This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/251684-ea53-42ff-86d4-459e34e6ff20/1/hYmSi25XUGnjWR73oqXMhHs3evw.roa File: hYmSi25XUGnjWR73oqXMhHs3evw.roa (raw, json) Hash identifier: E/NTf9mHDmz6rv/YaAtOrx9G+CXju60gRbX5A1kuIbI= Subject key identifier: 85:89:92:8B:6E:57:50:69:E3:59:1E:F7:A2:A5:CC:84:7B:37:7A:FC Certificate issuer: /CN=6ccb3f8421848f113951e9070b3f763959331399 Certificate serial: 019B11B62ACA870DD55EE534B9574E7CFC9F Authority key identifier: 6C:CB:3F:84:21:84:8F:11:39:51:E9:07:0B:3F:76:39:59:33:13:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMs_hCGEjxE5UekHCz92OVkzE5k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/251684-ea53-42ff-86d4-459e34e6ff20/1/hYmSi25XUGnjWR73oqXMhHs3evw.roa Signing time: Fri 12 Dec 2025 08:38:29 +0000 ROA not before: Fri 12 Dec 2025 08:38:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 203846 IP address blocks: 31.24.80.0/24 maxlen: 24 2a11:5cc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/251684-ea53-42ff-86d4-459e34e6ff20/1/bMs_hCGEjxE5UekHCz92OVkzE5k.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/251684-ea53-42ff-86d4-459e34e6ff20/1/bMs_hCGEjxE5UekHCz92OVkzE5k.mft rsync://rpki.ripe.net/repository/DEFAULT/bMs_hCGEjxE5UekHCz92OVkzE5k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:b6:2a:ca:87:0d:d5:5e:e5:34:b9:57:4e:7c:fc:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ccb3f8421848f113951e9070b3f763959331399 Validity Not Before: Dec 12 08:38:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=8589928b6e575069e3591ef7a2a5cc847b377afc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:df:c8:4f:3b:a0:f3:4e:8b:aa:12:e4:23:e6: d8:d2:76:cc:d8:19:ac:cc:4f:87:bd:9d:e4:4a:ee: 2e:5d:a5:34:0a:e1:d2:70:ef:7b:17:2d:20:0a:56: 0c:ac:00:17:aa:7c:fc:49:71:4e:3a:2f:5f:1b:19: f3:80:a9:a8:89:08:18:6d:77:ad:bd:0a:cf:52:ad: 62:d5:6f:f5:90:f9:79:f5:d4:80:4f:76:ee:e8:c4: 5c:1c:3f:78:2a:76:fa:27:21:5f:b8:b6:12:64:bb: 2a:d9:fd:83:7b:89:a5:ff:fa:b9:6a:7b:f0:0d:26: 33:74:aa:59:6e:5c:13:20:f0:e9:0c:92:b4:33:eb: 99:2e:11:4f:56:ab:0d:c8:30:4f:aa:79:3e:d9:35: d6:9a:49:81:21:a7:37:7d:61:e8:56:07:b2:8f:54: 1c:d6:67:8b:f3:49:74:57:56:f6:21:4a:8e:c1:21: 7e:b5:23:91:f8:32:46:6d:fb:0a:79:c4:57:d1:94: 41:99:7a:14:de:d4:63:c9:5a:11:e2:da:92:58:dd: 8b:14:7b:29:56:00:3f:0a:54:c2:07:44:e8:55:de: 0b:4c:75:75:e9:e7:7f:c2:e0:35:b9:3b:11:8a:75: 1d:b7:1c:53:9c:6c:d3:25:12:8c:3d:e1:37:6f:b0: d3:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:89:92:8B:6E:57:50:69:E3:59:1E:F7:A2:A5:CC:84:7B:37:7A:FC X509v3 Authority Key Identifier: keyid:6C:CB:3F:84:21:84:8F:11:39:51:E9:07:0B:3F:76:39:59:33:13:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMs_hCGEjxE5UekHCz92OVkzE5k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/251684-ea53-42ff-86d4-459e34e6ff20/1/hYmSi25XUGnjWR73oqXMhHs3evw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/251684-ea53-42ff-86d4-459e34e6ff20/1/bMs_hCGEjxE5UekHCz92OVkzE5k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.24.80.0/24 