This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/ACAbKZCGOdySYGyuoI7JMVLeL_g.roa File: ACAbKZCGOdySYGyuoI7JMVLeL_g.roa (raw, json) Hash identifier: R4mTIavVBLK7AnVZngIHkijkl9j+ypSt1m/eE9on3/4= Subject key identifier: 00:20:1B:29:90:86:39:DC:92:60:6C:AE:A0:8E:C9:31:52:DE:2F:F8 Certificate issuer: /CN=d39123880f427446d5ff07cef9633e86dc49198d Certificate serial: 019A814163FA4ABCF3C11AA46F99B333BC2A Authority key identifier: D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/ACAbKZCGOdySYGyuoI7JMVLeL_g.roa Signing time: Fri 14 Nov 2025 07:25:37 +0000 ROA not before: Fri 14 Nov 2025 07:25:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210792 IP address blocks: 45.153.76.0/23 maxlen: 23 158.255.79.0/24 maxlen: 24 2a11:ba80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.crl rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.mft rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:81:41:63:fa:4a:bc:f3:c1:1a:a4:6f:99:b3:33:bc:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d39123880f427446d5ff07cef9633e86dc49198d Validity Not Before: Nov 14 07:25:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=00201b29908639dc92606caea08ec93152de2ff8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:60:61:9f:99:92:69:51:e5:51:bf:a3:d3:ba: a1:9c:c9:72:dd:03:12:f1:9f:75:21:2d:2e:7b:f7: 51:18:78:99:b9:0f:7c:46:71:2f:b1:2c:ef:6a:ee: cd:c2:45:3e:af:f9:e1:43:61:eb:34:1f:b5:7b:c0: c3:e7:05:e9:78:21:91:44:88:bb:33:b0:cc:ab:76: 74:68:1e:b1:da:d6:c8:00:e9:87:61:87:c7:97:b3: 5f:f4:44:3b:c3:9a:4c:30:f9:b2:a7:6d:e1:f9:f2: ea:2a:ff:4f:85:c5:02:ff:cc:2b:ca:fa:e9:9d:57: 6e:e9:2d:78:9d:d5:93:2f:92:b0:ca:27:3b:97:65: 8b:a8:1f:1c:8c:23:37:a7:47:e1:20:71:28:14:98: ab:5b:72:f3:03:ae:6f:6f:34:b7:94:1c:a1:d3:bf: f3:64:a7:cd:41:1f:6a:52:61:15:02:b9:47:a8:18: a4:af:e7:c1:d0:a1:6c:b1:f9:a2:df:8b:3a:6f:62: fd:19:bd:da:26:42:0a:4d:9a:08:4c:7a:3e:12:eb: 4d:21:b4:59:2a:89:0e:2a:9f:c9:af:1a:d1:2f:a9: 54:ee:95:e0:a2:e9:6a:39:6a:ea:c2:6e:4e:41:34: 58:ff:e4:04:3a:00:ce:9b:08:3b:b9:81:ce:4f:61: b9:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:20:1B:29:90:86:39:DC:92:60:6C:AE:A0:8E:C9:31:52:DE:2F:F8 X509v3 Authority Key Identifier: keyid:D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/ACAbKZCGOdySYGyuoI7JMVLeL_g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.76.0/23 158.255.79.0/24 IPv6: 2a11:ba80::/29 Signature Algorithm: sha256WithRSAEncryption 16:5c:60:bb:2a:26:10:73:4c:45:2f:1f:85:1d:aa:f7:50:53: f4:25:a4:a6:b3:23:da:7b:24:39:cf:d0:30:7c:33:66:f2:fb: ea:98:27:7c:29:a4:c4:ae:3a:32:5f:20:7c:54:54:3b:a4:20: 0b:7b:58:03:23:d2:ed:0a:92:a7:6d:1e:33:36:df:c0:1c:2b: 7e:6a:33:cf:02:e2:e4:fc:48:1f:7c:3e:bf:c9:81:8c:1e:a4: 6b:ef:83:43:8f:61:88:93:7b:4d:6e:72:b6:03:fa:0a:95:39: 77:35:d3:e6:ad:66:0c:3c:15:67:97:d1:4d:cb:b3:0c:da:ee: aa:be:e1:7b:13:df:fc:2c:0a:f0:e4:be:06:c7:b6:7f:60:9e: 1a:0e:df:d1:ef:ab:e7:38:2e:88:12:dc:68:7f:2f:9c:c6:e6: f2:1f:c8:fb:67:6e:42:ef:77:37:da:9a:54:97:82:44:4f:2b: 57:3f:43:c8:26:83:ff:2e:5a:71:ae:84:87:b9:fa:50:1e:b5: 48:8f:0c:5c:4d:4c:f0:8b:e3:8a:07:5e:8e:94:64:34:af:58: da:89:dd:0f:8d:7d:eb:e6:1b:95:98:59:dd:6b:d8:fd:54:93: af:f5:3c:37:b4:b0:be:8f:ff:74:d9:10:2d:e7:76:3c:6f:e8: db:80:84:d8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZqBQWP6SrzzwRqkb5mzM7wqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzOTEyMzg4MGY0Mjc0NDZkNWZmMDdjZWY5NjMzZTg2ZGM0 OTE5OGQwHhcNMjUxMTE0MDcyNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDIwMWIyOTkwODYzOWRjOTI2MDZjYWVhMDhlYzkzMTUyZGUyZmY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2Bhn5mSaVHlUb+j07qhnMly3QMS 8Z91IS0ue/dRGHiZuQ98RnEvsSzvau7NwkU+r/nhQ2HrNB+1e8DD5wXpeCGRRIi7 M7DMq3Z0aB6x2tbIAOmHYYfHl7Nf9EQ7w5pMMPmyp23h+fLqKv9PhcUC/8wryvrp nVdu6S14ndWTL5Kwyic7l2WLqB8cjCM3p0fhIHEoFJirW3LzA65vbzS3lByh07/z ZKfNQR9qUmEVArlHqBikr+fB0KFssfmi34s6b2L9Gb3aJkIKTZoITHo+EutNIbRZ KokOKp/JrxrRL6lU7pXgoulqOWrqwm5OQTRY/+QEOgDOmwg7uYHOT2G5qQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFAAgGymQhjnckmBsrqCOyTFS3i/4MB8GA1UdIwQY MBaAFNORI4gPQnRG1f8HzvljPobcSRmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQt Y2NhMGFkMjY4NWNhLzEvQUNBYktaQ0dPZHlTWUd5dW9JN0pNVkxlTF9nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQtY2NhMGFkMjY4NWNh LzEvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLZlMAwQA nv9PMA0EAgACMAcDBQMqEbqAMA0GCSqGSIb3DQEBCwUAA4IBAQAWXGC7KiYQc0xF Lx+FHar3UFP0JaSmsyPaeyQ5z9AwfDNm8vvqmCd8KaTErjoyXyB8VFQ7pCALe1gD I9LtCpKnbR4zNt/AHCt+ajPPAuLk/EgffD6/yYGMHqRr74NDj2GIk3tNbnK2A/oK lTl3NdPmrWYMPBVnl9FNy7MM2u6qvuF7E9/8LArw5L4Gx7Z/YJ4aDt/R76vnOC6I Etxofy+cxubyH8j7Z25C73c32ppUl4JETytXP0PIJoP/LlpxroSHufpQHrVIjwxc TUzwi+OKB16OlGQ0r1jaid0PjX3r5huVmFnda9j9VJOv9Tw3tLC+j/902RAt53Y8 b+jbgITY -----END CERTIFICATE-----Generated at Sun Dec 7 01:48:19 2025 by rpki-client