This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/AfrLz1T-1kNW_DSUEVwyvRKA2S8.roa File: AfrLz1T-1kNW_DSUEVwyvRKA2S8.roa (raw, json) Hash identifier: SjlLDWt9y+9Lt8K1w4tXzYUlW8JgzTec4XWnQFLGvBU= Subject key identifier: 01:FA:CB:CF:54:FE:D6:43:56:FC:34:94:11:5C:32:BD:12:80:D9:2F Certificate issuer: /CN=40c57f7c0befe63b6004e944df684c9d51e468f3 Certificate serial: 019A8BB57A30C5AC02928EB34FD8A624CDBA Authority key identifier: 40:C5:7F:7C:0B:EF:E6:3B:60:04:E9:44:DF:68:4C:9D:51:E4:68:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMV_fAvv5jtgBOlE32hMnVHkaPM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/AfrLz1T-1kNW_DSUEVwyvRKA2S8.roa Signing time: Sun 16 Nov 2025 08:08:37 +0000 ROA not before: Sun 16 Nov 2025 08:08:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57574 IP address blocks: 164.215.56.0/23 maxlen: 23 164.215.58.0/24 maxlen: 24 164.215.59.0/24 maxlen: 24 164.215.60.0/23 maxlen: 23 164.215.60.0/24 maxlen: 24 164.215.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/QMV_fAvv5jtgBOlE32hMnVHkaPM.crl rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/QMV_fAvv5jtgBOlE32hMnVHkaPM.mft rsync://rpki.ripe.net/repository/DEFAULT/QMV_fAvv5jtgBOlE32hMnVHkaPM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:8b:b5:7a:30:c5:ac:02:92:8e:b3:4f:d8:a6:24:cd:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40c57f7c0befe63b6004e944df684c9d51e468f3 Validity Not Before: Nov 16 08:08:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=01facbcf54fed64356fc3494115c32bd1280d92f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:d1:30:39:01:bf:69:4c:05:da:fb:a4:aa:99: e6:20:13:46:9c:b3:ec:d6:0d:92:32:c6:d7:8e:7c: 3c:e0:ba:3e:a2:35:e3:bc:2d:1f:60:88:69:c8:c2: 1a:35:d1:e6:46:a9:dc:b2:d8:0f:ed:dc:9b:ee:25: 89:f0:99:43:32:f4:db:0a:27:27:c2:f0:59:04:66: 1a:6d:d7:ae:c8:1e:31:16:db:23:a2:ae:5c:de:66: de:fa:a8:a3:ec:48:ee:c2:1a:cc:45:3c:c8:1a:38: 75:fd:7e:17:e6:56:bf:2d:5c:fc:4c:98:51:c4:f7: 8c:0f:f3:56:0e:b8:97:45:48:95:9e:19:10:78:cc: 75:3e:58:42:03:b0:7e:1b:dc:eb:7e:5f:0a:49:65: 32:d3:12:93:5c:3f:dc:e9:c8:5a:a5:3e:a0:8b:6e: 70:7b:29:ef:4d:8d:b8:4a:c1:95:a0:e0:5c:ee:4f: 4c:8a:d6:11:25:21:1b:17:c7:f9:44:7e:f1:e2:5c: b0:21:9a:13:44:4f:e6:f8:ac:a7:e3:4d:7b:fa:14: 75:27:38:c0:db:55:94:2f:12:80:f3:a5:3f:10:66: e9:2c:23:f3:6c:b3:89:f4:3f:63:f8:ca:b4:fe:e6: 51:ba:8d:d3:59:d3:fd:cf:8f:ba:28:ea:72:54:39: f4:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:FA:CB:CF:54:FE:D6:43:56:FC:34:94:11:5C:32:BD:12:80:D9:2F X509v3 Authority Key Identifier: keyid:40:C5:7F:7C:0B:EF:E6:3B:60:04:E9:44:DF:68:4C:9D:51:E4:68:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMV_fAvv5jtgBOlE32hMnVHkaPM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/AfrLz1T-1kNW_DSUEVwyvRKA2S8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/fe2e01-d854-4fbc-ba19-2b012fe8ea52/1/QMV_fAvv5jtgBOlE32hMnVHkaPM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 