This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/FQHihBoOniwmQDmO0mdn4_kxToc.roa File: FQHihBoOniwmQDmO0mdn4_kxToc.roa (raw, json) Hash identifier: 8vbCj1IjkktKKef6bhqcB4alSOP8znsRoac6a6VJZpM= Subject key identifier: 15:01:E2:84:1A:0E:9E:2C:26:40:39:8E:D2:67:67:E3:F9:31:4E:87 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019A77F5EEFDE3EAA656AB2D1064ABA49AB7 Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/FQHihBoOniwmQDmO0mdn4_kxToc.roa Signing time: Wed 12 Nov 2025 12:06:37 +0000 ROA not before: Wed 12 Nov 2025 12:06:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 30633 IP address blocks: 72.63.8.0/22 maxlen: 22 72.63.24.0/22 maxlen: 22 72.63.32.0/22 maxlen: 22 72.63.40.0/22 maxlen: 22 72.63.44.0/22 maxlen: 22 72.63.56.0/22 maxlen: 22 72.63.64.0/22 maxlen: 22 72.63.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:77:f5:ee:fd:e3:ea:a6:56:ab:2d:10:64:ab:a4:9a:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Nov 12 12:06:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1501e2841a0e9e2c2640398ed26767e3f9314e87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:27:66:a6:e5:69:e2:cc:5f:8f:d7:6b:7e:c1: eb:96:f0:d2:65:27:26:a6:db:a0:d3:d9:6d:ac:38: 64:3f:6b:6f:e8:17:a8:3f:74:49:47:34:82:ae:2c: 00:37:ca:cb:96:05:28:86:d2:b4:d1:56:f7:5a:0b: d2:b6:ff:08:8d:f9:d5:6e:04:9f:e4:c0:c4:32:d4: 5e:0a:27:88:f5:1a:99:9b:74:e2:d6:7f:a2:0c:60: 3a:43:05:c1:18:46:7e:79:15:ac:f6:0a:4b:32:46: 86:bd:91:92:02:9c:70:38:a2:ee:7a:b3:17:4c:3a: cf:d7:1e:1c:9c:c4:a6:0a:61:6a:94:e2:c1:87:95: a9:ad:e0:a2:ee:f2:da:56:8a:52:5f:29:c9:ca:20: e2:fa:77:00:4a:bd:96:07:82:b6:e7:65:ae:ac:17: d8:b3:29:6e:3d:10:04:69:fb:5d:2c:c7:fa:18:1c: c2:5f:87:e5:77:d2:83:29:ea:24:6c:19:41:16:b3: a6:8b:26:bb:ae:ec:54:d6:b2:25:5f:56:98:b6:88: 2c:55:43:f5:44:22:96:ab:d7:40:6c:41:28:b8:bf: 38:c7:c7:a6:f9:b1:2e:d2:89:d7:43:5d:0b:cb:d7: 56:d7:dd:97:f8:48:4d:a0:0f:a9:b5:c4:56:76:20: 88:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:01:E2:84:1A:0E:9E:2C:26:40:39:8E:D2:67:67:E3:F9:31:4E:87 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/FQHihBoOniwmQDmO0mdn4_kxToc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 72.63.8.0/22 72.63.24.0/22 72.63.32.0/22 72.63.40.0/21 72.63.56.0/22 72.63.64.0/22 72.63.152.0/22 Signature Algorithm: sha256WithRSAEncryption 94:a9:f0:54:17:3f:40:b5:c8:cb:7a:40:58:29:69:ad:60:bc: da:c9:fa:40:7c:c8:6c:c5:ac:38:79:fd:01:c9:94:30:64:ae: 31:ae:52:ac:bf:49:9a:52:d0:fb:d3:0b:f3:09:dc:c0:d3:d5: 83:c0:34:88:24:84:9d:cd:a3:ef:5d:53:f9:db:2e:d7:09:ae: 88:d2:66:95:8c:0d:4c:49:d3:8a:67:65:f3:ab:7e:21:3f:f7: 7c:75:c3:ae:82:d9:03:90:bb:dd:6d:c4:72:d0:49:ad:ed:6a: f8:d7:93:2c:05:d0:4e:4e:46:a6:ce:02:de:2e:8e:28:71:24: 24:9e:fe:dd:15:96:29:0c:0f:10:bd:b7:6b:c6:3e:b2:b1:6c: f2:50:35:60:d7:ad:a2:06:dc:d0:8d:22:e7:7b:ee:8f:2c:4c: 5e:17:52:81:95:d5:6f:5a:56:38:ca:4e:e0:c6:8b:b3:f1:b7: 2c:05:23:d4:e5:5d:3a:42:94:5e:b3:67:38:92:21:93:e3:26: c8:93:48:79:77:fa:2f:d4:5e:2f:44:ef:43:38:55:df:29:86: ad:e3:a9:f2:5d:cb:02:e7:37:7d:4c:aa:37:2f:fd:fa:a9:40: 5c:77:51:4b:56:08:13:64:5a:a3:a8:b9:01:d6:3f:9c:9f:f2: f5:f7:9b:23 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZp39e794+qmVqstEGSrpJq3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUxMTEyMTIwNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNTAxZTI4NDFhMGU5ZTJjMjY0MDM5OGVkMjY3NjdlM2Y5MzE0ZTg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuidmpuVp4sxfj9drfsHrlvDSZScm ptug09ltrDhkP2tv6BeoP3RJRzSCriwAN8rLlgUohtK00Vb3WgvStv8IjfnVbgSf 5MDEMtReCieI9RqZm3Ti1n+iDGA6QwXBGEZ+eRWs9gpLMkaGvZGSApxwOKLuerMX TDrP1x4cnMSmCmFqlOLBh5WpreCi7vLaVopSXynJyiDi+ncASr2WB4K252WurBfY syluPRAEaftdLMf6GBzCX4fld9KDKeokbBlBFrOmiya7ruxU1rIlX1aYtogsVUP1 RCKWq9dAbEEouL84x8em+bEu0onXQ10Ly9dW192X+EhNoA+ptcRWdiCIuQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFBUB4oQaDp4sJkA5jtJnZ+P5MU6HMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvRlFIaWhCb09uaXdtUURtTzBtZG40X2t4VG9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCSD8IAwQC SD8YAwQCSD8gAwQDSD8oAwQCSD84AwQCSD9AAwQCSD+YMA0GCSqGSIb3DQEBCwUA A4IBAQCUqfBUFz9AtcjLekBYKWmtYLzayfpAfMhsxaw4ef0ByZQwZK4xrlKsv0ma UtD70wvzCdzA09WDwDSIJISdzaPvXVP52y7XCa6I0maVjA1MSdOKZ2Xzq34hP/d8 dcOugtkDkLvdbcRy0Emt7Wr415MsBdBOTkamzgLeLo4ocSQknv7dFZYpDA8Qvbdr xj6ysWzyUDVg162iBtzQjSLne+6PLExeF1KBldVvWlY4yk7gxouz8bcsBSPU5V06 QpRes2c4kiGT4ybIk0h5d/ov1F4vRO9DOFXfKYat46nyXcsC5zd9TKo3L/36qUBc d1FLVggTZFqjqLkB1j+cn/L195sj -----END CERTIFICATE-----Generated at Sat Dec 6 09:42:02 2025 by rpki-client