This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/TsyHYJznOMFi1E9jD0gztHEExcE.roa File: TsyHYJznOMFi1E9jD0gztHEExcE.roa (raw, json) Hash identifier: e/QoaG3BRXETSSHR/WO7wjf64PB2DD1L8zEt4AtY7G8= Subject key identifier: 4E:CC:87:60:9C:E7:38:C1:62:D4:4F:63:0F:48:33:B4:71:04:C5:C1 Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b Certificate serial: 019B7EA6C067F09DD5B69A664BCCB9B89741 Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/TsyHYJznOMFi1E9jD0gztHEExcE.roa Signing time: Fri 02 Jan 2026 12:20:16 +0000 ROA not before: Fri 02 Jan 2026 12:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19905 IP address blocks: 45.153.116.0/24 maxlen: 24 45.153.117.0/24 maxlen: 24 45.153.118.0/24 maxlen: 24 45.153.119.0/24 maxlen: 24 151.236.160.0/24 maxlen: 24 151.236.161.0/24 maxlen: 24 151.236.162.0/24 maxlen: 24 151.236.163.0/24 maxlen: 24 151.236.164.0/24 maxlen: 24 151.236.165.0/24 maxlen: 24 151.236.166.0/24 maxlen: 24 151.236.167.0/24 maxlen: 24 151.236.168.0/24 maxlen: 24 151.236.169.0/24 maxlen: 24 151.236.172.0/24 maxlen: 24 151.236.173.0/24 maxlen: 24 151.236.174.0/24 maxlen: 24 151.236.175.0/24 maxlen: 24 151.236.176.0/24 maxlen: 24 151.236.178.0/24 maxlen: 24 151.236.179.0/24 maxlen: 24 151.236.180.0/24 maxlen: 24 151.236.181.0/24 maxlen: 24 151.236.182.0/24 maxlen: 24 151.236.183.0/24 maxlen: 24 151.236.188.0/24 maxlen: 24 151.236.189.0/24 maxlen: 24 151.236.190.0/24 maxlen: 24 151.236.191.0/24 maxlen: 24 198.160.168.0/24 maxlen: 24 198.176.117.0/24 maxlen: 24 2a10:2200:b::/48 maxlen: 48 2a10:2200:c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.mft rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:c0:67:f0:9d:d5:b6:9a:66:4b:cc:b9:b8:97:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b Validity Not Before: Jan 2 12:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4ecc87609ce738c162d44f630f4833b47104c5c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:d1:cd:e8:9a:b3:3e:ec:59:09:8e:d8:3e:c2: c9:89:0c:3d:7e:64:36:ce:4c:ca:c4:fe:8d:39:c4: 0a:c8:d1:e8:0e:b6:f7:9b:ef:0d:66:00:99:26:51: 85:e0:d9:97:ec:4f:3f:0b:78:b2:b2:30:07:2f:0e: b0:8e:eb:be:4f:17:03:e8:f3:dc:f5:aa:2a:17:a7: 29:c1:24:6c:31:3c:34:26:66:f6:62:e7:95:0d:6a: 3e:49:ea:2d:a0:1b:c1:d9:14:bc:24:a5:75:9c:aa: 3f:62:b4:32:e5:b5:41:1d:7e:39:10:0c:b6:f9:12: 23:d1:ba:ca:a8:07:c5:eb:34:5a:da:7e:3d:1d:ca: 7c:f3:21:8f:53:ca:fd:ad:e0:09:2a:51:b0:1a:3c: 58:8d:af:c1:76:4f:04:3d:8d:c2:1e:ee:15:0d:0a: 43:5d:b9:55:3a:95:dc:6d:f1:1a:54:48:c7:a9:09: dc:1d:b5:05:5d:76:c9:be:d0:84:9b:1e:a5:56:d7: a7:60:2f:eb:28:15:d0:93:64:52:54:3a:51:4c:bd: 28:0d:02:c7:ea:e1:7e:d5:47:2c:65:40:c5:d4:fb: 97:7d:a5:d3:a7:09:08:1f:04:3a:a7:65:51:c5:f3: a1:79:fa:65:d4:99:a4:dc:8e:21:fa:66:47:ef:ba: 