This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/PSIR06H4z2s5qNa4KFHuFAaaV8g.roa File: PSIR06H4z2s5qNa4KFHuFAaaV8g.roa (raw, json) Hash identifier: oRnCQq20bdis+X0hyq0doig5PPTGiNbLUonI7s/5uqs= Subject key identifier: 3D:22:11:D3:A1:F8:CF:6B:39:A8:D6:B8:28:51:EE:14:06:9A:57:C8 Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a Certificate serial: 019BB67A1811CEACF2E730A6D5FBEE963555 Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/PSIR06H4z2s5qNa4KFHuFAaaV8g.roa Signing time: Tue 13 Jan 2026 08:30:13 +0000 ROA not before: Tue 13 Jan 2026 08:30:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 54994 IP address blocks: 91.194.204.0/24 maxlen: 24 91.194.205.0/24 maxlen: 24 91.202.200.0/24 maxlen: 24 93.188.132.0/24 maxlen: 24 93.188.135.0/24 maxlen: 24 148.253.34.0/24 maxlen: 24 148.253.36.0/24 maxlen: 24 148.253.41.0/24 maxlen: 24 148.253.42.0/24 maxlen: 24 148.253.44.0/24 maxlen: 24 148.253.47.0/24 maxlen: 24 148.253.50.0/24 maxlen: 24 148.253.60.0/24 maxlen: 24 148.253.61.0/24 maxlen: 24 148.253.62.0/24 maxlen: 24 148.253.63.0/24 maxlen: 24 148.253.228.0/24 maxlen: 24 148.253.229.0/24 maxlen: 24 148.253.231.0/24 maxlen: 24 148.253.232.0/24 maxlen: 24 148.253.233.0/24 maxlen: 24 148.253.234.0/24 maxlen: 24 148.253.235.0/24 maxlen: 24 148.253.237.0/24 maxlen: 24 148.253.239.0/24 maxlen: 24 148.253.241.0/24 maxlen: 24 148.253.244.0/24 maxlen: 24 148.253.245.0/24 maxlen: 24 148.253.246.0/24 maxlen: 24 148.253.248.0/24 maxlen: 24 151.249.92.0/24 maxlen: 24 151.249.93.0/24 maxlen: 24 151.249.94.0/24 maxlen: 24 163.171.64.0/24 maxlen: 24 163.171.67.0/24 maxlen: 24 163.171.70.0/24 maxlen: 24 163.171.71.0/24 maxlen: 24 163.171.77.0/24 maxlen: 24 163.171.84.0/24 maxlen: 24 163.171.85.0/24 maxlen: 24 163.171.87.0/24 maxlen: 24 163.171.93.0/24 maxlen: 24 163.171.94.0/24 maxlen: 24 163.171.96.0/24 maxlen: 24 163.171.97.0/24 maxlen: 24 163.171.98.0/24 maxlen: 24 163.171.101.0/24 maxlen: 24 163.171.102.0/24 maxlen: 24 163.171.103.0/24 maxlen: 24 163.171.104.0/24 maxlen: 24 163.171.110.0/24 maxlen: 24 163.171.119.0/24 maxlen: 24 163.171.126.0/24 maxlen: 24 163.171.143.0/24 maxlen: 24 163.171.149.0/24 maxlen: 24 163.171.153.0/24 maxlen: 24 163.171.164.0/24 maxlen: 24 163.171.166.0/24 maxlen: 24 163.171.176.0/24 maxlen: 24 163.171.177.0/24 maxlen: 24 163.171.182.0/24 maxlen: 24 163.171.188.0/24 maxlen: 24 163.171.198.0/24 maxlen: 24 163.171.207.0/24 maxlen: 24 163.171.215.0/24 maxlen: 24 163.171.216.0/24 maxlen: 24 163.171.217.0/24 maxlen: 24 163.171.218.0/24 maxlen: 24 163.171.222.0/24 maxlen: 24 163.171.224.0/24 maxlen: 24 163.171.225.0/24 maxlen: 24 163.171.227.0/24 maxlen: 24 163.171.230.0/24 maxlen: 24 163.171.231.0/24 maxlen: 24 163.171.234.0/24 maxlen: 24 163.171.235.0/24 maxlen: 24 163.171.237.0/24 maxlen: 24 163.171.244.0/24 maxlen: 24 163.171.249.0/24 