This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/zkc2uOHfImVjREc_qVShC0g8NMk.roa File: zkc2uOHfImVjREc_qVShC0g8NMk.roa (raw, json) Hash identifier: 5EZkcIVSam+MTu3rBIkIbCkGEAsWno08pV+ytgZsspg= Subject key identifier: CE:47:36:B8:E1:DF:22:65:63:44:47:3F:A9:54:A1:0B:48:3C:34:C9 Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6 Certificate serial: 019ADB388E8CEC3BF832704933D45628BD58 Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/zkc2uOHfImVjREc_qVShC0g8NMk.roa Signing time: Mon 01 Dec 2025 18:41:48 +0000 ROA not before: Mon 01 Dec 2025 18:41:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 35228 IP address blocks: 82.132.138.0/23 maxlen: 24 82.132.160.0/23 maxlen: 24 82.132.162.0/23 maxlen: 24 82.132.164.0/23 maxlen: 24 82.132.166.0/23 maxlen: 24 82.132.168.0/23 maxlen: 24 82.132.170.0/23 maxlen: 24 82.132.172.0/23 maxlen: 24 82.132.174.0/23 maxlen: 24 82.132.176.0/23 maxlen: 24 82.132.180.0/23 maxlen: 24 82.132.182.0/23 maxlen: 24 82.132.184.0/22 maxlen: 24 82.132.198.0/23 maxlen: 24 82.132.199.0/24 maxlen: 24 82.132.210.0/23 maxlen: 24 82.132.212.0/22 maxlen: 24 82.132.216.0/22 maxlen: 24 82.132.220.0/22 maxlen: 24 82.132.224.0/22 maxlen: 24 82.132.228.0/22 maxlen: 24 82.132.232.0/22 maxlen: 24 82.132.236.0/22 maxlen: 24 82.132.240.0/22 maxlen: 24 82.132.244.0/22 maxlen: 24 82.132.248.0/23 maxlen: 24 2a03:dd00:810::/46 maxlen: 48 2a03:dd00:821::/48 maxlen: 48 2a03:dd00:822::/48 maxlen: 48 2a03:dd00:3000::/44 maxlen: 48 2a03:dd00:3002::/48 maxlen: 48 2a03:dd00:300d::/48 maxlen: 48 2a03:dd00:3040::/48 maxlen: 48 2a03:dd00:3042::/48 maxlen: 48 2a03:dd00:3044::/48 maxlen: 48 2a03:dd00:3046::/48 maxlen: 48 2a03:dd00:3048::/48 maxlen: 48 2a03:dd00:304a::/48 maxlen: 48 2a03:dd00:304e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:db:38:8e:8c:ec:3b:f8:32:70:49:33:d4:56:28:bd:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6 Validity Not Before: Dec 1 18:41:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ce4736b8e1df22656344473fa954a10b483c34c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:60:80:0a:a1:78:9a:15:c3:4c:12:d4:62:00: 6e:8b:4b:8c:04:a6:23:4c:ff:3b:6d:20:73:f2:0b: ac:06:c8:c7:c8:56:fd:a6:75:fa:cf:6e:e1:b2:20: 7e:09:34:af:7e:97:f1:17:1e:3b:fa:d7:40:b1:8a: 06:8e:ca:0c:0f:4f:26:1f:04:e5:d1:77:0c:5f:3c: bf:5a:4c:ac:5f:d4:98:a7:68:5b:bd:55:64:6a:7e: e7:61:55:3d:22:06:02:45:8a:7e:71:57:7f:6a:e7: 8f:38:33:89:34:3a:ba:1b:8e:b8:1f:32:e0:73:41: aa:ed:de:65:9d:d8:f0:68:c3:5e:9f:96:25:13:3b: 08:a1:cb:9c:be:19:eb:40:7a:d3:67:e1:7a:7c:0d: 7b:a3:26:35:70:3f:c7:71:12:73:f1:30:a6:45:44: 9b:70:87:ec:4f:b7:8e:b2:ca:4b:1f:e0:f7:21:ad: a6:b0:01:28:b9:0f:28:a6:f9:95:2f:55:8b:d2:31: 07:4f:b2:7a:0a:0d:2a:aa:9c:5f:f1:85:09:51:11: 62:21:0c:62:52:51:9f:64:3c:03:9a:22:4a:c3:3b: 93:21:bc:8b:74:6e:63:cc:94:88:5f:c6:98:33:fc: c8:78:08:10:87:71:b9:f8:ed:44:fb:66:bc:6b:b7: c8:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:47:36:B8:E1:DF:22:65:63:44:47:3F:A9:54:A1:0B:48:3C:34:C9 