This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/KK4PgryL9RQ2bV0X4Zecm87C66E.roa File: KK4PgryL9RQ2bV0X4Zecm87C66E.roa (raw, json) Hash identifier: jlHF0tT/m//s5tmxoH49xo4uUVeECgDPKLc+Pykma4M= Subject key identifier: 28:AE:0F:82:BC:8B:F5:14:36:6D:5D:17:E1:97:9C:9B:CE:C2:EB:A1 Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Certificate serial: 019B08DFE69538CFC656B4AB78559C43B34E Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/KK4PgryL9RQ2bV0X4Zecm87C66E.roa Signing time: Wed 10 Dec 2025 15:27:29 +0000 ROA not before: Wed 10 Dec 2025 15:27:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 199967 IP address blocks: 5.181.6.0/24 maxlen: 24 5.181.7.0/24 maxlen: 24 5.183.178.0/24 maxlen: 24 45.12.204.0/24 maxlen: 24 45.66.132.0/24 maxlen: 24 45.66.133.0/24 maxlen: 24 45.82.166.0/24 maxlen: 24 45.128.154.0/24 maxlen: 24 45.134.19.0/24 maxlen: 24 81.90.191.0/24 maxlen: 24 91.217.120.0/24 maxlen: 24 91.217.121.0/24 maxlen: 24 147.78.15.0/24 maxlen: 24 152.89.208.0/24 maxlen: 24 152.89.209.0/24 maxlen: 24 185.105.189.0/24 maxlen: 24 185.105.190.0/24 maxlen: 24 185.120.18.0/24 maxlen: 24 185.120.19.0/24 maxlen: 24 185.126.69.0/24 maxlen: 24 185.126.70.0/24 maxlen: 24 185.126.71.0/24 maxlen: 24 185.126.118.0/24 maxlen: 24 185.126.138.0/24 maxlen: 24 185.159.68.0/24 maxlen: 24 185.159.69.0/24 maxlen: 24 185.159.70.0/24 maxlen: 24 185.160.27.0/24 maxlen: 24 185.168.21.0/24 maxlen: 24 185.168.22.0/24 maxlen: 24 185.168.23.0/24 maxlen: 24 185.171.121.0/24 maxlen: 24 185.175.140.0/24 maxlen: 24 185.175.141.0/24 maxlen: 24 185.187.237.0/24 maxlen: 24 185.187.238.0/24 maxlen: 24 185.187.239.0/24 maxlen: 24 188.119.100.0/24 maxlen: 24 188.119.101.0/24 maxlen: 24 194.156.228.0/24 maxlen: 24 217.197.163.0/24 maxlen: 24 2a0c:8a40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:df:e6:95:38:cf:c6:56:b4:ab:78:55:9c:43:b3:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Validity Not Before: Dec 10 15:27:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=28ae0f82bc8bf514366d5d17e1979c9bcec2eba1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:bf:45:10:cb:ac:9b:12:2d:01:99:04:47:3a: 90:c1:d3:10:fd:d9:d2:d1:53:2c:50:ff:0d:0c:95: 60:de:cf:dd:e5:f0:5f:9f:75:81:70:fb:52:26:cc: b2:7c:9a:d7:13:18:73:9f:2c:66:5d:df:14:d9:75: ec:b8:ac:9d:b9:7b:1b:1a:70:a5:0c:76:54:14:91: 18:0e:bb:1d:9a:a3:d6:c5:41:c4:d3:06:6d:99:4f: 5e:e9:1e:05:5f:8e:e0:17:89:7d:e0:ba:85:dd:37: e9:ce:f3:2a:94:bd:cc:3d:98:2e:33:e0:54:b9:d3: d4:5c:79:0b:cf:2d:06:93:3a:db:c6:31:94:8c:ba: 4f:2f:68:95:99:74:03:9c:68:55:1b:6b:33:ca:cf: fa:d9:18:61:82:74:4e:97:29:be:25:4c:b7:47:8a: d3:ab:6b:29:b7:19:98:37:1f:d1:95:fb:fc:20:64: 4a:b6:47:d2:44:a4:79:b0:d5:10:eb:1f:36:20:d7: f2:18:94:b6:c2:0f:7d:23:54:5c:81:18:78:a9:5c: 2d:c6:9b:a0:37:0f:e2:e0:17:2c:c0:b2:c5:68:a9: 4c:a6:bd:22:fd:58:e4:f7:7f:23:cc:8c:0e:d3:01: 2f:b6:6f:28:46:8d:20:70:af:ed:e6:6e:5c:01:49: a2:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:AE:0F:82:BC:8B:F5:14:36:6D:5D:17:E1:97:9C:9B:CE:C2:EB:A1 X509v3 Authority Key Identifier: keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/KK4PgryL9RQ2bV0X4Zecm87C66E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.6.0/23 5.183.178.0/24 45.12.204.0/24 45.66.132.0/23 45.82.166.0/24 45.128.154.0/24 45.134.19.0/24 81.90.191.0/24 91.217.120.0/23 147.78.15.0/24 152.89.208.0/23 185.105.189.0-185.105.190.255 185.120.18.0/23 185.126.69.0-185.126.71.255 185.126.118.0/24 185.126.138.0/24 185.159.68.0-185.159.70.255 185.160.27.0/24 185.168.21.0-185.168.23.255 185.171.121.0/24 185.175.140.0/23 185.187.237.0-185.187.239.255 188.119.100.0/23 194.156.228.0/24 217.197.163.0/24 IPv6: 2a0c:8a40:1::/48 Signature Algorithm: sha256WithRSAEncryption 69:fa:6b:8c:91:3a:de:6e:03:a0:d7:ee:bc:1a:d1:74:cc:7e: cc:66:57:ac:87:50:59:b0:4c:6d:3b:34:74:e6:f4:2b:42:57: 4b:1c:f2:dd:a5:70:0c:ab:19:70:6f:48:b2:13:6c:85:41:72: 93:0b:bf:72:7d:33:42:7c:dd:1e:fc:36:6a:9d:e3:7f:da:44: 16:3a:ab:6f:f1:c7:82:96:76:13:0a:71:3e:69:e8:cb:b7:60: cd:0b:b4:72:c6:7d:00:15:9a:fe:2d:f8:f3:55:c9:ae:a9:06: 13:d3:06:96:85:a2:03:2f:57:4a:44:26:25:ea:4c:0e:93:2e: 3e:58:65:91:9c:13:ea:15:c8:3b:d1:49:14:5f:2d:92:d4:2d: ba:ca:ba:3a:13:61:ae:6d:bd:be:d7:41:fb:13:f3:4e:22:83: ce:af:76:0b:85:36:f7:60:86:1d:54:3b:1d:81:b7:ef:19:fa: 8c:2e:17:39:b0:fe:90:61:24:c3:5a:0a:32:88:1a:29:47:5b: 04:0a:ab:84:96:fd:77:97:05:23:b0:35:60:34:29:03:5a:68: 3a:bb:21:a4:96:35:72:2d:5f:3f:d9:e8:4a:2b:29:1f:04:3c: 34:c1:f0:d0:e2:b3:c2:85:c7:86:85:37:8a:d6:c8:9b:10:74: da:c0:90:35 -----BEGIN CERTIFICATE----- MIIFyzCCBLOgAwIBAgISAZsI3+aVOM/GVrSreFWcQ7NOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy ODhmMTMwHhcNMjUxMjEwMTUyNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOGFlMGY4MmJjOGJmNTE0MzY2ZDVkMTdlMTk3OWM5YmNlYzJlYmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r9FEMusmxItAZkERzqQwdMQ/dnS 0VMsUP8NDJVg3s/d5fBfn3WBcPtSJsyyfJrXExhznyxmXd8U2XXsuKyduXsbGnCl DHZUFJEYDrsdmqPWxUHE0wZtmU9e6R4FX47gF4l94LqF3TfpzvMqlL3MPZguM+BU udPUXHkLzy0GkzrbxjGUjLpPL2iVmXQDnGhVG2szys/62RhhgnROlym+JUy3R4rT q2sptxmYNx/Rlfv8IGRKtkfSRKR5sNUQ6x82INfyGJS2wg99I1RcgRh4qVwtxpug Nw/i4BcswLLFaKlMpr0i/Vjk938jzIwO0wEvtm8oRo0gcK/t5m5cAUmiaQIDAQAB o4IC1zCCAtMwHQYDVR0OBBYEFCiuD4K8i/UUNm1dF+GXnJvOwuuhMB8GA1UdIwQY MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt NzM2Nzg5ZWU2ZmQwLzEvS0s0UGdyeUw5UlEyYlYwWDRaZWNtODdDNjZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBxQQCAAEwgb4DBAEF tQYDBAAFt7IDBAAtDMwDBAEtQoQDBAAtUqYDBAAtgJoDBAAthhMDBABRWr8DBAFb 2XgDBACTTg8DBAGYWdAwDAMEALlpvQMEALlpvgMEAbl4EjAMAwQAuX5FAwQDuX5A AwQAuX52AwQAuX6KMAwDBAK5n0QDBAC5n0YDBAC5oBswDAMEALmoFQMEA7moEAME ALmreQMEAbmvjDAMAwQAubvtAwQEubvgAwQBvHdkAwQAwpzkAwQA2cWjMA8EAgAC MAkDBwAqDIpAAAEwDQYJKoZIhvcNAQELBQADggEBAGn6a4yROt5uA6DX7rwa0XTM fsxmV6yHUFmwTG07NHTm9CtCV0sc8t2lcAyrGXBvSLITbIVBcpMLv3J9M0J83R78 Nmqd43/aRBY6q2/xx4KWdhMKcT5p6Mu3YM0LtHLGfQAVmv4t+PNVya6pBhPTBpaF ogMvV0pEJiXqTA6TLj5YZZGcE+oVyDvRSRRfLZLULbrKujoTYa5tvb7XQfsT804i g86vdguFNvdghh1UOx2Bt+8Z+owuFzmw/pBhJMNaCjKIGilHWwQKq4SW/XeXBSOw NWA0KQNaaDq7IaSWNXItXz/Z6EorKR8EPDTB8NDis8KFx4aFN4rWyJsQdNrAkDU= -----END CERTIFICATE-----Generated at Sat Dec 20 10:59:10 2025 by rpki-client