This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/J0uGoTg-gCKwY5RxQHxf3fyB3TY.roa File: J0uGoTg-gCKwY5RxQHxf3fyB3TY.roa (raw, json) Hash identifier: tTVhaQ23ePTEs3FPFgqFbfcnYsiqRilgwGj2xCueTaw= Subject key identifier: 27:4B:86:A1:38:3E:80:22:B0:63:94:71:40:7C:5F:DD:FC:81:DD:36 Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a Certificate serial: 019AB5B259738E990D1B2BF1DB379DE4D26E Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/J0uGoTg-gCKwY5RxQHxf3fyB3TY.roa Signing time: Mon 24 Nov 2025 11:49:15 +0000 ROA not before: Mon 24 Nov 2025 11:49:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 2914 IP address blocks: 148.253.239.0/24 maxlen: 24 148.253.240.0/24 maxlen: 24 148.253.242.0/24 maxlen: 24 148.253.243.0/24 maxlen: 24 148.253.249.0/24 maxlen: 24 148.253.250.0/24 maxlen: 24 151.249.90.0/24 maxlen: 24 151.249.91.0/24 maxlen: 24 163.171.90.0/24 maxlen: 24 163.171.91.0/24 maxlen: 24 163.171.246.0/24 maxlen: 24 163.171.247.0/24 maxlen: 24 163.171.251.0/24 maxlen: 24 163.171.253.0/24 maxlen: 24 163.171.254.0/24 maxlen: 24 185.27.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b5:b2:59:73:8e:99:0d:1b:2b:f1:db:37:9d:e4:d2:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a Validity Not Before: Nov 24 11:49:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=274b86a1383e8022b0639471407c5fddfc81dd36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:0c:5c:ad:74:6c:04:1d:fe:dd:82:c8:ac:23: a5:bc:81:e4:90:32:3b:1b:a3:76:b5:23:c2:2e:1d: 34:e2:5a:5d:ca:38:77:94:9c:59:da:6d:ed:2c:f9: 57:31:a6:ed:34:b6:cc:34:05:39:bc:28:ab:ea:ca: bc:3c:af:12:36:3c:19:0a:33:7c:3a:91:f1:b3:d3: 34:1c:3f:8f:3f:50:7b:26:8e:f4:64:e4:29:bc:98: 82:bf:c4:18:10:2c:d4:19:f9:44:76:34:90:c6:28: f8:a4:d1:0a:63:93:69:bf:45:0f:8a:ec:79:bc:12: 9a:b2:30:d0:7b:1e:17:3b:c7:d4:7f:18:dc:2f:43: 8e:c5:e1:9a:12:19:d5:06:b5:c2:38:20:2f:fa:e8: 44:59:07:be:22:21:a4:85:3b:be:8e:07:e6:93:7e: 62:c8:e2:ec:eb:20:d5:da:9a:11:72:18:6b:80:44: c2:c5:cd:16:41:65:b4:5d:a0:1d:61:97:34:62:b5: f2:ff:89:01:25:3c:0d:8d:4d:57:ac:4a:18:e9:db: 7f:63:80:e0:cb:bc:47:e0:83:ad:91:b9:e4:f1:9a: 53:eb:aa:aa:50:0d:08:b0:8c:7b:18:a0:2b:53:0e: 1b:8e:38:85:c7:c4:24:7c:76:c3:65:d7:3b:19:98: 4c:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:4B:86:A1:38:3E:80:22:B0:63:94:71:40:7C:5F:DD:FC:81:DD:36 X509v3 Authority Key Identifier: keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/J0uGoTg-gCKwY5RxQHxf3fyB3TY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 148.253.239.0-148.253.240.255 148.253.242.0/23 