maxlen: 24 163.171.252.0/24 maxlen: 24 185.27.230.0/24 maxlen: 24 194.107.19.0/24 maxlen: 24 2a01:53c0:ff19::/48 maxlen: 48 2a01:53c0:ffc6::/48 maxlen: 48 2a01:53c0:ffe7::/48 maxlen: 48 2a01:53c0:fff2::/48 maxlen: 48 2a01:53c0:fff4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b6:7a:18:11:ce:ac:f2:e7:30:a6:d5:fb:ee:96:35:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a Validity Not Before: Jan 13 08:30:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d2211d3a1f8cf6b39a8d6b82851ee14069a57c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:0e:9e:61:9e:fc:3c:1b:f7:b3:e0:93:d9:4c: 46:3d:61:ec:52:2d:ce:ab:96:7b:e6:1d:6e:e6:d9: 9f:bc:7a:8f:c6:bf:ac:40:24:d4:2d:0b:96:51:1e: e3:5d:71:57:96:e5:eb:ca:89:8c:c6:d9:7c:55:c9: 82:e4:a5:a2:69:88:59:df:bd:fe:37:25:c9:35:b8: 19:0a:72:8d:f6:99:38:e7:60:ef:b4:dd:fa:34:8b: 80:2f:60:f5:98:88:08:ff:c5:f4:fc:88:4b:b5:67: 06:ce:fd:f3:45:07:ac:e5:60:6d:9d:2e:b4:39:14: 59:7e:2f:47:3d:1a:86:a9:32:eb:8a:ae:78:ad:b9: e4:1e:fe:8a:52:ff:92:30:b2:44:19:74:9d:93:37: a5:84:3c:13:a9:05:51:62:46:81:3d:05:e7:08:f8: 4e:b8:47:09:b6:cc:9c:9d:d4:7e:8c:b3:fa:f7:24: 78:81:ef:76:06:0b:1f:68:73:a2:00:bd:22:8f:8f: 70:91:41:7c:5b:35:fc:00:55:de:12:b1:0b:9f:a8: 21:31:d8:84:6a:77:9b:f3:06:07:48:b2:1d:49:9f: 70:b8:e3:0b:53:45:4e:4e:28:00:0a:48:c1:8b:c9: 4f:23:3f:a8:81:c4:04:07:c3:d8:60:7e:87:f9:ed: 1e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:22:11:D3:A1:F8:CF:6B:39:A8:D6:B8:28:51:EE:14:06:9A:57:C8 X509v3 Authority Key Identifier: keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/PSIR06H4z2s5qNa4KFHuFAaaV8g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.194.204.0/23 91.202.200.0/24 93.188.132.0/24 93.188.135.0/24 148.253.34.0/24 148.253.36.0/24 148.253.41.0-148.253.42.255 148.253.44.0/24 148.253.47.0/24 148.253.50.0/24 148.253.60.0/22 148.253.228.0/23 148.253.231.0-148.253.235.255 148.253.237.0/24 148.253.239.0/24 148.253.241.0/24 148.253.244.0-148.253.246.255 148.253.248.0/24 151.249.92.0-151.249.94.255 163.171.64.0/24 163.171.67.0/24 163.171.70.0/23 163.171.77.0/24 163.171.84.0/23 163.171.87.0/24 163.171.93.0-163.171.94.255 163.171.96.0-163.171.98.255 163.171.101.0-163.171.104.255 163.171.110.0/24 163.171.119.0/24 163.171.126.0/24 163.171.143.0/24 163.171.149.0/24 163.171.153.0/24 163.171.164.0/24 163.171.166.0/24 163.171.176.0/23 163.171.182.0/24 163.171.188.0/24 163.171.198.0/24 163.171.207.0/24 163.171.215.0-163.171.218.255 163.171.222.0/24 163.171.224.0/23 163.171.227.0/24 163.171.230.0/23 163.171.234.0/23 163.171.237.0/24 163.171.244.0/24 163.171.249.0/24 163.171.252.0/24 185.27.230.0/24 194.107.19.0/24 IPv6: 2a01:53c0:ff19::/48 2a01:53c0:ffc6::/48 2a01:53c0:ffe7::/48 2a01:53c0:fff2::/48 2a01:53c0:fff4::/48 Signature Algorithm: sha256WithRSAEncryption 9e:0d:4f:ca:21:d0:bc:72:1b:84:5a:36:8f:dd:67:1f:60:c3: 