This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/TiUqiJvNZIWaEqZFoVWAzcDwp3c.roa File: TiUqiJvNZIWaEqZFoVWAzcDwp3c.roa (raw, json) Hash identifier: dsI2Fx3cTa4t9DKJjEFjVTeP17fVXTW2caUPc0YdPNU= Subject key identifier: 4E:25:2A:88:9B:CD:64:85:9A:12:A6:45:A1:55:80:CD:C0:F0:A7:77 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B127CD5BCE9A2BFB5C6FD32E8D95BB0AF Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/TiUqiJvNZIWaEqZFoVWAzcDwp3c.roa Signing time: Fri 12 Dec 2025 12:15:29 +0000 ROA not before: Fri 12 Dec 2025 12:15:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 394380 IP address blocks: 152.163.20.0/22 maxlen: 22 152.163.44.0/22 maxlen: 22 152.163.72.0/22 maxlen: 22 152.163.96.0/22 maxlen: 22 152.163.148.0/22 maxlen: 22 152.163.172.0/22 maxlen: 22 152.163.224.0/22 maxlen: 22 152.163.248.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:7c:d5:bc:e9:a2:bf:b5:c6:fd:32:e8:d9:5b:b0:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Dec 12 12:15:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4e252a889bcd64859a12a645a15580cdc0f0a777 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:96:0f:70:ec:a7:2b:7b:2c:f0:d2:dc:97:61: 3e:82:78:ea:7e:7c:80:f4:fd:85:6c:02:d9:6b:4c: 2b:55:e7:f0:82:5c:43:ff:f1:0a:d8:13:13:60:13: 6a:9e:92:b7:aa:48:5f:2f:84:5a:4e:ab:8a:03:f9: f2:a3:41:54:4e:b0:e2:f7:51:37:d3:47:92:c0:07: c1:11:6e:f8:b7:97:39:37:d7:87:b6:35:85:50:c2: c7:53:e1:3e:a8:93:50:43:a5:4c:2f:bf:87:11:67: 08:31:04:12:5e:88:7f:0e:cf:ee:3e:c8:3d:32:5d: dd:ab:60:fd:cb:87:00:0b:71:64:c4:b0:5f:b7:90: dd:52:1d:b0:2c:a9:72:48:2e:6a:42:f3:fb:44:20: b0:cd:ad:14:c3:59:3b:b1:6e:cc:4f:08:90:90:2f: b2:98:51:12:49:b2:6c:e6:a9:73:49:48:82:6e:78: 14:83:b9:e1:e7:d5:45:6c:4f:64:ed:51:44:b3:ee: 36:61:4e:32:e7:12:0a:d2:82:db:7d:a8:cb:a2:e3: 25:ff:21:d5:9c:35:c6:64:44:32:b1:9f:37:ca:8f: 4f:66:eb:f5:54:eb:af:bf:a6:cd:e2:67:55:43:a8: b5:8e:df:3c:94:90:44:ca:a9:70:6f:15:8d:ac:66: 63:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:25:2A:88:9B:CD:64:85:9A:12:A6:45:A1:55:80:CD:C0:F0:A7:77 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/TiUqiJvNZIWaEqZFoVWAzcDwp3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.163.20.0/22 152.163.44.0/22 152.163.72.0/22 152.163.96.0/22 152.163.148.0/22 152.163.172.0/22 152.163.224.0/22 152.163.248.0/22 Signature Algorithm: sha256WithRSAEncryption 90:aa:94:b1:7d:e4:63:86:62:4f:a1:97:47:54:36:52:b2:a7: 9c:75:d4:ca:22:e2:8c:67:d3:49:38:5a:f5:b7:1b:ce:1c:b7: 9d:c1:b1:db:b7:0c:74:fc:ef:28:ff:a9:4c:60:73:e5:72:fb: f3:08:7c:00:9c:86:80:a1:04:6e:25:5d:ab:fa:e2:58:c2:ab: a7:0e:06:3e:1b:e9:3a:9c:2f:16:47:81:a9:8f:b6:5a:95:fa: a3:47:4c:1a:b3:36:67:89:23:9d:ed:b7:28:cf:48:6c:fc:bb: 9d:8a:d4:ad:51:48:ad:f5:bb:96:05:3a:93:ee:0f:b9:32:9f: 30:a2:ed:b8:fc:e5:82:96:79:ff:4b:24:c4:5c:cc:7f:26:76: b1:ac:b7:7c:87:df:6b:b4:19:ef:28:48:6d:95:7f:21:e9:48: 29:c7:e6:61:c6:88:d1:a7:3b:87:1f:09:68:b5:22:27:e1:6d: 3b:98:22:3e:a6:20:a1:0c:cb:88:c0:1c:33:40:64:45:5a:0b: a5:db:c9:43:27:63:4c:c5:70:0c:01:97:f6:de:8c:f8:3c:1c: 86:55:7f:36:e8:af:e8:bc:7a:6b:7a:3d:02:c0:43:60:77:2d: 77:aa:8b:34:13:09:4c:d6:f0:1d:5e:be:05:91:5c:51:2a:0e: f1:d0:13:30 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZsSfNW86aK/tcb9MujZW7CvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUxMjEyMTIxNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZTI1MmE4ODliY2Q2NDg1OWExMmE2NDVhMTU1ODBjZGMwZjBhNzc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JYPcOynK3ss8NLcl2E+gnjqfnyA 9P2FbALZa0wrVefwglxD//EK2BMTYBNqnpK3qkhfL4RaTquKA/nyo0FUTrDi91E3 00eSwAfBEW74t5c5N9eHtjWFUMLHU+E+qJNQQ6VML7+HEWcIMQQSXoh/Ds/uPsg9 Ml3dq2D9y4cAC3FkxLBft5DdUh2wLKlySC5qQvP7RCCwza0Uw1k7sW7MTwiQkC+y mFESSbJs5qlzSUiCbngUg7nh59VFbE9k7VFEs+42YU4y5xIK0oLbfajLouMl/yHV nDXGZEQysZ83yo9PZuv1VOuvv6bN4mdVQ6i1jt88lJBEyqlwbxWNrGZjkwIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFE4lKoibzWSFmhKmRaFVgM3A8Kd3MB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvVGlVcWlKdk5aSVdhRXFaRm9WV0F6Y0R3cDNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCmKMUAwQC mKMsAwQCmKNIAwQCmKNgAwQCmKOUAwQCmKOsAwQCmKPgAwQCmKP4MA0GCSqGSIb3 DQEBCwUAA4IBAQCQqpSxfeRjhmJPoZdHVDZSsqecddTKIuKMZ9NJOFr1txvOHLed wbHbtwx0/O8o/6lMYHPlcvvzCHwAnIaAoQRuJV2r+uJYwqunDgY+G+k6nC8WR4Gp j7ZalfqjR0waszZniSOd7bcoz0hs/LuditStUUit9buWBTqT7g+5Mp8wou24/OWC lnn/SyTEXMx/JnaxrLd8h99rtBnvKEhtlX8h6Ugpx+ZhxojRpzuHHwlotSIn4W07 mCI+piChDMuIwBwzQGRFWgul28lDJ2NMxXAMAZf23oz4PByGVX826K/ovHprej0C wENgdy13qos0EwlM1vAdXr4FkVxRKg7x0BMw -----END CERTIFICATE-----Generated at Thu Dec 18 17:55:17 2025 by rpki-client