IPv6: 2a11:5cc0::/29 Signature Algorithm: sha256WithRSAEncryption 42:18:b3:b2:2b:f8:17:76:02:a0:e1:fa:f9:11:35:3f:23:89: 2a:dc:ba:e8:cd:6a:9c:41:ef:62:38:f2:11:0a:a8:7d:7f:42: 76:6f:43:cb:11:29:1f:7a:21:74:62:fc:3c:08:56:aa:5e:7f: c2:e6:ec:09:73:1d:cf:71:04:10:42:41:2b:81:0e:2b:f0:d5: bf:25:52:62:42:15:b6:2f:1d:cf:21:05:cd:71:0d:ae:57:92: ff:aa:fe:98:01:fb:2f:84:dd:2f:73:77:d5:02:c8:05:c5:7d: 80:a5:9f:24:8c:0b:ca:30:46:27:22:26:08:40:01:a5:b3:c1: a4:29:0f:a4:06:00:5e:b8:e7:d9:3e:1c:47:20:bc:06:91:cf: 6c:42:6e:e0:46:73:b7:44:05:56:1f:71:88:e6:67:ec:d3:58: 93:c7:7f:8c:37:7a:f6:6b:e5:2f:e8:84:a5:9f:e3:5e:39:5a: 13:79:fc:cf:26:63:00:d0:2f:dd:ed:c8:09:91:95:4c:d4:71: 50:cd:19:09:bb:14:41:8b:f5:20:36:5f:50:d5:e4:3e:bd:1b: b9:4f:40:98:67:77:9a:dc:00:ef:2b:b2:c4:e3:4f:97:69:05: e8:3b:bf:4b:f9:d0:f9:34:08:30:52:64:a2:78:0e:7b:db:d9: cc:d3:eb:6b -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZsRtirKhw3VXuU0uVdOfPyfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjY2IzZjg0MjE4NDhmMTEzOTUxZTkwNzBiM2Y3NjM5NTkz MzEzOTkwHhcNMjUxMjEyMDgzODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NTg5OTI4YjZlNTc1MDY5ZTM1OTFlZjdhMmE1Y2M4NDdiMzc3YWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd/ITzug806LqhLkI+bY0nbM2Bms zE+HvZ3kSu4uXaU0CuHScO97Fy0gClYMrAAXqnz8SXFOOi9fGxnzgKmoiQgYbXet vQrPUq1i1W/1kPl59dSAT3bu6MRcHD94Knb6JyFfuLYSZLsq2f2De4ml//q5anvw DSYzdKpZblwTIPDpDJK0M+uZLhFPVqsNyDBPqnk+2TXWmkmBIac3fWHoVgeyj1Qc 1meL80l0V1b2IUqOwSF+tSOR+DJGbfsKecRX0ZRBmXoU3tRjyVoR4tqSWN2LFHsp VgA/ClTCB0ToVd4LTHV16ed/wuA1uTsRinUdtxxTnGzTJRKMPeE3b7DTPwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIWJkotuV1Bp41ke96KlzIR7N3r8MB8GA1UdIwQY MBaAFGzLP4QhhI8ROVHpBws/djlZMxOZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYk1zX2hDR0VqeEU1VWVrSEN6OTJPVmt6RTVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yNTE2ODQtZWE1My00MmZmLTg2ZDQt NDU5ZTM0ZTZmZjIwLzEvaFltU2kyNVhVR25qV1I3M29xWE1oSHMzZXZ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC8yNTE2ODQtZWE1My00MmZmLTg2ZDQtNDU5ZTM0ZTZmZjIw LzEvYk1zX2hDR0VqeEU1VWVrSEN6OTJPVmt6RTVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHxhQMA0E AgACMAcDBQMqEVzAMA0GCSqGSIb3DQEBCwUAA4IBAQBCGLOyK/gXdgKg4fr5ETU/ I4kq3LrozWqcQe9iOPIRCqh9f0J2b0PLESkfeiF0Yvw8CFaqXn/C5uwJcx3PcQQQ QkErgQ4r8NW/JVJiQhW2Lx3PIQXNcQ2uV5L/qv6YAfsvhN0vc3fVAsgFxX2ApZ8k jAvKMEYnIiYIQAGls8GkKQ+kBgBeuOfZPhxHILwGkc9sQm7gRnO3RAVWH3GI5mfs 01iTx3+MN3r2a+Uv6ISln+NeOVoTefzPJmMA0C/d7cgJkZVM1HFQzRkJuxRBi/Ug Nl9Q1eQ+vRu5T0CYZ3ea3ADvK7LE40+XaQXoO79L+dD5NAgwUmSieA5729nM0+tr -----END CERTIFICATE-----Generated at Tue Dec 16 04:32:47 2025 by rpki-client