This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/wSg_Q3AVzxpUBttCXjIJak9PtWQ.roa File: wSg_Q3AVzxpUBttCXjIJak9PtWQ.roa (raw, json) Hash identifier: 7ZIqq7EQX4+wc9KQfXKXDhB7f6xm/17Vj5EeRzzdxZU= Subject key identifier: C1:28:3F:43:70:15:CF:1A:54:06:DB:42:5E:32:09:6A:4F:4F:B5:64 Certificate issuer: /CN=8d58406ad38b155c198e385a9c2f621bce21f877 Certificate serial: 019A8299CD2C45D0C7C2EDFAA9D5B86948DA Authority key identifier: 8D:58:40:6A:D3:8B:15:5C:19:8E:38:5A:9C:2F:62:1B:CE:21:F8:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVhAatOLFVwZjjhanC9iG84h-Hc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/wSg_Q3AVzxpUBttCXjIJak9PtWQ.roa Signing time: Fri 14 Nov 2025 13:41:48 +0000 ROA not before: Fri 14 Nov 2025 13:41:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 209573 IP address blocks: 139.28.64.0/22 maxlen: 22 139.28.64.0/23 maxlen: 23 139.28.64.0/24 maxlen: 24 139.28.65.0/24 maxlen: 24 139.28.66.0/23 maxlen: 23 139.28.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/jVhAatOLFVwZjjhanC9iG84h-Hc.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/jVhAatOLFVwZjjhanC9iG84h-Hc.mft rsync://rpki.ripe.net/repository/DEFAULT/jVhAatOLFVwZjjhanC9iG84h-Hc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:82:99:cd:2c:45:d0:c7:c2:ed:fa:a9:d5:b8:69:48:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d58406ad38b155c198e385a9c2f621bce21f877 Validity Not Before: Nov 14 13:41:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c1283f437015cf1a5406db425e32096a4f4fb564 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c1:c4:d7:df:67:0e:e5:75:4c:74:2b:06:41: 81:0a:2c:81:19:e6:5b:e2:d3:1b:38:fc:fe:06:2b: 8f:73:eb:ae:ea:9a:98:69:e6:5c:b7:56:0b:f8:98: 3b:f3:03:57:47:94:5e:52:e0:85:b2:55:09:5e:79: 99:9a:d5:8e:04:90:8c:c3:34:62:40:3d:b0:00:f5: 09:34:4e:7f:92:c2:bf:8e:ce:9d:64:b3:61:d5:dc: 9f:0f:75:41:5f:c7:26:3d:7a:93:fe:3d:e9:60:49: 9f:f5:78:10:17:6a:ad:ae:94:97:d0:ad:ba:49:86: dd:de:b5:04:57:be:17:13:26:aa:b1:45:a0:95:d5: ae:4a:3b:64:47:49:d5:d1:33:de:a3:8d:22:4e:1f: 67:97:53:31:e5:89:78:2e:7d:e5:1b:9d:e6:88:c5: a6:b0:d0:33:57:14:da:2c:fb:fd:7a:fa:76:30:15: 0f:4b:d9:65:85:cb:2b:6a:fd:40:bd:59:88:8d:10: f9:96:54:66:03:79:67:ae:45:45:b1:8e:ed:6d:8e: a8:48:ac:47:c5:f6:3d:b1:15:50:ac:3e:53:68:43: 2e:28:df:81:71:a5:32:09:d5:03:1d:e9:97:7e:4d: 21:45:5e:34:98:73:68:7b:84:88:ce:8a:48:0f:46: d2:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:28:3F:43:70:15:CF:1A:54:06:DB:42:5E:32:09:6A:4F:4F:B5:64 X509v3 Authority Key Identifier: keyid:8D:58:40:6A:D3:8B:15:5C:19:8E:38:5A:9C:2F:62:1B:CE:21:F8:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVhAatOLFVwZjjhanC9iG84h-Hc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/wSg_Q3AVzxpUBttCXjIJak9PtWQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/jVhAatOLFVwZjjhanC9iG84h-Hc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.28.64.