This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/1ojW1PCNbjVVzZCIw352rg07Sgc.roa File: 1ojW1PCNbjVVzZCIw352rg07Sgc.roa (raw, json) Hash identifier: DWGluicVfEBXfONntnVBJgK4tCyy2Ovpfao0psE3JrQ= Subject key identifier: D6:88:D6:D4:F0:8D:6E:35:55:CD:90:88:C3:7E:76:AE:0D:3B:4A:07 Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf Certificate serial: 019ACB6F6D20B7DE895D9B08BAA9C9C575F7 Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/1ojW1PCNbjVVzZCIw352rg07Sgc.roa Signing time: Fri 28 Nov 2025 17:07:48 +0000 ROA not before: Fri 28 Nov 2025 17:07:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48678 IP address blocks: 5.180.105.0/24 maxlen: 24 5.180.106.0/24 maxlen: 24 5.180.107.0/24 maxlen: 24 45.131.0.0/24 maxlen: 24 45.131.1.0/24 maxlen: 24 45.131.2.0/24 maxlen: 24 45.131.3.0/24 maxlen: 24 45.136.4.0/24 maxlen: 24 77.83.200.0/24 maxlen: 24 77.83.201.0/24 maxlen: 24 77.83.202.0/24 maxlen: 24 91.208.204.0/24 maxlen: 24 194.116.237.0/24 maxlen: 24 194.146.36.0/24 maxlen: 24 2a09:8780::/29 maxlen: 29 2a0f:b700::/29 maxlen: 29 2a0f:e900::/29 maxlen: 29 2a0f:eb00::/29 maxlen: 29 2a0f:eb05::/32 maxlen: 32 2a0f:eb07::/32 maxlen: 32 2a0f:ed00::/29 maxlen: 29 2a0f:ed03::/32 maxlen: 32 2a0f:f900::/29 maxlen: 29 2a13:a440:7::/48 maxlen: 48 2a13:a441::/32 maxlen: 32 2a13:a445::/32 maxlen: 32 2a13:a447::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cb:6f:6d:20:b7:de:89:5d:9b:08:ba:a9:c9:c5:75:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf Validity Not Before: Nov 28 17:07:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d688d6d4f08d6e3555cd9088c37e76ae0d3b4a07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:00:f4:ae:76:60:a4:a7:cf:82:a0:5d:d8:bf: 01:51:f0:f1:ee:ef:5c:39:f0:09:e2:35:4f:48:6a: a6:f7:5c:b1:6f:ee:7b:c2:99:48:d3:00:57:97:97: 4a:07:3b:a0:b7:cf:46:9d:0d:5f:a3:64:67:74:df: bd:c0:db:d2:54:37:a5:02:53:77:dd:c7:7d:42:ba: 2e:d1:3d:80:9f:07:a5:2c:51:1a:a6:ca:04:ea:2e: bf:f4:4d:c5:10:ca:a8:4f:70:78:ef:25:e8:47:a4: 32:f4:32:da:55:d0:f4:4f:80:03:04:fb:a2:68:a6: 2a:5a:cf:7c:44:ff:cc:6a:ad:0c:c4:8e:1a:90:50: b6:11:fa:c7:dd:98:cd:62:b7:27:72:61:c5:2e:60: 03:94:6b:d4:4a:77:8d:82:60:43:12:d4:8a:18:38: 85:11:31:dd:aa:d4:cd:84:54:66:38:2c:26:5e:20: ea:b2:fa:04:e4:01:cd:8e:c0:83:58:2c:e1:ba:b6: af:44:43:0a:2c:a2:34:b8:9b:f6:84:8f:bc:40:b7: c1:99:8c:74:24:e4:8f:f5:bb:99:88:29:24:24:ab: 6c:58:64:1d:7e:dd:29:a3:54:f2:38:93:6d:d0:73: b7:8a:da:e0:e9:04:e9:99:bf:d3:12:12:4b:c2:5d: af:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:88:D6:D4:F0:8D:6E:35:55:CD:90:88:C3:7E:76:AE:0D:3B:4A:07 X509v3 Authority Key Identifier: keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/1ojW1PCNbjVVzZCIw352rg07Sgc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.180.105.0-5.180.107.255 