: 19 176.28.96.0/20 maxlen: 20 176.28.97.0/24 maxlen: 24 176.28.103.0/24 maxlen: 24 176.28.112.0/20 maxlen: 20 176.28.119.0/24 maxlen: 24 176.28.126.0/23 maxlen: 23 176.28.126.0/24 maxlen: 24 176.28.127.0/24 maxlen: 24 185.2.68.0/22 maxlen: 22 185.2.68.0/24 maxlen: 24 185.2.69.0/24 maxlen: 24 185.2.70.0/23 maxlen: 23 185.10.248.0/22 maxlen: 23 185.78.24.0/22 maxlen: 23 185.83.132.0/22 maxlen: 23 185.106.44.0/22 maxlen: 23 194.116.184.0/23 maxlen: 23 194.116.184.0/24 maxlen: 24 194.116.185.0/24 maxlen: 24 213.149.224.0/20 maxlen: 20 213.149.224.0/21 maxlen: 21 213.149.232.0/21 maxlen: 21 213.149.240.0/20 maxlen: 20 213.149.240.0/21 maxlen: 21 213.149.248.0/21 maxlen: 21 217.116.0.0/20 maxlen: 20 217.116.0.0/21 maxlen: 21 217.116.0.0/24 maxlen: 24 217.116.2.0/24 maxlen: 24 217.116.8.0/21 maxlen: 21 217.116.15.0/24 maxlen: 24 217.116.16.0/20 maxlen: 20 217.116.16.0/21 maxlen: 21 217.116.18.0/24 maxlen: 24 217.116.24.0/21 maxlen: 21 217.116.27.0/24 maxlen: 24 217.116.28.0/24 maxlen: 24 2a02:3b8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.mft rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:71:99:19:02:3d:b3:40:88:34:69:49:cf:84:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc Validity Not Before: Jan 2 18:20:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ec630934442a38f8d190922bd0db8b305b3b001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:42:c2:4e:e0:63:4d:a1:66:09:b0:d4:a7:41: 1e:13:0d:c9:b2:fd:1c:d2:bb:84:66:42:ef:e2:28: 5a:56:b9:30:f2:a1:c3:9f:6a:cd:bb:73:45:0f:1c: 16:a7:aa:42:b9:b0:99:f9:2c:94:bf:d3:28:81:3f: 54:73:31:a0:57:66:38:b7:30:69:69:bc:c4:65:27: 4e:54:fb:f7:b3:dc:71:3e:7a:83:b6:fe:ad:af:d0: 0b:07:d7:5c:bf:84:13:2e:58:49:20:b5:d6:9c:29: 05:53:d9:21:a2:a6:3a:df:23:46:b3:01:d7:f8:ab: ec:4e:52:8a:90:35:dc:10:1f:b8:26:7d:98:4b:8b: 26:a5:9c:47:ca:57:2e:54:90:ab:5f:73:39:8c:d5: 77:6b:ce:e2:9d:64:58:71:44:e4:cb:5a:11:23:41: 3b:fa:3a:51:eb:12:9f:f4:bb:29:45:22:07:81:cb: f9:bc:67:79:7e:b9:8f:29:9b:ba:c4:b4:4e:14:4f: 22:d1:20:f6:ed:7d:e9:f3:b8:54:31:68:9f:70:23: 1e:2c:d0:0b:37:1d:46:51:34:6b:34:e1:00:15:4c: ad:61:cf:72:fb:e6:97:a2:06:50:a6:1c:c0:fd:f0: 4d:69:44:4f:e3:1d:f6:bf:e3:b9:65:b5:a1:b0:3f: 21:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:C6:30:93:44:42:A3:8F:8D:19:09:22:BD:0D:B8:B3:05:B3:B0:01 X509v3 Authority Key Identifier: keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/PsYwk0RCo4-NGQkivQ24swWzsAE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.6.48.0/22 77.240.112.0/20 79.139.120.0/21 82.194.64.0/19 85.187.56.0/22 86.109.96.0/19 87.238.88.0/21 89.17.192.0/19 89.37.224.0/23 93.90.16.0/20 109.70.32.0/21 