This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/zEU1dCR-4rlXlEW4u-atk395zhk.roa File: zEU1dCR-4rlXlEW4u-atk395zhk.roa (raw, json) Hash identifier: Kfvh6mjf8zMx7Jx8eSoWtHWYqopwifCIKWlHo0qGGIA= Subject key identifier: CC:45:35:74:24:7E:E2:B9:57:94:45:B8:BB:E6:AD:93:7F:79:CE:19 Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47 Certificate serial: 019B7910F16F8022C0B972D6E22D8B260A1A Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/zEU1dCR-4rlXlEW4u-atk395zhk.roa Signing time: Thu 01 Jan 2026 10:18:32 +0000 ROA not before: Thu 01 Jan 2026 10:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 27882 IP address blocks: 158.172.152.0/21 maxlen: 21 158.172.152.0/22 maxlen: 22 158.172.152.0/23 maxlen: 23 158.172.152.0/24 maxlen: 24 158.172.153.0/24 maxlen: 24 158.172.154.0/23 maxlen: 23 158.172.154.0/24 maxlen: 24 158.172.155.0/24 maxlen: 24 158.172.156.0/22 maxlen: 22 158.172.156.0/23 maxlen: 23 158.172.156.0/24 maxlen: 24 158.172.157.0/24 maxlen: 24 158.172.158.0/23 maxlen: 23 158.172.158.0/24 maxlen: 24 158.172.159.0/24 maxlen: 24 158.172.224.0/19 maxlen: 19 158.172.224.0/20 maxlen: 20 158.172.224.0/21 maxlen: 21 158.172.224.0/22 maxlen: 22 158.172.224.0/23 maxlen: 23 158.172.224.0/24 maxlen: 24 158.172.225.0/24 maxlen: 24 158.172.226.0/23 maxlen: 23 158.172.226.0/24 maxlen: 24 158.172.227.0/24 maxlen: 24 158.172.228.0/22 maxlen: 22 158.172.228.0/23 maxlen: 23 158.172.228.0/24 maxlen: 24 158.172.229.0/24 maxlen: 24 158.172.230.0/23 maxlen: 23 158.172.230.0/24 maxlen: 24 158.172.231.0/24 maxlen: 24 158.172.232.0/21 maxlen: 21 158.172.232.0/22 maxlen: 22 158.172.232.0/23 maxlen: 23 158.172.232.0/24 maxlen: 24 158.172.233.0/24 maxlen: 24 158.172.234.0/23 maxlen: 23 158.172.234.0/24 maxlen: 24 158.172.235.0/24 maxlen: 24 158.172.236.0/22 maxlen: 22 158.172.236.0/23 maxlen: 23 158.172.236.0/24 maxlen: 24 158.172.237.0/24 maxlen: 24 158.172.238.0/23 maxlen: 23 158.172.238.0/24 maxlen: 24 158.172.239.0/24 maxlen: 24 158.172.240.0/20 maxlen: 20 158.172.240.0/21 maxlen: 21 158.172.240.0/22 maxlen: 22 158.172.240.0/23 maxlen: 23 158.172.240.0/24 maxlen: 24 158.172.241.0/24 maxlen: 24 158.172.242.0/23 maxlen: 23 158.172.242.0/24 maxlen: 24 158.172.243.0/24 maxlen: 24 158.172.244.0/22 maxlen: 22 158.172.244.0/23 maxlen: 23 158.172.244.0/24 maxlen: 24 158.172.245.0/24 maxlen: 24 158.172.246.0/23 maxlen: 23 158.172.246.0/24 maxlen: 24 158.172.247.0/24 maxlen: 24 158.172.248.0/21 maxlen: 21 158.172.248.0/22 maxlen: 22 158.172.248.0/23 maxlen: 23 158.172.248.0/24 maxlen: 24 158.172.249.0/24 maxlen: 24 158.172.250.0/23 maxlen: 23 158.172.250.0/24 maxlen: 24 158.172.251.0/24 maxlen: 24 158.172.252.0/22 maxlen: 22 158.172.252.0/23 maxlen: 23 158.172.252.0/24 maxlen: 24 158.172.253.0/24 maxlen: 24 158.172.254.0/23 maxlen: 23 158.172.254.0/24 maxlen: 24 158.172.