148.253.249.0-148.253.250.255 151.249.90.0/23 163.171.90.0/23 163.171.246.0/23 163.171.251.0/24 163.171.253.0-163.171.254.255 185.27.228.0/24 Signature Algorithm: sha256WithRSAEncryption b4:fe:fc:31:c7:a7:61:f7:da:86:2a:71:37:f7:12:0d:af:4a: 65:af:3c:51:46:27:f2:13:09:8c:d7:73:2a:ee:8b:db:63:d6: 3c:1d:a9:92:05:7d:80:de:a0:5f:0b:6f:97:74:4c:74:d9:69: bb:46:9c:e6:6a:c0:98:a0:fa:c4:c2:14:8e:71:90:84:21:27: ab:d2:30:b9:da:98:08:57:0e:9e:85:81:71:2f:b9:4e:f5:dc: 6a:e3:25:6a:2f:9d:07:5b:cc:3e:85:fb:c9:d0:7b:8c:89:40: dc:93:76:a2:8e:91:08:3e:f5:39:37:4c:60:f6:c5:db:74:89: 63:71:8f:76:c4:3c:de:16:ba:b0:d5:cc:4b:1f:26:ee:a7:05: 88:4c:3b:3a:e4:05:be:3b:8c:2e:ef:2c:cb:92:5d:14:78:42: 3d:98:50:36:b9:92:7a:15:3b:f7:59:62:4a:03:11:57:3d:e3: aa:96:08:3c:d8:71:d0:d4:4d:b6:53:1a:f7:61:9e:e0:0a:f0: da:5b:c7:08:60:48:a7:78:0d:e3:c8:3b:60:2a:ca:82:30:a1: 83:ad:49:cb:2a:f3:b2:51:f2:a9:48:4e:8e:2b:e7:41:c0:f8: 2c:f7:a5:2b:1f:ef:af:90:6a:d2:75:74:da:06:82:e6:33:bf: 7e:fd:3b:35 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZq1sllzjpkNGyvx2zed5NJuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5 ZDcwNmEwHhcNMjUxMTI0MTE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNzRiODZhMTM4M2U4MDIyYjA2Mzk0NzE0MDdjNWZkZGZjODFkZDM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAxcrXRsBB3+3YLIrCOlvIHkkDI7 G6N2tSPCLh004lpdyjh3lJxZ2m3tLPlXMabtNLbMNAU5vCir6sq8PK8SNjwZCjN8 OpHxs9M0HD+PP1B7Jo70ZOQpvJiCv8QYECzUGflEdjSQxij4pNEKY5Npv0UPiux5 vBKasjDQex4XO8fUfxjcL0OOxeGaEhnVBrXCOCAv+uhEWQe+IiGkhTu+jgfmk35i yOLs6yDV2poRchhrgETCxc0WQWW0XaAdYZc0YrXy/4kBJTwNjU1XrEoY6dt/Y4Dg y7xH4IOtkbnk8ZpT66qqUA0IsIx7GKArUw4bjjiFx8QkfHbDZdc7GZhMPwIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFCdLhqE4PoAisGOUcUB8X938gd02MB8GA1UdIwQY MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt YjVkODg4YWRmZDM3LzEvSjB1R29UZy1nQ0t3WTVSeFFIeGYzZnlCM1RZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3 LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOMAwDBACU/e8D BACU/fADBAGU/fIwDAMEAJT9+QMEAJT9+gMEAZf5WgMEAaOrWgMEAaOr9gMEAKOr +zAMAwQAo6v9AwQAo6v+AwQAuRvkMA0GCSqGSIb3DQEBCwUAA4IBAQC0/vwxx6dh 99qGKnE39xINr0plrzxRRifyEwmM13Mq7ovbY9Y8HamSBX2A3qBfC2+XdEx02Wm7 RpzmasCYoPrEwhSOcZCEISer0jC52pgIVw6ehYFxL7lO9dxq4yVqL50HW8w+hfvJ 0HuMiUDck3aijpEIPvU5N0xg9sXbdIljcY92xDzeFrqw1cxLHybupwWITDs65AW+ O4wu7yzLkl0UeEI9mFA2uZJ6FTv3WWJKAxFXPeOqlgg82HHQ1E22Uxr3YZ7gCvDa W8cIYEineA3jyDtgKsqCMKGDrUnLKvOyUfKpSE6OK+dBwPgs96UrH++vkGrSdXTa BoLmM79+/Ts1 -----END CERTIFICATE-----Generated at Sat Dec 6 16:36:09 2025 by rpki-client