This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/opKQFgTi4yK3l6BnztB63xP7vXs.roa File: opKQFgTi4yK3l6BnztB63xP7vXs.roa (raw, json) Hash identifier: LXsD7aGo98YI1mNDHZW1vUliYlW4Jhd/o/GSdARAozA= Subject key identifier: A2:92:90:16:04:E2:E3:22:B7:97:A0:67:CE:D0:7A:DF:13:FB:BD:7B Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0 Certificate serial: 019B137FED5B26BBEC355E4AC72DAF85FF07 Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/opKQFgTi4yK3l6BnztB63xP7vXs.roa Signing time: Fri 12 Dec 2025 16:58:29 +0000 ROA not before: Fri 12 Dec 2025 16:58:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 208022 IP address blocks: 2a05:88c0::/29 maxlen: 29 2a05:88c0::/32 maxlen: 32 2a05:88c1::/32 maxlen: 32 2a05:88c2::/32 maxlen: 32 2a05:88c3::/32 maxlen: 32 2a05:88c4::/32 maxlen: 32 2a05:88c5::/32 maxlen: 32 2a05:88c6::/32 maxlen: 32 2a05:88c7::/32 maxlen: 32 2a10:3300::/29 maxlen: 29 2a10:3300::/32 maxlen: 32 2a10:3301::/32 maxlen: 32 2a10:3302::/32 maxlen: 32 2a10:3303::/32 maxlen: 32 2a10:3304::/32 maxlen: 32 2a10:3305::/32 maxlen: 32 2a10:3306::/32 maxlen: 32 2a10:3307::/32 maxlen: 32 2a10:7f40::/29 maxlen: 29 2a10:7f40::/32 maxlen: 32 2a10:7f41::/32 maxlen: 32 2a10:7f42::/32 maxlen: 32 2a10:7f43::/32 maxlen: 32 2a10:7f44::/32 maxlen: 32 2a10:7f45::/32 maxlen: 32 2a10:7f46::/32 maxlen: 32 2a10:7f47::/32 maxlen: 32 2a10:7fc0::/29 maxlen: 29 2a10:7fc0::/32 maxlen: 32 2a10:7fc1::/32 maxlen: 32 2a10:7fc2::/32 maxlen: 32 2a10:7fc3::/32 maxlen: 32 2a10:7fc4::/32 maxlen: 32 2a10:7fc5::/32 maxlen: 32 2a10:7fc6::/32 maxlen: 32 2a10:7fc7::/32 maxlen: 32 2a11:d100::/29 maxlen: 29 2a11:d100::/32 maxlen: 32 2a11:d101::/32 maxlen: 32 2a11:d102::/32 maxlen: 32 2a11:d103::/32 maxlen: 32 2a11:d104::/32 maxlen: 32 2a11:d105::/32 maxlen: 32 2a11:d106::/32 maxlen: 32 2a11:d107::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.mft rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 07:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:13:7f:ed:5b:26:bb:ec:35:5e:4a:c7:2d:af:85:ff:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0 Validity Not Before: Dec 12 16:58:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a292901604e2e322b797a067ced07adf13fbbd7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:f3:ba:27:61:45:02:ba:5b:35:fa:d5:b2:61: fe:72:f7:f6:ca:9b:57:9e:67:17:2a:b8:f8:d3:1c: 1d:8f:98:fd:1c:06:36:d1:f9:ab:5e:8f:2e:33:b7: 68:a1:4b:e3:d1:fe:24:d3:3c:2d:9f:61:a6:83:82: ef:f2:08:55:4b:3b:51:39:63:5b:05:13:33:ae:4f: bf:1c:27:a8:b9:39:5b:da:3e:4e:ef:ff:0f:e3:85: a4:5a:1f:cb:f8:0e:5d:c4:f4:08:a7:40:f2:9b:20: 3f:c1:cf:af:b3:23:18:af:f2:7e:19:4b:7f:9c:d8: c0:9d:32:a7:f4:10:14:e4:9e:16:c4:29:4f:7b:59: 3f:f6:11:de:fd:0e:69:c6:01:5d:23:46:23:55:2d: ca:5d:a2:c4:43:04:f1:4b:99:b6:41:bf:f5:9b:06: ec:06:e0:9e:6b:22:d2:ba:87:e8:d0:9f:03:68:e0: f6:61:58:36:ef:79:62:ad:31:e7:26:19:df:82:d6: 