This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/BPZ2qcdBwq1ifadr_23iF3mzz1k.roa File: BPZ2qcdBwq1ifadr_23iF3mzz1k.roa (raw, json) Hash identifier: 6UZHdooiF3NxSIc3QmEszblyyVTbPVJQnAaDZWup/GA= Subject key identifier: 04:F6:76:A9:C7:41:C2:AD:62:7D:A7:6B:FF:6D:E2:17:79:B3:CF:59 Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b Certificate serial: 019AAFBD12E2A5AA791D2A3625EAA471A613 Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/BPZ2qcdBwq1ifadr_23iF3mzz1k.roa Signing time: Sun 23 Nov 2025 08:03:15 +0000 ROA not before: Sun 23 Nov 2025 08:03:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 59588 IP address blocks: 5.252.132.0/22 maxlen: 24 45.153.116.0/23 maxlen: 23 45.153.116.0/24 maxlen: 24 45.153.117.0/24 maxlen: 24 45.153.118.0/23 maxlen: 23 45.153.118.0/24 maxlen: 24 45.153.119.0/24 maxlen: 24 151.236.160.0/23 maxlen: 23 151.236.160.0/24 maxlen: 24 151.236.161.0/24 maxlen: 24 151.236.162.0/23 maxlen: 23 151.236.162.0/24 maxlen: 24 151.236.163.0/24 maxlen: 24 151.236.164.0/23 maxlen: 23 151.236.164.0/24 maxlen: 24 151.236.165.0/24 maxlen: 24 151.236.166.0/23 maxlen: 23 151.236.166.0/24 maxlen: 24 151.236.167.0/24 maxlen: 24 151.236.168.0/23 maxlen: 23 151.236.168.0/24 maxlen: 24 151.236.169.0/24 maxlen: 24 151.236.170.0/23 maxlen: 23 151.236.170.0/24 maxlen: 24 151.236.171.0/24 maxlen: 24 151.236.172.0/23 maxlen: 23 151.236.172.0/24 maxlen: 24 151.236.173.0/24 maxlen: 24 151.236.174.0/23 maxlen: 23 151.236.174.0/24 maxlen: 24 151.236.175.0/24 maxlen: 24 151.236.176.0/23 maxlen: 23 151.236.176.0/24 maxlen: 24 151.236.177.0/24 maxlen: 24 151.236.178.0/23 maxlen: 23 151.236.178.0/24 maxlen: 24 151.236.179.0/24 maxlen: 24 151.236.180.0/23 maxlen: 23 151.236.180.0/24 maxlen: 24 151.236.181.0/24 maxlen: 24 151.236.182.0/23 maxlen: 24 151.236.182.0/24 maxlen: 24 151.236.183.0/24 maxlen: 24 151.236.186.0/24 maxlen: 24 151.236.188.0/23 maxlen: 23 151.236.188.0/24 maxlen: 24 151.236.189.0/24 maxlen: 24 151.236.190.0/23 maxlen: 23 151.236.190.0/24 maxlen: 24 151.236.191.0/24 maxlen: 24 194.59.28.0/23 maxlen: 24 198.160.165.0/24 maxlen: 24 198.160.166.0/24 maxlen: 24 198.160.167.0/24 maxlen: 24 198.160.168.0/23 maxlen: 23 198.160.168.0/24 maxlen: 24 198.160.169.0/24 maxlen: 24 198.176.116.0/23 maxlen: 23 198.176.116.0/24 maxlen: 24 198.176.117.0/24 maxlen: 24 2a10:2200:1::/48 maxlen: 48 2a10:2200:2::/48 maxlen: 48 2a10:2200:3::/48 maxlen: 48 2a10:2200:4::/48 maxlen: 48 2a10:2200:b::/48 maxlen: 48 2a10:2200:c::/48 maxlen: 48 2a10:2200:d::/48 maxlen: 48 2a10:2200:f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.mft rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:af:bd:12:e2:a5:aa:79:1d:2a:36:25:ea:a4:71:a6:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b Validity Not Before: Nov 23 08:03:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=04f676a9c741c2ad627da76bff6de21779b3cf59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:54:c9:5c:b4:58:24:6d:70:86:bc:09:00:c9: fe:07:9d:13:88:f0:a9:2b:07:b2:98:c6:40:e9:3c: 78:13:fb:8e:dd:21:df:65:93:37:3f:a7:d5:a4:1c: 15:8b:30:c1:4a:5e:39:2f:af:68:ff:69:81:60:df: c0:5b:a4:e7:8e:63:d5:e6:87:94:21:3d:28:25:a7: d1:ec:29:d0:0e:2f:1c:92:f6:88:20:0f:af:f5:d0: f1:f0:61:8b:f9:d0:d7:40:9d:52:02:08:37:f1:ef: bd:83:d0:5f:65:e1:f3:51:8c:ae:e8:41:58:2e:84: 