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:de:29:76:bf:cf:1b:5a:ca:52:eb:e2:14:92:1c:0c:4e:58: d0:8c:92:4e:fb:24:e8:bf:7a:58:bb:2f:ed:72:b8:1d:fe:16: 3d:f7:54:4b:e9:9b:ea:d0:38:ec:2f:13:62:af:40:05:19:93: 8e:27:81:6e:a0:7f:fd:7b:9b:1d:54:87:26:56:b7:77:19:c7: 23:4f:a0:3c:3d:2c:c9:7d:f3:ab:99:47:09:89:60:86:9f:7d: 8e:25:5b:21:75:31:5c:a3:de:1a:d4:1e:2b:1b:1b:74:04:50: aa:a9:e3:c9:38:5d:d5:43:e8:fe:4b:e3:f9:88:a3:fd:27:79: 4e:bd:bd:ce:68:36:96:d6:a1:ce:8c:3b:fd:3d:71:37:dd:03: c6:cf:c7:69:49:a6:3c:c0:28:c9:83:99:17:10:70:37:f1:f5: dd:68:2a:0a:ad:df:59:87:1e:b6:68:36:20:bf:94:47:1b:f6: ba:f8:ea:5c:82:14:12:a0:0f:6a:28:3f:e8:36:32:4b:93:8d: da:5f:4f:6f:a2:28:aa:5f:68:af:8b:2b:b4:54:15:9f:8c:12: 4b:7c:0a:a4:10:b2:06:be:30:b2:9e:ab:93:70:66:b9:24:68: 73:a1:5d:04:9c:67:62:2e:81:81:3c:c3:63:e2:08:07:6e:fc: 6b:49:14:7f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZqCmc0sRdDHwu36qdW4aUjaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkNTg0MDZhZDM4YjE1NWMxOThlMzg1YTljMmY2MjFiY2Uy MWY4NzcwHhcNMjUxMTE0MTM0MTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMTI4M2Y0MzcwMTVjZjFhNTQwNmRiNDI1ZTMyMDk2YTRmNGZiNTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMHE199nDuV1THQrBkGBCiyBGeZb 4tMbOPz+BiuPc+uu6pqYaeZct1YL+Jg78wNXR5ReUuCFslUJXnmZmtWOBJCMwzRi QD2wAPUJNE5/ksK/js6dZLNh1dyfD3VBX8cmPXqT/j3pYEmf9XgQF2qtrpSX0K26 SYbd3rUEV74XEyaqsUWgldWuSjtkR0nV0TPeo40iTh9nl1Mx5Yl4Ln3lG53miMWm sNAzVxTaLPv9evp2MBUPS9llhcsrav1AvVmIjRD5llRmA3lnrkVFsY7tbY6oSKxH xfY9sRVQrD5TaEMuKN+BcaUyCdUDHemXfk0hRV40mHNoe4SIzopID0bSeQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMEoP0NwFc8aVAbbQl4yCWpPT7VkMB8GA1UdIwQY MBaAFI1YQGrTixVcGY44WpwvYhvOIfh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalZoQWF0T0xGVndaampoYW5DOWlHODRoLUhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmE1MWMtMTc3MC00ZGZhLTgzNjct MjhmNjhhNGExNDNiLzEvd1NnX1EzQVZ6eHBVQnR0Q1hqSUphazlQdFdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8wYmE1MWMtMTc3MC00ZGZhLTgzNjctMjhmNjhhNGExNDNi LzEvalZoQWF0T0xGVndaampoYW5DOWlHODRoLUhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxAMA0G CSqGSIb3DQEBCwUAA4IBAQCL3il2v88bWspS6+IUkhwMTljQjJJO+yTov3pYuy/t crgd/hY991RL6Zvq0DjsLxNir0AFGZOOJ4FuoH/9e5sdVIcmVrd3GccjT6A8PSzJ ffOrmUcJiWCGn32OJVshdTFco94a1B4rGxt0BFCqqePJOF3VQ+j+S+P5iKP9J3lO vb3OaDaW1qHOjDv9PXE33QPGz8dpSaY8wCjJg5kXEHA38fXdaCoKrd9Zhx62aDYg v5RHG/a6+OpcghQSoA9qKD/oNjJLk43aX09voiiqX2iviyu0VBWfjBJLfAqkELIG vjCynquTcGa5JGhzoV0EnGdiLoGBPMNj4ggHbvxrSRR/ -----END CERTIFICATE-----Generated at Sun Dec 7 07:32:43 2025 by rpki-client