This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/pESTGnCy0wB2wiBipuzgcCqRNyI.roa File: pESTGnCy0wB2wiBipuzgcCqRNyI.roa (raw, json) Hash identifier: P7yuHfKhf2uWT9qydVlAxSy489jw1/Pw7tcvgewCSKY= Subject key identifier: A4:44:93:1A:70:B2:D3:00:76:C2:20:62:A6:EC:E0:70:2A:91:37:22 Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Certificate serial: 019B30932C14311FE86303CBC80F020820A3 Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/pESTGnCy0wB2wiBipuzgcCqRNyI.roa Signing time: Thu 18 Dec 2025 08:28:30 +0000 ROA not before: Thu 18 Dec 2025 08:28:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 3257 IP address blocks: 46.33.64.0/19 maxlen: 24 62.41.0.0/20 maxlen: 24 62.41.16.0/21 maxlen: 24 62.41.24.0/22 maxlen: 24 62.41.32.0/24 maxlen: 24 62.41.37.0/24 maxlen: 24 62.41.56.0/21 maxlen: 24 62.41.64.0/20 maxlen: 24 62.41.80.0/22 maxlen: 24 62.41.84.0/23 maxlen: 24 62.41.102.0/24 maxlen: 24 62.41.160.0/24 maxlen: 24 62.50.128.0/19 maxlen: 19 62.132.0.0/22 maxlen: 22 62.132.16.0/22 maxlen: 22 62.132.24.0/23 maxlen: 23 62.132.28.0/24 maxlen: 24 62.132.42.0/23 maxlen: 23 62.132.114.0/23 maxlen: 23 62.132.116.0/23 maxlen: 23 62.132.132.0/23 maxlen: 23 77.67.0.0/17 maxlen: 24 77.77.128.0/18 maxlen: 24 87.119.64.0/18 maxlen: 24 89.149.128.0/18 maxlen: 24 92.71.0.0/17 maxlen: 17 92.71.128.0/18 maxlen: 18 134.222.0.0/16 maxlen: 16 135.196.48.0/21 maxlen: 24 135.196.228.0/23 maxlen: 24 135.196.232.0/23 maxlen: 24 135.196.238.0/23 maxlen: 24 141.136.96.0/20 maxlen: 20 185.160.40.0/22 maxlen: 22 192.16.202.0/24 maxlen: 24 192.54.104.0/24 maxlen: 24 192.67.190.0/23 maxlen: 23 192.67.192.0/22 maxlen: 22 192.67.196.0/24 maxlen: 24 192.129.32.0/23 maxlen: 23 192.129.36.0/24 maxlen: 24 192.129.43.0/24 maxlen: 24 192.129.44.0/24 maxlen: 24 192.129.46.0/23 maxlen: 23 192.129.48.0/23 maxlen: 23 192.129.54.0/24 maxlen: 24 192.129.56.0/23 maxlen: 24 193.141.0.0/23 maxlen: 23 193.141.2.0/24 maxlen: 24 193.141.40.0/22 maxlen: 22 193.141.44.0/23 maxlen: 23 193.141.140.0/23 maxlen: 23 193.242.80.0/20 maxlen: 20 194.41.62.0/24 maxlen: 24 194.45.4.0/23 maxlen: 23 194.45.12.0/23 maxlen: 23 194.45.47.0/24 maxlen: 24 194.45.98.0/23 maxlen: 23 194.45.182.0/23 maxlen: 23 194.120.0.0/24 maxlen: 24 194.120.43.0/24 maxlen: 24 194.120.112.0/22 maxlen: 22 194.120.120.0/22 maxlen: 22 