7f:04:f6:73:d6:93:98:7f:c5:e0:74:5d:c2:3a:2b: e1:f5:8e:17:08:47:80:b2:f4:9d:d7:4f:4d:46:e7: 35:42:08:94:9e:7d:fc:a4:03:e6:bf:0d:06:c9:f5: e8:56:90:8c:b8:14:ff:39:33:c7:33:e0:6b:db:6f: ef:7a:95:64:ba:78:ab:2f:cf:4f:fc:c0:63:f9:7f: 6f:07:4b:a1:e5:8a:e0:8c:7e:2b:69:3f:27:da:b2: 5a:62:d9:fb:ca:af:d8:ea:ea:90:58:94:8a:0c:ed: 74:7d:54:54:06:ec:cf:c4:81:03:e5:51:25:38:3b: 34:41:1d:df:82:b8:88:d4:ec:db:d4:56:4c:ce:f0: 0f:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:F6:76:A9:C7:41:C2:AD:62:7D:A7:6B:FF:6D:E2:17:79:B3:CF:59 X509v3 Authority Key Identifier: keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/BPZ2qcdBwq1ifadr_23iF3mzz1k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.252.132.0/22 45.153.116.0/22 151.236.160.0-151.236.183.255 151.236.186.0/24 151.236.188.0/22 194.59.28.0/23 198.160.165.0-198.160.169.255 198.176.116.0/23 IPv6: 2a10:2200:1::-2a10:2200:4:ffff:ffff:ffff:ffff:ffff 2a10:2200:b::-2a10:2200:d:ffff:ffff:ffff:ffff:ffff 2a10:2200:f::/48 Signature Algorithm: sha256WithRSAEncryption 2e:01:cf:7b:4e:23:ea:cf:54:dd:13:38:00:70:4c:80:1e:3e: 2f:a6:d8:6d:27:d1:5d:1f:c0:31:e9:e2:a0:86:3e:3b:30:7f: 33:49:9d:bd:b1:43:77:1d:a0:2b:a3:cf:10:e3:0d:2c:f6:be: 13:ff:72:d1:09:46:15:99:50:b9:1e:a5:76:be:ab:92:eb:06: f6:f8:54:b8:3b:44:56:d6:57:e1:93:e6:13:7c:85:d4:eb:fe: 63:6b:07:b1:3e:67:57:bd:f6:cb:d3:c7:3e:8f:1c:9a:2f:c5: c9:02:da:59:6b:d5:6c:81:d3:30:23:8e:5a:a0:2c:55:cf:a7: cc:53:d9:2c:cf:ca:21:24:a2:ba:19:25:07:f1:73:66:ce:8e: a1:6c:11:e6:50:92:53:8d:6e:dd:44:6a:ef:9f:5e:42:fc:56: ae:9e:9d:2a:c0:8b:05:57:c7:18:c6:c8:c7:5c:d5:6d:89:bc: af:dd:b8:b7:cc:e9:ec:3e:84:45:81:1d:13:06:aa:cb:9a:05: f4:34:ed:67:d2:07:38:e3:d6:42:5a:34:79:13:d8:d6:58:71: 90:df:a1:d9:17:2e:ba:35:84:80:f1:70:8b:d7:33:7f:3d:98: c7:9d:f4:63:17:ac:69:8a:19:69:b0:6a:88:34:2c:83:fb:69: 8e:63:2c:86 -----BEGIN CERTIFICATE----- MIIFczCCBFugAwIBAgISAZqvvRLipap5HSo2JeqkcaYTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh MmQxMWIwHhcNMjUxMTIzMDgwMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNGY2NzZhOWM3NDFjMmFkNjI3ZGE3NmJmZjZkZTIxNzc5YjNjZjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFTJXLRYJG1whrwJAMn+B50TiPCp KweymMZA6Tx4E/uO3SHfZZM3P6fVpBwVizDBSl45L69o/2mBYN/AW6TnjmPV5oeU IT0oJafR7CnQDi8ckvaIIA+v9dDx8GGL+dDXQJ1SAgg38e+9g9BfZeHzUYyu6EFY LoR/BPZz1pOYf8XgdF3COivh9Y4XCEeAsvSd109NRuc1QgiUnn38pAPmvw0GyfXo VpCMuBT/OTPHM+Br22/vepVkunirL89P/MBj+X9vB0uh5YrgjH4raT8n2rJaYtn7 yq/Y6uqQWJSKDO10fVRUBuzPxIED5VElODs0QR3fgriI1Ozb1FZMzvAPtwIDAQAB o4ICfzCCAnswHQYDVR0OBBYEFAT2dqnHQcKtYn2na/9t4hd5s89ZMB8GA1UdIwQY MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct MDA4NWEzNjVhMjVmLzEvQlBaMnFjZEJ3cTFpZmFkcl8yM2lGM216ejFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBGBAIAATBAAwQCBfyE AwQCLZl0MAwDBAWX7KADBAOX7LADBACX7LoDBAKX7LwDBAHCOxwwDAMEAMagpQME AcagqAMEAcawdDA3BAIAAjAxMBIDBwAqECIAAAEDBwAqECIAAAQwEgMHACoQIgAA CwMHASoQIgAADAMHACoQIgAADzANBgkqhkiG9w0BAQsFAAOCAQEALgHPe04j6s9U 3RM4AHBMgB4+L6bYbSfRXR/AMenioIY+OzB/M0mdvbFDdx2gK6PPEOMNLPa+E/9y 0QlGFZlQuR6ldr6rkusG9vhUuDtEVtZX4ZPmE3yF1Ov+Y2sHsT5nV732y9PHPo8c mi/FyQLaWWvVbIHTMCOOWqAsVc+nzFPZLM/KISSiuhklB/FzZs6OoWwR5lCSU41u 3URq759eQvxWrp6dKsCLBVfHGMbIx1zVbYm8r924t8zp7D6ERYEdEwaqy5oF9DTt Z9IHOOPWQlo0eRPY1lhxkN+h2RcuujWEgPFwi9czfz2Yx530YxesaYoZabBqiDQs g/tpjmMshg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:23:08 2025 by rpki-client