This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/D-3ala0f8ky5WKiKEkghNVysv_4.roa File: D-3ala0f8ky5WKiKEkghNVysv_4.roa (raw, json) Hash identifier: wj76+uzlOSIBp8ZUtRHuaG34C4BT9NcOlD+9ci+Uc/k= Subject key identifier: 0F:ED:DA:95:AD:1F:F2:4C:B9:58:A8:8A:12:48:21:35:5C:AC:BF:FE Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019AF0250724E25B1D8AA8C293B3D496C22A Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/D-3ala0f8ky5WKiKEkghNVysv_4.roa Signing time: Fri 05 Dec 2025 20:12:29 +0000 ROA not before: Fri 05 Dec 2025 20:12:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 202656 IP address blocks: 103.147.170.0/24 maxlen: 24 103.148.141.0/24 maxlen: 24 103.149.85.0/24 maxlen: 24 103.152.175.0/24 maxlen: 24 130.49.5.0/24 maxlen: 24 130.49.14.0/24 maxlen: 24 130.49.17.0/24 maxlen: 24 130.49.22.0/24 maxlen: 24 130.49.24.0/24 maxlen: 24 130.49.31.0/24 maxlen: 24 130.49.32.0/24 maxlen: 24 130.49.39.0/24 maxlen: 24 130.49.42.0/24 maxlen: 24 130.49.47.0/24 maxlen: 24 130.49.51.0/24 maxlen: 24 130.49.55.0/24 maxlen: 24 130.49.60.0/24 maxlen: 24 130.49.62.0/24 maxlen: 24 130.49.68.0/24 maxlen: 24 130.49.70.0/24 maxlen: 24 130.49.81.0/24 maxlen: 24 130.49.84.0/24 maxlen: 24 130.49.89.0/24 maxlen: 24 130.49.92.0/24 maxlen: 24 130.49.96.0/24 maxlen: 24 130.49.101.0/24 maxlen: 24 130.49.104.0/24 maxlen: 24 130.49.110.0/24 maxlen: 24 130.49.111.0/24 maxlen: 24 130.49.122.0/24 maxlen: 24 130.49.125.0/24 maxlen: 24 138.249.28.0/24 maxlen: 24 138.249.52.0/24 maxlen: 24 138.249.54.0/24 maxlen: 24 138.249.58.0/24 maxlen: 24 138.249.59.0/24 maxlen: 24 155.212.34.0/24 maxlen: 24 155.212.44.0/24 maxlen: 24 155.212.46.0/24 maxlen: 24 155.212.53.0/24 maxlen: 24 155.212.55.0/24 maxlen: 24 155.212.60.0/24 maxlen: 24 155.212.63.0/24 maxlen: 24 155.212.67.0/24 maxlen: 24 155.212.74.0/24 maxlen: 24 155.212.75.0/24 maxlen: 24 155.212.81.0/24 maxlen: 24 155.212.82.0/24 maxlen: 24 155.212.89.0/24 maxlen: 24 155.212.92.0/24 maxlen: 24 155.212.96.0/24 maxlen: 24 155.212.101.0/24 maxlen: 24 155.212.104.0/24 maxlen: 24 155.212.115.0/24 maxlen: 24 155.212.117.0/24 maxlen: 24 155.212.122.0/24 maxlen: 24 155.212.126.0/24 maxlen: 24 170.168.207.0/24 maxlen: 24 170.168.212.0/24 maxlen: 24 170.168.223.0/24 maxlen: 24 170.168.228.0/24 maxlen: 24 170.168.238.0/24 maxlen: 24 170.168.