This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/M45Q5osiYzOCttb5qUkWO2UNnW8.roa File: M45Q5osiYzOCttb5qUkWO2UNnW8.roa (raw, json) Hash identifier: 7YD67txjderrmSpgg9cu7S2KQewiqgBNt7grVOcHVbI= Subject key identifier: 33:8E:50:E6:8B:22:63:33:82:B6:D6:F9:A9:49:16:3B:65:0D:9D:6F Certificate issuer: /CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6 Certificate serial: 019A726E885CF11782AAEF5EA957B69A65AC Authority key identifier: 17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/M45Q5osiYzOCttb5qUkWO2UNnW8.roa Signing time: Tue 11 Nov 2025 10:20:37 +0000 ROA not before: Tue 11 Nov 2025 10:20:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 60664 IP address blocks: 145.14.130.0/24 maxlen: 24 147.75.144.0/20 maxlen: 24 153.92.64.0/24 maxlen: 24 153.92.65.0/24 maxlen: 24 153.92.66.0/24 maxlen: 24 153.92.67.0/24 maxlen: 24 153.92.68.0/24 maxlen: 24 153.92.69.0/24 maxlen: 24 153.92.70.0/24 maxlen: 24 153.92.71.0/24 maxlen: 24 153.92.124.0/24 maxlen: 24 153.92.160.0/24 maxlen: 24 153.92.161.0/24 maxlen: 24 153.92.162.0/24 maxlen: 24 153.92.163.0/24 maxlen: 24 153.92.164.0/24 maxlen: 24 153.92.165.0/24 maxlen: 24 153.92.166.0/24 maxlen: 24 153.92.167.0/24 maxlen: 24 153.92.168.0/24 maxlen: 24 153.92.169.0/24 maxlen: 24 153.92.170.0/24 maxlen: 24 153.92.171.0/24 maxlen: 24 153.92.172.0/24 maxlen: 24 153.92.173.0/24 maxlen: 24 153.92.174.0/24 maxlen: 24 153.92.175.0/24 maxlen: 24 157.97.76.0/23 maxlen: 23 157.97.78.0/23 maxlen: 23 157.180.192.0/24 maxlen: 24 157.180.193.0/24 maxlen: 24 157.180.194.0/24 maxlen: 24 157.180.195.0/24 maxlen: 24 157.180.196.0/23 maxlen: 23 157.180.196.0/24 maxlen: 24 157.180.197.0/24 maxlen: 24 157.180.198.0/23 maxlen: 23 157.180.198.0/24 maxlen: 24 157.180.199.0/24 maxlen: 24 158.220.64.0/21 maxlen: 24 185.27.180.0/23 maxlen: 23 185.27.180.0/24 maxlen: 24 185.27.181.0/24 maxlen: 24 185.27.182.0/23 maxlen: 23 185.27.182.0/24 maxlen: 24 185.27.183.0/24 maxlen: 24 185.74.64.0/23 maxlen: 23 185.74.64.0/24 maxlen: 24 185.74.65.0/24 maxlen: 24 185.74.66.0/23 maxlen: 23 185.74.66.0/24 maxlen: 24 185.74.67.0/24 maxlen: 24 2a04:3b40::/48 maxlen: 64 2a04:3b40:2::/48 maxlen: 64 2a04:3b41::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.mft rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:72:6e:88:5c:f1:17:82:aa:ef:5e:a9:57:b6:9a:65:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6 Validity Not Before: Nov 11 10:20:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=338e50e68b22633382b6d6f9a949163b650d9d6f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f4:f6:b6:e1:b5:00:c7:55:5d:85:a9:6e:6e: 14:d0:66:00:97:a9:d8:16:9e:24:25:6a:f6:77:68: 68:6d:96:cc:9e:bf:94:ed:4b:7b:68:57:03:1e:db: 9d:3b:65:1d:1b:12:04:4f:25:4e:2c:99:84:72:28: e7:a4:48:3d:af:3e:69:2e:bc:f6:b0:9c:83:7e:31: 13:82:de:f7:99:5a:0b:a1:71:99:d0:29:18:a9:eb: b4:8e:25:14:3d:95:3e:8e:b7:5b:0e:07:74:70:9f: dd:68:3e:14:74:8a:75:01:61:63:ec:a5:cc:58:8e: c8:32:12:3d:37:07:c6:0c:ac:57:f9:23:d9:4a:ed: f8:42:dc:60:54:78:05:ee:b4:35:76:03:e3:20:7a: 2b:ba:8e:35:5c:29:33:0b:ad:8b:03:cc:cf:7a:d8: 06:95:45:fc:1b:4e:ec:cb:4a:7e:f2:d2:dd:b9:8b: 00:87:e5:6d:02:b0:61:0c:9f:6f:89:f7:9e:85:24: