This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2ozAZVD4YwE8m724rDHgwEy5ENs.roa File: 2ozAZVD4YwE8m724rDHgwEy5ENs.roa (raw, json) Hash identifier: CivnLJflUep/bCR/wtUkE0MKaZbjEuJkGQhQe7kdEKw= Subject key identifier: DA:8C:C0:65:50:F8:63:01:3C:9B:BD:B8:AC:31:E0:C0:4C:B9:10:DB Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Certificate serial: 019B03F0787AD89D4E8941471C425DD29165 Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2ozAZVD4YwE8m724rDHgwEy5ENs.roa Signing time: Tue 09 Dec 2025 16:27:29 +0000 ROA not before: Tue 09 Dec 2025 16:27:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38136 IP address blocks: 5.34.216.0/21 maxlen: 24 5.226.48.0/22 maxlen: 24 45.137.180.0/22 maxlen: 24 155.254.104.0/21 maxlen: 24 155.254.120.0/21 maxlen: 24 178.236.36.0/22 maxlen: 24 185.36.192.0/22 maxlen: 24 185.220.236.0/22 maxlen: 24 185.248.184.0/22 maxlen: 24 188.253.4.0/22 maxlen: 24 188.253.12.0/22 maxlen: 24 188.253.112.0/21 maxlen: 24 188.253.120.0/21 maxlen: 24 212.87.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 11:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:03:f0:78:7a:d8:9d:4e:89:41:47:1c:42:5d:d2:91:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478 Validity Not Before: Dec 9 16:27:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=da8cc06550f863013c9bbdb8ac31e0c04cb910db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0f:05:d6:4a:d3:6a:5e:87:9f:b0:d6:a7:34: e3:0c:b1:74:26:51:c1:9c:df:98:a1:0b:e4:28:41: da:8a:2d:fd:22:27:0d:ad:8d:d2:37:69:fa:f7:32: e1:54:83:23:dd:e7:44:02:66:c9:26:4a:c2:9c:b8: 72:e1:b0:bf:4c:71:c5:9b:94:64:6e:35:f9:f5:ef: 11:f0:55:6d:2a:a8:17:15:6c:63:35:07:8a:2b:8d: d2:a3:c7:8b:e3:23:33:25:d7:65:de:72:ac:18:f9: f2:fb:b5:1f:18:74:c4:f5:e4:75:0b:98:0f:ca:d5: 9c:60:b6:1b:0a:10:f3:73:93:d4:68:f9:3b:11:c7: 77:24:d5:84:e6:67:ae:e4:25:ca:65:92:d2:71:f3: f3:d4:2f:02:62:c0:20:c7:fc:d6:8c:0d:eb:89:78: 20:91:f9:22:d5:f9:d1:29:25:ef:a2:e7:96:f7:c9: 83:de:5d:dd:5e:2f:5d:5b:45:6f:97:e8:ee:39:d2: cc:21:42:4b:0a:cd:33:ad:9f:53:ce:71:85:85:04: 71:2e:37:31:71:77:87:9f:0b:e4:0e:7f:00:8f:ce: d1:cc:bc:e9:ec:fa:8e:f8:38:0c:9a:15:7a:54:2a: 3d:56:19:af:50:f8:f4:c1:cf:01:81:a0:06:85:a4: 50:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:8C:C0:65:50:F8:63:01:3C:9B:BD:B8:AC:31:E0:C0:4C:B9:10:DB X509v3 Authority Key Identifier: keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/2ozAZVD4YwE8m724rDHgwEy5ENs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.34.216.0/21 5.226.48.0/22 45.137.180.0/22 155.254.104.0/21 