This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/A1sHhifnNT-Aumc_ps2nMEQ_8zU.roa File: A1sHhifnNT-Aumc_ps2nMEQ_8zU.roa (raw, json) Hash identifier: RWo0jZxaIA2cGMFm2ziPtN2NQqQk5lPvGyA4RgrQKHQ= Subject key identifier: 03:5B:07:86:27:E7:35:3F:80:BA:67:3F:A6:CD:A7:30:44:3F:F3:35 Certificate issuer: /CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2 Certificate serial: 019ACBD8B4BE74FBC567CD5C8EFD6512FD97 Authority key identifier: 86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/A1sHhifnNT-Aumc_ps2nMEQ_8zU.roa Signing time: Fri 28 Nov 2025 19:02:48 +0000 ROA not before: Fri 28 Nov 2025 19:02:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 13020 IP address blocks: 151.219.0.0/16 maxlen: 16 2001:67c:20a1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.mft rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cb:d8:b4:be:74:fb:c5:67:cd:5c:8e:fd:65:12:fd:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2 Validity Not Before: Nov 28 19:02:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=035b078627e7353f80ba673fa6cda730443ff335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:51:ec:64:86:49:9b:cd:7f:4e:fb:6d:23:10: 5a:fa:0e:df:fb:b6:0e:1e:56:73:2c:52:d3:35:6f: a7:9c:d6:13:2e:14:21:38:df:fb:91:46:b0:d8:98: d8:45:52:e6:4a:ad:27:2f:f3:3c:d3:bf:c0:31:7b: f2:1c:82:f7:22:c8:47:d8:26:56:bf:6a:b6:17:26: c1:23:d4:20:2b:ed:83:5b:51:9a:04:4e:5b:e5:51: d8:9d:90:33:0a:03:b6:58:0e:96:ce:f3:93:40:bc: 02:b3:f6:ba:d8:d8:64:5d:68:7d:96:cc:0e:8a:bf: ef:56:9f:46:67:b6:2d:e8:5e:7d:81:ea:48:d3:00: 99:58:b5:2e:b4:23:f2:c1:2f:44:54:f6:c3:cc:29: 53:97:75:fc:e6:bb:61:99:d8:fd:d7:59:b1:0b:3e: d4:e5:bc:db:7c:43:27:08:d1:8f:b3:cc:25:c5:13: 66:dd:06:e4:22:a6:15:52:d0:da:a7:36:4a:78:62: 7e:83:4a:cc:bb:ab:ea:fe:e3:60:86:6b:7c:fe:81: 63:bc:37:f7:fc:22:19:5c:61:95:96:38:42:c0:06: 23:6c:2e:d2:5c:a4:57:4f:3a:92:d6:90:5c:41:9f: 6d:27:52:f1:42:e1:fb:ad:0a:13:b9:0e:cd:58:ee: 03:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:5B:07:86:27:E7:35:3F:80:BA:67:3F:A6:CD:A7:30:44:3F:F3:35 X509v3 Authority Key Identifier: keyid:86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/A1sHhifnNT-Aumc_ps2nMEQ_8zU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.219.0.0/16 IPv6: 2001:67c:20a1::/48 Signature Algorithm: sha256WithRSAEncryption 97:f5:a4:d1:62:a3:b4:cd:35:36:3d:75:93:71:cf:b1:3c:81: 8b:66:a7:82:3a:dd:cf:1c:96:06:86:a7:54:90:17:99:47:7a: f3:94:2a:e6:b9:e2:40:9a:27:19:4b:11:22:e9:a9:d5:70:02: 02:32:3d:a4:c8:aa:2f:89:f7:8e:02:86:dd:ba:41:4b:06:bb: 40:bc:70:07:b0:07:22:71:a6:9d:ad:bd:7c:59:79:27:d8:ae: 36:1a:d0:05:93:22:d4:48:e1:f0:0e:3c:0b:54:6b:4a:1f:1b: e5:7e:ae:77:36:ae:e4:7c:fe:75:07:1c:3e:c2:6f:e5:03:cc: 24:d4:5c:cf:d7:fc:fc:c2:ee:74:d9:a5:43:b5:f0:14:54:38: ef:f5:5e:05:50:61:c5:54:70:c7:08:19:58:5d:9f:86:96:12: 6c:69:80:39:e0:ca:52:2b:c6:3d:46:0d:7b:5c:90:1a:46:23: ce:69:03:34:97:93:a9:77:e9:72:18:3c:e9:a4:7e:d7:6c:72: cd:2a:6b:4c:15:2a:31:39:22:58:1c:b8:a6:bf:74:b9:f9:a2: 35:38:42:c3:a1:cc:4a:02:24:d6:e8:de:67:e5:e0:5f:83:d2: 6c:92:3d:bc:f2:cd:ab:91:94:25:e4:7b:c1:ac:14:31:52:b1: b5:40:6e:9c -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZrL2LS+dPvFZ81cjv1lEv2XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MGQ5ZjAxYTk4YjUxNGViZDNjMjcyM2Q3ZjdlYjQ0ODMy NmY1ZTIwHhcNMjUxMTI4MTkwMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzViMDc4NjI3ZTczNTNmODBiYTY3M2ZhNmNkYTczMDQ0M2ZmMzM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVHsZIZJm81/TvttIxBa+g7f+7YO HlZzLFLTNW+nnNYTLhQhON/7kUaw2JjYRVLmSq0nL/M807/AMXvyHIL3IshH2CZW v2q2FybBI9QgK+2DW1GaBE5b5VHYnZAzCgO2WA6WzvOTQLwCs/a62NhkXWh9lswO ir/vVp9GZ7Yt6F59gepI0wCZWLUutCPywS9EVPbDzClTl3X85rthmdj911mxCz7U 5bzbfEMnCNGPs8wlxRNm3QbkIqYVUtDapzZKeGJ+g0rMu6vq/uNghmt8/oFjvDf3 /CIZXGGVljhCwAYjbC7SXKRXTzqS1pBcQZ9tJ1LxQuH7rQoTuQ7NWO4DJQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFANbB4Yn5zU/gLpnP6bNpzBEP/M1MB8GA1UdIwQY MBaAFIYNnwGpi1FOvTwnI9f360SDJvXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQt NjFjYjQzYzJkYjg1LzEvQTFzSGhpZm5OVC1BdW1jX3BzMm5NRVFfOHpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQtNjFjYjQzYzJkYjg1 LzEvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAl9swDwQC AAIwCQMHACABBnwgoTANBgkqhkiG9w0BAQsFAAOCAQEAl/Wk0WKjtM01Nj11k3HP sTyBi2angjrdzxyWBoanVJAXmUd685Qq5rniQJonGUsRIump1XACAjI9pMiqL4n3 jgKG3bpBSwa7QLxwB7AHInGmna29fFl5J9iuNhrQBZMi1Ejh8A48C1RrSh8b5X6u dzau5Hz+dQccPsJv5QPMJNRcz9f8/MLudNmlQ7XwFFQ47/VeBVBhxVRwxwgZWF2f hpYSbGmAOeDKUivGPUYNe1yQGkYjzmkDNJeTqXfpchg86aR+12xyzSprTBUqMTki WBy4pr90ufmiNThCw6HMSgIk1ujeZ+XgX4PSbJI9vPLNq5GUJeR7wawUMVKxtUBu nA== -----END CERTIFICATE-----Generated at Sat Dec 6 05:43:54 2025 by rpki-client