This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/oK0VVYEphg6ETjlrW3F7s3hDxow.roa File: oK0VVYEphg6ETjlrW3F7s3hDxow.roa (raw, json) Hash identifier: ZNtLfeyZuVFrapejmFdoQucl+PbRvv+SSHdnCiT576U= Subject key identifier: A0:AD:15:55:81:29:86:0E:84:4E:39:6B:5B:71:7B:B3:78:43:C6:8C Certificate issuer: /CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0 Certificate serial: 019B7BA3D4D8A56B9E8A0E7A9971953A5FC9 Authority key identifier: 19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/oK0VVYEphg6ETjlrW3F7s3hDxow.roa Signing time: Thu 01 Jan 2026 22:18:13 +0000 ROA not before: Thu 01 Jan 2026 22:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 45.144.204.0/24 maxlen: 24 45.144.205.0/24 maxlen: 24 45.144.206.0/24 maxlen: 24 45.144.207.0/24 maxlen: 24 45.152.156.0/24 maxlen: 24 45.152.157.0/24 maxlen: 24 45.152.158.0/24 maxlen: 24 45.152.159.0/24 maxlen: 24 185.158.252.0/24 maxlen: 24 185.158.253.0/24 maxlen: 24 185.158.254.0/24 maxlen: 24 185.158.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.mft rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:d4:d8:a5:6b:9e:8a:0e:7a:99:71:95:3a:5f:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0 Validity Not Before: Jan 1 22:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a0ad15558129860e844e396b5b717bb37843c68c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2a:b1:c2:6e:3b:66:19:c1:ff:f4:e0:a3:ae: 1f:14:81:e1:65:21:63:ff:2b:b9:a0:45:c5:c4:69: 93:91:3f:32:5b:1b:3b:5f:80:a7:2a:db:ec:5c:2e: d1:1d:e5:81:57:87:54:1d:76:20:7a:92:5c:01:de: 85:35:7d:fb:2a:74:c8:43:ff:60:80:88:ec:7a:32: f5:fe:d0:3d:c5:6a:17:a6:e7:55:2e:53:3f:60:a1: ec:81:9e:9d:1d:e2:eb:91:8b:03:c3:4c:12:be:b8: d6:77:0e:00:3e:c0:71:a4:1d:58:50:57:b6:53:f0: ea:f2:dd:09:d8:01:81:47:8d:a6:3a:fd:43:df:d1: 5f:e6:2f:ac:f6:92:cc:24:1e:f6:35:c6:07:46:d9: 85:a5:d1:87:fb:6c:a1:5a:40:20:27:dd:5c:d0:5e: dc:0c:76:3e:46:a9:3a:e4:6a:ae:79:71:17:30:a3: b1:07:ec:14:5b:64:83:eb:97:1b:29:79:f3:22:93: fe:5a:95:d2:1d:31:12:95:d1:9f:f1:88:71:86:a6: 9c:ee:ec:d0:77:7d:71:9b:2c:e6:f2:21:c7:b3:20: 3d:b6:19:4a:49:b5:17:f9:6a:23:d7:ef:86:92:9c: 72:44:5f:b0:f0:3f:aa:60:fe:a4:6e:a6:8f:7f:60: 36:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:AD:15:55:81:29:86:0E:84:4E:39:6B:5B:71:7B:B3:78:43:C6:8C X509v3 Authority Key Identifier: keyid:19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/oK0VVYEphg6ETjlrW3F7s3hDxow.