This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/0otNsOY2-Ux6_O9dO88zFay15wk.roa File: 0otNsOY2-Ux6_O9dO88zFay15wk.roa (raw, json) Hash identifier: YBm2IMI2yhKvDThcZhxhu25xiNbRsmJYrGhGHOCFs7k= Subject key identifier: D2:8B:4D:B0:E6:36:F9:4C:7A:FC:EF:5D:3B:CF:33:15:AC:B5:E7:09 Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396 Certificate serial: 019A79339FBBE04DA522819C2DE64D501BDD Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/0otNsOY2-Ux6_O9dO88zFay15wk.roa Signing time: Wed 12 Nov 2025 17:53:37 +0000 ROA not before: Wed 12 Nov 2025 17:53:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 12989 IP address blocks: 2.59.21.0/24 maxlen: 24 2.59.22.0/24 maxlen: 24 45.12.60.0/24 maxlen: 24 86.54.28.0/24 maxlen: 24 86.54.29.0/24 maxlen: 24 86.54.30.0/24 maxlen: 24 86.54.31.0/24 maxlen: 24 212.104.140.0/24 maxlen: 24 212.104.141.0/24 maxlen: 24 213.254.179.0/24 maxlen: 24 2a01:e940::/48 maxlen: 48 2a01:e943::/48 maxlen: 48 2a01:e944::/48 maxlen: 48 2a01:e945::/48 maxlen: 48 2a01:e946::/48 maxlen: 48 2a01:e947::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:79:33:9f:bb:e0:4d:a5:22:81:9c:2d:e6:4d:50:1b:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396 Validity Not Before: Nov 12 17:53:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d28b4db0e636f94c7afcef5d3bcf3315acb5e709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:a7:d1:ac:1b:65:83:49:dd:82:69:41:47:7f: c2:35:9f:0a:93:c8:7c:6c:f6:b4:bb:e5:57:94:fe: 90:35:c8:26:91:f9:a9:11:40:5b:ea:16:2b:ba:4b: b8:3d:9d:e6:e5:a1:ac:0b:9d:53:2b:0c:6f:ff:c5: 91:11:2a:a4:0a:56:22:bd:25:42:11:ff:c0:30:ee: 9d:af:b8:cb:54:6b:cd:97:51:d6:fa:b7:98:e6:33: 33:39:64:81:0e:be:68:5a:42:13:b9:38:47:37:14: 64:f3:38:58:d5:62:26:dc:ec:8e:09:70:f3:a9:aa: ac:88:eb:db:71:38:1f:5f:3a:93:63:bf:37:7d:77: ae:33:aa:46:0d:99:79:95:fc:e8:d6:23:31:0a:1a: ec:79:b9:27:0c:eb:d9:f2:f3:d7:10:df:e2:e6:df: 2b:0b:fa:ca:e7:5a:40:78:7d:b3:5a:cb:d6:c1:32: 01:79:dd:85:a1:c5:30:2b:ea:00:13:e6:a6:82:cf: 66:d7:5f:d3:56:ab:19:96:db:ac:82:ad:14:e5:af: d6:f1:b9:8d:49:a4:55:ca:d9:db:69:86:a0:70:31: 60:64:a4:77:ef:8a:73:52:dc:8a:75:2f:f7:ee:e4: 1c:b6:41:11:52:a1:80:89:d6:71:3a:12:24:58:19: 90:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:8B:4D:B0:E6:36:F9:4C:7A:FC:EF:5D:3B:CF:33:15:AC:B5:E7:09 X509v3 Authority Key Identifier: keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/0otNsOY2-Ux6_O9dO88zFay15wk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.21.0-2.59.22.255 45.12.60.0/24 86.54.28.0/22 