This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zyelqOglgtBz_gr9QNv1lTVwAkM.roa File: zyelqOglgtBz_gr9QNv1lTVwAkM.roa (raw, json) Hash identifier: yfFHop5WpzuJkOeUSy2+RjJbXW/uKtaXVgTVEPu3WAg= Subject key identifier: CF:27:A5:A8:E8:25:82:D0:73:FE:0A:FD:40:DB:F5:95:35:70:02:43 Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd Certificate serial: 019AEBC641197D28922C972450507D86C204 Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zyelqOglgtBz_gr9QNv1lTVwAkM.roa Signing time: Thu 04 Dec 2025 23:50:29 +0000 ROA not before: Thu 04 Dec 2025 23:50:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 136038 IP address blocks: 2.59.152.0/22 maxlen: 22 2.59.152.0/24 maxlen: 24 2.59.154.0/24 maxlen: 24 2.59.155.0/24 maxlen: 24 45.91.224.0/22 maxlen: 22 45.91.226.0/24 maxlen: 24 45.91.227.0/24 maxlen: 24 45.142.152.0/22 maxlen: 22 45.142.152.0/24 maxlen: 24 45.142.155.0/24 maxlen: 24 91.204.224.0/22 maxlen: 22 185.202.100.0/22 maxlen: 22 185.202.103.0/24 maxlen: 24 193.239.150.0/23 maxlen: 23 193.239.150.0/24 maxlen: 24 193.239.154.0/23 maxlen: 23 193.239.154.0/24 maxlen: 24 194.126.202.0/24 maxlen: 24 194.126.215.0/24 maxlen: 24 194.126.219.0/24 maxlen: 24 194.126.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:eb:c6:41:19:7d:28:92:2c:97:24:50:50:7d:86:c2:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd Validity Not Before: Dec 4 23:50:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cf27a5a8e82582d073fe0afd40dbf59535700243 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e8:32:43:a0:67:28:ea:fc:64:e1:c0:4e:e5: e1:05:8a:78:e4:64:f6:bd:c9:ff:56:a7:97:c5:53: bc:c0:30:41:f4:6e:70:83:3d:18:4e:83:22:b4:b8: ca:67:0a:13:a3:ac:06:b9:27:17:be:17:77:ab:91: 3f:a0:4d:87:da:5c:c8:ed:40:90:39:60:e7:67:c4: c5:df:81:20:36:2e:2c:55:79:44:0a:1a:0c:ba:a8: 7c:3c:77:23:04:e8:9c:e3:e8:de:ed:22:19:8a:0a: 54:94:f0:c8:83:63:48:b0:75:69:ca:4e:02:1b:f1: a7:02:0e:0b:2c:80:a1:48:44:ee:3d:96:fa:ab:e0: 27:5a:18:72:20:7f:b3:4e:3f:d4:da:26:99:8a:de: d0:ea:a5:55:a7:23:4d:ba:fc:3a:8c:04:29:28:49: e2:9c:8e:26:0b:a9:5d:2d:12:77:90:76:57:b9:fd: c6:d7:f3:af:48:39:a9:68:f3:49:12:68:a0:33:01: af:b5:f5:15:6c:e2:f7:a9:35:84:99:b6:0e:25:25: 3c:c8:ba:14:17:e6:6c:9a:d5:99:ea:42:b9:d6:0c: eb:61:c5:1b:00:e8:6a:2e:ad:eb:86:de:eb:5d:99: 28:61:a1:de:35:3d:72:df:7d:f7:95:4f:10:57:d1: 4b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:27:A5:A8:E8:25:82:D0:73:FE:0A:FD:40:DB:F5:95:35:70:02:43 X509v3 Authority Key Identifier: keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zyelqOglgtBz_gr9QNv1lTVwAkM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.152.0/22 