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.144.204.0/22 45.152.156.0/22 185.158.252.0/22 Signature Algorithm: sha256WithRSAEncryption 50:8d:36:84:e9:26:d6:8c:61:b8:81:4f:d8:7a:bd:c0:a1:fd: c4:e9:8c:7e:5f:09:25:8e:2d:1c:00:47:06:8c:72:b2:3b:f8: 7d:9f:e1:2b:18:ae:71:5c:dd:8a:d0:68:a9:d2:52:2d:71:ba: 15:89:33:58:3d:5f:65:52:89:14:31:fb:76:e6:a3:91:5d:8b: 0a:60:fc:ac:00:5b:c5:4e:01:2e:34:b6:1c:12:0e:b2:c0:de: b9:49:43:92:6c:8e:74:8d:54:79:e3:4b:2e:ad:1b:74:a2:4c: eb:51:28:42:dc:b4:fe:3a:4d:1c:dd:ab:f0:8b:1c:a4:94:43: 66:45:f6:ba:9b:38:32:75:cc:b4:74:66:d9:99:02:46:eb:8c: 0b:65:aa:92:48:0b:9e:be:cf:af:be:79:d6:1c:70:d4:e2:67: fa:71:25:0e:9e:4d:86:50:a2:01:79:1d:d6:e9:ee:1d:55:44: 78:98:8e:81:91:c9:1e:68:e6:95:af:3d:27:83:61:eb:ab:ac: 62:8f:7c:78:56:c5:82:98:a0:0e:fc:04:e3:5f:3f:d3:da:5f: 2a:70:63:74:db:6d:b9:df:de:07:96:0e:1b:61:58:70:fa:26: 49:e1:bd:94:fb:b4:66:02:e7:95:5a:c6:3b:18:ce:86:c7:4e: 41:69:36:5a -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7o9TYpWueig56mXGVOl/JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5NjEwZDYzOGUyYTJmOTVhM2Q5MGU0Y2ZmOTk1OWE4NTlm YWM0ZjAwHhcNMjYwMTAxMjIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMGFkMTU1NTgxMjk4NjBlODQ0ZTM5NmI1YjcxN2JiMzc4NDNjNjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviqxwm47ZhnB//Tgo64fFIHhZSFj /yu5oEXFxGmTkT8yWxs7X4CnKtvsXC7RHeWBV4dUHXYgepJcAd6FNX37KnTIQ/9g gIjsejL1/tA9xWoXpudVLlM/YKHsgZ6dHeLrkYsDw0wSvrjWdw4APsBxpB1YUFe2 U/Dq8t0J2AGBR42mOv1D39Ff5i+s9pLMJB72NcYHRtmFpdGH+2yhWkAgJ91c0F7c DHY+Rqk65GqueXEXMKOxB+wUW2SD65cbKXnzIpP+WpXSHTESldGf8Yhxhqac7uzQ d31xmyzm8iHHsyA9thlKSbUX+Woj1++GkpxyRF+w8D+qYP6kbqaPf2A2HwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFKCtFVWBKYYOhE45a1txe7N4Q8aMMB8GA1UdIwQY MBaAFBlhDWOOKi+Vo9kOTP+ZWahZ+sTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUt NzcyZGNkM2FmNWY2LzEvb0swVlZZRXBoZzZFVGpsclczRjdzM2hEeG93LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUtNzcyZGNkM2FmNWY2 LzEvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZDMAwQC LZicAwQCuZ78MA0GCSqGSIb3DQEBCwUAA4IBAQBQjTaE6SbWjGG4gU/Yer3Aof3E 6Yx+Xwklji0cAEcGjHKyO/h9n+ErGK5xXN2K0Gip0lItcboViTNYPV9lUokUMft2 5qORXYsKYPysAFvFTgEuNLYcEg6ywN65SUOSbI50jVR540surRt0okzrUShC3LT+ Ok0c3avwixyklENmRfa6mzgydcy0dGbZmQJG64wLZaqSSAuevs+vvnnWHHDU4mf6 cSUOnk2GUKIBeR3W6e4dVUR4mI6BkckeaOaVrz0ng2Hrq6xij3x4VsWCmKAO/ATj Xz/T2l8qcGN02225394Hlg4bYVhw+iZJ4b2U+7RmAueVWsY7GM6Gx05BaTZa -----END CERTIFICATE-----Generated at Fri Jan 2 11:03:55 2026 by rpki-client