This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/nL4uEaAKFQIFRb3GKKlNE2m38vs.roa File: nL4uEaAKFQIFRb3GKKlNE2m38vs.roa (raw, json) Hash identifier: +TiS4tdnmhxY4e4oL6wPlArjNO9ovGDVnYYYNy12iYs= Subject key identifier: 9C:BE:2E:11:A0:0A:15:02:05:45:BD:C6:28:A9:4D:13:69:B7:F2:FB Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Certificate serial: 019AFB680698D5E5D68BC35E7759131EA3C7 Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/nL4uEaAKFQIFRb3GKKlNE2m38vs.roa Signing time: Mon 08 Dec 2025 00:41:29 +0000 ROA not before: Mon 08 Dec 2025 00:41:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 199967 IP address blocks: 5.181.6.0/24 maxlen: 24 5.181.7.0/24 maxlen: 24 5.183.178.0/24 maxlen: 24 45.12.204.0/24 maxlen: 24 45.12.205.0/24 maxlen: 24 45.66.132.0/24 maxlen: 24 45.66.133.0/24 maxlen: 24 45.82.166.0/24 maxlen: 24 45.128.154.0/24 maxlen: 24 45.134.19.0/24 maxlen: 24 81.90.191.0/24 maxlen: 24 91.217.120.0/24 maxlen: 24 91.217.121.0/24 maxlen: 24 147.78.15.0/24 maxlen: 24 152.89.208.0/24 maxlen: 24 152.89.209.0/24 maxlen: 24 185.105.189.0/24 maxlen: 24 185.105.190.0/24 maxlen: 24 185.120.18.0/24 maxlen: 24 185.120.19.0/24 maxlen: 24 185.126.69.0/24 maxlen: 24 185.126.70.0/24 maxlen: 24 185.126.71.0/24 maxlen: 24 185.126.118.0/24 maxlen: 24 185.126.138.0/24 maxlen: 24 185.159.68.0/24 maxlen: 24 185.159.69.0/24 maxlen: 24 185.159.70.0/24 maxlen: 24 185.160.27.0/24 maxlen: 24 185.168.21.0/24 maxlen: 24 185.168.22.0/24 maxlen: 24 185.168.23.0/24 maxlen: 24 185.171.121.0/24 maxlen: 24 185.175.140.0/24 maxlen: 24 185.175.141.0/24 maxlen: 24 185.187.237.0/24 maxlen: 24 185.187.238.0/24 maxlen: 24 185.187.239.0/24 maxlen: 24 188.119.100.0/24 maxlen: 24 188.119.101.0/24 maxlen: 24 194.156.228.0/24 maxlen: 24 217.197.163.0/24 maxlen: 24 2a0c:8a40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 09:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fb:68:06:98:d5:e5:d6:8b:c3:5e:77:59:13:1e:a3:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Validity Not Before: Dec 8 00:41:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=9cbe2e11a00a15020545bdc628a94d1369b7f2fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c7:96:44:7b:a2:f9:b5:72:cc:27:ba:b2:f3: 17:cf:1e:c1:52:b5:6a:4f:69:e1:aa:30:44:f4:d8: 68:d5:2a:aa:4f:c9:a7:60:97:04:5a:3b:17:6f:4b: 65:e1:95:64:65:0a:b8:94:75:bc:4d:44:49:b6:12: 3a:41:28:48:91:14:bd:0c:53:f8:61:8a:86:37:3d: 47:18:79:7b:8f:40:b0:47:06:f1:24:43:f3:e5:eb: 0f:f4:f7:5c:ac:2e:62:c9:d0:c6:5f:05:3c:ef:02: 92:9f:43:8d:05:0d:fe:9e:ff:ff:f2:60:f9:1c:1c: 94:21:b5:a6:20:0f:98:84:bf:55:86:15:db:12:a7: 47:5f:c3:5b:83:90:c0:94:c9:c4:9f:89:40:48:de: 0c:a3:52:28:13:b8:5b:d5:78:06:8a:bc:03:40:75: 91:b7:3e:13:4c:3d:a9:7c:0a:7b:1a:72:1f:e1:43: 42:f4:3d:8c:8c:04:01:e8:f0:d5:e1:fe:29:8c:78: 42:79:63:4f:a9:22:21:c4:ec:6f:d1:99:bd:cd:6f: a7:8e:37:ab:30:5f:38:49:8a:ba:d6:3c:50:90:85: f7:60:44:9e:89:7e:f9:f7:23:23:08:f9:41:83:33: 2d:5c:cf:6e:e3:d4:e0:94:94:af:3c:00:d4:2f:77: ed:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:BE:2E:11:A0:0A:15:02:05:45:BD:C6:28:A9:4D:13:69:B7:F2:FB X509v3 Authority Key Identifier: keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/nL4uEaAKFQIFRb3GKKlNE2m38vs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.6.0/23 5.183.178.0/24 45.12.204.0/23 45.66.132.0/23 45.82.166.0/24 45.128.154.0/24 45.134.19.0/24 81.90.191.0/24 91.217.120.0/23 147.78.15.0/24 152.89.208.0/23 185.105.189.0-185.105.190.255 185.120.18.0/23 185.126.69.0-185.126.71.255 185.126.118.0/24 185.126.138.0/24 185.159.68.0-185.159.70.255 185.160.27.0/24 185.168.21.0-185.168.23.255 185.171.121.0/24 185.175.140.0/23 185.187.237.0-185.187.239.255 188.119.100.0/23 194.156.228.0/24 217.197.163.0/24 IPv6: 2a0c:8a40:1::/48 Signature Algorithm: sha256WithRSAEncryption 6f:74:78:d6:5f:51:80:5c:ec:47:a7:27:82:73:6d:09:5b:7f: ac:63:57:55:8f:ca:ac:4a:fb:4a:74:f7:b6:69:36:28:6e:2b: d6:26:94:36:df:69:03:1a:23:b3:ff:e5:91:02:93:bf:fe:5e: 29:93:31:e9:82:ee:c5:a6:74:fd:b1:de:40:5f:7a:9d:99:c5: a1:a2:8f:8b:b6:14:99:b3:df:fc:6c:df:6b:29:08:e2:9f:8a: 04:e4:c4:bd:28:4b:8d:24:73:61:29:6c:8e:2b:16:ad:17:b6: d0:de:af:19:01:35:38:02:6a:27:2e:8f:26:e3:28:9c:89:f6: c1:8e:11:11:22:65:e6:78:63:a1:1b:5a:81:2d:e6:2f:79:a5: fa:ee:a4:2d:0f:74:2b:1d:2f:d1:d0:e4:8b:f9:9c:6f:eb:0f: a7:bf:3a:dc:12:31:56:8b:56:14:2e:2a:63:08:87:04:48:e1: 61:97:73:e3:a7:37:fe:41:94:b3:4f:ae:a5:45:8c:a8:fa:eb: 0a:37:0e:fe:78:b1:92:ee:53:a7:94:8a:3f:f3:8b:cd:94:be: df:f3:e9:a0:72:0f:97:b7:49:21:e2:c5:e5:67:93:cb:d9:a1: fb:5c:a0:64:48:90:b3:60:28:33:3f:55:e9:42:6b:d7:48:84: 5c:bb:33:a1 -----BEGIN CERTIFICATE----- MIIFyzCCBLOgAwIBAgISAZr7aAaY1eXWi8Ned1kTHqPHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy ODhmMTMwHhcNMjUxMjA4MDA0MTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Y2JlMmUxMWEwMGExNTAyMDU0NWJkYzYyOGE5NGQxMzY5YjdmMmZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsseWRHui+bVyzCe6svMXzx7BUrVq T2nhqjBE9Nho1SqqT8mnYJcEWjsXb0tl4ZVkZQq4lHW8TURJthI6QShIkRS9DFP4 YYqGNz1HGHl7j0CwRwbxJEPz5esP9PdcrC5iydDGXwU87wKSn0ONBQ3+nv//8mD5 HByUIbWmIA+YhL9VhhXbEqdHX8Nbg5DAlMnEn4lASN4Mo1IoE7hb1XgGirwDQHWR tz4TTD2pfAp7GnIf4UNC9D2MjAQB6PDV4f4pjHhCeWNPqSIhxOxv0Zm9zW+njjer MF84SYq61jxQkIX3YESeiX759yMjCPlBgzMtXM9u49TglJSvPADUL3ftWQIDAQAB o4IC1zCCAtMwHQYDVR0OBBYEFJy+LhGgChUCBUW9xiipTRNpt/L7MB8GA1UdIwQY MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt NzM2Nzg5ZWU2ZmQwLzEvbkw0dUVhQUtGUUlGUmIzR0tLbE5FMm0zOHZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBxQQCAAEwgb4DBAEF tQYDBAAFt7IDBAEtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBABRWr8DBAFb 2XgDBACTTg8DBAGYWdAwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5FAwQDuX5A AwQAuX52AwQAuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBswDAMEALmoFQMEA7moEAME ALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzkAwQA2cWjMA8EAgAC MAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAG90eNZfUYBc7EenJ4JzbQlb f6xjV1WPyqxK+0p097ZpNihuK9YmlDbfaQMaI7P/5ZECk7/+XimTMemC7sWmdP2x 3kBfep2ZxaGij4u2FJmz3/xs32spCOKfigTkxL0oS40kc2EpbI4rFq0XttDerxkB NTgCaicujybjKJyJ9sGOEREiZeZ4Y6EbWoEt5i95pfrupC0PdCsdL9HQ5Iv5nG/r D6e/OtwSMVaLVhQuKmMIhwRI4WGXc+OnN/5BlLNPrqVFjKj66wo3Dv54sZLuU6eU ij/zi82Uvt/z6aByD5e3SSHixeVnk8vZoftcoGRIkLNgKDM/VelCa9dIhFy7M6E= -----END CERTIFICATE-----Generated at Mon Dec 8 16:53:37 2025 by rpki-client