31:82:73:e3:d3:79:da:f5:0c:82:fb:5e:d3:54:90:d5:85:cb: 68:c6:e4:6a:32:ca:6a:c5:df:a3:2d:a5:81:84:66:6f:e8:43: 57:c2:d5:96:cc:ee:a8:4e:da:cb:86:b1:f0:45:54:a4:b5:91: de:ad:bc:32:8c:94:92:37:db:b5:33:5e:b7:15:9d:92:ea:bd: 7a:b1:4d:a7:a0:db:bb:41:c6:20:fc:41:64:38:ff:25:c5:08: ca:c5:73:a6:9f:c1:9f:b9:ac:63:4c:ee:bd:8a:07:d8:28:2f: fc:08:4e:54:03:32:9b:62:69:eb:df:1f:13:cb:81:78:6e:59: bd:78:c6:2f:be:f2:7b:12:cf:7b:8d:05:67:12:2a:0d:e0:28: 77:30:d1:71:0d:6e:4f:69:75:4a:c2:10:66:ef:bd:63:07:20: 3b:c6:f6:66:50:91:eb:3c:51:1d:3f:1f:67:24:bb:36:64:39: 60:74:e9:53:c0:89:b3:97:56:88:32:a8:1a:33:f1:ef:8e:19: f9:5a:23:90:5f:80:dd:40:52:b6:33:42:9b:23:d9:42:e2:42: c2:f0:4a:20:fc:b0:35:60:0d:5c:a2:4d:89:93:68:8f:14:f9: 3e:64:7d:01 -----BEGIN CERTIFICATE----- MIIGtDCCBZygAwIBAgISAZu2ehgRzqzy5zCm1fvuljVVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5 ZDcwNmEwHhcNMjYwMTEzMDgzMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDIyMTFkM2ExZjhjZjZiMzlhOGQ2YjgyODUxZWUxNDA2OWE1N2M4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA6eYZ78PBv3s+CT2UxGPWHsUi3O q5Z75h1u5tmfvHqPxr+sQCTULQuWUR7jXXFXluXryomMxtl8VcmC5KWiaYhZ373+ NyXJNbgZCnKN9pk452DvtN36NIuAL2D1mIgI/8X0/IhLtWcGzv3zRQes5WBtnS60 ORRZfi9HPRqGqTLriq54rbnkHv6KUv+SMLJEGXSdkzelhDwTqQVRYkaBPQXnCPhO uEcJtsycndR+jLP69yR4ge92BgsfaHOiAL0ij49wkUF8WzX8AFXeErELn6ghMdiE aneb8wYHSLIdSZ9wuOMLU0VOTigACkjBi8lPIz+ogcQEB8PYYH6H+e0eIQIDAQAB o4IDwDCCA7wwHQYDVR0OBBYEFD0iEdOh+M9rOajWuChR7hQGmlfIMB8GA1UdIwQY MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt YjVkODg4YWRmZDM3LzEvUFNJUjA2SDR6MnM1cU5hNEtGSHVGQWFhVjhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3 LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIB1AYIKwYBBQUHAQcBAf8EggHDMIIBvzCCAYYEAgABMIIB fgMEAVvCzAMEAFvKyAMEAF28hAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQA lP0qAwQAlP0sAwQAlP0vAwQAlP0yAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egD BACU/e0DBACU/e8DBACU/fEwDAMEApT99AMEAJT99gMEAJT9+DAMAwQCl/lcAwQA l/leAwQAo6tAAwQAo6tDAwQBo6tGAwQAo6tNAwQBo6tUAwQAo6tXMAwDBACjq10D BACjq14wDAMEBaOrYAMEAKOrYjAMAwQAo6tlAwQAo6toAwQAo6tuAwQAo6t3AwQA o6t+AwQAo6uPAwQAo6uVAwQAo6uZAwQAo6ukAwQAo6umAwQBo6uwAwQAo6u2AwQA o6u8AwQAo6vGAwQAo6vPMAwDBACjq9cDBACjq9oDBACjq94DBAGjq+ADBACjq+MD BAGjq+YDBAGjq+oDBACjq+0DBACjq/QDBACjq/kDBACjq/wDBAC5G+YDBADCaxMw MwQCAAIwLQMHACoBU8D/GQMHACoBU8D/xgMHACoBU8D/5wMHACoBU8D/8gMHACoB U8D/9DANBgkqhkiG9w0BAQsFAAOCAQEAng1PyiHQvHIbhFo2j91nH2DDMYJz49N5 2vUMgvte01SQ1YXLaMbkajLKasXfoy2lgYRmb+hDV8LVlszuqE7ay4ax8EVUpLWR 3q28MoyUkjfbtTNetxWdkuq9erFNp6Dbu0HGIPxBZDj/JcUIysVzpp/Bn7msY0zu vYoH2Cgv/AhOVAMym2Jp698fE8uBeG5ZvXjGL77yexLPe40FZxIqDeAodzDRcQ1u T2l1SsIQZu+9YwcgO8b2ZlCR6zxRHT8fZyS7NmQ5YHTpU8CJs5dWiDKoGjPx744Z +VojkF+A3UBStjNCmyPZQuJCwvBKIPywNWANXKJNiZNojxT5PmR9AQ== -----END CERTIFICATE-----Generated at Tue Jan 20 07:46:27 2026 by rpki-client