This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3e2zvPNoRq0BhTXXr6DOQbl8-JU.roa File: 3e2zvPNoRq0BhTXXr6DOQbl8-JU.roa (raw, json) Hash identifier: dAuSrRl6L9hp5vd6SeYgLEbO8QGdb7po8gbgX0+gEOA= Subject key identifier: DD:ED:B3:BC:F3:68:46:AD:01:85:35:D7:AF:A0:CE:41:B9:7C:F8:95 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B2083901334D65682CFF7924A867996BD Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3e2zvPNoRq0BhTXXr6DOQbl8-JU.roa Signing time: Mon 15 Dec 2025 05:37:31 +0000 ROA not before: Mon 15 Dec 2025 05:37:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 64267 IP address blocks: 151.240.2.0/24 maxlen: 24 151.241.33.0/24 maxlen: 24 151.241.43.0/24 maxlen: 24 151.241.48.0/24 maxlen: 24 151.241.164.0/24 maxlen: 24 151.242.26.0/24 maxlen: 24 151.243.26.0/24 maxlen: 24 151.244.42.0/24 maxlen: 24 151.244.69.0/24 maxlen: 24 151.245.69.0/24 maxlen: 24 151.245.162.0/24 maxlen: 24 151.245.166.0/24 maxlen: 24 151.245.177.0/24 maxlen: 24 151.247.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:83:90:13:34:d6:56:82:cf:f7:92:4a:86:79:96:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Dec 15 05:37:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ddedb3bcf36846ad018535d7afa0ce41b97cf895 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:d1:20:01:38:6a:67:2f:07:94:37:74:f1:ed: 74:ca:65:94:bc:f3:5d:4e:47:cb:1a:a9:12:57:8e: b4:c8:c3:44:5d:69:06:32:33:84:28:aa:3b:67:4c: ce:d5:de:38:30:d8:2a:ab:74:07:ac:6d:60:25:b2: b2:94:29:ba:91:4d:8b:a3:7c:5c:41:9c:90:21:39: 5a:ea:5e:7f:05:03:fd:bf:df:c0:1d:db:13:ca:fc: 74:3f:ce:57:75:cd:38:8c:f7:41:57:55:6a:3d:7d: fe:3e:37:c4:75:e8:0c:f8:92:96:55:7b:cb:38:0f: 53:25:44:31:25:a5:bf:14:df:b7:91:01:10:e1:ec: 44:0e:36:45:f3:d2:e4:3f:29:e2:7d:67:99:3e:6f: 35:3f:74:7e:8c:be:f9:be:db:ab:5c:c3:a2:54:db: 15:60:00:47:02:f5:50:7c:9e:d8:d0:0d:88:b1:1f: 01:41:a3:11:79:11:1e:db:b8:a9:3a:0f:98:b2:24: 33:a8:f5:90:c5:46:ae:ac:95:c8:e5:02:25:51:11: e0:09:50:e6:7c:e3:92:59:82:da:8b:25:6f:7c:e3: 5e:3d:ea:07:bb:bf:76:d9:40:c7:97:a6:97:24:50: 76:bc:0f:cb:24:19:e1:66:ba:0d:ce:b4:47:5b:60: 13:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:ED:B3:BC:F3:68:46:AD:01:85:35:D7:AF:A0:CE:41:B9:7C:F8:95 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3e2zvPNoRq0BhTXXr6DOQbl8-JU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.240.2.0/24 151.241.33.0/24 151.241.43.0/24 151.241.48.0/24 151.241.164.0/24 151.242.26.0/24 151.243.26.0/24 151.244.42.0/24 151.244.69.0/24 151.245.69.0/24 151.245.162.0/24 151.245.166.0/24 151.245.177.0/24 151.247.246.