45.131.0.0/22 45.136.4.0/24 77.83.200.0-77.83.202.255 91.208.204.0/24 194.116.237.0/24 194.146.36.0/24 IPv6: 2a09:8780::/29 2a0f:b700::/29 2a0f:e900::/29 2a0f:eb00::/29 2a0f:ed00::/29 2a0f:f900::/29 2a13:a440:7::/48 2a13:a441::/32 2a13:a445::/32 2a13:a447::/32 Signature Algorithm: sha256WithRSAEncryption 6b:ea:43:b7:da:1c:5f:8e:38:98:6e:42:3b:46:f4:1d:3c:f0: 3e:e6:2f:c8:d3:83:c9:a8:67:e7:bc:9c:2d:33:3d:6c:72:5d: ae:ac:fc:a6:6b:b9:33:58:9b:1b:78:0e:69:90:c3:86:fa:e4: a8:b7:32:53:c8:32:f9:7d:d2:46:5e:69:36:2e:c8:50:9f:0b: 38:ad:6b:19:91:aa:b1:0a:a1:f8:67:a6:df:b8:16:7a:c9:e5: b4:75:d3:62:82:14:67:98:0e:41:ce:c2:cd:15:34:3d:6e:b8: 8b:c2:ac:9d:e1:6d:b0:80:87:6a:f9:2a:12:f2:ca:3d:dc:db: bf:78:e7:51:19:8d:e5:94:da:fd:0c:04:6f:db:ab:c9:4c:0b: d8:ac:81:ca:37:e7:55:9b:5f:98:83:b2:19:d5:ba:0b:f0:b6: 0c:63:d7:1e:c3:67:1e:fa:0b:26:83:0c:b8:0c:01:4e:14:22: 6c:a8:96:99:02:46:bc:08:b6:23:54:a7:74:a5:1b:8e:51:75: ee:50:f0:bc:3d:da:d9:02:3f:90:9f:a9:10:ad:e9:77:ea:c5: 9c:82:3b:e0:05:6f:96:6c:87:77:f3:a6:12:13:ac:c7:9c:7a: 8e:4b:ad:32:62:1c:6f:11:91:e7:fa:d9:4e:04:ee:1d:a4:67: cf:55:61:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgISAZrLb20gt96JXZsIuqnJxXX3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl ZjVkYWYwHhcNMjUxMTI4MTcwNzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjg4ZDZkNGYwOGQ2ZTM1NTVjZDkwODhjMzdlNzZhZTBkM2I0YTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgD0rnZgpKfPgqBd2L8BUfDx7u9c OfAJ4jVPSGqm91yxb+57wplI0wBXl5dKBzugt89GnQ1fo2RndN+9wNvSVDelAlN3 3cd9Qrou0T2AnwelLFEapsoE6i6/9E3FEMqoT3B47yXoR6Qy9DLaVdD0T4ADBPui aKYqWs98RP/Maq0MxI4akFC2EfrH3ZjNYrcncmHFLmADlGvUSneNgmBDEtSKGDiF ETHdqtTNhFRmOCwmXiDqsvoE5AHNjsCDWCzhuravREMKLKI0uJv2hI+8QLfBmYx0 JOSP9buZiCkkJKtsWGQdft0po1TyOJNt0HO3itrg6QTpmb/TEhJLwl2v6QIDAQAB o4ICkDCCAowwHQYDVR0OBBYEFNaI1tTwjW41Vc2QiMN+dq4NO0oHMB8GA1UdIwQY MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt NWRkNmUyMmViYWIwLzEvMW9qVzFQQ05ialZWelpDSXczNTJyZzA3U2djLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjBABAIAATA6MAwDBAAF tGkDBAIFtGgDBAItgwADBAAtiAQwDAMEA01TyAMEAE1TygMEAFvQzAMEAMJ07QME AMKSJDBOBAIAAjBIAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUDKg/rAAMFAyoP7QAD BQMqD/kAAwcAKhOkQAAHAwUAKhOkQQMFACoTpEUDBQAqE6RHMA0GCSqGSIb3DQEB CwUAA4IBAQBr6kO32hxfjjiYbkI7RvQdPPA+5i/I04PJqGfnvJwtMz1scl2urPym a7kzWJsbeA5pkMOG+uSotzJTyDL5fdJGXmk2LshQnws4rWsZkaqxCqH4Z6bfuBZ6 yeW0ddNighRnmA5BzsLNFTQ9briLwqyd4W2wgIdq+SoS8so93Nu/eOdRGY3llNr9 DARv26vJTAvYrIHKN+dVm1+Yg7IZ1boL8LYMY9cew2ce+gsmgwy4DAFOFCJsqJaZ Aka8CLYjVKd0pRuOUXXuUPC8PdrZAj+Qn6kQrel36sWcgjvgBW+WbId386YSE6zH nHqOS60yYhxvEZHn+tlOBO4dpGfPVWG0 -----END CERTIFICATE-----Generated at Fri Dec 5 09:26:45 2025 by rpki-client