This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/pEFNfAg8nkFQ7szOFzgGqxU8A9I.roa File: pEFNfAg8nkFQ7szOFzgGqxU8A9I.roa (raw, json) Hash identifier: lNi497sBRC4Xkg5Gl71AZlaivWTnykL+9yjiUscMI7I= Subject key identifier: A4:41:4D:7C:08:3C:9E:41:50:EE:CC:CE:17:38:06:AB:15:3C:03:D2 Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f Certificate serial: 019A4EDB6BE21FC618AF039CCF97502A328C Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/pEFNfAg8nkFQ7szOFzgGqxU8A9I.roa Signing time: Tue 04 Nov 2025 12:33:14 +0000 ROA not before: Tue 04 Nov 2025 12:33:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205866 IP address blocks: 2a11:1540::/29 maxlen: 29 2a11:4a80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.mft rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:4e:db:6b:e2:1f:c6:18:af:03:9c:cf:97:50:2a:32:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f Validity Not Before: Nov 4 12:33:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a4414d7c083c9e4150eeccce173806ab153c03d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:73:d6:1e:3b:46:7a:ca:ef:3a:fe:b7:1f:16: c7:d0:c0:cd:ea:64:c3:f0:d1:90:21:77:0f:df:66: 36:ef:eb:f8:cc:6a:a0:8c:4c:24:87:74:89:b0:83: 65:a7:6c:90:a6:4e:b8:e3:da:d9:82:a5:04:31:ce: 02:d5:df:d4:08:a3:66:4a:c5:56:f4:63:97:50:31: 11:f1:47:75:99:45:c4:5e:d7:dd:1e:e7:ff:12:58: 78:69:86:e4:04:d8:b2:6c:fe:fb:19:4d:39:f7:97: 8d:e9:6f:d9:96:50:59:35:1d:c4:dd:2b:d7:0b:43: 76:92:37:45:c3:bd:76:56:83:6c:c2:54:75:0e:06: f3:a8:5e:87:25:15:28:96:5d:ec:b6:48:ce:f7:0f: 1c:5f:5c:a9:6e:4d:41:d9:49:5b:90:aa:43:20:1f: 9b:b8:8f:66:8a:6c:1b:8c:95:2a:20:ea:b2:c5:43: 57:e8:12:29:0e:42:40:df:e1:32:a3:4c:b1:94:6e: 5a:93:eb:50:00:5c:fe:1b:e7:9e:5b:4d:71:40:37: 15:76:d8:f0:f0:52:bc:64:68:e8:ee:21:55:20:de: d4:c6:05:9b:56:40:f5:6d:f0:5f:03:35:84:fd:9a: 8f:19:16:97:e3:1b:73:45:40:a9:5d:11:ed:0e:09: 48:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:41:4D:7C:08:3C:9E:41:50:EE:CC:CE:17:38:06:AB:15:3C:03:D2 X509v3 Authority Key Identifier: keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/pEFNfAg8nkFQ7szOFzgGqxU8A9I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:1540::/29 2a11:4a80::/29 Signature Algorithm: sha256WithRSAEncryption 08:a2:29:5e:ce:25:ca:3f:6c:46:7b:f9:c5:1c:cd:c7:93:17: 28:74:03:97:76:fe:21:12:d1:96:92:54:52:f5:82:4c:d2:d3: dd:9b:62:b7:da:da:80:e6:60:a5:0a:e6:0c:24:05:53:d9:04: 70:ef:0a:53:f6:42:ab:ad:a7:3b:48:d7:48:b6:3f:3c:7b:bc: e8:d3:57:f3:57:4e:6d:65:d9:72:07:c5:30:8a:8a:1a:43:b7: 89:08:24:e8:13:4e:05:fc:fd:6e:68:40:f3:87:31:75:45:5e: a0:11:d8:4b:12:d8:ba:28:9a:59:cc:60:c9:57:67:08:41:89: 6a:09:e0:f0:35:eb:c8:de:ec:0d:57:2a:3c:d0:73:e0:ba:b2: 83:57:61:22:4e:e7:d6:a9:d1:c6:d8:6b:00:5c:21:f8:c2:20: a2:d4:6f:3e:71:16:93:1d:5d:7b:8f:47:d7:65:95:0f:96:d6: a0:dd:99:20:fa:ef:ae:fc:5d:ae:f2:5e:11:26:31:9a:9d:4e: af:1d:a1:c6:33:bb:47:f8:d5:3d:43:0e:8d:91:89:a1:14:a8: 95:5d:3d:bc:3e:e0:57:ca:61:78:dc:95:b9:c2:12:88:ad:15: 2b:8d:85:a6:1e:36:5b:59:d2:cd:67:a3:d1:53:f2:2f:da:d5: 0d:40:61:2b -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZpO22viH8YYrwOcz5dQKjKMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz Mjc3N2YwHhcNMjUxMTA0MTIzMzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDQxNGQ3YzA4M2M5ZTQxNTBlZWNjY2UxNzM4MDZhYjE1M2MwM2QyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXPWHjtGesrvOv63HxbH0MDN6mTD 8NGQIXcP32Y27+v4zGqgjEwkh3SJsINlp2yQpk6449rZgqUEMc4C1d/UCKNmSsVW 9GOXUDER8Ud1mUXEXtfdHuf/Elh4aYbkBNiybP77GU0595eN6W/ZllBZNR3E3SvX C0N2kjdFw712VoNswlR1DgbzqF6HJRUoll3stkjO9w8cX1ypbk1B2UlbkKpDIB+b uI9mimwbjJUqIOqyxUNX6BIpDkJA3+Eyo0yxlG5ak+tQAFz+G+eeW01xQDcVdtjw 8FK8ZGjo7iFVIN7UxgWbVkD1bfBfAzWE/ZqPGRaX4xtzRUCpXRHtDglIbQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFKRBTXwIPJ5BUO7Mzhc4BqsVPAPSMB8GA1UdIwQY MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct ZWU5Yjk1MTdmMmVjLzEvcEVGTmZBZzhua0ZRN3N6T0Z6Z0dxeFU4QTlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhEVQAMF AyoRSoAwDQYJKoZIhvcNAQELBQADggEBAAiiKV7OJco/bEZ7+cUczceTFyh0A5d2 /iES0ZaSVFL1gkzS092bYrfa2oDmYKUK5gwkBVPZBHDvClP2QqutpztI10i2Pzx7 vOjTV/NXTm1l2XIHxTCKihpDt4kIJOgTTgX8/W5oQPOHMXVFXqAR2EsS2LoomlnM YMlXZwhBiWoJ4PA168je7A1XKjzQc+C6soNXYSJO59ap0cbYawBcIfjCIKLUbz5x FpMdXXuPR9dllQ+W1qDdmSD67678Xa7yXhEmMZqdTq8docYzu0f41T1DDo2RiaEU qJVdPbw+4FfKYXjclbnCEoitFSuNhaYeNltZ0s1no9FT8i/a1Q1AYSs= -----END CERTIFICATE-----Generated at Sat Dec 6 08:55:24 2025 by rpki-client