This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PVm3ZIKqfFityvBby6oS0KoQT-M.roa File: PVm3ZIKqfFityvBby6oS0KoQT-M.roa (raw, json) Hash identifier: YAZFdh3FqkralOhG2faXFTl7n4hXWNcYiEM+ArfNP7c= Subject key identifier: 3D:59:B7:64:82:AA:7C:58:AD:CA:F0:5B:CB:AA:12:D0:AA:10:4F:E3 Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019A9B59FF2417D9D58777B9E02F5D4D11FA Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PVm3ZIKqfFityvBby6oS0KoQT-M.roa Signing time: Wed 19 Nov 2025 09:02:37 +0000 ROA not before: Wed 19 Nov 2025 09:02:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 45.90.16.0/24 maxlen: 24 45.90.17.0/24 maxlen: 24 45.131.134.0/24 maxlen: 24 185.108.204.0/24 maxlen: 24 185.126.82.0/24 maxlen: 24 185.199.54.0/24 maxlen: 24 185.199.158.0/24 maxlen: 24 185.199.159.0/24 maxlen: 24 185.206.251.0/24 maxlen: 24 185.209.38.0/24 maxlen: 24 185.209.73.0/24 maxlen: 24 185.209.74.0/24 maxlen: 24 185.209.75.0/24 maxlen: 24 185.210.233.0/24 maxlen: 24 185.210.235.0/24 maxlen: 24 185.214.108.0/24 maxlen: 24 185.218.20.0/24 maxlen: 24 185.218.101.0/24 maxlen: 24 185.220.248.0/24 maxlen: 24 185.220.249.0/24 maxlen: 24 185.220.250.0/23 maxlen: 24 185.221.20.0/24 maxlen: 24 185.222.28.0/24 maxlen: 24 185.222.29.0/24 maxlen: 24 185.223.80.0/24 maxlen: 24 185.223.82.0/24 maxlen: 24 185.223.155.0/24 maxlen: 24 185.225.0.0/23 maxlen: 23 185.225.1.0/24 maxlen: 24 185.225.2.0/24 maxlen: 24 185.225.3.0/24 maxlen: 24 185.226.104.0/24 maxlen: 24 185.226.107.0/24 maxlen: 24 185.227.144.0/24 maxlen: 24 185.227.146.0/23 maxlen: 24 185.227.147.0/24 maxlen: 24 185.228.75.0/24 maxlen: 24 185.232.206.0/24 maxlen: 24 185.234.22.0/24 maxlen: 24 185.246.112.0/24 maxlen: 24 193.8.112.0/23 maxlen: 24 193.8.112.0/24 maxlen: 24 193.8.114.0/24 maxlen: 24 193.58.146.0/23 maxlen: 24 193.58.146.0/24 maxlen: 24 194.5.64.0/24 maxlen: 24 194.5.67.0/24 maxlen: 24 194.76.169.0/24 maxlen: 24 194.76.172.0/24 maxlen: 24 194.124.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 20 Nov 2025 18:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:59:ff:24:17:d9:d5:87:77:b9:e0:2f:5d:4d:11:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Nov 19 09:02:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3d59b76482aa7c58adcaf05bcbaa12d0aa104fe3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:34:c9:bc:ac:51:0d:d6:f7:59:11:83:d4:4f: 44:e6:63:78:37:d6:9f:5a:77:3f:e3:2b:9d:0d:3a: af:2f:aa:ad:a7:f3:39:fb:c1:4a:cc:3c:12:2a:07: 36:67:05:ca:9a:73:c1:62:17:e0:d6:b3:3a:92:39: 50:e8:46:ae:03:da:06:17:6c:60:ba:b2:cd:6d:eb: 1e:d2:4a:ed:6e:64:10:f2:42:e0:8e:78:54:53:3c: 0b:c6:bd:89:cd:49:77:80:41:3c:f3:5b:3c:f5:74: d9:db:fe:dd:e8:c0:dc:35:a8:96:34:a5:f0:95:a1: 85:5b:05:43:7c:bf:39:29:9a:10:7c:32:9e:64:22: b0:02:ce:34:cc:9f:31:0f:7b:8e:88:19:73:35:d3: 74:fc:2f:6d:78:68:b4:b7:2d:de:f5:8b:4e:ea:e5: cc:ca:1c:45:f8:c0:3a:2b:dc:db:57:e6:0c:f5:3f: e5:75:92:e1:5e:9f:a3:bf:d4:52:1e:20:76:1a:0d: 52:f9:08:54:ce:41:57:0b:d2:94:c5:06:ba:12:00: 82:c4:99:83:87:4b:83:18:a7:e1:bb:62:62:22:0c: 4c:93:48:e8:9e:53:6e:35:ea:48:7b:89:3b:43:15: 67:22:41:56:a5:12:d4:01:be:69:36:d7:c5:82:ea: 0a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:59:B7:64:82:AA:7C:58:AD:CA:F0:5B:CB:AA:12:D0:AA:10:4F:E3 