This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IPKnPancAcxgE98XjuMITuACBbw.roa File: IPKnPancAcxgE98XjuMITuACBbw.roa (raw, json) Hash identifier: CDl9CvjJYfEqVg+8SILAtqgG9ZXL8dvSQ4ygKfnO+ew= Subject key identifier: 20:F2:A7:3D:A9:DC:01:CC:60:13:DF:17:8E:E3:08:4E:E0:02:05:BC Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B0CED323DF35E6115C7BD4061E01C00E8 Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IPKnPancAcxgE98XjuMITuACBbw.roa Signing time: Thu 11 Dec 2025 10:20:30 +0000 ROA not before: Thu 11 Dec 2025 10:20:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 45.90.16.0/24 maxlen: 24 45.90.17.0/24 maxlen: 24 45.131.134.0/24 maxlen: 24 185.108.204.0/24 maxlen: 24 185.126.82.0/24 maxlen: 24 185.199.54.0/24 maxlen: 24 185.199.158.0/24 maxlen: 24 185.199.159.0/24 maxlen: 24 185.206.251.0/24 maxlen: 24 185.209.38.0/24 maxlen: 24 185.209.73.0/24 maxlen: 24 185.209.74.0/24 maxlen: 24 185.209.75.0/24 maxlen: 24 185.210.233.0/24 maxlen: 24 185.210.235.0/24 maxlen: 24 185.214.108.0/24 maxlen: 24 185.218.20.0/24 maxlen: 24 185.218.101.0/24 maxlen: 24 185.220.248.0/24 maxlen: 24 185.220.249.0/24 maxlen: 24 185.220.250.0/23 maxlen: 24 185.221.20.0/24 maxlen: 24 185.222.28.0/24 maxlen: 24 185.222.29.0/24 maxlen: 24 185.223.80.0/24 maxlen: 24 185.223.155.0/24 maxlen: 24 185.225.0.0/23 maxlen: 23 185.225.1.0/24 maxlen: 24 185.225.2.0/24 maxlen: 24 185.225.3.0/24 maxlen: 24 185.226.104.0/24 maxlen: 24 185.226.107.0/24 maxlen: 24 185.227.144.0/24 maxlen: 24 185.227.146.0/23 maxlen: 24 185.227.147.0/24 maxlen: 24 185.228.75.0/24 maxlen: 24 185.232.206.0/24 maxlen: 24 185.234.22.0/24 maxlen: 24 185.246.112.0/24 maxlen: 24 193.8.112.0/23 maxlen: 24 193.8.112.0/24 maxlen: 24 193.8.114.0/24 maxlen: 24 193.58.146.0/23 maxlen: 24 193.58.146.0/24 maxlen: 24 194.5.67.0/24 maxlen: 24 194.76.169.0/24 maxlen: 24 194.76.172.0/24 maxlen: 24 194.124.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 04:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0c:ed:32:3d:f3:5e:61:15:c7:bd:40:61:e0:1c:00:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Dec 11 10:20:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=20f2a73da9dc01cc6013df178ee3084ee00205bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ea:d8:1b:f8:66:d3:bc:b9:38:ce:ca:47:22: 50:b3:87:13:51:67:3f:55:44:4f:be:d8:f1:3c:13: 35:d6:89:a8:8f:43:18:8d:d4:1b:b2:45:26:2f:f1: bc:90:ea:0a:29:a4:51:c7:cd:64:b3:b8:84:a0:8a: 7d:8b:3d:60:ed:49:be:c2:73:69:28:b8:56:26:3c: 2b:6d:e3:6d:49:b8:b6:17:32:67:e5:0d:3f:f9:a1: 80:78:95:3f:b0:62:45:ab:e9:23:5b:c3:56:15:35: 4f:a0:80:e2:25:7b:45:3e:f7:39:f8:a1:36:79:a5: ff:d9:d7:30:ad:1b:6a:54:2f:dd:1c:4b:f6:b9:da: b3:6f:fb:75:04:fb:35:b2:3f:7a:58:9d:05:3c:30: a4:e0:ec:4a:0d:c9:9e:d3:3a:4e:83:eb:8a:dd:8d: fb:84:22:e7:4e:4b:9f:a4:4e:42:75:6f:69:e2:99: 88:26:44:09:c1:ed:69:2f:b2:91:8d:c7:3a:c5:30: 49:5d:06:e1:e4:ca:d5:de:53:ce:ab:3e:f2:ce:73: ec:57:5c:1e:e5:91:00:57:33:39:2c:48:b7:62:00: 79:cb:74:01:85:85:42:ae:d0:33:0e:c0:59:4d:ed: b1:37:50:f9:4b:c9:ea:24:a4:45:a6:d0:43:b9:a9: be:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:F2:A7:3D:A9:DC:01:CC:60:13:DF:17:8E:E3:08:4E:E0:02:05:BC