164.215.56.0-164.215.61.255 Signature Algorithm: sha256WithRSAEncryption 46:db:35:90:47:0f:7b:07:63:e9:41:f0:a6:d1:a0:1b:da:15: 89:89:28:bd:86:e8:b4:92:e6:56:4c:80:6b:91:b6:ad:ad:0c: d5:bc:ed:db:1c:19:15:cb:a1:df:a4:7f:3b:57:da:f7:39:fc: b1:ee:38:53:bd:93:ef:62:64:d0:12:4e:66:59:ff:a0:d4:48: 97:81:48:7b:3f:14:cd:a1:13:e5:28:73:55:38:33:51:26:40: ba:12:6e:da:39:24:4d:f2:a0:1a:62:93:ea:f7:51:87:c5:61: ad:44:69:66:f9:2d:9f:85:e0:fb:46:b6:5a:2a:00:29:5e:91: 15:be:ac:30:06:1f:07:ea:b6:be:e4:38:e8:b9:3e:b1:41:7d: 84:f6:4b:4c:e7:3c:19:a3:22:5f:0d:2e:63:41:12:e3:39:1c: 1c:3e:f5:dd:52:a0:15:53:f5:de:c9:37:d1:3d:31:cf:c2:fa: 0b:07:d5:b4:c8:f6:58:a4:7a:db:5e:6e:6a:f7:5f:5b:12:18: 5e:19:79:1e:77:ce:ad:b7:94:71:1d:8f:44:16:ac:32:3f:11: eb:ab:04:20:b5:22:e5:28:66:52:3c:86:6e:a7:27:bc:bd:91: 19:80:d6:70:94:fe:8e:78:c9:c9:77:1f:6d:22:f9:42:3b:ba: f1:80:61:ea -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZqLtXowxawCko6zT9imJM26MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwYzU3ZjdjMGJlZmU2M2I2MDA0ZTk0NGRmNjg0YzlkNTFl NDY4ZjMwHhcNMjUxMTE2MDgwODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMWZhY2JjZjU0ZmVkNjQzNTZmYzM0OTQxMTVjMzJiZDEyODBkOTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NEwOQG/aUwF2vukqpnmIBNGnLPs 1g2SMsbXjnw84Lo+ojXjvC0fYIhpyMIaNdHmRqncstgP7dyb7iWJ8JlDMvTbCicn wvBZBGYabdeuyB4xFtsjoq5c3mbe+qij7EjuwhrMRTzIGjh1/X4X5la/LVz8TJhR xPeMD/NWDriXRUiVnhkQeMx1PlhCA7B+G9zrfl8KSWUy0xKTXD/c6chapT6gi25w eynvTY24SsGVoOBc7k9MitYRJSEbF8f5RH7x4lywIZoTRE/m+Kyn4017+hR1JzjA 21WULxKA86U/EGbpLCPzbLOJ9D9j+Mq0/uZRuo3TWdP9z4+6KOpyVDn0hwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFAH6y89U/tZDVvw0lBFcMr0SgNkvMB8GA1UdIwQY MBaAFEDFf3wL7+Y7YATpRN9oTJ1R5GjzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU1WX2ZBdnY1anRnQk9sRTMyaE1uVkhrYVBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mZTJlMDEtZDg1NC00ZmJjLWJhMTkt MmIwMTJmZThlYTUyLzEvQWZyTHoxVC0xa05XX0RTVUVWd3l2UktBMlM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9mZTJlMDEtZDg1NC00ZmJjLWJhMTktMmIwMTJmZThlYTUy LzEvUU1WX2ZBdnY1anRnQk9sRTMyaE1uVkhrYVBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOk1zgD BAGk1zwwDQYJKoZIhvcNAQELBQADggEBAEbbNZBHD3sHY+lB8KbRoBvaFYmJKL2G 6LSS5lZMgGuRtq2tDNW87dscGRXLod+kfztX2vc5/LHuOFO9k+9iZNASTmZZ/6DU SJeBSHs/FM2hE+Uoc1U4M1EmQLoSbto5JE3yoBpik+r3UYfFYa1EaWb5LZ+F4PtG tloqAClekRW+rDAGHwfqtr7kOOi5PrFBfYT2S0znPBmjIl8NLmNBEuM5HBw+9d1S oBVT9d7JN9E9Mc/C+gsH1bTI9likettebmr3X1sSGF4ZeR53zq23lHEdj0QWrDI/ EeurBCC1IuUoZlI8hm6nJ7y9kRmA1nCU/o54ycl3H20i+UI7uvGAYeo= -----END CERTIFICATE-----Generated at Sat Dec 6 19:45:06 2025 by rpki-client