X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PVm3ZIKqfFityvBby6oS0KoQT-M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.16.0/23 45.131.134.0/24 185.108.204.0/24 185.126.82.0/24 185.199.54.0/24 185.199.158.0/23 185.206.251.0/24 185.209.38.0/24 185.209.73.0-185.209.75.255 185.210.233.0/24 185.210.235.0/24 185.214.108.0/24 185.218.20.0/24 185.218.101.0/24 185.220.248.0/22 185.221.20.0/24 185.222.28.0/23 185.223.80.0/24 185.223.82.0/24 185.223.155.0/24 185.225.0.0/22 185.226.104.0/24 185.226.107.0/24 185.227.144.0/24 185.227.146.0/23 185.228.75.0/24 185.232.206.0/24 185.234.22.0/24 185.246.112.0/24 193.8.112.0-193.8.114.255 193.58.146.0/23 194.5.64.0/24 194.5.67.0/24 194.76.169.0/24 194.76.172.0/24 194.124.69.0/24 Signature Algorithm: sha256WithRSAEncryption ac:38:18:5e:e0:2f:0b:85:95:53:77:7d:39:c6:f1:3c:50:33: 5f:cd:78:eb:67:80:5d:73:06:2e:e9:79:4b:d4:a8:6b:63:13: 92:97:61:5d:ef:40:65:98:8d:18:fb:3f:37:1c:b6:db:1b:e7: 71:d8:2e:fb:d6:27:2e:bc:74:c1:4e:19:a4:59:0c:54:46:41: 8c:ca:1a:4c:ac:20:62:c1:a0:b3:03:13:29:24:f8:1b:9d:89: 0d:3b:29:91:95:e3:82:9d:31:42:60:1d:ae:a2:21:8d:1f:58: 1d:70:cd:13:b5:3c:9c:18:ca:3a:09:e5:1a:58:06:5d:4a:05: 3e:0c:dd:9e:93:78:e2:cc:4a:5a:fc:98:e2:86:65:07:c1:d9: 53:63:c5:ca:a3:7c:c8:90:74:50:e7:69:33:a6:9f:3f:34:05: 29:97:5d:6a:12:01:2d:2f:78:f7:90:e0:94:80:8e:3f:9a:cf: 90:ff:62:a0:35:1c:5d:0c:91:d9:a9:54:c4:28:71:96:13:a1: 26:ac:a5:0b:3c:b8:a1:7a:a0:f5:64:f9:f5:8e:b0:85:14:52: b9:96:f3:32:1a:70:06:ef:d2:4d:cb:40:aa:49:89:af:e4:2a: 30:8a:02:66:52:12:33:7d:f3:af:ab:61:86:9c:34:98:b0:d8: db:37:7d:c2 -----BEGIN CERTIFICATE----- MIIF5TCCBM2gAwIBAgISAZqbWf8kF9nVh3e54C9dTRH6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjUxMTE5MDkwMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDU5Yjc2NDgyYWE3YzU4YWRjYWYwNWJjYmFhMTJkMGFhMTA0ZmUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TTJvKxRDdb3WRGD1E9E5mN4N9af Wnc/4yudDTqvL6qtp/M5+8FKzDwSKgc2ZwXKmnPBYhfg1rM6kjlQ6EauA9oGF2xg urLNbese0krtbmQQ8kLgjnhUUzwLxr2JzUl3gEE881s89XTZ2/7d6MDcNaiWNKXw laGFWwVDfL85KZoQfDKeZCKwAs40zJ8xD3uOiBlzNdN0/C9teGi0ty3e9YtO6uXM yhxF+MA6K9zbV+YM9T/ldZLhXp+jv9RSHiB2Gg1S+QhUzkFXC9KUxQa6EgCCxJmD h0uDGKfhu2JiIgxMk0jonlNuNepIe4k7QxVnIkFWpRLUAb5pNtfFguoKhwIDAQAB o4IC8TCCAu0wHQYDVR0OBBYEFD1Zt2SCqnxYrcrwW8uqEtCqEE/jMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvUFZtM1pJS3FmRml0eXZCYnk2b1MwS29RVC1NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQB LVoQAwQALYOGAwQAuWzMAwQAuX5SAwQAucc2AwQBuceeAwQAuc77AwQAudEmMAwD BAC50UkDBAK50UgDBAC50ukDBAC50usDBAC51mwDBAC52hQDBAC52mUDBAK53PgD BAC53RQDBAG53hwDBAC531ADBAC531IDBAC535sDBAK54QADBAC54mgDBAC54msD BAC545ADBAG545IDBAC55EsDBAC56M4DBAC56hYDBAC59nAwDAMEBMEIcAMEAMEI cgMEAcE6kgMEAMIFQAMEAMIFQwMEAMJMqQMEAMJMrAMEAMJ8RTANBgkqhkiG9w0B AQsFAAOCAQEArDgYXuAvC4WVU3d9OcbxPFAzX81462eAXXMGLul5S9Soa2MTkpdh Xe9AZZiNGPs/Nxy22xvncdgu+9YnLrx0wU4ZpFkMVEZBjMoaTKwgYsGgswMTKST4 G52JDTspkZXjgp0xQmAdrqIhjR9YHXDNE7U8nBjKOgnlGlgGXUoFPgzdnpN44sxK WvyY4oZlB8HZU2PFyqN8yJB0UOdpM6afPzQFKZddahIBLS9495DglICOP5rPkP9i oDUcXQyR2alUxChxlhOhJqylCzy4oXqg9WT59Y6whRRSuZbzMhpwBu/STctAqkmJ r+QqMIoCZlISM33zr6thhpw0mLDY2zd9wg== -----END CERTIFICATE-----Generated at Thu Nov 20 01:57:47 2025 by rpki-client