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:25:07:24:e2:5b:1d:8a:a8:c2:93:b3:d4:96:c2:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Dec 5 20:12:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0fedda95ad1ff24cb958a88a124821355cacbffe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:19:92:dd:28:96:9d:5c:5c:a4:02:81:88:25: 79:fa:30:0a:d1:7b:fc:2b:87:ed:46:5c:04:70:76: 6c:a7:d0:ab:96:9e:92:21:73:07:af:08:2c:35:4c: ed:ef:8f:85:c8:27:41:af:87:e5:8e:43:38:89:f3: 1e:27:63:50:95:3f:54:62:d3:05:3c:cb:e9:dd:8e: 3b:93:29:9e:6c:e0:16:63:62:9d:df:84:de:76:77: a2:f1:c6:3e:33:9a:15:43:9a:53:8d:64:ab:15:58: 76:df:cd:c1:03:41:1b:ca:fd:56:c8:f9:ed:78:ae: 55:c2:cc:c3:21:05:9d:1a:14:a8:3a:06:c5:b6:b3: 71:ff:fb:72:eb:09:d7:39:1d:9e:fe:77:b3:ae:bd: b2:06:ba:fa:80:62:d8:c4:a4:1e:db:b6:1b:06:26: f7:dd:db:0d:8c:a9:36:3f:29:54:02:af:ca:fd:de: 26:c7:7d:02:9b:51:17:be:90:34:4f:29:96:e3:ba: d1:45:e6:ae:6b:87:f5:26:8e:9a:4c:92:43:20:b0: 48:8c:21:29:f2:8d:9d:77:d0:4a:30:c3:ce:7d:65: 38:96:21:ed:32:ac:e0:f3:ae:e6:c9:04:82:56:ea: ec:6d:2a:cf:82:ae:30:97:f0:67:08:f7:03:a7:44: c1:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:ED:DA:95:AD:1F:F2:4C:B9:58:A8:8A:12:48:21:35:5C:AC:BF:FE X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/D-3ala0f8ky5WKiKEkghNVysv_4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.147.170.0/24 103.148.141.0/24 103.149.85.0/24 103.152.175.0/24 130.49.5.0/24 130.49.14.0/24 130.49.17.0/24 130.49.22.0/24 130.49.24.0/24 130.49.31.0-130.49.32.255 130.49.39.0/24 130.49.42.0/24 130.49.47.0/24 130.49.51.0/24 130.49.55.0/24 130.49.60.0/24 130.49.62.0/24 130.49.68.0/24 130.49.70.0/24 130.49.81.0/24 130.49.84.0/24 130.49.89.0/24 130.49.92.0/24 130.49.96.0/24 130.49.101.0/24 130.49.104.0/24 130.49.110.0/23 130.49.122.0/24 130.49.125.0/24 138.249.28.0/24 138.249.52.0/24 138.249.54.0/24 138.249.58.0/23 155.212.34.0/24 155.212.44.0/24 155.212.46.0/24 155.212.53.0/24 155.212.55.0/24 155.212.60.0/24 155.212.63.0/24 155.212.67.0/24 155.212.74.0/23 155.212.81.0-155.212.82.255 155.212.89.0/24 155.212.92.0/24 155.212.96.0/24 155.212.101.0/24 155.212.104.0/24 155.212.115.0/24 155.212.117.0/24 155.212.122.0/24 155.212.126.0/24 170.168.207.0/24 170.168.212.0/24 170.168.223.0/24 170.168.228.0/24 170.168.238.0/24 170.168.248.