This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ehzoTGjbNkpnmtN3df5RDTE7dsQ.roa File: ehzoTGjbNkpnmtN3df5RDTE7dsQ.roa (raw, json) Hash identifier: 8+V1yBR2+wN28LqaXOLpfqGe3IHXdmal6QzIanPbirA= Subject key identifier: 7A:1C:E8:4C:68:DB:36:4A:67:9A:D3:77:75:FE:51:0D:31:3B:76:C4 Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe Certificate serial: 019AE329F2678743EF0C6D90361ADFDA7A48 Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ehzoTGjbNkpnmtN3df5RDTE7dsQ.roa Signing time: Wed 03 Dec 2025 07:42:48 +0000 ROA not before: Wed 03 Dec 2025 07:42:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214515 IP address blocks: 109.122.244.0/24 maxlen: 24 109.122.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:29:f2:67:87:43:ef:0c:6d:90:36:1a:df:da:7a:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe Validity Not Before: Dec 3 07:42:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7a1ce84c68db364a679ad37775fe510d313b76c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:1b:d3:5a:af:a4:94:27:8a:b9:ba:f1:c3:49: c9:cd:65:f1:b5:e1:ac:91:a3:80:d4:bf:d5:fc:c1: a7:5d:bd:7b:84:d5:2e:a2:fd:37:ed:aa:ee:0f:3d: f2:d8:82:76:20:52:34:21:59:f2:e9:a9:a5:bc:6e: 37:9a:b3:2a:c6:5c:62:d4:8a:34:00:8d:75:b1:8f: fc:2b:76:9a:0a:75:53:79:6e:5d:63:e4:3d:1f:c0: 6d:0a:17:d6:2e:9c:06:98:37:ea:74:af:de:26:15: 22:71:79:e7:59:d4:49:31:5a:2c:97:61:c6:4e:30: 9d:62:35:42:ef:64:23:49:42:36:d9:93:9f:93:ab: af:da:f1:ca:ff:11:04:f6:eb:e8:7f:c7:23:a4:c9: 44:1f:cb:bd:dd:24:69:ae:34:d6:f9:a7:0c:7f:13: 31:a5:78:f6:4f:6b:92:b9:0a:a5:24:ca:a8:b2:d3: 92:b2:a1:bc:02:3b:84:a1:03:e2:9e:22:52:53:0e: 2b:80:83:22:a5:03:f8:17:2a:23:52:eb:2b:dd:64: 9d:1b:26:e1:a5:a9:81:57:d0:16:06:73:40:76:e2: 98:4c:b6:bd:f9:cd:2a:99:98:6b:fb:e0:9f:f5:fb: a5:b8:ab:84:c2:c8:4e:ac:a4:4d:dc:b6:dc:40:3b: fb:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:1C:E8:4C:68:DB:36:4A:67:9A:D3:77:75:FE:51:0D:31:3B:76:C4 X509v3 Authority Key Identifier: keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ehzoTGjbNkpnmtN3df5RDTE7dsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.122.244.0/24 109.122.253.0/24 Signature Algorithm: sha256WithRSAEncryption 2a:4e:d7:3d:8d:6a:ab:7d:65:dd:78:db:1f:47:2c:c7:b8:37: e5:51:fa:bf:cb:ff:cf:22:18:f5:81:c7:bc:25:09:e7:1e:fb: ff:53:32:95:fd:b1:94:c2:eb:e8:1f:14:26:e3:f8:54:d6:b8: 32:c0:eb:a8:1d:7a:10:65:0b:9e:d7:30:05:e7:69:72:cf:4a: 79:df:46:96:99:13:36:22:2b:f8:52:0e:32:4a:8c:c6:2c:d0: ed:01:ae:cc:36:44:9a:b7:42:84:45:9d:51:fe:8c:58:2c:e1: 60:c9:72:c0:3f:28:c2:92:e7:76:78:10:2f:e9:3a:7f:b7:87: e7:68:c6:f7:29:ad:14:d0:b7:36:b9:aa:60:f5:bc:8a:26:a5: 7e:97:d2:e7:79:4c:c1:e2:ef:9a:3d:83:bc:a9:d4:61:21:d0: ae:08:a3:4b:4f:13:76:23:30:a8:bf:2f:c6:e3:1d:29:06:ec: d5:bb:0a:d4:a4:70:e1:8d:c1:fd:82:d2:39:0d:8c:e0:36:98: 71:61:59:9d:6b:97:99:25:7d:a6:c8:71:9d:64:28:b9:34:e1: c7:c4:a0:71:51:93:9b:7a:3b:51:00:af:cc:21:b1:f0:9c:21: 08:6c:f1:09:e9:a4:6f:ef:14:d4:e8:79:e0:d5:83:bd:2a:73: dd:92:df:7a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZrjKfJnh0PvDG2QNhrf2npIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz MjdlYmUwHhcNMjUxMjAzMDc0MjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YTFjZTg0YzY4ZGIzNjRhNjc5YWQzNzc3NWZlNTEwZDMxM2I3NmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxvTWq+klCeKubrxw0nJzWXxteGs kaOA1L/V/MGnXb17hNUuov037aruDz3y2IJ2IFI0IVny6amlvG43mrMqxlxi1Io0 AI11sY/8K3aaCnVTeW5dY+Q9H8BtChfWLpwGmDfqdK/eJhUicXnnWdRJMVosl2HG TjCdYjVC72QjSUI22ZOfk6uv2vHK/xEE9uvof8cjpMlEH8u93SRprjTW+acMfxMx pXj2T2uSuQqlJMqostOSsqG8AjuEoQPiniJSUw4rgIMipQP4FyojUusr3WSdGybh pamBV9AWBnNAduKYTLa9+c0qmZhr++Cf9fuluKuEwshOrKRN3LbcQDv7jwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHoc6Exo2zZKZ5rTd3X+UQ0xO3bEMB8GA1UdIwQY MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt M2RmYTUxMGQ2YjE2LzEvZWh6b1RHamJOa3BubXROM2RmNVJEVEU3ZHNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2 LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXr0AwQA bXr9MA0GCSqGSIb3DQEBCwUAA4IBAQAqTtc9jWqrfWXdeNsfRyzHuDflUfq/y//P Ihj1gce8JQnnHvv/UzKV/bGUwuvoHxQm4/hU1rgywOuoHXoQZQue1zAF52lyz0p5 30aWmRM2Iiv4Ug4ySozGLNDtAa7MNkSat0KERZ1R/oxYLOFgyXLAPyjCkud2eBAv 6Tp/t4fnaMb3Ka0U0Lc2uapg9byKJqV+l9LneUzB4u+aPYO8qdRhIdCuCKNLTxN2 IzCovy/G4x0pBuzVuwrUpHDhjcH9gtI5DYzgNphxYVmda5eZJX2myHGdZCi5NOHH xKBxUZObejtRAK/MIbHwnCEIbPEJ6aRv7xTU6Hng1YO9KnPdkt96 -----END CERTIFICATE-----Generated at Sat Dec 6 11:53:34 2025 by rpki-client