X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IPKnPancAcxgE98XjuMITuACBbw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.16.0/23 45.131.134.0/24 185.108.204.0/24 185.126.82.0/24 185.199.54.0/24 185.199.158.0/23 185.206.251.0/24 185.209.38.0/24 185.209.73.0-185.209.75.255 185.210.233.0/24 185.210.235.0/24 185.214.108.0/24 185.218.20.0/24 185.218.101.0/24 185.220.248.0/22 185.221.20.0/24 185.222.28.0/23 185.223.80.0/24 185.223.155.0/24 185.225.0.0/22 185.226.104.0/24 185.226.107.0/24 185.227.144.0/24 185.227.146.0/23 185.228.75.0/24 185.232.206.0/24 185.234.22.0/24 185.246.112.0/24 193.8.112.0-193.8.114.255 193.58.146.0/23 194.5.67.0/24 194.76.169.0/24 194.76.172.0/24 194.124.69.0/24 Signature Algorithm: sha256WithRSAEncryption 14:97:55:7c:91:d0:42:58:22:49:e5:1d:35:0b:14:71:d8:af: 34:be:cd:ba:68:c0:fb:6d:d2:fd:ba:01:8d:89:7c:e3:00:86: 94:23:c3:90:6f:d9:79:03:4b:4e:ce:94:ca:8d:e0:b9:7b:0d: cf:ad:8f:dc:30:5b:cd:80:d8:74:06:0a:19:b5:57:3f:51:04: b4:6c:72:5e:79:68:3a:53:be:2f:00:d6:44:d0:bd:05:2c:b2: 42:0e:8d:1a:f4:fa:d1:54:ba:a5:52:f5:59:68:54:94:a1:ca: b3:d2:09:8d:47:85:c9:0c:cf:ca:b3:8f:41:b1:54:9b:cc:a8: 1c:17:5c:87:e0:6b:bb:b8:3f:95:ed:31:df:33:81:67:0a:c4: 74:22:e6:3d:dc:cb:5c:8a:8b:e8:39:c9:34:92:ae:6b:d0:87: 99:d6:32:5d:98:9f:ea:55:fb:36:8e:ed:d1:e3:88:f4:6b:3a: e8:ce:67:92:fb:ff:94:00:82:80:de:0b:53:0c:ba:7c:f8:90: e8:cf:a2:92:39:e1:25:d3:d9:a2:ed:41:80:d2:67:de:22:3f: 38:a5:77:f5:88:9a:51:0c:81:ea:59:8e:3e:18:de:00:32:0c: f7:bc:af:d6:be:42:77:60:ad:3a:82:ea:c0:33:30:ba:e8:67: 39:41:fc:5b -----BEGIN CERTIFICATE----- MIIF2DCCBMCgAwIBAgISAZsM7TI9815hFce9QGHgHADoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjUxMjExMTAyMDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGYyYTczZGE5ZGMwMWNjNjAxM2RmMTc4ZWUzMDg0ZWUwMDIwNWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAterYG/hm07y5OM7KRyJQs4cTUWc/ VURPvtjxPBM11omoj0MYjdQbskUmL/G8kOoKKaRRx81ks7iEoIp9iz1g7Um+wnNp KLhWJjwrbeNtSbi2FzJn5Q0/+aGAeJU/sGJFq+kjW8NWFTVPoIDiJXtFPvc5+KE2 eaX/2dcwrRtqVC/dHEv2udqzb/t1BPs1sj96WJ0FPDCk4OxKDcme0zpOg+uK3Y37 hCLnTkufpE5CdW9p4pmIJkQJwe1pL7KRjcc6xTBJXQbh5MrV3lPOqz7yznPsV1we 5ZEAVzM5LEi3YgB5y3QBhYVCrtAzDsBZTe2xN1D5S8nqJKRFptBDuam+jQIDAQAB o4IC5DCCAuAwHQYDVR0OBBYEFCDypz2p3AHMYBPfF47jCE7gAgW8MB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvSVBLblBhbmNBY3hnRTk4WGp1TUlUdUFDQmJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAEt WhADBAAtg4YDBAC5bMwDBAC5flIDBAC5xzYDBAG5x54DBAC5zvsDBAC50SYwDAME ALnRSQMEArnRSAMEALnS6QMEALnS6wMEALnWbAMEALnaFAMEALnaZQMEArnc+AME ALndFAMEAbneHAMEALnfUAMEALnfmwMEArnhAAMEALniaAMEALniawMEALnjkAME AbnjkgMEALnkSwMEALnozgMEALnqFgMEALn2cDAMAwQEwQhwAwQAwQhyAwQBwTqS AwQAwgVDAwQAwkypAwQAwkysAwQAwnxFMA0GCSqGSIb3DQEBCwUAA4IBAQAUl1V8 kdBCWCJJ5R01CxRx2K80vs26aMD7bdL9ugGNiXzjAIaUI8OQb9l5A0tOzpTKjeC5 ew3PrY/cMFvNgNh0BgoZtVc/UQS0bHJeeWg6U74vANZE0L0FLLJCDo0a9PrRVLql UvVZaFSUocqz0gmNR4XJDM/Ks49BsVSbzKgcF1yH4Gu7uD+V7THfM4FnCsR0IuY9 3MtciovoOck0kq5r0IeZ1jJdmJ/qVfs2ju3R44j0azrozmeS+/+UAIKA3gtTDLp8 +JDoz6KSOeEl09mi7UGA0mfeIj84pXf1iJpRDIHqWY4+GN4AMgz3vK/WvkJ3YK06 gurAMzC66Gc5Qfxb -----END CERTIFICATE-----Generated at Fri Dec 12 09:46:19 2025 by rpki-client