194.121.52.0/22 maxlen: 22 194.121.104.0/23 maxlen: 23 194.121.123.0/24 maxlen: 24 194.121.203.0/24 maxlen: 24 194.121.220.0/22 maxlen: 22 194.122.76.0/22 maxlen: 22 194.122.80.0/21 maxlen: 21 194.122.120.0/21 maxlen: 21 194.122.224.0/20 maxlen: 20 194.122.248.0/22 maxlen: 22 194.123.122.0/24 maxlen: 24 194.123.164.0/24 maxlen: 24 195.143.0.0/16 maxlen: 24 195.162.240.0/20 maxlen: 20 212.0.224.0/19 maxlen: 19 212.1.0.0/19 maxlen: 19 212.14.64.0/19 maxlen: 19 212.27.160.0/19 maxlen: 19 212.56.0.0/19 maxlen: 19 212.81.64.0/18 maxlen: 18 212.115.128.0/18 maxlen: 24 212.189.0.0/17 maxlen: 17 212.221.0.0/17 maxlen: 24 212.222.0.0/16 maxlen: 24 213.200.64.0/18 maxlen: 18 213.251.0.0/18 maxlen: 24 213.254.192.0/18 maxlen: 24 217.114.112.0/20 maxlen: 20 217.117.160.0/20 maxlen: 20 217.118.112.0/20 maxlen: 20 217.195.224.0/19 maxlen: 19 2001:668::/29 maxlen: 64 2001:680::/32 maxlen: 32 2001:680:12::/48 maxlen: 48 2001:680:16::/48 maxlen: 48 2001:680:19::/48 maxlen: 48 2001:680:20::/48 maxlen: 48 2a00:1750::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:93:2c:14:31:1f:e8:63:03:cb:c8:0f:02:08:20:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Validity Not Before: Dec 18 08:28:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a444931a70b2d30076c22062a6ece0702a913722 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0f:71:b0:1c:28:9b:45:b1:06:c9:79:75:0d: 86:13:9b:e0:35:b4:90:73:f1:1f:71:d7:4c:14:88: 96:6f:35:cf:d0:80:93:71:3a:eb:d3:ce:8d:ec:b7: 43:d3:8e:a4:52:2a:63:f5:5d:30:c4:c1:f0:ec:6a: f4:34:7d:b2:59:ee:79:6c:0a:28:de:79:da:f5:59: 00:f8:4a:cc:82:3a:d2:69:e3:72:3b:17:7d:a4:b3: 51:bb:7e:8d:a6:d0:04:4c:0b:07:13:d7:6b:f7:57: 56:23:3a:c2:11:af:13:1d:92:4d:27:30:c5:ae:f4: ab:e9:d8:63:01:ed:48:38:7c:71:d0:a4:38:ce:cd: 5e:7a:00:3f:d1:00:f9:ea:f5:df:2d:c2:f5:1c:6b: 3c:6a:57:61:11:aa:bb:35:b5:18:42:1a:ec:f0:5e: 53:2c:90:c2:bc:28:e2:fd:26:d7:df:7c:26:a4:34: b2:6f:e7:06:09:18:7f:3d:0d:b5:43:04:3c:c9:ea: 25:75:9c:45:11:83:8c:fc:39:0c:df:1a:db:ae:c7: 64:50:bd:17:8b:ab:c8:3d:e5:6a:d9:a0:1b:f1:2e: b6:63:c6:d3:d8:0a:8e:49:2b:62:7a:12:a3:f5:cb: 44:53:01:b2:9f:ab:c1:9a:ef:08:e2:20:5b:f2:eb: b9:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:44:93:1A:70:B2:D3:00:76:C2:20:62:A6:EC:E0:70:2A:91:37:22 X509v3 Authority Key Identifier: keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/pESTGnCy0wB2wiBipuzgcCqRNyI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.33.64.0/19 62.41.0.0-62.41.27.255 62.41.32.0/24 62.41.37.0/24 62.41.56.0-62.41.85.255 62.41.102.0/24 62.41.160.0/24 62.50.128.0/19 62.132.0.0/22 62.132.16.0/22 62.132.24.0/23 62.132.28.0/24 62.132.42.0/23 62.132.114.0-62.132.117.255 62.132.132.0/23 77.67.0.0/17 77.77.128.0/18 87.119.64.0/18 89.149.128.0/18 92.71.0.0-92.71.191.255 134.222.0.0/16 135.196.48.0/21 135.196.228.0/23 135.196.232.0/23 135.196.238.0/23 141.136.96.0/20 185.160.40.0/22 192.16.202.0/24 192.54.104.0/24 192.67.190.0-192.67.196.255 192.129.32.0/23 192.129.36.0/24 192.129.43.0-192.129.44.255 192.129.46.0-192.129.49.255 192.129.54.0/24 192.129.56.0/23 193.141.0.0-193.141.2.255 193.141.40.0-193.141.45.255 193.141.140.0/23 193.242.80.0/20 194.41.62.0/24 194.45.4.0/23 194.45.12.0/23 194.45.47.0/24 194.45.98.0/23 194.45.182.0/23 194.120.0.0/24 194.120.43.0/24 194.120.112.0/22 194.120.120.0/22 194.121.52.0/22 194.121.104.0/23 194.121.123.0/24 194.121.203.0/24 194.121.220.0/22 194.122.76.0-194.122.87.255 194.122.120.0/21 194.122.224.0/20 194.122.248.0/22 194.123.122.0/24 194.123.164.0/24 195.143.0.0/16 195.162.240.0/20 212.0.224.0-212.1.31.255 212.14.64.0/19 212.27.160.0/19 212.56.0.0/19 212.81.64.0/18 212.115.128.0/18 212.189.0.0/17 212.221.0.0/17 212.222.0.0/16 213.200.64.0/18 213.251.0.0/18 213.254.192.0/18 217.114.112.0/20 217.117.160.0/20 217.118.112.0/20 217.195.224.0/19 IPv6: 2001:668::/29 2001:680::/32 2a00:1750::/32 Signature Algorithm: sha256WithRSAEncryption bc:6a:a6:0e:db:21:9b:1c:fa:3d:b9:36:a7:63:9c:7d:2e:1b: 3d:80:1a:8c:56:3b:fb:de:a0:e6:27:fb:94:59:03:18:b9:d6: 1b:88:5f:bb:d9:63:84:0c:87:8d:fd:87:79:c1:2d:9d:fc:80: 41:83:41:d7:44:97:27:e3:0a:6f:d8:04:07:ef:39:9b:60:d2: 4a:41:da:e4:ae:71:71:20:c8:7b:bd:f7:47:63:3f:2a:ea:49: 17:97:c8:39:14:47:00:97:7f:7e:60:11:4c:3d:cf:8a:9b:e2: a1:b2:3d:6f:10:b3:52:f3:e5:25:29:18:af:74:6e:54:d1:70: da:8d:64:a2:1f:1f:cd:e1:10:37:ad:7e:2c:7f:7b:6a:4b:f1: e2:01:0b:0a:fa:7e:71:40:03:ff:35:6f:5b:0f:b7:57:0d:1c: 1b:b1:a6:5f:62:b1:ff:69:c3:23:15:05:6f:4c:92:29:90:83: 82:44:50:c7:43:75:68:a0:0e:0e:e4:86:5a:f0:51:8a:b9:66: f7:f5:dd:9e:6a:90:95:d8:a6:10:72:60:04:26:03:54:e4:d6: d3:ba:09:8e:db:e2:5d:c5:43:0d:54:f5:c6:ca:cb:92:65:bd: ef:cf:57:84:c4:0d:1d:d2:90:63:7b:de:0f:4c:0f:49:80:ec: cd:1d:86:a1 -----BEGIN CERTIFICATE----- MIIHSjCCBjKgAwIBAgISAZswkywUMR/oYwPLyA8CCCCjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0 NmQxNzEwHhcNMjUxMjE4MDgyODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDQ0OTMxYTcwYjJkMzAwNzZjMjIwNjJhNmVjZTA3MDJhOTEzNzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtA9xsBwom0WxBsl5dQ2GE5vgNbSQ c/EfcddMFIiWbzXP0ICTcTrr086N7LdD046kUipj9V0wxMHw7Gr0NH2yWe55bAoo 3nna9VkA+ErMgjrSaeNyOxd9pLNRu36NptAETAsHE9dr91dWIzrCEa8THZJNJzDF rvSr6dhjAe1IOHxx0KQ4zs1eegA/0QD56vXfLcL1HGs8aldhEaq7NbUYQhrs8F5T LJDCvCji/SbX33wmpDSyb+cGCRh/PQ21QwQ8yeoldZxFEYOM/DkM3xrbrsdkUL0X i6vIPeVq2aAb8S62Y8bT2AqOSStiehKj9ctEUwGyn6vBmu8I4iBb8uu5VwIDAQAB o4IEVjCCBFIwHQYDVR0OBBYEFKREkxpwstMAdsIgYqbs4HAqkTciMB8GA1UdIwQY MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt MGNmMTA5M2Q0NTQ4LzEvcEVTVEduQ3kwd0Iyd2lCaXB1emdjQ3FSTnlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4 LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIICagYIKwYBBQUHAQcBAf8EggJZMIICVTCCAjQEAgABMIIC LAMEBS4hQDALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAME AD4pZgMEAD4poAMEBT4ygAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAM AwQBPoRyAwQBPoR0AwQBPoSEAwQHTUMAAwQGTU2AAwQGV3dAAwQGWZWAMAsDAwBc RwMEBlxHgAMDAIbeAwQDh8QwAwQBh8TkAwQBh8ToAwQBh8TuAwQEjYhgAwQCuaAo AwQAwBDKAwQAwDZoMAwDBAHAQ74DBADAQ8QDBAHAgSADBADAgSQwDAMEAMCBKwME AMCBLDAMAwQBwIEuAwQBwIEwAwQAwIE2AwQBwIE4MAsDAwDBjQMEAMGNAjAMAwQD wY0oAwQBwY0sAwQBwY2MAwQEwfJQAwQAwik+AwQBwi0EAwQBwi0MAwQAwi0vAwQB wi1iAwQBwi22AwQAwngAAwQAwngrAwQCwnhwAwQCwnh4AwQCwnk0AwQBwnloAwQA wnl7AwQAwnnLAwQCwnncMAwDBALCekwDBAPCelADBAPCengDBATCeuADBALCevgD BADCe3oDBADCe6QDAwDDjwMEBMOi8DAMAwQF1ADgAwQF1AEAAwQF1A5AAwQF1Bug AwQF1DgAAwQG1FFAAwQG1HOAAwQH1L0AAwQH1N0AAwMA1N4DBAbVyEADBAbV+wAD BAbV/sADBATZcnADBATZdaADBATZdnADBAXZw+AwGwQCAAIwFQMFAyABBmgDBQAg AQaAAwUAKgAXUDANBgkqhkiG9w0BAQsFAAOCAQEAvGqmDtshmxz6Pbk2p2OcfS4b PYAajFY7+96g5if7lFkDGLnWG4hfu9ljhAyHjf2HecEtnfyAQYNB10SXJ+MKb9gE B+85m2DSSkHa5K5xcSDIe733R2M/KupJF5fIORRHAJd/fmARTD3PipviobI9bxCz UvPlJSkYr3RuVNFw2o1koh8fzeEQN61+LH97akvx4gELCvp+cUAD/zVvWw+3Vw0c G7GmX2Kx/2nDIxUFb0ySKZCDgkRQx0N1aKAODuSGWvBRirlm9/XdnmqQldimEHJg BCYDVOTW07oJjtviXcVDDVT1xsrLkmW9789XhMQNHdKQY3veD0wPSYDszR2GoQ== -----END CERTIFICATE-----Generated at Thu Dec 18 22:33:20 2025 by rpki-client