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:13:ec:0a:4f:06:3d:29:a8:0a:47:fc:d5:d3:a3:36:f0:24: 4d:9c:2b:1f:46:39:fb:94:c1:43:25:c8:95:41:c1:61:16:48: 05:f1:66:9c:00:a2:bd:c6:7e:fd:13:cd:c7:2e:6e:e0:da:47: e5:16:10:8c:ed:9b:ce:2b:4b:20:d6:bb:cc:0e:65:11:a9:90: 40:35:a6:99:76:7b:93:dc:18:6d:69:91:bb:ab:6b:e5:ff:81: 6d:42:c5:c2:17:22:16:0f:d4:27:6b:5e:1c:98:66:f3:bd:13: 4e:ca:47:70:f5:5d:a7:7e:26:42:9f:ba:54:4e:a2:f6:40:17: 98:4a:93:80:89:3e:ee:b4:97:85:cb:4e:dd:9a:06:53:6b:2d: 93:70:84:08:04:9b:89:17:9a:c7:fb:a9:f7:a7:dd:aa:92:d0: b5:9a:04:76:e1:62:76:5c:1d:e0:87:1a:c2:08:a7:29:85:b0: cc:19:a4:e7:6a:86:07:84:17:25:9a:4b:75:a0:43:49:01:0c: a5:0c:3b:a6:83:14:53:58:d0:95:c0:0f:ff:02:94:c8:01:05: 6b:45:76:ae:5f:79:ed:67:23:71:b8:65:32:f9:28:d6:fe:3f: c6:00:f4:7b:2a:b0:70:f4:2e:0f:a8:63:dc:49:0c:c6:04:f3: f6:65:bb:85 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZsgg5ATNNZWgs/3kkqGeZa9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMjE1MDUzNzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGVkYjNiY2YzNjg0NmFkMDE4NTM1ZDdhZmEwY2U0MWI5N2NmODk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09EgAThqZy8HlDd08e10ymWUvPNd TkfLGqkSV460yMNEXWkGMjOEKKo7Z0zO1d44MNgqq3QHrG1gJbKylCm6kU2Lo3xc QZyQITla6l5/BQP9v9/AHdsTyvx0P85Xdc04jPdBV1VqPX3+PjfEdegM+JKWVXvL OA9TJUQxJaW/FN+3kQEQ4exEDjZF89LkPynifWeZPm81P3R+jL75vturXMOiVNsV YABHAvVQfJ7Y0A2IsR8BQaMReREe27ipOg+YsiQzqPWQxUaurJXI5QIlURHgCVDm fOOSWYLaiyVvfONePeoHu7922UDHl6aXJFB2vA/LJBnhZroNzrRHW2ATkwIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFN3ts7zzaEatAYU116+gzkG5fPiVMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvM2UyenZQTm9ScTBCaFRYWHI2RE9RYmw4LUpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAl/ACAwQA l/EhAwQAl/ErAwQAl/EwAwQAl/GkAwQAl/IaAwQAl/MaAwQAl/QqAwQAl/RFAwQA l/VFAwQAl/WiAwQAl/WmAwQAl/WxAwQAl/f2MA0GCSqGSIb3DQEBCwUAA4IBAQBe E+wKTwY9KagKR/zV06M28CRNnCsfRjn7lMFDJciVQcFhFkgF8WacAKK9xn79E83H Lm7g2kflFhCM7ZvOK0sg1rvMDmURqZBANaaZdnuT3BhtaZG7q2vl/4FtQsXCFyIW D9Qna14cmGbzvRNOykdw9V2nfiZCn7pUTqL2QBeYSpOAiT7utJeFy07dmgZTay2T cIQIBJuJF5rH+6n3p92qktC1mgR24WJ2XB3ghxrCCKcphbDMGaTnaoYHhBclmkt1 oENJAQylDDumgxRTWNCVwA//ApTIAQVrRXauX3ntZyNxuGUy+SjW/j/GAPR7KrBw 9C4PqGPcSQzGBPP2ZbuF -----END CERTIFICATE-----Generated at Wed Dec 17 18:14:22 2025 by rpki-client