This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/f859ZdSNJcfJKStuw77yAkHe9lU.roa File: f859ZdSNJcfJKStuw77yAkHe9lU.roa (raw, json) Hash identifier: kyLklvM7jagtw4zC+hzmwKGnI3XjZWGfhg7ojPBYscg= Subject key identifier: 7F:CE:7D:65:D4:8D:25:C7:C9:29:2B:6E:C3:BE:F2:02:41:DE:F6:55 Certificate issuer: /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907 Certificate serial: 019A9CCE9D19DE32F306C3AE92C75D0A619E Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/f859ZdSNJcfJKStuw77yAkHe9lU.roa Signing time: Wed 19 Nov 2025 15:49:37 +0000 ROA not before: Wed 19 Nov 2025 15:49:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 208672 IP address blocks: 45.90.136.0/22 maxlen: 24 2a0d:4080::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9c:ce:9d:19:de:32:f3:06:c3:ae:92:c7:5d:0a:61:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907 Validity Not Before: Nov 19 15:49:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7fce7d65d48d25c7c9292b6ec3bef20241def655 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:e2:b9:32:38:a4:0a:b4:b7:04:22:31:2c:8f: 42:4e:43:19:b8:55:ca:f4:41:8a:20:25:38:b8:90: c4:34:a0:41:50:2d:e0:94:b8:ef:44:d1:78:7e:03: 7b:0e:67:f8:fd:29:87:a8:d3:e8:83:8a:98:48:5b: 50:fe:00:16:9d:eb:f9:d4:f8:e0:e2:4e:c3:ca:77: 5f:38:66:3e:42:44:55:fc:f3:f3:16:33:72:9e:de: 2b:58:73:9a:98:27:31:73:d2:74:4a:3a:c8:4a:3a: f6:6e:2a:0b:33:97:c3:f8:bd:2b:ff:1a:89:e5:69: e2:f8:fc:44:5a:e2:85:b4:1c:62:bd:56:68:6b:b5: 32:54:65:52:f5:c1:54:a5:66:4a:b1:ef:ec:cf:68: c2:32:d3:ab:32:dd:c4:66:6f:9f:8c:7c:7c:83:38: 5e:68:21:fa:b1:8d:52:b5:6c:58:7b:f7:ff:96:15: 13:3d:40:93:6a:4f:46:57:2a:c4:c6:cd:66:1f:1f: 32:16:48:e4:da:ff:ca:97:80:61:59:7a:43:c1:d3: 5d:75:ee:d1:cb:cb:6b:81:f1:07:68:f4:d0:88:f9: ba:16:b3:3f:43:af:79:37:01:66:ea:d7:be:7a:24: 77:49:3f:0e:d4:96:5a:50:d1:b1:26:02:a4:cd:66: 90:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:CE:7D:65:D4:8D:25:C7:C9:29:2B:6E:C3:BE:F2:02:41:DE:F6:55 X509v3 Authority Key Identifier: keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/f859ZdSNJcfJKStuw77yAkHe9lU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.136.0/22 IPv6: 2a0d:4080::/29 Signature Algorithm: sha256WithRSAEncryption 73:ae:93:7a:75:45:bf:72:88:aa:29:f5:81:05:e5:3b:07:bd: 79:6d:75:98:70:65:7f:11:a7:0f:fe:aa:39:dc:12:52:ef:af: 9b:3c:95:ce:b3:53:40:46:9b:e0:d7:4a:9b:36:5c:2c:43:c4: 1c:05:a2:9e:b5:8d:c9:9b:df:82:a6:fb:9e:d2:57:7c:24:a9: eb:66:9a:30:68:56:91:31:29:cd:18:fe:dd:56:7a:8e:7d:aa: cf:a2:42:15:34:93:50:36:30:b3:17:ac:13:69:e6:3a:ca:da: 2a:64:f3:52:b7:a0:d1:fc:35:be:d4:d2:68:b7:05:d9:f3:68: b2:16:32:42:01:d6:bc:7e:d8:7b:6b:ad:e9:33:81:5a:1a:cd: 50:37:26:ac:cf:83:8c:54:fc:f8:cf:ba:ed:93:fa:c2:93:9c: 62:35:6c:ae:5f:5c:8c:64:b1:4d:79:c8:9b:d8:0b:17:b7:31: 9f:2e:56:76:df:df:6b:0f:64:a5:57:a2:c0:57:25:b9:e7:85: e1:df:33:f8:88:46:6e:52:c6:2e:b6:94:12:f9:91:26:eb:d3: 5d:0b:75:f3:36:40:05:93:7b:49:6a:de:89:b0:55:aa:8e:ce: bd:ef:21:2b:42:0e:81:2c:5e:4e:81:ac:54:45:d8:92:4f:29: d2:40:ef:13 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZqczp0Z3jLzBsOuksddCmGeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0 MzU5MDcwHhcNMjUxMTE5MTU0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZmNlN2Q2NWQ0OGQyNWM3YzkyOTJiNmVjM2JlZjIwMjQxZGVmNjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOK5MjikCrS3BCIxLI9CTkMZuFXK 9EGKICU4uJDENKBBUC3glLjvRNF4fgN7Dmf4/SmHqNPog4qYSFtQ/gAWnev51Pjg 4k7DyndfOGY+QkRV/PPzFjNynt4rWHOamCcxc9J0SjrISjr2bioLM5fD+L0r/xqJ 5Wni+PxEWuKFtBxivVZoa7UyVGVS9cFUpWZKse/sz2jCMtOrMt3EZm+fjHx8gzhe aCH6sY1StWxYe/f/lhUTPUCTak9GVyrExs1mHx8yFkjk2v/Kl4BhWXpDwdNdde7R y8trgfEHaPTQiPm6FrM/Q695NwFm6te+eiR3ST8O1JZaUNGxJgKkzWaQ/wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFH/OfWXUjSXHySkrbsO+8gJB3vZVMB8GA1UdIwQY MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt NzE3OTk4YWEzY2ZmLzEvZjg1OVpkU05KY2ZKS1N0dXc3N3lBa0hlOWxVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVqIMA0E AgACMAcDBQMqDUCAMA0GCSqGSIb3DQEBCwUAA4IBAQBzrpN6dUW/coiqKfWBBeU7 B715bXWYcGV/EacP/qo53BJS76+bPJXOs1NARpvg10qbNlwsQ8QcBaKetY3Jm9+C pvue0ld8JKnrZpowaFaRMSnNGP7dVnqOfarPokIVNJNQNjCzF6wTaeY6ytoqZPNS t6DR/DW+1NJotwXZ82iyFjJCAda8fth7a63pM4FaGs1QNyasz4OMVPz4z7rtk/rC k5xiNWyuX1yMZLFNecib2AsXtzGfLlZ2399rD2SlV6LAVyW554Xh3zP4iEZuUsYu tpQS+ZEm69NdC3XzNkAFk3tJat6JsFWqjs697yErQg6BLF5OgaxURdiSTynSQO8T -----END CERTIFICATE-----Generated at Sat Dec 6 18:47:03 2025 by rpki-client