This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/3ZD9b9VxtWf9j-N9CF05eG5tszY.roa File: 3ZD9b9VxtWf9j-N9CF05eG5tszY.roa (raw, json) Hash identifier: de7CUGv4KDBoKyrOitvaE0s2Zsm2dofD6FeaElzcC68= Subject key identifier: DD:90:FD:6F:D5:71:B5:67:FD:8F:E3:7D:08:5D:39:78:6E:6D:B3:36 Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019ACBF42CB15D1F40BBB2876D9A32B83FAA Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/3ZD9b9VxtWf9j-N9CF05eG5tszY.roa Signing time: Fri 28 Nov 2025 19:32:48 +0000 ROA not before: Fri 28 Nov 2025 19:32:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57013 IP address blocks: 138.249.9.0/24 maxlen: 24 170.168.0.0/24 maxlen: 24 170.168.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cb:f4:2c:b1:5d:1f:40:bb:b2:87:6d:9a:32:b8:3f:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Nov 28 19:32:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=dd90fd6fd571b567fd8fe37d085d39786e6db336 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ba:ae:9c:4d:2d:85:12:8b:d3:f9:4f:8e:95: e4:4f:24:2b:d8:6f:a0:96:df:f7:11:01:e9:eb:a4: 08:4e:55:24:e0:95:10:8d:c7:24:df:88:15:cf:1d: f4:5c:7d:a5:d2:b0:9e:ac:de:18:d1:fa:34:52:a3: 15:ec:28:e1:29:10:99:6f:4b:cc:ad:28:8b:16:45: 89:1e:ce:90:66:fe:df:e3:61:8a:6f:c4:95:8d:ba: 5b:af:48:68:9b:24:cb:be:4d:3b:19:d1:d5:4c:1a: c6:2b:49:d3:dd:07:5b:ca:0b:6b:75:fd:1f:67:0e: 47:3f:53:48:bb:d0:5f:27:e0:5e:43:e4:97:06:f9: ef:1b:46:43:f1:15:25:89:f2:3c:a3:94:c6:80:d3: bc:0f:77:94:00:2c:3b:c2:d3:fc:3b:91:8c:b1:5e: b9:cf:ea:d4:be:10:80:93:8d:57:56:79:bd:27:20: ed:bc:a4:e7:26:c0:09:f5:d2:d5:70:74:7c:de:2e: 2f:b0:6f:3f:5d:76:c5:00:c9:0d:4b:55:c8:2c:27: 50:69:a7:fa:ab:92:d2:ff:86:63:6c:ac:84:e2:08: be:b6:c0:c1:5d:6a:63:8b:8b:e1:ff:8a:62:33:35: fd:e6:fd:6e:f2:30:10:22:34:3d:27:55:ea:31:6c: 70:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:90:FD:6F:D5:71:B5:67:FD:8F:E3:7D:08:5D:39:78:6E:6D:B3:36 X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/3ZD9b9VxtWf9j-N9CF05eG5tszY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.249.9.0/24 170.168.0.0/24 170.168.67.0/24 Signature Algorithm: sha256WithRSAEncryption 44:bd:4b:01:3b:67:df:9f:b9:03:d9:44:4f:70:4d:89:1c:ff: 4d:96:43:90:6a:3d:de:4c:2d:84:94:a0:3a:3b:82:cc:a6:74: dd:bb:9d:f9:1f:99:b1:df:c3:ec:74:ea:87:24:4f:94:d2:07: 9b:c6:69:44:28:78:10:0a:b1:91:95:7a:dd:f3:33:6f:91:36: e6:e1:ac:09:5d:3e:8c:f4:85:63:2d:12:ae:8d:58:08:0e:45: 09:5c:2c:90:5f:e7:0c:ef:ba:65:70:56:a7:15:90:95:89:22: 6f:09:5b:9d:e6:24:7c:44:f4:61:21:4a:61:35:5d:4f:53:a7: a4:d3:a7:ee:a6:85:a9:5f:bd:05:2a:e0:07:c2:d6:db:e0:7d: f9:58:a9:e8:66:18:27:a6:e9:61:0f:1a:09:56:5e:48:00:17: cc:cb:33:81:71:34:e8:df:b2:dc:5d:22:66:ee:80:58:ed:e4: a2:87:c1:e6:ab:d1:f3:6f:71:f0:9c:26:d1:5f:5c:f2:9e:34: fe:9d:d3:22:e2:39:b0:a2:be:f4:c4:8d:4d:a2:63:0c:40:9a: 29:93:48:41:6f:b2:1f:5e:6d:24:ab:c0:46:f3:e6:62:b6:b7: 13:7e:0d:a9:8b:6f:2c:a4:d2:a7:6b:cd:a2:fc:c0:e4:17:b5: ce:ff:a3:f6 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZrL9CyxXR9Au7KHbZoyuD+qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjUxMTI4MTkzMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDkwZmQ2ZmQ1NzFiNTY3ZmQ4ZmUzN2QwODVkMzk3ODZlNmRiMzM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rqunE0thRKL0/lPjpXkTyQr2G+g lt/3EQHp66QITlUk4JUQjcck34gVzx30XH2l0rCerN4Y0fo0UqMV7CjhKRCZb0vM rSiLFkWJHs6QZv7f42GKb8SVjbpbr0homyTLvk07GdHVTBrGK0nT3Qdbygtrdf0f Zw5HP1NIu9BfJ+BeQ+SXBvnvG0ZD8RUlifI8o5TGgNO8D3eUACw7wtP8O5GMsV65 z+rUvhCAk41XVnm9JyDtvKTnJsAJ9dLVcHR83i4vsG8/XXbFAMkNS1XILCdQaaf6 q5LS/4ZjbKyE4gi+tsDBXWpji4vh/4piMzX95v1u8jAQIjQ9J1XqMWxwlQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFN2Q/W/VcbVn/Y/jfQhdOXhubbM2MB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEvM1pEOWI5Vnh0V2Y5ai1OOUNGMDVlRzV0c3pZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAivkJAwQA qqgAAwQAqqhDMA0GCSqGSIb3DQEBCwUAA4IBAQBEvUsBO2ffn7kD2URPcE2JHP9N lkOQaj3eTC2ElKA6O4LMpnTdu535H5mx38PsdOqHJE+U0gebxmlEKHgQCrGRlXrd 8zNvkTbm4awJXT6M9IVjLRKujVgIDkUJXCyQX+cM77plcFanFZCViSJvCVud5iR8 RPRhIUphNV1PU6ek06fupoWpX70FKuAHwtbb4H35WKnoZhgnpulhDxoJVl5IABfM yzOBcTTo37LcXSJm7oBY7eSih8Hmq9Hzb3HwnCbRX1zynjT+ndMi4jmwor70xI1N omMMQJopk0hBb7IfXm0kq8BG8+ZitrcTfg2pi28spNKna82i/MDkF7XO/6P2 -----END CERTIFICATE-----Generated at Sat Dec 6 17:18:55 2025 by rpki-client