This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/r0m1872U6WFK52zTuHKr_z62s0E.roa File: r0m1872U6WFK52zTuHKr_z62s0E.roa (raw, json) Hash identifier: fs/NQYOW8kLu0+d2MC/W9zC6jnh40QEwXnfZoyCgClc= Subject key identifier: AF:49:B5:F3:BD:94:E9:61:4A:E7:6C:D3:B8:72:AB:FF:3E:B6:B3:41 Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e Certificate serial: 019B7E38E117D6A44512E77932B07CFE5CE3 Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/r0m1872U6WFK52zTuHKr_z62s0E.roa Signing time: Fri 02 Jan 2026 10:20:15 +0000 ROA not before: Fri 02 Jan 2026 10:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200736 IP address blocks: 45.66.40.0/22 maxlen: 24 45.66.40.0/24 maxlen: 24 45.66.41.0/24 maxlen: 24 45.66.42.0/24 maxlen: 24 45.66.43.0/24 maxlen: 24 78.109.28.0/22 maxlen: 24 195.20.114.0/24 maxlen: 24 195.214.208.0/22 maxlen: 24 195.214.208.0/24 maxlen: 24 195.214.211.0/24 maxlen: 24 2a10:9300::/29 maxlen: 42 2a10:9300::/36 maxlen: 42 2a10:9300:100::/42 maxlen: 42 2a10:9300:400::/42 maxlen: 42 2a10:9300:500::/42 maxlen: 42 2a10:9300:600::/42 maxlen: 42 2a10:9300:700::/42 maxlen: 42 2a10:9300:900::/42 maxlen: 42 2a10:9300:b00::/42 maxlen: 42 2a10:9300:c00::/42 maxlen: 42 2a10:9301::/36 maxlen: 42 2a10:9301:100::/42 maxlen: 42 2a10:9301:140::/42 maxlen: 42 2a10:9301:180::/42 maxlen: 42 2a10:9301:300::/42 maxlen: 42 2a10:9301:340::/42 maxlen: 42 2a10:9301:700::/42 maxlen: 42 2a10:9301:740::/42 maxlen: 42 2a10:9301:980::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.mft rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e1:17:d6:a4:45:12:e7:79:32:b0:7c:fe:5c:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e Validity Not Before: Jan 2 10:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af49b5f3bd94e9614ae76cd3b872abff3eb6b341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:42:f1:f6:fc:a1:7a:a1:92:d6:d9:06:aa:4c: a5:85:ef:4f:b4:ff:a1:4b:92:bf:fa:40:e1:f7:ba: 6a:98:51:06:1a:f0:1e:84:b8:3a:d6:38:db:7c:6a: ae:9b:27:b4:79:a8:1e:eb:d9:90:28:57:12:1d:75: 11:e4:cf:5b:88:26:d4:08:9f:e9:3e:8f:21:87:ea: 96:71:ea:cd:f3:b7:af:34:6c:77:44:be:7b:20:96: 14:71:9b:a2:fc:76:61:55:1e:1a:0c:9d:36:b3:7a: af:56:20:ed:0d:8e:05:62:bb:6e:89:98:cf:c1:f7: 5c:01:d3:a9:87:17:dc:0f:bf:b7:be:bb:36:07:65: 46:25:62:5e:ae:8c:d3:fc:39:53:28:74:17:53:cb: 94:7f:fb:dc:5e:bd:b3:6f:f8:a2:00:2b:31:d6:79: 87:43:84:a4:6c:c4:84:ab:32:a5:34:9f:80:65:65: f1:de:e1:55:3b:70:0d:a7:7e:2e:8e:c3:ae:5d:ba: f5:df:71:6a:e7:4a:0a:f7:fb:f0:25:9a:c8:da:40: f0:86:a9:b3:8f:84:6e:38:db:62:5a:77:cf:6d:54: 85:8c:66:e2:b0:66:bc:f3:8a:f2:22:51:9d:75:57: bd:7c:1d:02:5e:5d:56:95:39:18:e7:c9:e5:30:2e: ea:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:49:B5:F3:BD:94:E9:61:4A:E7:6C:D3:B8:72:AB:FF:3E:B6:B3:41 X509v3 Authority Key Identifier: keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/r0m1872U6WFK52zTuHKr_z62s0E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.40.0/22 78.109.28.0/22 195.20.114.0/24 195.214.208.0/22 IPv6: 2a10:9300::/29 Signature Algorithm: sha256WithRSAEncryption 44:97:db:1f:f7:66:c4:02:c7:57:c7:9f:56:0b:ff:fe:60:78: 22:b5:a0:e1:1c:61:da:16:48:ce:79:9a:3c:24:41:5e:bd:4a: 83:b4:6d:2c:a1:b6:c2:52:a6:4c:89:6d:93:cb:af:d5:bd:96: e3:8c:e8:3d:c6:e6:03:74:05:49:db:15:be:52:02:a6:da:c7: 7e:94:ef:04:fe:10:70:06:78:9d:15:aa:1c:15:00:7c:f3:4d: 01:73:07:1f:ae:2d:4b:d3:8a:ee:65:0b:88:24:df:f0:4f:8b: 85:f9:8c:57:32:06:60:1a:19:9d:60:97:22:50:17:4a:9d:46: 4f:c0:fe:50:95:ec:3e:03:b3:ff:7f:c4:16:64:d3:2e:74:59: 1d:f1:65:e3:63:14:de:83:e5:ab:e6:c9:df:8e:5a:5c:98:20: fb:86:cc:29:a0:a6:a6:15:a7:59:8e:56:7c:8a:e2:e2:47:62: 3b:c8:3b:8c:0d:37:39:5b:ab:17:08:38:13:e9:cf:ed:d0:ca: 38:6b:0a:af:27:4f:2d:07:ba:03:02:21:04:16:bc:f0:13:3f: b5:3b:a8:49:59:8c:fc:19:0f:43:58:de:17:66:dc:54:e9:26: 9b:3a:75:fc:4c:ef:94:f5:8d:39:83:fa:35:b2:19:89:ce:04: 25:81:1c:12 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt+OOEX1qRFEud5MrB8/lzjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm YTg3NGUwHhcNMjYwMTAyMTAyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjQ5YjVmM2JkOTRlOTYxNGFlNzZjZDNiODcyYWJmZjNlYjZiMzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ELx9vyheqGS1tkGqkylhe9PtP+h S5K/+kDh97pqmFEGGvAehLg61jjbfGqumye0eage69mQKFcSHXUR5M9biCbUCJ/p Po8hh+qWcerN87evNGx3RL57IJYUcZui/HZhVR4aDJ02s3qvViDtDY4FYrtuiZjP wfdcAdOphxfcD7+3vrs2B2VGJWJerozT/DlTKHQXU8uUf/vcXr2zb/iiACsx1nmH Q4SkbMSEqzKlNJ+AZWXx3uFVO3ANp34ujsOuXbr133Fq50oK9/vwJZrI2kDwhqmz j4RuONtiWnfPbVSFjGbisGa884ryIlGddVe9fB0CXl1WlTkY58nlMC7qJQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFK9JtfO9lOlhSuds07hyq/8+trNBMB8GA1UdIwQY MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt ZThhZGE1MWVlOGZmLzEvcjBtMTg3MlU2V0ZLNTJ6VHVIS3JfejYyczBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLUIoAwQC Tm0cAwQAwxRyAwQCw9bQMA0EAgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IB AQBEl9sf92bEAsdXx59WC//+YHgitaDhHGHaFkjOeZo8JEFevUqDtG0sobbCUqZM iW2Ty6/VvZbjjOg9xuYDdAVJ2xW+UgKm2sd+lO8E/hBwBnidFaocFQB8800Bcwcf ri1L04ruZQuIJN/wT4uF+YxXMgZgGhmdYJciUBdKnUZPwP5Qlew+A7P/f8QWZNMu dFkd8WXjYxTeg+Wr5snfjlpcmCD7hswpoKamFadZjlZ8iuLiR2I7yDuMDTc5W6sX CDgT6c/t0Mo4awqvJ08tB7oDAiEEFrzwEz+1O6hJWYz8GQ9DWN4XZtxU6SabOnX8 TO+U9Y05g/o1shmJzgQlgRwS -----END CERTIFICATE-----Generated at Wed Jan 21 15:23:26 2026 by rpki-client