This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/hR0oo0nD_b1JKG75qu_xUQO4cu0.roa File: hR0oo0nD_b1JKG75qu_xUQO4cu0.roa (raw, json) Hash identifier: uqEHvm0262KQRtKp9cYqW3NEGG+vmUpriTFppy0yCgM= Subject key identifier: 85:1D:28:A3:49:C3:FD:BD:49:28:6E:F9:AA:EF:F1:51:03:B8:72:ED Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019ADE484070475370920C2DFD5C43391751 Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/hR0oo0nD_b1JKG75qu_xUQO4cu0.roa Signing time: Tue 02 Dec 2025 08:57:48 +0000 ROA not before: Tue 02 Dec 2025 08:57:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 14618 IP address blocks: 2a14:67c1:a128::/48 maxlen: 48 2a14:67c1:a129::/48 maxlen: 48 2a14:67c2:510::/48 maxlen: 48 2a14:67c2:576::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:de:48:40:70:47:53:70:92:0c:2d:fd:5c:43:39:17:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Dec 2 08:57:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=851d28a349c3fdbd49286ef9aaeff15103b872ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:94:32:43:ad:dd:2f:e5:7e:cf:9f:be:ee:67: ba:4b:3c:85:d5:bc:7d:da:92:86:fb:42:49:44:f8: 24:4e:95:10:cf:a0:d6:29:ab:a1:4c:b8:17:ff:37: 5c:45:0f:44:c3:08:6c:5b:79:8f:2a:35:a9:d9:d5: fc:e9:54:bd:e4:2b:9f:7e:a6:20:a8:31:42:48:92: 3a:2d:9f:c5:7f:8e:f1:d2:45:f4:85:b2:dd:12:2d: 84:5d:47:0d:d2:24:8c:a7:f8:2d:03:0e:23:0b:e3: 55:45:d8:94:cf:0d:07:f2:90:1a:92:34:ed:fd:ed: d3:3b:35:9f:5d:08:9e:9e:a8:32:d8:2b:e5:a2:80: ad:2f:80:d8:4b:12:d1:4f:25:eb:4b:72:f3:b9:4a: dd:61:38:cc:1d:5b:10:24:8c:f2:c7:f8:31:20:65: 11:6b:a1:1e:7b:2a:a7:e8:35:0a:1d:df:ad:bb:f0: f7:30:a5:5b:81:26:32:8d:8b:e1:24:26:60:18:0c: 41:32:ae:49:b5:6a:48:c0:3b:8d:f2:f8:7f:0a:00: fb:45:cd:cb:0e:97:66:8e:24:32:bc:68:53:1c:42: e2:12:24:bd:b4:b5:6c:14:5c:ee:12:9b:76:67:54: 16:87:ab:2d:65:f2:b3:f1:2c:8a:71:13:df:47:f4: 94:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:1D:28:A3:49:C3:FD:BD:49:28:6E:F9:AA:EF:F1:51:03:B8:72:ED X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/hR0oo0nD_b1JKG75qu_xUQO4cu0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:a128::/47 2a14:67c2:510::/48 2a14:67c2:576::/48 Signature Algorithm: sha256WithRSAEncryption aa:3c:32:3c:09:df:7a:cf:a0:74:31:a6:84:22:36:95:d0:26: e0:a1:60:76:f0:f4:92:78:07:53:34:81:ae:0c:ca:58:67:55: 50:27:20:87:d0:7f:00:46:a5:91:6b:bb:85:53:dd:2d:8d:eb: c2:31:64:db:a4:86:31:0a:ba:22:a4:81:be:be:bf:f8:39:d5: 3a:b8:ee:99:8c:3f:0c:2d:2f:ca:52:36:01:44:d2:1b:22:8b: 57:34:96:28:7a:4b:99:83:62:76:9c:d5:3f:65:d7:c4:3b:ab: 61:d5:80:89:33:2c:e0:f6:f2:25:41:38:61:f8:63:0b:35:91: 22:14:8a:a9:a8:1f:66:b2:7c:5e:42:88:fe:1a:54:ea:30:8f: 70:ba:fc:7b:6c:8b:49:91:e9:68:b5:ef:fe:16:2a:67:d9:90: 27:2d:3a:67:45:0f:04:df:f0:a3:76:cf:61:cd:12:87:dd:93: 91:3c:09:85:09:c2:4f:cd:a6:c6:60:61:b1:f2:f1:af:f4:0c: e3:a1:45:d3:dc:af:70:53:7d:91:3b:15:58:45:ed:5d:75:a0: 56:81:46:cf:e1:73:b4:74:63:92:3d:76:e6:40:a1:88:21:0b: 5e:92:14:cc:68:ca:88:c0:43:12:91:64:61:b4:02:d5:8d:c0: c9:cd:c8:83 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZreSEBwR1Nwkgwt/VxDORdRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjUxMjAyMDg1NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTFkMjhhMzQ5YzNmZGJkNDkyODZlZjlhYWVmZjE1MTAzYjg3MmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJQyQ63dL+V+z5++7me6SzyF1bx9 2pKG+0JJRPgkTpUQz6DWKauhTLgX/zdcRQ9EwwhsW3mPKjWp2dX86VS95CuffqYg qDFCSJI6LZ/Ff47x0kX0hbLdEi2EXUcN0iSMp/gtAw4jC+NVRdiUzw0H8pAakjTt /e3TOzWfXQienqgy2CvlooCtL4DYSxLRTyXrS3LzuUrdYTjMHVsQJIzyx/gxIGUR a6Eeeyqn6DUKHd+tu/D3MKVbgSYyjYvhJCZgGAxBMq5JtWpIwDuN8vh/CgD7Rc3L DpdmjiQyvGhTHELiEiS9tLVsFFzuEpt2Z1QWh6stZfKz8SyKcRPfR/SUVwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFIUdKKNJw/29SShu+arv8VEDuHLtMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvaFIwb28wbkRfYjFKS0c3NXF1X3hVUU80Y3UwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcBKhRnwaEo AwcAKhRnwgUQAwcAKhRnwgV2MA0GCSqGSIb3DQEBCwUAA4IBAQCqPDI8Cd96z6B0 MaaEIjaV0CbgoWB28PSSeAdTNIGuDMpYZ1VQJyCH0H8ARqWRa7uFU90tjevCMWTb pIYxCroipIG+vr/4OdU6uO6ZjD8MLS/KUjYBRNIbIotXNJYoekuZg2J2nNU/ZdfE O6th1YCJMyzg9vIlQThh+GMLNZEiFIqpqB9msnxeQoj+GlTqMI9wuvx7bItJkelo te/+Fipn2ZAnLTpnRQ8E3/Cjds9hzRKH3ZORPAmFCcJPzabGYGGx8vGv9AzjoUXT 3K9wU32ROxVYRe1ddaBWgUbP4XO0dGOSPXbmQKGIIQtekhTMaMqIwEMSkWRhtALV jcDJzciD -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:44 2025 by rpki-client