X509v3 Authority Key Identifier: keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/zkc2uOHfImVjREc_qVShC0g8NMk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.132.138.0/23 82.132.160.0-82.132.177.255 82.132.180.0-82.132.187.255 82.132.198.0/23 82.132.210.0-82.132.249.255 IPv6: 2a03:dd00:810::/46 2a03:dd00:821::-2a03:dd00:822:ffff:ffff:ffff:ffff:ffff 2a03:dd00:3000::/44 2a03:dd00:3040::/48 2a03:dd00:3042::/48 2a03:dd00:3044::/48 2a03:dd00:3046::/48 2a03:dd00:3048::/48 2a03:dd00:304a::/48 2a03:dd00:304e::/48 Signature Algorithm: sha256WithRSAEncryption 43:73:cb:81:60:8c:27:2c:58:be:a5:26:88:9d:e8:94:02:22: d1:16:c7:f8:6f:f8:a0:27:81:43:01:2f:c6:f9:a0:bc:76:b9: 07:94:e0:ef:ff:b2:b0:f6:bc:54:3d:c3:23:54:4b:71:60:3f: 6a:b3:2e:24:8f:30:89:49:53:84:96:25:80:49:38:15:5c:cd: 7d:7e:19:05:6b:9d:2c:8e:06:e3:02:42:ad:55:30:4a:2e:f8: 2d:83:4f:51:d5:eb:08:23:4a:9b:05:d0:02:2f:99:91:36:de: 3e:af:b1:a2:4d:9a:40:a1:35:ed:1d:ce:cf:f0:c3:ed:00:48: f3:65:b3:60:b5:06:49:51:73:0d:2b:fe:a3:49:36:9e:70:67: 90:8f:b5:d3:54:72:17:d6:2d:0a:45:13:29:52:c8:1a:d0:10: 06:68:46:65:aa:98:70:c5:a9:0d:d5:61:f8:ff:bc:47:0d:47: 11:dc:9b:76:a4:0c:ab:1b:3f:f0:bd:74:78:f6:32:9b:7e:1b: b3:6c:7e:c3:2b:2d:93:a7:19:df:44:b4:9b:76:94:a1:c1:93: 2e:52:b3:c2:3a:1b:74:a5:4e:60:f9:c2:1a:ec:ae:52:11:92: 57:55:7d:56:e2:0e:37:23:3b:4b:46:e3:b3:ef:2c:fd:29:d0: 57:0c:e6:3c -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgISAZrbOI6M7Dv4MnBJM9RWKL1YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw ZWEzYTYwHhcNMjUxMjAxMTg0MTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZTQ3MzZiOGUxZGYyMjY1NjM0NDQ3M2ZhOTU0YTEwYjQ4M2MzNGM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmCACqF4mhXDTBLUYgBui0uMBKYj TP87bSBz8gusBsjHyFb9pnX6z27hsiB+CTSvfpfxFx47+tdAsYoGjsoMD08mHwTl 0XcMXzy/WkysX9SYp2hbvVVkan7nYVU9IgYCRYp+cVd/auePODOJNDq6G464HzLg c0Gq7d5lndjwaMNen5YlEzsIocucvhnrQHrTZ+F6fA17oyY1cD/HcRJz8TCmRUSb cIfsT7eOsspLH+D3Ia2msAEouQ8opvmVL1WL0jEHT7J6Cg0qqpxf8YUJURFiIQxi UlGfZDwDmiJKwzuTIbyLdG5jzJSIX8aYM/zIeAgQh3G5+O1E+2a8a7fIhwIDAQAB o4ICqTCCAqUwHQYDVR0OBBYEFM5HNrjh3yJlY0RHP6lUoQtIPDTJMB8GA1UdIwQY MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt ZWU3M2ZlMjFlZDIzLzEvemtjMnVPSGZJbVZqUkVjX3FWU2hDMGc4Tk1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzA8BAIAATA2AwQBUoSK MAwDBAVShKADBAFShLAwDAMEAlKEtAMEAlKEuAMEAVKExjAMAwQBUoTSAwQBUoT4 MGsEAgACMGUDBwIqA90ACBAwEgMHACoD3QAIIQMHACoD3QAIIgMHBCoD3QAwAAMH ACoD3QAwQAMHACoD3QAwQgMHACoD3QAwRAMHACoD3QAwRgMHACoD3QAwSAMHACoD 3QAwSgMHACoD3QAwTjANBgkqhkiG9w0BAQsFAAOCAQEAQ3PLgWCMJyxYvqUmiJ3o lAIi0RbH+G/4oCeBQwEvxvmgvHa5B5Tg7/+ysPa8VD3DI1RLcWA/arMuJI8wiUlT hJYlgEk4FVzNfX4ZBWudLI4G4wJCrVUwSi74LYNPUdXrCCNKmwXQAi+ZkTbePq+x ok2aQKE17R3Oz/DD7QBI82WzYLUGSVFzDSv+o0k2nnBnkI+101RyF9YtCkUTKVLI GtAQBmhGZaqYcMWpDdVh+P+8Rw1HEdybdqQMqxs/8L10ePYym34bs2x+wystk6cZ 30S0m3aUocGTLlKzwjobdKVOYPnCGuyuUhGSV1V9VuIONyM7S0bjs+8s/SnQVwzm PA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:03:27 2025 by rpki-client