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.mft rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:f1:6f:80:22:c0:b9:72:d6:e2:2d:8b:26:0a:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47 Validity Not Before: Jan 1 10:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cc453574247ee2b9579445b8bbe6ad937f79ce19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d5:46:ae:67:c5:81:cc:e0:91:5e:f5:5f:17: a8:bb:13:2b:26:01:0a:04:e8:69:1f:ad:86:2d:7d: f7:6d:c6:1b:3c:4d:15:e8:07:8b:37:ef:d1:07:55: 21:db:1c:55:eb:5a:b3:08:e0:70:7e:24:15:03:88: d4:7a:a5:13:90:51:81:66:e6:75:12:38:1e:75:62: e1:ad:70:58:af:06:5e:40:a1:09:f2:93:69:e7:b5: 52:78:fd:af:0d:6b:f1:03:6c:d4:6a:c5:b3:31:f1: 59:b3:26:27:68:9c:d4:7e:9e:e3:b2:45:4b:60:52: 85:49:fe:23:5c:02:50:e5:49:e0:6b:69:2e:93:62: 6b:84:ab:3d:1f:eb:ad:d0:af:83:79:bb:60:41:62: 5c:00:e8:0e:f7:56:92:68:f3:09:e6:60:e7:ed:1a: 59:ea:69:21:04:8a:96:56:06:df:33:79:3c:6b:e1: b8:b5:12:be:c9:a1:0a:13:4b:95:f4:0d:d4:0a:9b: 66:7f:4c:67:76:6f:df:34:6b:75:e8:cd:f2:29:8c: 40:70:ac:0e:2e:c4:f7:41:72:8a:42:d0:12:98:a9: 78:2e:f7:81:30:9d:b2:d6:6e:58:a3:9e:89:35:cb: 1b:51:81:f3:0b:5b:5c:6c:ee:2c:2b:7e:7b:39:97: 43:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:45:35:74:24:7E:E2:B9:57:94:45:B8:BB:E6:AD:93:7F:79:CE:19 X509v3 Authority Key Identifier: keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/zEU1dCR-4rlXlEW4u-atk395zhk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.172.152.0/21 158.172.224.0/19 Signature Algorithm: sha256WithRSAEncryption a6:27:a6:29:f1:df:34:aa:57:16:a6:f7:32:2a:12:67:a5:1d: 05:42:ba:42:ac:57:44:16:d9:47:f1:5e:e5:13:73:36:a0:90: 1a:38:b6:44:a6:a2:c6:bd:55:84:c9:ae:37:1c:24:d4:5c:52: b6:38:5f:b6:cf:77:9b:82:83:d0:a1:0b:26:5a:69:6a:97:f6: d1:3a:e6:b5:c4:47:3c:6a:d1:b3:9a:13:7a:a0:17:1a:3d:d6: 0e:7a:9e:39:0a:05:76:6c:a8:66:9d:55:0c:8b:5b:6c:be:0e: e7:ab:15:11:71:50:55:ae:2f:ae:c0:0a:b7:8d:ee:f6:fb:83: 57:4e:ea:f3:92:c5:9c:1d:8e:25:e2:21:a6:8d:4c:ec:a3:b1: be:c3:61:04:cc:b5:e0:f7:cc:93:44:11:18:4d:fb:3b:73:20: fb:99:98:3f:7a:db:e8:c8:37:12:f6:f3:d0:9d:fc:17:6a:6e: 87:5e:b1:f9:4d:17:50:76:2e:7f:73:70:3f:31:66:c8:9c:01: 89:97:a0:c8:fe:dd:3f:42:04:00:7d:d2:ac:df:5f:6b:16:09: 90:8a:b4:9a:9b:f2:86:a2:84:5f:fd:9c:21:6f:9e:ac:cd:7c: cc:1f:04:39:de:4e:ed:20:89:68:2e:a3:fb:ff:55:21:2c:30: 72:81:8c:90 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EPFvgCLAuXLW4i2LJgoaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1 MzhkNDcwHhcNMjYwMTAxMTAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzQ1MzU3NDI0N2VlMmI5NTc5NDQ1YjhiYmU2YWQ5MzdmNzljZTE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdVGrmfFgczgkV71XxeouxMrJgEK BOhpH62GLX33bcYbPE0V6AeLN+/RB1Uh2xxV61qzCOBwfiQVA4jUeqUTkFGBZuZ1 EjgedWLhrXBYrwZeQKEJ8pNp57VSeP2vDWvxA2zUasWzMfFZsyYnaJzUfp7jskVL YFKFSf4jXAJQ5Unga2kuk2JrhKs9H+ut0K+DebtgQWJcAOgO91aSaPMJ5mDn7RpZ 6mkhBIqWVgbfM3k8a+G4tRK+yaEKE0uV9A3UCptmf0xndm/fNGt16M3yKYxAcKwO LsT3QXKKQtASmKl4LveBMJ2y1m5Yo56JNcsbUYHzC1tcbO4sK357OZdDrQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMxFNXQkfuK5V5RFuLvmrZN/ec4ZMB8GA1UdIwQY MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It MWVkMTA5NTRiZDk2LzEvekVVMWRDUi00cmxYbEVXNHUtYXRrMzk1emhrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2 LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnqyYAwQF nqzgMA0GCSqGSIb3DQEBCwUAA4IBAQCmJ6Yp8d80qlcWpvcyKhJnpR0FQrpCrFdE FtlH8V7lE3M2oJAaOLZEpqLGvVWEya43HCTUXFK2OF+2z3ebgoPQoQsmWmlql/bR Oua1xEc8atGzmhN6oBcaPdYOep45CgV2bKhmnVUMi1tsvg7nqxURcVBVri+uwAq3 je72+4NXTurzksWcHY4l4iGmjUzso7G+w2EEzLXg98yTRBEYTfs7cyD7mZg/etvo yDcS9vPQnfwXam6HXrH5TRdQdi5/c3A/MWbInAGJl6DI/t0/QgQAfdKs319rFgmQ irSam/KGooRf/Zwhb56szXzMHwQ53k7tIIloLqP7/1UhLDBygYyQ -----END CERTIFICATE-----Generated at Fri Jan 9 09:35:25 2026 by rpki-client