3e:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:CC:87:60:9C:E7:38:C1:62:D4:4F:63:0F:48:33:B4:71:04:C5:C1 X509v3 Authority Key Identifier: keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/TsyHYJznOMFi1E9jD0gztHEExcE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.116.0/22 151.236.160.0-151.236.169.255 151.236.172.0-151.236.176.255 151.236.178.0-151.236.183.255 151.236.188.0/22 198.160.168.0/24 198.176.117.0/24 IPv6: 2a10:2200:b::-2a10:2200:c:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 14:6d:5a:38:d5:f8:82:a0:7c:d1:4b:09:eb:a9:a2:af:ef:90: a4:65:4e:36:bd:86:46:7d:c3:33:d9:e1:af:4f:7e:59:3b:51: 96:8b:e5:23:a4:8a:8c:7e:e6:b0:ec:ca:33:f6:9d:17:97:ce: dc:02:17:3d:ab:fa:5e:63:d8:df:62:0f:28:f4:50:b9:58:e2: d2:4d:3e:da:95:5b:0f:cc:30:84:32:4f:1d:d3:ac:f1:8f:7f: 11:17:58:2d:b3:ff:fd:c0:94:ec:0d:80:8c:38:0e:e7:7a:69: 16:ad:b7:0c:01:ca:d2:7f:dd:c9:f9:4a:23:2f:e2:f4:f5:33: 1a:f2:12:dc:66:20:c8:53:61:12:fe:e4:98:99:80:5b:b4:49: 64:71:21:d4:49:75:fb:d0:bc:ec:dd:10:0d:04:e7:7e:40:13: 74:16:e2:52:cd:ec:8a:6e:3e:64:f6:1b:ad:9a:10:15:ab:31: 99:23:60:50:c1:03:69:06:5a:7b:5c:09:5b:1a:c0:b7:13:84: ae:dd:f2:fa:7e:6b:5b:e6:b0:4a:39:73:15:5a:df:25:22:6c: e8:64:87:b1:5c:fc:e8:27:d5:12:a4:1a:3a:3c:11:a3:b8:d7: 68:58:65:2a:65:28:16:2a:e5:5c:4c:30:33:d7:6e:33:72:6e: 76:77:be:a1 -----BEGIN CERTIFICATE----- MIIFVTCCBD2gAwIBAgISAZt+psBn8J3VtppmS8y5uJdBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh MmQxMWIwHhcNMjYwMTAyMTIyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZWNjODc2MDljZTczOGMxNjJkNDRmNjMwZjQ4MzNiNDcxMDRjNWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdHN6JqzPuxZCY7YPsLJiQw9fmQ2 zkzKxP6NOcQKyNHoDrb3m+8NZgCZJlGF4NmX7E8/C3iysjAHLw6wjuu+TxcD6PPc 9aoqF6cpwSRsMTw0Jmb2YueVDWo+SeotoBvB2RS8JKV1nKo/YrQy5bVBHX45EAy2 +RIj0brKqAfF6zRa2n49Hcp88yGPU8r9reAJKlGwGjxYja/Bdk8EPY3CHu4VDQpD XblVOpXcbfEaVEjHqQncHbUFXXbJvtCEmx6lVtenYC/rKBXQk2RSVDpRTL0oDQLH 6uF+1UcsZUDF1PuXfaXTpwkIHwQ6p2VRxfOhefpl1Jmk3I4h+mZH77o+4wIDAQAB o4ICYTCCAl0wHQYDVR0OBBYEFE7Mh2Cc5zjBYtRPYw9IM7RxBMXBMB8GA1UdIwQY MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct MDA4NWEzNjVhMjVmLzEvVHN5SFlKem5PTUZpMUU5akQwZ3p0SEVFeGNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBIBAIAATBCAwQCLZl0MAwD BAWX7KADBAGX7KgwDAMEApfsrAMEAJfssDAMAwQBl+yyAwQDl+ywAwQCl+y8AwQA xqCoAwQAxrB1MBoEAgACMBQwEgMHACoQIgAACwMHACoQIgAADDANBgkqhkiG9w0B AQsFAAOCAQEAFG1aONX4gqB80UsJ66mir++QpGVONr2GRn3DM9nhr09+WTtRlovl I6SKjH7msOzKM/adF5fO3AIXPav6XmPY32IPKPRQuVji0k0+2pVbD8wwhDJPHdOs 8Y9/ERdYLbP//cCU7A2AjDgO53ppFq23DAHK0n/dyflKIy/i9PUzGvIS3GYgyFNh Ev7kmJmAW7RJZHEh1El1+9C87N0QDQTnfkATdBbiUs3sim4+ZPYbrZoQFasxmSNg UMEDaQZae1wJWxrAtxOErt3y+n5rW+awSjlzFVrfJSJs6GSHsVz86CfVEqQaOjwR o7jXaFhlKmUoFirlXEwwM9duM3Judne+oQ== -----END CERTIFICATE-----Generated at Tue Jan 20 01:22:07 2026 by rpki-client