0c:c5:85:e1:7a:32:61:3e:3d:7f:08:3a:5c:88:ed: b6:22:c1:70:e7:1c:cf:90:c8:5c:9a:2e:14:34:99: df:0f:e8:9b:fa:7b:c0:d3:a1:30:e8:ed:b7:71:b2: 2c:c0:b6:bf:4e:9d:ca:db:2d:6a:85:31:7e:b9:1f: 53:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:92:90:16:04:E2:E3:22:B7:97:A0:67:CE:D0:7A:DF:13:FB:BD:7B X509v3 Authority Key Identifier: keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/opKQFgTi4yK3l6BnztB63xP7vXs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:88c0::/29 2a10:3300::/29 2a10:7f40::/29 2a10:7fc0::/29 2a11:d100::/29 Signature Algorithm: sha256WithRSAEncryption ba:02:b8:9a:96:4b:07:52:84:cb:ff:7c:96:a9:94:82:50:4d: 63:6a:f9:d5:6a:1a:27:e0:ef:41:ea:0b:bb:df:54:04:f5:15: 09:a8:09:c8:10:b3:e7:82:5e:28:db:0b:10:5b:fb:53:81:cc: b8:e1:e0:8e:11:b5:20:85:d2:cb:cc:b3:75:a3:df:78:ae:29: 08:4a:8a:e1:f7:86:a9:ef:b1:bb:3f:5b:3c:72:49:25:d2:f3: 82:e5:e8:6d:ca:de:64:8f:f1:3e:1e:77:e8:54:a5:f7:71:1c: 68:e7:4c:58:99:2a:8c:e5:68:80:46:e7:7f:fa:13:20:e6:57: d2:0f:21:27:f6:96:2b:93:fd:16:ef:05:a2:a9:a8:0c:19:4e: 8f:33:70:a1:62:68:ba:5b:b8:e3:66:58:40:26:f4:6a:15:d7: f3:ce:9d:c9:60:bb:ed:6d:32:38:c2:94:71:7e:fb:55:3b:5e: 7c:28:d2:7b:23:a3:2e:5f:8a:77:45:a7:63:d5:b4:9f:c5:30: 82:9e:22:d8:9d:c7:ff:7c:a5:eb:e8:d2:3c:fa:7d:83:fe:00: 7e:01:aa:9f:ed:b6:59:1b:4c:ed:ca:81:d4:42:91:10:dd:04: 12:40:d7:5b:1f:99:81:08:ec:69:fd:24:4b:c6:a2:2f:d9:cb: 4e:07:94:b5 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZsTf+1bJrvsNV5Kxy2vhf8HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx NzgzZDAwHhcNMjUxMjEyMTY1ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjkyOTAxNjA0ZTJlMzIyYjc5N2EwNjdjZWQwN2FkZjEzZmJiZDdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPO6J2FFArpbNfrVsmH+cvf2yptX nmcXKrj40xwdj5j9HAY20fmrXo8uM7dooUvj0f4k0zwtn2Gmg4Lv8ghVSztROWNb BRMzrk+/HCeouTlb2j5O7/8P44WkWh/L+A5dxPQIp0DymyA/wc+vsyMYr/J+GUt/ nNjAnTKn9BAU5J4WxClPe1k/9hHe/Q5pxgFdI0YjVS3KXaLEQwTxS5m2Qb/1mwbs BuCeayLSuofo0J8DaOD2YVg273lirTHnJhnfgtYMxYXhejJhPj1/CDpciO22IsFw 5xzPkMhcmi4UNJnfD+ib+nvA06Ew6O23cbIswLa/Tp3K2y1qhTF+uR9TYQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFKKSkBYE4uMit5egZ87Qet8T+717MB8GA1UdIwQY MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt NjI2NTUyMWY2ZGY3LzEvb3BLUUZnVGk0eUszbDZCbnp0QjYzeFA3dlhzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3 LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgWIwAMF AyoQMwADBQMqEH9AAwUDKhB/wAMFAyoR0QAwDQYJKoZIhvcNAQELBQADggEBALoC uJqWSwdShMv/fJaplIJQTWNq+dVqGifg70HqC7vfVAT1FQmoCcgQs+eCXijbCxBb +1OBzLjh4I4RtSCF0svMs3Wj33iuKQhKiuH3hqnvsbs/WzxySSXS84Ll6G3K3mSP 8T4ed+hUpfdxHGjnTFiZKozlaIBG53/6EyDmV9IPISf2liuT/RbvBaKpqAwZTo8z cKFiaLpbuONmWEAm9GoV1/POnclgu+1tMjjClHF++1U7Xnwo0nsjoy5findFp2PV tJ/FMIKeItidx/98pevo0jz6fYP+AH4Bqp/ttlkbTO3KgdRCkRDdBBJA11sfmYEI 7Gn9JEvGoi/Zy04HlLU= -----END CERTIFICATE-----Generated at Mon Dec 15 17:13:36 2025 by rpki-client