45.91.224.0/22 45.142.152.0/22 91.204.224.0/22 185.202.100.0/22 193.239.150.0/23 193.239.154.0/23 194.126.202.0/24 194.126.215.0/24 194.126.219.0/24 194.126.227.0/24 Signature Algorithm: sha256WithRSAEncryption 19:66:e4:9d:32:6f:31:f3:be:0c:35:18:77:48:62:7d:ac:41: 5f:7a:ab:f8:e9:bd:2c:ec:e8:a0:cb:89:19:b5:98:1d:2c:60: 08:4d:39:6f:16:66:83:06:55:ee:af:dc:f6:4e:33:08:20:7e: 3e:a9:6a:01:0a:0a:b7:cf:45:05:47:a9:e2:a1:16:d4:9b:03: 7c:0b:27:5c:84:40:2d:c0:b5:d0:06:99:f3:87:72:43:24:99: 2c:8b:4d:92:7f:1c:17:5b:7d:97:43:c7:65:34:be:81:fe:cd: f6:52:64:4c:51:54:b1:b2:5a:9b:43:5d:ea:52:b7:7c:b7:9b: a2:c2:20:ed:1a:59:df:19:9c:71:01:79:55:f9:44:c1:28:26: 93:08:7e:be:96:76:f9:81:f0:cf:cb:50:c7:fd:16:9b:a9:01: 8d:46:9b:7e:12:29:78:a8:dd:3d:10:c8:e1:43:b1:1b:28:24: 0d:c5:4b:a6:87:8c:bb:11:90:30:ab:e4:1d:58:02:3d:c3:7a: c7:c9:3b:31:e7:a4:76:86:c3:53:a6:1c:a1:0c:e1:77:50:3a: 1e:ca:55:ae:1d:06:26:38:1a:a0:65:e2:38:a6:de:86:59:0c: 58:ec:04:6f:7c:85:ab:2e:07:2e:ef:d4:8b:86:51:d4:8d:54: dd:e2:97:b0 -----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgISAZrrxkEZfSiSLJckUFB9hsIEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx NjM2Y2QwHhcNMjUxMjA0MjM1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZjI3YTVhOGU4MjU4MmQwNzNmZTBhZmQ0MGRiZjU5NTM1NzAwMjQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOgyQ6BnKOr8ZOHATuXhBYp45GT2 vcn/VqeXxVO8wDBB9G5wgz0YToMitLjKZwoTo6wGuScXvhd3q5E/oE2H2lzI7UCQ OWDnZ8TF34EgNi4sVXlEChoMuqh8PHcjBOic4+je7SIZigpUlPDIg2NIsHVpyk4C G/GnAg4LLIChSETuPZb6q+AnWhhyIH+zTj/U2iaZit7Q6qVVpyNNuvw6jAQpKEni nI4mC6ldLRJ3kHZXuf3G1/OvSDmpaPNJEmigMwGvtfUVbOL3qTWEmbYOJSU8yLoU F+ZsmtWZ6kK51gzrYcUbAOhqLq3rht7rXZkoYaHeNT1y3333lU8QV9FLUwIDAQAB o4ICRTCCAkEwHQYDVR0OBBYEFM8npajoJYLQc/4K/UDb9ZU1cAJDMB8GA1UdIwQY MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt YWU1MDI3MzY4MWE3LzEvenllbHFPZ2xndEJ6X2dyOVFOdjFsVFZ3QWtNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3 LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCAjuYAwQC LVvgAwQCLY6YAwQCW8zgAwQCucpkAwQBwe+WAwQBwe+aAwQAwn7KAwQAwn7XAwQA wn7bAwQAwn7jMA0GCSqGSIb3DQEBCwUAA4IBAQAZZuSdMm8x874MNRh3SGJ9rEFf eqv46b0s7Oigy4kZtZgdLGAITTlvFmaDBlXur9z2TjMIIH4+qWoBCgq3z0UFR6ni oRbUmwN8CydchEAtwLXQBpnzh3JDJJksi02SfxwXW32XQ8dlNL6B/s32UmRMUVSx slqbQ13qUrd8t5uiwiDtGlnfGZxxAXlV+UTBKCaTCH6+lnb5gfDPy1DH/RabqQGN Rpt+Eil4qN09EMjhQ7EbKCQNxUumh4y7EZAwq+QdWAI9w3rHyTsx56R2hsNTphyh DOF3UDoeylWuHQYmOBqgZeI4pt6GWQxY7ARvfIWrLgcu79SLhlHUjVTd4pew -----END CERTIFICATE-----Generated at Sat Dec 6 14:53:42 2025 by rpki-client