e4:53:ad:d6:e4:3d:af:3c:65:46:55:3c:10:f0:45: e7:bf:dd:d9:30:2f:93:23:d2:bf:50:28:7a:a4:98: 4b:5d:ac:f8:8a:de:a1:17:df:22:a1:cf:65:fc:05: c5:11:82:45:76:61:59:d3:e7:4d:bd:b1:1e:a6:3a: a6:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:8E:50:E6:8B:22:63:33:82:B6:D6:F9:A9:49:16:3B:65:0D:9D:6F X509v3 Authority Key Identifier: keyid:17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/M45Q5osiYzOCttb5qUkWO2UNnW8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 145.14.130.0/24 147.75.144.0/20 153.92.64.0/21 153.92.124.0/24 153.92.160.0/20 157.97.76.0/22 157.180.192.0/21 158.220.64.0/21 185.27.180.0/22 185.74.64.0/22 IPv6: 2a04:3b40::/48 2a04:3b40:2::/48 2a04:3b41::/48 Signature Algorithm: sha256WithRSAEncryption 91:73:9f:a9:d5:b9:e6:fa:1a:03:5e:2b:c8:35:3c:95:42:c0: 56:de:fe:63:bd:ed:5b:c7:8c:2f:1c:b9:a4:19:e2:f0:7b:2b: 83:22:bc:20:53:e9:e3:67:59:bc:9e:46:d9:40:0b:f2:bf:33: cf:73:b3:6e:9c:eb:7b:55:48:0f:2b:6f:38:23:16:e5:41:8d: 0c:d2:34:1c:58:b2:c3:ba:7d:df:e4:1c:d5:f5:bc:b3:29:00: 4c:9a:43:de:00:22:9c:54:8b:bc:5b:d0:ae:f1:ef:e7:7d:87: 3b:62:09:de:f4:75:f0:91:b2:04:a7:96:34:e1:25:99:1f:14: ca:c5:0a:52:b6:e6:cb:d2:fd:45:36:30:a4:f6:f0:87:c9:e0: 94:e8:de:e5:e4:bd:fa:03:ba:33:62:04:6e:ae:5c:7d:c7:5d: 9b:a9:29:e2:47:ee:8b:2c:41:4f:a7:df:6f:aa:3a:f3:09:f0: e8:d0:29:5b:1f:7b:91:2d:a1:4d:ac:26:ce:e0:95:d4:10:36: d7:fc:5a:de:a6:10:97:a8:74:90:91:fe:e9:e1:ef:c5:ef:2f: 55:fa:e2:51:0c:18:4e:0f:2b:c6:3e:34:fe:fb:b3:87:2b:dc: 80:80:9b:0d:2c:25:0b:de:a4:fd:4a:40:b7:48:2a:51:37:56: 54:3a:b6:38 -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgISAZpybohc8ReCqu9eqVe2mmWsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3NzhjZmMwOWEzNjNhNzNjYzhkZGEzNjJhMmM5ZTgyMjNk N2RhZDYwHhcNMjUxMTExMTAyMDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzhlNTBlNjhiMjI2MzMzODJiNmQ2ZjlhOTQ5MTYzYjY1MGQ5ZDZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfT2tuG1AMdVXYWpbm4U0GYAl6nY Fp4kJWr2d2hobZbMnr+U7Ut7aFcDHtudO2UdGxIETyVOLJmEcijnpEg9rz5pLrz2 sJyDfjETgt73mVoLoXGZ0CkYqeu0jiUUPZU+jrdbDgd0cJ/daD4UdIp1AWFj7KXM WI7IMhI9NwfGDKxX+SPZSu34QtxgVHgF7rQ1dgPjIHoruo41XCkzC62LA8zPetgG lUX8G07sy0p+8tLduYsAh+VtArBhDJ9vifeehSTkU63W5D2vPGVGVTwQ8EXnv93Z MC+TI9K/UCh6pJhLXaz4it6hF98ioc9l/AXFEYJFdmFZ0+dNvbEepjqmHQIDAQAB o4ICYjCCAl4wHQYDVR0OBBYEFDOOUOaLImMzgrbW+alJFjtlDZ1vMB8GA1UdIwQY MBaAFBd4z8CaNjpzzI3aNiosnoIj19rWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjIt MDEwY2YyZGQ0MGFmLzEvTTQ1UTVvc2lZek9DdHRiNXFVa1dPMlVOblc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjItMDEwY2YyZGQ0MGFm LzEvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBCBAIAATA8AwQAkQ6CAwQE k0uQAwQDmVxAAwQAmVx8AwQEmVygAwQCnWFMAwQDnbTAAwQDntxAAwQCuRu0AwQC uUpAMCEEAgACMBsDBwAqBDtAAAADBwAqBDtAAAIDBwAqBDtBAAAwDQYJKoZIhvcN AQELBQADggEBAJFzn6nVueb6GgNeK8g1PJVCwFbe/mO97VvHjC8cuaQZ4vB7K4Mi vCBT6eNnWbyeRtlAC/K/M89zs26c63tVSA8rbzgjFuVBjQzSNBxYssO6fd/kHNX1 vLMpAEyaQ94AIpxUi7xb0K7x7+d9hztiCd70dfCRsgSnljThJZkfFMrFClK25svS /UU2MKT28IfJ4JTo3uXkvfoDujNiBG6uXH3HXZupKeJH7ossQU+n32+qOvMJ8OjQ KVsfe5EtoU2sJs7gldQQNtf8Wt6mEJeodJCR/unh78XvL1X64lEMGE4PK8Y+NP77 s4cr3ICAmw0sJQvepP1KQLdIKlE3VlQ6tjg= -----END CERTIFICATE-----Generated at Fri Dec 5 07:04:04 2025 by rpki-client