This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/0Q3uyZY8RsqjLoJW6u1RmMpyPuo.roa File: 0Q3uyZY8RsqjLoJW6u1RmMpyPuo.roa (raw, json) Hash identifier: pCjrPkrrHgp4o152zVnRaCrn6ENjsnKf49PVkjj9gyg= Subject key identifier: D1:0D:EE:C9:96:3C:46:CA:A3:2E:82:56:EA:ED:51:98:CA:72:3E:EA Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38 Certificate serial: 019AF03002AD440F7D5B66973A248D01B7F6 Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/0Q3uyZY8RsqjLoJW6u1RmMpyPuo.roa Signing time: Fri 05 Dec 2025 20:24:29 +0000 ROA not before: Fri 05 Dec 2025 20:24:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57706 IP address blocks: 2.58.57.0/24 maxlen: 24 2.58.59.0/24 maxlen: 24 2a09:e240::/29 maxlen: 48 2a09:e240:40::/44 maxlen: 48 2a09:e244::/33 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:30:02:ad:44:0f:7d:5b:66:97:3a:24:8d:01:b7:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38 Validity Not Before: Dec 5 20:24:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d10deec9963c46caa32e8256eaed5198ca723eea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:a8:11:3f:2d:85:ea:56:0b:db:2e:25:e5:f8: 32:47:e1:a1:58:ad:4f:d2:2a:e4:f6:b2:df:c4:1c: a4:f3:77:f3:52:d7:bc:eb:e1:66:97:69:33:f6:7f: 40:a3:74:ee:9d:f1:f8:26:7c:12:66:dc:ae:a3:09: 91:61:b4:0a:a6:3f:9f:49:22:40:91:7e:1e:30:16: 1e:d6:4e:40:e3:49:65:c2:74:eb:ce:7d:63:f1:97: f1:fa:74:b5:87:d2:5d:73:af:4f:0e:74:16:9d:d1: e8:b2:18:57:ff:cb:e0:b3:4c:58:a2:f5:21:d4:53: 0e:35:7f:6f:c4:6a:9b:5b:72:6c:1a:1e:67:c9:92: f0:44:48:a3:ae:d9:62:66:bf:df:52:4e:e8:70:2f: 0e:b0:a5:9d:68:93:77:f3:7d:aa:7b:1a:fe:33:b0: 6c:6c:f2:c1:f2:9f:87:e4:b6:ea:07:83:e7:3e:65: 9b:64:a7:9c:8d:b0:2e:0f:8d:10:08:d6:76:d7:bc: f6:76:34:fe:41:3c:8d:0a:3c:16:2f:c3:d6:fc:50: 54:a3:d3:0e:71:78:73:cd:c6:fb:a7:d8:da:b5:4e: 57:92:8f:25:f2:93:c9:c6:f9:d6:3a:b9:24:28:6f: df:f5:21:63:ff:83:74:a0:46:bb:7c:dc:da:07:47: 74:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:0D:EE:C9:96:3C:46:CA:A3:2E:82:56:EA:ED:51:98:CA:72:3E:EA X509v3 Authority Key Identifier: keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/0Q3uyZY8RsqjLoJW6u1RmMpyPuo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.57.0/24 2.58.59.0/24 IPv6: 2a09:e240::/29 Signature Algorithm: sha256WithRSAEncryption 76:11:ad:da:42:cf:d4:3d:cb:1a:c5:4f:39:8b:58:63:d9:51: c8:57:a5:70:24:13:35:35:9b:f6:8e:2b:ae:eb:4e:6e:53:5a: 3b:18:1c:ab:75:08:06:a5:f8:fc:75:47:62:be:a9:59:55:cd: d8:0e:f1:db:c5:98:34:38:36:f6:1f:75:2b:75:62:19:25:9d: d8:d6:52:bd:07:03:3b:12:1c:d3:24:70:06:00:f7:13:4b:d2: 97:31:71:cd:54:92:82:35:1a:8c:d6:98:20:f1:6a:c8:a8:c4: 22:09:ed:d8:dc:7a:19:fa:14:d5:81:2a:96:f3:5e:ba:69:64: a1:92:03:d5:db:4e:58:ba:f6:67:b9:cf:30:1a:d3:17:a9:89: e5:09:a4:ee:3a:62:d6:5d:c4:86:fe:05:ba:93:08:ad:7d:fe: 3d:27:d3:d4:d5:e0:9a:d7:dc:20:8f:05:1f:84:bf:6c:50:9b: e3:a5:98:e3:bd:2e:aa:f2:ea:f1:58:74:ca:05:6e:1e:f3:b2: 57:d9:9a:06:b7:75:dd:aa:89:4d:c2:1d:9d:b0:62:be:43:7d: a5:4a:5d:44:e9:fa:f0:59:4e:f2:3d:11:6d:0c:84:1a:fc:3c: 51:cc:9f:36:c3:f6:dd:60:81:be:4d:4e:44:d6:c6:ab:ef:30: 95:ab:88:cd -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZrwMAKtRA99W2aXOiSNAbf2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk MjRkMzgwHhcNMjUxMjA1MjAyNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMTBkZWVjOTk2M2M0NmNhYTMyZTgyNTZlYWVkNTE5OGNhNzIzZWVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6gRPy2F6lYL2y4l5fgyR+GhWK1P 0irk9rLfxByk83fzUte86+Fml2kz9n9Ao3TunfH4JnwSZtyuowmRYbQKpj+fSSJA kX4eMBYe1k5A40llwnTrzn1j8Zfx+nS1h9Jdc69PDnQWndHoshhX/8vgs0xYovUh 1FMONX9vxGqbW3JsGh5nyZLwREijrtliZr/fUk7ocC8OsKWdaJN3832qexr+M7Bs bPLB8p+H5LbqB4PnPmWbZKecjbAuD40QCNZ217z2djT+QTyNCjwWL8PW/FBUo9MO cXhzzcb7p9jatU5Xko8l8pPJxvnWOrkkKG/f9SFj/4N0oEa7fNzaB0d00wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNEN7smWPEbKoy6CVurtUZjKcj7qMB8GA1UdIwQY MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt ZTQ1MzUwNDE0ZGRmLzEvMFEzdXlaWThSc3FqTG9KVzZ1MVJtTXB5UHVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAAjo5AwQA Ajo7MA0EAgACMAcDBQMqCeJAMA0GCSqGSIb3DQEBCwUAA4IBAQB2Ea3aQs/UPcsa xU85i1hj2VHIV6VwJBM1NZv2jiuu605uU1o7GByrdQgGpfj8dUdivqlZVc3YDvHb xZg0ODb2H3UrdWIZJZ3Y1lK9BwM7EhzTJHAGAPcTS9KXMXHNVJKCNRqM1pgg8WrI qMQiCe3Y3HoZ+hTVgSqW8166aWShkgPV205YuvZnuc8wGtMXqYnlCaTuOmLWXcSG /gW6kwitff49J9PU1eCa19wgjwUfhL9sUJvjpZjjvS6q8urxWHTKBW4e87JX2ZoG t3XdqolNwh2dsGK+Q32lSl1E6frwWU7yPRFtDIQa/DxRzJ82w/bdYIG+TU5E1sar 7zCVq4jN -----END CERTIFICATE-----Generated at Sat Dec 6 13:45:23 2025 by rpki-client