This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vnXKzTCy54bpJ2o3AWncB_odNvc.roa File: vnXKzTCy54bpJ2o3AWncB_odNvc.roa (raw, json) Hash identifier: n3Sqd1p6YWAZMFIb4XlVozscxKS5gLkkTQsXyVLY48M= Subject key identifier: BE:75:CA:CD:30:B2:E7:86:E9:27:6A:37:01:69:DC:07:FA:1D:36:F7 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019AAA9E0B10634F3A6A36A66773EE32319F Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vnXKzTCy54bpJ2o3AWncB_odNvc.roa Signing time: Sat 22 Nov 2025 08:11:15 +0000 ROA not before: Sat 22 Nov 2025 08:11:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 209155 IP address blocks: 158.173.161.0/24 maxlen: 24 203.188.166.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:aa:9e:0b:10:63:4f:3a:6a:36:a6:67:73:ee:32:31:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Nov 22 08:11:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=be75cacd30b2e786e9276a370169dc07fa1d36f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:42:aa:e7:fc:24:e4:e7:eb:bd:9a:ce:c5:d9: 8b:4d:90:12:b6:16:0c:e2:8d:c1:a4:68:39:ab:98: a2:07:98:93:17:87:66:c9:00:1a:80:dd:e5:a8:8e: 40:a1:57:b1:13:95:07:99:81:d3:6e:e6:53:36:41: 0c:62:a5:27:89:e5:b9:a0:66:d0:29:93:68:c8:f4: 3d:8f:39:f8:80:06:0c:cf:ed:54:9e:af:37:3d:f9: f8:ae:c5:ba:63:4d:23:b6:d0:6f:47:03:61:ff:61: 11:bc:65:3a:bb:30:77:0e:b9:3d:df:bb:7f:5b:9a: 61:d2:a8:37:de:be:4e:bf:a9:cf:63:0b:83:70:4d: 47:63:89:b5:3c:d2:5f:44:30:e9:ef:64:7c:90:1c: 1b:fa:53:00:d6:42:2a:b4:9e:f5:d8:70:68:42:1f: 4b:8d:68:e9:e1:0c:06:c3:dd:46:22:8a:e6:6f:c9: 3f:b5:f0:ad:77:98:88:7c:84:1d:4a:e6:e9:26:ae: 53:21:a4:10:57:59:d3:25:b5:ec:31:ce:b8:bb:c4: c2:00:1d:ec:c3:b1:90:4b:b4:70:1c:a2:09:1a:a0: 0c:2c:24:e9:2e:7d:01:4e:e1:4f:46:04:b4:07:b6: 97:59:f5:02:28:e0:9c:63:d7:7f:05:f3:f8:dc:c2: 28:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:75:CA:CD:30:B2:E7:86:E9:27:6A:37:01:69:DC:07:FA:1D:36:F7 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vnXKzTCy54bpJ2o3AWncB_odNvc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.161.0/24 203.188.166.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:d8:8b:48:fd:01:d1:f3:33:5c:15:08:e2:70:0a:6f:ee:79: b0:e7:10:c8:fe:c4:39:6d:ae:bc:eb:a2:60:79:4d:4d:94:42: ab:f8:d8:eb:e5:e5:2f:30:65:93:bc:a6:58:02:99:63:79:4c: f8:1a:0d:67:61:de:c2:6d:b8:92:3d:3f:ce:2b:f5:89:6b:97: 35:dd:a2:13:80:84:f3:02:96:a1:6f:00:36:dc:9d:34:e1:4f: 48:57:fd:91:11:cc:05:b7:2e:94:13:1b:ca:fc:9c:83:55:bc: f2:d6:7a:cf:19:03:27:a8:4e:16:4f:9a:98:a9:07:82:dd:f6: 69:1c:10:d6:9f:a0:9e:da:59:6c:30:91:1e:cd:05:ea:5b:b2: c2:6e:c3:4b:d6:d8:89:07:87:3f:87:7f:07:42:dd:ed:e5:65: e5:07:ed:6d:36:6f:7a:14:05:8f:d1:33:b9:b0:e5:7c:77:57: 4c:48:bf:1a:c4:dd:ae:22:a0:b0:f7:77:b1:3b:e2:0d:65:28: 7a:2c:2b:11:a0:30:8c:ee:0b:9c:59:97:92:5c:10:10:6f:11: 58:d9:e6:bd:67:2d:37:d3:10:18:ac:2a:2e:20:da:7d:a5:c0: 6f:cb:db:3e:dd:48:43:3b:06:bc:9a:b0:83:ba:cd:eb:3b:2a: ef:94:f4:92 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZqqngsQY086ajamZ3PuMjGfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjUxMTIyMDgxMTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZTc1Y2FjZDMwYjJlNzg2ZTkyNzZhMzcwMTY5ZGMwN2ZhMWQzNmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkKq5/wk5OfrvZrOxdmLTZASthYM 4o3BpGg5q5iiB5iTF4dmyQAagN3lqI5AoVexE5UHmYHTbuZTNkEMYqUnieW5oGbQ KZNoyPQ9jzn4gAYMz+1Unq83Pfn4rsW6Y00jttBvRwNh/2ERvGU6uzB3Drk937t/ W5ph0qg33r5Ov6nPYwuDcE1HY4m1PNJfRDDp72R8kBwb+lMA1kIqtJ712HBoQh9L jWjp4QwGw91GIormb8k/tfCtd5iIfIQdSubpJq5TIaQQV1nTJbXsMc64u8TCAB3s w7GQS7RwHKIJGqAMLCTpLn0BTuFPRgS0B7aXWfUCKOCcY9d/BfP43MIoWwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFL51ys0wsueG6SdqNwFp3Af6HTb3MB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvdm5YS3pUQ3k1NGJwSjJvM0FXbmNCX29kTnZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnq2hAwQA y7ymMA0GCSqGSIb3DQEBCwUAA4IBAQBf2ItI/QHR8zNcFQjicApv7nmw5xDI/sQ5 ba6866JgeU1NlEKr+Njr5eUvMGWTvKZYApljeUz4Gg1nYd7CbbiSPT/OK/WJa5c1 3aITgITzApahbwA23J004U9IV/2REcwFty6UExvK/JyDVbzy1nrPGQMnqE4WT5qY qQeC3fZpHBDWn6Ce2llsMJEezQXqW7LCbsNL1tiJB4c/h38HQt3t5WXlB+1tNm96 FAWP0TO5sOV8d1dMSL8axN2uIqCw93exO+INZSh6LCsRoDCM7gucWZeSXBAQbxFY 2ea9Zy030xAYrCouINp9pcBvy9s+3UhDOwa8mrCDus3rOyrvlPSS -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:42 2025 by rpki-client