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:23:6e:66:c0:7c:54:8e:3d:c5:9a:b7:a2:a9:e6:13:77:28: 8b:60:11:9a:47:71:43:9a:06:12:4e:b2:d0:7d:36:3d:87:7b: 40:56:f0:64:d5:23:1b:66:3a:2b:cc:ec:8f:5b:54:62:47:bd: 76:b5:ea:60:8a:14:c9:24:08:ab:1e:ce:99:1e:4c:89:5b:55: aa:0a:28:e3:86:76:86:cf:45:c3:6d:86:de:42:79:1c:9d:25: 37:eb:c2:4c:62:c1:81:e6:65:de:e1:04:c4:b5:9b:cd:08:e1: 2a:97:ce:ca:21:17:06:7c:c0:96:e2:95:f4:92:82:09:a2:6c: 67:6f:28:07:cf:0b:d5:d5:3a:30:30:33:20:e8:f1:29:74:52: 8e:d3:00:c7:88:20:f0:bb:e6:5e:ce:28:36:d2:d0:ef:ea:52: 54:39:1f:1f:4c:21:54:3e:6b:d3:0a:76:74:01:bc:3b:b3:67: ff:37:9d:96:3a:49:9c:f1:6b:51:b3:44:5c:6e:46:11:a0:44: a2:92:eb:74:9b:74:d5:fc:db:0e:01:3f:2f:c6:19:62:b2:26: c1:21:68:5f:2c:38:7c:cc:bd:48:ef:47:e6:c2:22:2a:aa:93: 4a:75:30:f3:49:3f:31:5b:b0:cf:9f:22:1e:6d:0f:ac:95:36: 7c:98:4a:16 -----BEGIN CERTIFICATE----- MIIGbTCCBVWgAwIBAgISAZrwJQck4lsdiqjCk7PUlsIqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjUxMjA1MjAxMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmVkZGE5NWFkMWZmMjRjYjk1OGE4OGExMjQ4MjEzNTVjYWNiZmZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RmS3SiWnVxcpAKBiCV5+jAK0Xv8 K4ftRlwEcHZsp9Crlp6SIXMHrwgsNUzt74+FyCdBr4fljkM4ifMeJ2NQlT9UYtMF PMvp3Y47kymebOAWY2Kd34Tednei8cY+M5oVQ5pTjWSrFVh2383BA0Ebyv1WyPnt eK5VwszDIQWdGhSoOgbFtrNx//ty6wnXOR2e/nezrr2yBrr6gGLYxKQe27YbBib3 3dsNjKk2PylUAq/K/d4mx30Cm1EXvpA0TymW47rRReaua4f1Jo6aTJJDILBIjCEp 8o2dd9BKMMPOfWU4liHtMqzg867myQSCVursbSrPgq4wl/BnCPcDp0TBnQIDAQAB o4IDeTCCA3UwHQYDVR0OBBYEFA/t2pWtH/JMuVioihJIITVcrL/+MB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEvRC0zYWxhMGY4a3k1V0tpS0VrZ2hOVnlzdl80LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIB bAMEAGeTqgMEAGeUjQMEAGeVVQMEAGeYrwMEAIIxBQMEAIIxDgMEAIIxEQMEAIIx FgMEAIIxGDAMAwQAgjEfAwQAgjEgAwQAgjEnAwQAgjEqAwQAgjEvAwQAgjEzAwQA gjE3AwQAgjE8AwQAgjE+AwQAgjFEAwQAgjFGAwQAgjFRAwQAgjFUAwQAgjFZAwQA gjFcAwQAgjFgAwQAgjFlAwQAgjFoAwQBgjFuAwQAgjF6AwQAgjF9AwQAivkcAwQA ivk0AwQAivk2AwQBivk6AwQAm9QiAwQAm9QsAwQAm9QuAwQAm9Q1AwQAm9Q3AwQA m9Q8AwQAm9Q/AwQAm9RDAwQBm9RKMAwDBACb1FEDBACb1FIDBACb1FkDBACb1FwD BACb1GADBACb1GUDBACb1GgDBACb1HMDBACb1HUDBACb1HoDBACb1H4DBACqqM8D BACqqNQDBACqqN8DBACqqOQDBACqqO4DBACqqPgwDQYJKoZIhvcNAQELBQADggEB AF0jbmbAfFSOPcWat6Kp5hN3KItgEZpHcUOaBhJOstB9Nj2He0BW8GTVIxtmOivM 7I9bVGJHvXa16mCKFMkkCKsezpkeTIlbVaoKKOOGdobPRcNtht5CeRydJTfrwkxi wYHmZd7hBMS1m80I4SqXzsohFwZ8wJbilfSSggmibGdvKAfPC9XVOjAwMyDo8Sl0 Uo7TAMeIIPC75l7OKDbS0O/qUlQ5Hx9MIVQ+a9MKdnQBvDuzZ/83nZY6SZzxa1Gz RFxuRhGgRKKS63SbdNX82w4BPy/GGWKyJsEhaF8sOHzMvUjvR+bCIiqqk0p1MPNJ PzFbsM+fIh5tD6yVNnyYShY= -----END CERTIFICATE-----Generated at Sat Dec 6 08:04:44 2025 by rpki-client