155.254.120.0/21 178.236.36.0/22 185.36.192.0/22 185.220.236.0/22 185.248.184.0/22 188.253.4.0/22 188.253.12.0/22 188.253.112.0/20 212.87.192.0/22 Signature Algorithm: sha256WithRSAEncryption 59:05:bf:28:9b:e7:1d:d1:00:b1:bd:c9:5f:a1:0a:81:f1:21: 48:2a:86:ce:cd:c9:23:4a:9e:24:e6:21:8e:14:da:3e:d5:01: 9d:51:bd:15:d5:b7:25:3a:76:89:1c:4f:37:96:3a:92:30:7e: ad:c4:e4:23:a7:ea:1c:c7:9a:d0:d8:96:e0:29:d2:d1:98:4e: fa:b5:27:f5:00:32:ff:e1:5e:0b:36:d9:06:8d:21:9a:95:ee: 9d:9b:1d:2b:61:2c:56:f0:a1:22:1a:20:8c:05:16:ca:d0:ef: 78:3d:70:91:7b:c5:3d:90:cc:a7:bd:fd:28:23:87:d2:33:14: 3f:6d:ca:fa:8f:c6:70:9f:16:c1:ca:e9:13:40:af:76:1f:a7: 73:70:51:ac:ad:cf:15:c9:7c:3d:ac:25:f7:08:d5:f4:e5:d6: 6c:88:03:cb:6a:4c:ae:56:5a:3a:d7:a0:e3:a1:a2:ee:c1:93: 84:d9:2c:eb:0e:e5:8e:32:8e:7d:e8:ae:64:d8:27:56:67:35: 48:09:86:d4:47:c8:2f:31:82:5c:99:b3:cb:b1:a6:b6:5e:0c: 34:73:b3:ff:2d:52:27:5c:0b:57:9e:d4:bc:39:a7:bd:73:91: a1:05:d7:02:4a:ec:08:01:ea:cf:ab:89:33:96:e5:42:fc:b1: 82:62:d6:6a -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZsD8Hh62J1OiUFHHEJd0pFlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2 NWE0NzgwHhcNMjUxMjA5MTYyNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYThjYzA2NTUwZjg2MzAxM2M5YmJkYjhhYzMxZTBjMDRjYjkxMGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg8F1krTal6Hn7DWpzTjDLF0JlHB nN+YoQvkKEHaii39IicNrY3SN2n69zLhVIMj3edEAmbJJkrCnLhy4bC/THHFm5Rk bjX59e8R8FVtKqgXFWxjNQeKK43So8eL4yMzJddl3nKsGPny+7UfGHTE9eR1C5gP ytWcYLYbChDzc5PUaPk7Ecd3JNWE5meu5CXKZZLScfPz1C8CYsAgx/zWjA3riXgg kfki1fnRKSXvoueW98mD3l3dXi9dW0Vvl+juOdLMIUJLCs0zrZ9TznGFhQRxLjcx cXeHnwvkDn8Aj87RzLzp7PqO+DgMmhV6VCo9VhmvUPj0wc8BgaAGhaRQJQIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFNqMwGVQ+GMBPJu9uKwx4MBMuRDbMB8GA1UdIwQY MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt ZmUwNjU5MTc2YTU2LzEvMm96QVpWRDRZd0U4bTcyNHJESGd3RXk1RU5zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2 LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQDBSLYAwQC BeIwAwQCLYm0AwQDm/5oAwQDm/54AwQCsuwkAwQCuSTAAwQCudzsAwQCufi4AwQC vP0EAwQCvP0MAwQEvP1wAwQC1FfAMA0GCSqGSIb3DQEBCwUAA4IBAQBZBb8om+cd 0QCxvclfoQqB8SFIKobOzckjSp4k5iGOFNo+1QGdUb0V1bclOnaJHE83ljqSMH6t xOQjp+ocx5rQ2JbgKdLRmE76tSf1ADL/4V4LNtkGjSGale6dmx0rYSxW8KEiGiCM BRbK0O94PXCRe8U9kMynvf0oI4fSMxQ/bcr6j8ZwnxbByukTQK92H6dzcFGsrc8V yXw9rCX3CNX05dZsiAPLakyuVlo616DjoaLuwZOE2SzrDuWOMo596K5k2CdWZzVI CYbUR8gvMYJcmbPLsaa2Xgw0c7P/LVInXAtXntS8Oae9c5GhBdcCSuwIAerPq4kz luVC/LGCYtZq -----END CERTIFICATE-----Generated at Thu Dec 18 17:13:09 2025 by rpki-client