This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/5z-bgDH8lytiLnfe9VpEMYme7ek.roa File: 5z-bgDH8lytiLnfe9VpEMYme7ek.roa (raw, json) Hash identifier: q3gRkg1Wu1TjQxIsHIpzRCg8G07UfeVe/I9XDxRqtvo= Subject key identifier: E7:3F:9B:80:31:FC:97:2B:62:2E:77:DE:F5:5A:44:31:89:9E:ED:E9 Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20 Certificate serial: 019A825C4AF07D35C0FB0574B39EBBB111E8 Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/5z-bgDH8lytiLnfe9VpEMYme7ek.roa Signing time: Fri 14 Nov 2025 12:34:37 +0000 ROA not before: Fri 14 Nov 2025 12:34:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205981 IP address blocks: 45.9.132.0/22 maxlen: 22 45.137.72.0/22 maxlen: 22 109.230.216.0/23 maxlen: 23 185.194.108.0/22 maxlen: 22 185.248.124.0/22 maxlen: 22 212.63.104.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:82:5c:4a:f0:7d:35:c0:fb:05:74:b3:9e:bb:b1:11:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20 Validity Not Before: Nov 14 12:34:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e73f9b8031fc972b622e77def55a4431899eede9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:56:c4:83:14:d0:93:f3:a7:e2:0d:9e:4b:42: 29:74:5e:31:ae:f5:5c:70:47:1a:1d:2a:a7:56:6c: 8c:03:9c:4d:6a:b2:91:5a:78:98:7c:d4:69:0a:1c: af:00:05:59:b7:83:81:15:18:d5:be:b0:68:60:b0: 60:17:e1:0c:4e:cd:23:44:83:be:51:0d:0c:42:6d: 30:22:4c:b4:1f:e9:bf:50:c6:82:4b:db:fe:39:03: 17:51:99:9c:92:e2:a9:ca:28:ee:4f:04:11:15:2a: ff:ce:98:dc:93:77:68:f4:ae:29:a3:7e:75:f2:f8: 84:8b:3a:d9:38:25:cc:39:c5:97:1e:4a:b1:bf:b1: 5a:08:38:aa:af:68:67:41:b7:3b:fd:8f:09:19:f5: f4:d4:9d:d5:57:42:6a:33:5a:03:f0:c3:14:d5:93: b2:98:43:63:31:32:fc:dd:a5:a3:0b:59:28:5c:d7: 4a:3c:14:b9:ce:34:4a:26:c0:75:11:38:96:46:c1: 47:16:26:02:79:0d:ae:cc:9a:e4:52:16:fa:90:22: df:7c:1d:ea:50:1a:d0:03:43:b8:a6:f2:36:5f:c4: 56:a9:7f:86:e7:10:14:2e:fb:fe:95:9d:a8:1a:35: 8b:43:25:7c:05:cb:1e:08:23:b4:14:69:3d:e6:8f: c6:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:3F:9B:80:31:FC:97:2B:62:2E:77:DE:F5:5A:44:31:89:9E:ED:E9 X509v3 Authority Key Identifier: keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/5z-bgDH8lytiLnfe9VpEMYme7ek.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.9.132.0/22 45.137.72.0/22 109.230.216.0/23 185.194.108.0/22 185.248.124.0/22 212.63.104.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:15:5f:16:56:69:ce:73:bd:12:e0:d1:22:ad:ae:1a:d9:99: 30:00:f0:43:3b:3e:aa:c4:34:9b:e9:68:92:f1:51:cf:73:85: b2:b6:c8:44:45:d4:e6:ce:17:e5:b2:43:bc:d9:25:4b:d9:5b: 20:77:cd:b6:d4:79:33:18:57:89:64:04:67:c2:63:e3:0d:cb: dd:b0:77:52:d9:67:97:74:cf:3b:ff:db:28:d2:4b:27:99:bd: 92:26:71:88:2f:e8:df:d0:10:32:74:75:e2:79:50:ab:5d:e2: 44:39:86:fe:8a:62:e6:be:9e:97:58:b6:13:42:5b:84:cd:96: de:3b:74:7f:7d:7f:14:dc:25:19:a3:39:d4:aa:f3:30:84:ab: 94:ca:a2:78:55:9b:85:2c:32:d2:12:98:ff:76:1e:30:f0:b4: 96:b5:16:e5:8e:2e:f4:2f:78:18:87:12:ac:28:50:60:49:a2: 90:76:d2:ec:b5:fd:f3:76:50:ed:e9:d2:71:d1:d6:a4:c1:2f: 98:ab:e5:5f:c9:90:04:a9:4f:29:eb:70:33:f4:f0:9f:20:fb: 74:35:00:64:22:8e:cc:27:16:37:cc:5f:09:0d:79:ec:e7:4f: 0d:b1:78:a3:4f:42:2b:93:41:1f:9b:fd:9e:bf:0e:36:d2:14: c2:d7:91:f6 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZqCXErwfTXA+wV0s567sRHoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5 MjNmMjAwHhcNMjUxMTE0MTIzNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNzNmOWI4MDMxZmM5NzJiNjIyZTc3ZGVmNTVhNDQzMTg5OWVlZGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1bEgxTQk/On4g2eS0IpdF4xrvVc cEcaHSqnVmyMA5xNarKRWniYfNRpChyvAAVZt4OBFRjVvrBoYLBgF+EMTs0jRIO+ UQ0MQm0wIky0H+m/UMaCS9v+OQMXUZmckuKpyijuTwQRFSr/zpjck3do9K4po351 8viEizrZOCXMOcWXHkqxv7FaCDiqr2hnQbc7/Y8JGfX01J3VV0JqM1oD8MMU1ZOy mENjMTL83aWjC1koXNdKPBS5zjRKJsB1ETiWRsFHFiYCeQ2uzJrkUhb6kCLffB3q UBrQA0O4pvI2X8RWqX+G5xAULvv+lZ2oGjWLQyV8BcseCCO0FGk95o/GAwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFOc/m4Ax/JcrYi533vVaRDGJnu3pMB8GA1UdIwQY MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt Nzc3MzczZTYwNTVlLzEvNXotYmdESDhseXRpTG5mZTlWcEVNWW1lN2VrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQmEAwQC LYlIAwQBbebYAwQCucJsAwQCufh8AwQC1D9oMA0GCSqGSIb3DQEBCwUAA4IBAQBP FV8WVmnOc70S4NEira4a2ZkwAPBDOz6qxDSb6WiS8VHPc4WytshERdTmzhflskO8 2SVL2Vsgd8221HkzGFeJZARnwmPjDcvdsHdS2WeXdM87/9so0ksnmb2SJnGIL+jf 0BAydHXieVCrXeJEOYb+imLmvp6XWLYTQluEzZbeO3R/fX8U3CUZoznUqvMwhKuU yqJ4VZuFLDLSEpj/dh4w8LSWtRblji70L3gYhxKsKFBgSaKQdtLstf3zdlDt6dJx 0dakwS+Yq+VfyZAEqU8p63Az9PCfIPt0NQBkIo7MJxY3zF8JDXns508NsXijT0Ir k0Efm/2evw420hTC15H2 -----END CERTIFICATE-----Generated at Sun Dec 7 02:15:37 2025 by rpki-client