212.104.140.0/23 213.254.179.0/24 IPv6: 2a01:e940::/48 2a01:e943::/48 2a01:e944::/48 2a01:e945::/48 2a01:e946::/48 2a01:e947::/48 Signature Algorithm: sha256WithRSAEncryption cd:0b:03:5e:7a:79:89:0f:bc:a7:83:ac:3d:26:c8:2c:34:f2: 15:4c:6a:dd:83:4e:18:1f:7e:70:d1:2d:9d:c1:38:5d:78:e1: 6f:4f:2c:33:5e:5b:a4:65:b8:d3:88:05:4c:45:54:ea:6c:cd: 4f:e0:f3:f1:06:7f:03:da:f7:96:c7:8b:15:ba:1d:31:f0:da: 9d:c0:11:6f:7c:11:11:e8:23:b8:63:24:8c:db:76:c3:26:3c: b0:e4:cc:4e:bb:80:a1:88:ed:6a:a6:07:d8:61:8a:f7:08:a4: 87:47:23:23:67:a3:77:a5:2c:92:88:c2:9a:ce:08:50:bd:a8: d2:2a:99:82:cf:39:8d:fa:b6:4d:6c:93:40:96:01:84:9d:b8: b4:c6:4a:36:cb:74:b2:02:71:d1:89:91:1d:c8:fe:23:c9:66: 0e:78:f3:17:72:c1:99:a3:1a:70:b6:87:9d:2e:fc:17:5b:9c: bf:13:3e:ee:87:1f:62:34:ff:b2:92:f2:61:95:c3:1a:13:de: c4:4f:75:ef:6a:e9:79:9b:5e:27:b4:40:db:6d:a6:d6:c2:84: 02:3f:f5:d5:db:de:89:1f:2c:f3:62:d0:ea:0b:16:6f:79:6a: f9:ca:dd:84:c7:86:ff:12:bc:51:e9:ee:ef:4f:88:fb:b7:70: 69:e7:17:12 -----BEGIN CERTIFICATE----- MIIFWzCCBEOgAwIBAgISAZp5M5+74E2lIoGcLeZNUBvdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi NTEzOTYwHhcNMjUxMTEyMTc1MzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjhiNGRiMGU2MzZmOTRjN2FmY2VmNWQzYmNmMzMxNWFjYjVlNzA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KfRrBtlg0ndgmlBR3/CNZ8Kk8h8 bPa0u+VXlP6QNcgmkfmpEUBb6hYruku4PZ3m5aGsC51TKwxv/8WRESqkClYivSVC Ef/AMO6dr7jLVGvNl1HW+reY5jMzOWSBDr5oWkITuThHNxRk8zhY1WIm3OyOCXDz qaqsiOvbcTgfXzqTY783fXeuM6pGDZl5lfzo1iMxChrsebknDOvZ8vPXEN/i5t8r C/rK51pAeH2zWsvWwTIBed2FocUwK+oAE+amgs9m11/TVqsZltusgq0U5a/W8bmN SaRVytnbaYagcDFgZKR374pzUtyKdS/37uQctkERUqGAidZxOhIkWBmQ/QIDAQAB o4ICZzCCAmMwHQYDVR0OBBYEFNKLTbDmNvlMevzvXTvPMxWstecJMB8GA1UdIwQY MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt ZmQ4MTQ0NTVhODY4LzEvMG90TnNPWTItVXg2X085ZE84OHpGYXkxNXdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4 LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAsBAIAATAmMAwDBAACOxUD BAACOxYDBAAtDDwDBAJWNhwDBAHUaIwDBADV/rMwPAQCAAIwNgMHACoB6UAAAAMH ACoB6UMAAAMHACoB6UQAAAMHACoB6UUAAAMHACoB6UYAAAMHACoB6UcAADANBgkq hkiG9w0BAQsFAAOCAQEAzQsDXnp5iQ+8p4OsPSbILDTyFUxq3YNOGB9+cNEtncE4 XXjhb08sM15bpGW404gFTEVU6mzNT+Dz8QZ/A9r3lseLFbodMfDancARb3wREegj uGMkjNt2wyY8sOTMTruAoYjtaqYH2GGK9wikh0cjI2ejd6UskojCms4IUL2o0iqZ gs85jfq2TWyTQJYBhJ24tMZKNst0sgJx0YmRHcj+I8lmDnjzF3LBmaMacLaHnS78 F1ucvxM+7ocfYjT/spLyYZXDGhPexE9172rpeZteJ7RA222m1sKEAj/11dveiR8s 82LQ6gsWb3lq+crdhMeG/xK8Uenu70+I+7dwaecXEg== -----END CERTIFICATE-----Generated at Sat Dec 6 19:45:05 2025 by rpki-client