176.28.96.0/19 185.2.68.0/22 185.10.248.0/22 185.78.24.0/22 185.83.132.0/22 185.106.44.0/22 194.116.184.0/23 213.149.224.0/19 217.116.0.0/19 IPv6: 2a02:3b8::/32 Signature Algorithm: sha256WithRSAEncryption b3:25:59:d6:51:8c:a1:23:3f:5d:5b:5f:7d:1c:ff:91:be:a8: 1d:69:63:3c:72:65:9c:5c:63:86:70:19:24:22:20:67:61:2f: b7:a5:d2:37:df:8d:3a:4a:3e:72:93:3b:3d:81:3b:2a:69:63: cd:8b:a0:2f:0d:d4:f7:5d:72:40:59:32:44:f6:46:5a:e3:8d: da:41:5d:cf:ba:ff:e2:db:0d:09:95:b9:32:c0:53:de:98:24: 76:4f:49:44:07:71:72:03:99:e0:ca:70:40:ef:85:a1:2f:ae: 43:52:81:4d:09:e9:a4:81:80:b4:36:ec:d2:cc:bf:ca:96:98: ae:d5:f9:dd:f5:82:f1:29:74:40:e6:48:ae:e4:c2:87:ab:4b: 9f:3f:43:da:36:6a:8e:75:a6:14:d6:50:88:f1:b0:d6:f7:16: 0c:fa:c5:fe:26:2c:f1:ca:cf:01:84:06:2e:3a:c5:6e:e3:5f: 74:c9:27:58:9a:a3:56:76:14:ab:7b:ed:49:20:5a:ee:7f:fd: 47:91:80:1e:2b:6a:3b:12:2f:0d:06:24:c3:2f:35:90:18:00: fe:24:93:9b:6f:5b:a4:b1:a6:62:87:9f:a1:ab:bb:8d:c7:a4: 4b:ad:5c:fc:8f:00:81:97:3c:c8:c8:d0:ba:91:d3:88:32:29: de:84:1b:9b -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgISAZt/8HGZGQI9s0CINGlJz4RpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjli NjlkZGMwHhcNMjYwMTAyMTgyMDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZWM2MzA5MzQ0NDJhMzhmOGQxOTA5MjJiZDBkYjhiMzA1YjNiMDAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0LCTuBjTaFmCbDUp0EeEw3Jsv0c 0ruEZkLv4ihaVrkw8qHDn2rNu3NFDxwWp6pCubCZ+SyUv9MogT9UczGgV2Y4tzBp abzEZSdOVPv3s9xxPnqDtv6tr9ALB9dcv4QTLlhJILXWnCkFU9khoqY63yNGswHX +KvsTlKKkDXcEB+4Jn2YS4smpZxHylcuVJCrX3M5jNV3a87inWRYcUTky1oRI0E7 +jpR6xKf9LspRSIHgcv5vGd5frmPKZu6xLROFE8i0SD27X3p87hUMWifcCMeLNAL Nx1GUTRrNOEAFUytYc9y++aXogZQphzA/fBNaURP4x32v+O5ZbWhsD8hPwIDAQAB o4ICjTCCAokwHQYDVR0OBBYEFD7GMJNEQqOPjRkJIr0NuLMFs7ABMB8GA1UdIwQY MBaAFNj/cfKxqNYq9EapK6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmIt M2I3NWE1NjdmNzNhLzEvUHNZd2swUkNvNC1OR1FraXZRMjRzd1d6c0FFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNh LzEvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQCLQYw AwQETfBwAwQDT4t4AwQFUsJAAwQCVbs4AwQFVm1gAwQDV+5YAwQFWRHAAwQBWSXg AwQEXVoQAwQDbUYgAwQFsBxgAwQCuQJEAwQCuQr4AwQCuU4YAwQCuVOEAwQCuWos AwQBwnS4AwQF1ZXgAwQF2XQAMA0EAgACMAcDBQAqAgO4MA0GCSqGSIb3DQEBCwUA A4IBAQCzJVnWUYyhIz9dW199HP+RvqgdaWM8cmWcXGOGcBkkIiBnYS+3pdI33406 Sj5ykzs9gTsqaWPNi6AvDdT3XXJAWTJE9kZa443aQV3Puv/i2w0JlbkywFPemCR2 T0lEB3FyA5ngynBA74WhL65DUoFNCemkgYC0NuzSzL/Klpiu1fnd9YLxKXRA5kiu 5MKHq0ufP0PaNmqOdaYU1lCI8bDW9xYM+sX+Jizxys8BhAYuOsVu4190ySdYmqNW dhSre+1JIFruf/1HkYAeK2o7Ei8NBiTDLzWQGAD+JJObb1uksaZih5+hq7uNx6RL rVz8jwCBlzzIyNC6kdOIMinehBub -----END CERTIFICATE-----Generated at Mon Jan 26 03:07:42 2026 by rpki-client