This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-SQ-i3th7pSlL_7eZgGAe09Sh-g.roa File: 1-SQ-i3th7pSlL_7eZgGAe09Sh-g.roa (raw, json) Hash identifier: lT84DAAvcKgYrvPwTqUfjpDRY454z8ruW2/dywbgIYo= Subject key identifier: F9:24:3E:8B:7B:61:EE:94:A5:2F:FE:DE:66:01:80:7B:4F:52:87:E8 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B1159BA48B2DAA7ABA2015AD09D7FB358 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-SQ-i3th7pSlL_7eZgGAe09Sh-g.roa Signing time: Fri 12 Dec 2025 06:57:31 +0000 ROA not before: Fri 12 Dec 2025 06:57:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 25198 IP address blocks: 151.240.152.0/24 maxlen: 24 151.240.226.0/24 maxlen: 24 151.242.128.0/24 maxlen: 24 151.243.223.0/24 maxlen: 24 151.247.145.0/24 maxlen: 24 151.247.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 19:20:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:59:ba:48:b2:da:a7:ab:a2:01:5a:d0:9d:7f:b3:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Dec 12 06:57:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f9243e8b7b61ee94a52ffede6601807b4f5287e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:72:5e:ef:fc:5b:71:07:74:c3:23:2b:4d:6e: 42:b0:dd:c9:04:0c:58:91:1e:b6:9e:d8:f5:4d:ef: 2b:02:ba:32:24:b2:d6:86:51:96:c8:18:a5:82:ca: 70:53:da:76:3f:e5:02:d8:9f:0f:2b:53:5c:58:cd: bc:39:9e:94:26:b4:73:1a:78:aa:f2:c8:70:c5:8e: 7d:78:22:4e:98:73:7f:89:61:e6:ca:2c:a8:3e:26: c9:f1:9b:15:7c:e3:c5:99:46:5c:d6:75:77:55:ac: 22:b5:ce:58:30:d9:d3:ec:1f:68:69:8c:f2:49:81: 83:b8:ef:50:8a:c1:f6:fb:ea:69:ed:fc:18:b8:3b: 06:e3:a3:b1:13:4d:8d:6e:74:a3:e2:4f:7b:c9:59: e8:5c:ee:d3:ec:32:8a:7c:00:d4:33:c5:ed:56:ae: 54:4a:b5:6e:e6:f2:21:66:df:a4:c0:f4:ec:9d:bd: 20:8e:9d:d3:ac:cd:39:99:51:85:69:7e:72:41:cd: d4:a5:2a:52:b9:af:92:01:4f:93:f4:d0:54:22:d7: 4a:b3:b2:47:57:cc:d3:8e:9b:0d:f2:9f:60:24:b4: 6e:66:32:e3:28:d4:b2:f7:e1:28:3d:94:3e:66:af: 06:96:3a:15:2a:f5:0f:b4:af:c2:74:98:77:15:e9: 35:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:24:3E:8B:7B:61:EE:94:A5:2F:FE:DE:66:01:80:7B:4F:52:87:E8 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-SQ-i3th7pSlL_7eZgGAe09Sh-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.240.152.0/24 151.240.226.0/24 151.242.128.0/24 151.243.223.0/24 151.247.145.0/24 151.247.238.0/24 Signature Algorithm: sha256WithRSAEncryption 53:b0:e7:da:70:ec:c6:d0:af:c3:cd:fd:41:3f:52:89:49:ab: 55:0a:ff:51:de:a2:0d:8b:93:6f:7d:da:17:c7:2c:3d:38:c8: 9f:20:e7:3a:62:83:e0:c3:08:8a:0b:36:40:24:af:c3:df:2a: 4c:72:14:e1:9a:a0:4a:e3:cd:84:00:0f:f3:48:c6:1e:e1:80: 9d:01:24:45:ba:4b:aa:f6:33:6e:ea:45:64:00:05:f0:2c:38: e4:e7:41:ce:84:0f:e8:f8:1e:e8:f2:4c:5c:a0:22:b2:7a:66: 32:c5:26:de:1f:4d:6d:f5:35:87:11:91:59:5b:58:77:ef:54: 51:6b:f0:bd:82:08:58:07:68:bf:97:6e:44:e1:18:6d:0e:dc: 81:d4:27:35:50:3f:ee:df:92:61:be:8d:86:94:41:a7:e0:7d: ad:21:fe:d5:bf:d9:c7:39:13:71:a4:77:48:9f:94:f8:b2:59: 88:b9:d3:a6:38:7a:44:c6:1c:44:4f:03:0f:3f:22:54:57:ec: 41:2d:c5:62:a4:55:45:d2:db:8e:ab:77:3d:11:4d:98:c4:e1: cb:b2:f8:8a:a6:2c:93:f8:1d:73:de:92:63:22:8d:4c:bf:5e: 5c:ab:d1:68:dd:35:bb:b0:5e:1b:f9:c9:39:a2:1a:6a:4a:7e: 48:b9:32:5d -----BEGIN CERTIFICATE----- MIIFHDCCBASgAwIBAgISAZsRWbpIstqnq6IBWtCdf7NYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMjEyMDY1NzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTI0M2U4YjdiNjFlZTk0YTUyZmZlZGU2NjAxODA3YjRmNTI4N2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XJe7/xbcQd0wyMrTW5CsN3JBAxY kR62ntj1Te8rAroyJLLWhlGWyBilgspwU9p2P+UC2J8PK1NcWM28OZ6UJrRzGniq 8shwxY59eCJOmHN/iWHmyiyoPibJ8ZsVfOPFmUZc1nV3Vawitc5YMNnT7B9oaYzy SYGDuO9QisH2++pp7fwYuDsG46OxE02NbnSj4k97yVnoXO7T7DKKfADUM8XtVq5U SrVu5vIhZt+kwPTsnb0gjp3TrM05mVGFaX5yQc3UpSpSua+SAU+T9NBUItdKs7JH V8zTjpsN8p9gJLRuZjLjKNSy9+EoPZQ+Zq8GljoVKvUPtK/CdJh3Fek1vwIDAQAB o4ICKDCCAiQwHQYDVR0OBBYEFPkkPot7Ye6UpS/+3mYBgHtPUofoMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvMS1TUS1pM3RoN3BTbExfN2VaZ0dBZTA5U2gtZy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1 Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAJfwmAME AJfw4gMEAJfygAMEAJfz3wMEAJf3kQMEAJf37jANBgkqhkiG9w0BAQsFAAOCAQEA U7Dn2nDsxtCvw839QT9SiUmrVQr/Ud6iDYuTb33aF8csPTjInyDnOmKD4MMIigs2 QCSvw98qTHIU4ZqgSuPNhAAP80jGHuGAnQEkRbpLqvYzbupFZAAF8Cw45OdBzoQP 6Pge6PJMXKAisnpmMsUm3h9NbfU1hxGRWVtYd+9UUWvwvYIIWAdov5duROEYbQ7c gdQnNVA/7t+SYb6NhpRBp+B9rSH+1b/ZxzkTcaR3SJ+U+LJZiLnTpjh6RMYcRE8D Dz8iVFfsQS3FYqRVRdLbjqt3PRFNmMThy7L4iqYsk/gdc96SYyKNTL9eXKvRaN01 u7BeG/nJOaIaakp+SLkyXQ== -----END CERTIFICATE-----Generated at Wed Dec 17 01:13:52 2025 by rpki-client