This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/vsChqdV9QNAz7EayVZoIHMnjpWg.roa File: vsChqdV9QNAz7EayVZoIHMnjpWg.roa (raw, json) Hash identifier: r1XMRe1nj9DOTDD7unw3r1JUhLy1Jx4/fx70JvzsGIk= Subject key identifier: BE:C0:A1:A9:D5:7D:40:D0:33:EC:46:B2:55:9A:08:1C:C9:E3:A5:68 Certificate issuer: /CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc Certificate serial: 019ADF9F92D1EAC8EF9C7B241321EB0A48FB Authority key identifier: A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/vsChqdV9QNAz7EayVZoIHMnjpWg.roa Signing time: Tue 02 Dec 2025 15:12:48 +0000 ROA not before: Tue 02 Dec 2025 15:12:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 15751 IP address blocks: 109.125.0.0/18 maxlen: 18 185.51.72.0/23 maxlen: 23 212.129.64.0/24 maxlen: 24 212.129.66.0/23 maxlen: 23 212.129.68.0/22 maxlen: 22 212.129.72.0/21 maxlen: 21 212.129.80.0/20 maxlen: 20 2a01:b340::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.mft rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:df:9f:92:d1:ea:c8:ef:9c:7b:24:13:21:eb:0a:48:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc Validity Not Before: Dec 2 15:12:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=bec0a1a9d57d40d033ec46b2559a081cc9e3a568 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:ad:34:a2:ef:3f:5d:30:0f:46:dd:88:bb:6e: fe:bf:4e:50:6f:da:0e:27:0b:35:9c:3f:a9:05:c0: d8:26:02:27:55:51:2b:54:4f:c9:b3:f0:23:8e:a6: d7:ea:d1:41:21:38:2f:34:2c:d7:c2:a1:ed:03:69: ab:f6:d3:74:86:3c:c7:2a:56:b8:74:59:1f:eb:be: 5c:00:52:d6:3a:05:14:25:2c:c3:40:92:f0:37:a0: f3:55:81:8b:73:0c:b9:11:a0:5a:ce:c2:a5:d9:07: cd:53:64:ac:ee:22:3b:4e:ef:bb:3c:04:0d:6e:e3: 75:dd:43:e8:2a:a3:8c:52:4d:0d:49:d2:aa:62:3e: 0c:b2:87:4f:b4:3d:46:85:81:e1:06:ed:a9:33:ce: 16:69:d6:0c:10:e8:a2:0e:63:0f:50:f0:d1:b2:5b: b8:a7:ea:7f:30:b2:36:dc:51:c2:88:9e:92:73:87: 52:ec:02:27:18:76:ef:52:72:35:ec:7d:e5:e4:36: 7f:5b:e8:f0:2a:0b:59:3b:48:32:a7:06:c5:70:b8: 30:08:30:d8:4d:d5:4b:b6:11:8d:f0:89:a3:ee:54: f0:53:3d:69:dd:6e:31:9c:00:a3:31:b1:a1:70:f8: 45:9f:b7:a5:41:c5:94:84:31:a7:ab:d5:fb:f2:23: 1b:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:C0:A1:A9:D5:7D:40:D0:33:EC:46:B2:55:9A:08:1C:C9:E3:A5:68 X509v3 Authority Key Identifier: keyid:A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/vsChqdV9QNAz7EayVZoIHMnjpWg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.125.0.0/18 185.51.72.0/23 212.129.64.0/24 212.129.66.0-212.129.95.255 IPv6: 2a01:b340::/29 Signature Algorithm: sha256WithRSAEncryption 33:e7:72:f0:8a:66:aa:4c:1a:c9:13:c8:52:ab:73:d5:94:79: d8:61:1c:e7:8b:c1:c1:79:23:53:0c:e9:8b:94:65:a1:e3:54: 52:de:cf:b6:51:e9:85:59:5e:d2:f5:ff:ae:60:b7:ce:bb:83: 46:c4:72:d8:51:16:70:5f:f8:8b:d0:73:57:0d:5f:df:11:ae: 40:dd:ea:f5:49:25:28:9f:ab:89:90:57:f0:67:9d:97:d2:79: 37:15:4f:db:04:12:f8:28:eb:7d:b9:53:bd:04:16:56:e9:0d: 7d:b9:d0:ad:53:54:be:b3:ea:31:94:61:07:d8:48:20:65:e7: bb:b9:ba:8a:20:63:fe:ef:1e:69:b2:20:24:ff:6f:23:13:b1: 92:b3:6b:ae:49:fc:87:cc:7e:d3:02:29:c8:24:db:4d:34:46: 23:e1:16:ff:dc:b0:b3:58:9b:10:f7:e9:5f:b5:7a:8f:1c:8f: fe:db:e7:28:70:41:a7:cb:08:73:43:02:82:76:8a:90:51:45: 32:07:0a:05:94:42:05:dc:77:eb:19:7d:1b:be:3e:e5:be:d6: 07:a7:dd:64:e5:81:fb:21:52:ea:bc:6c:ca:71:73:02:97:dd: 08:6e:2c:94:ec:c1:70:c7:93:59:c2:f0:09:ff:13:6d:5b:a4: 83:ff:8d:c4 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZrfn5LR6sjvnHskEyHrCkj7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyZWQwYmE4YjQ2ZWYyNTFlNWEwNThhNjRhMjFiMzA3ZDM2 NTBkZGMwHhcNMjUxMjAyMTUxMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZWMwYTFhOWQ1N2Q0MGQwMzNlYzQ2YjI1NTlhMDgxY2M5ZTNhNTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq00ou8/XTAPRt2Iu27+v05Qb9oO Jws1nD+pBcDYJgInVVErVE/Js/AjjqbX6tFBITgvNCzXwqHtA2mr9tN0hjzHKla4 dFkf675cAFLWOgUUJSzDQJLwN6DzVYGLcwy5EaBazsKl2QfNU2Ss7iI7Tu+7PAQN buN13UPoKqOMUk0NSdKqYj4MsodPtD1GhYHhBu2pM84WadYMEOiiDmMPUPDRslu4 p+p/MLI23FHCiJ6Sc4dS7AInGHbvUnI17H3l5DZ/W+jwKgtZO0gypwbFcLgwCDDY TdVLthGN8Imj7lTwUz1p3W4xnACjMbGhcPhFn7elQcWUhDGnq9X78iMbywIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFL7AoanVfUDQM+xGslWaCBzJ46VoMB8GA1UdIwQY MBaAFKLtC6i0bvJR5aBYpkohswfTZQ3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2Ut NzkxYzVhODUzOTBkLzEvdnNDaHFkVjlRTkF6N0VheVZab0lITW5qcFdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2UtNzkxYzVhODUzOTBk LzEvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGbX0AAwQB uTNIAwQA1IFAMAwDBAHUgUIDBAXUgUAwDQQCAAIwBwMFAyoBs0AwDQYJKoZIhvcN AQELBQADggEBADPncvCKZqpMGskTyFKrc9WUedhhHOeLwcF5I1MM6YuUZaHjVFLe z7ZR6YVZXtL1/65gt867g0bEcthRFnBf+IvQc1cNX98RrkDd6vVJJSifq4mQV/Bn nZfSeTcVT9sEEvgo6325U70EFlbpDX250K1TVL6z6jGUYQfYSCBl57u5uoogY/7v HmmyICT/byMTsZKza65J/IfMftMCKcgk2000RiPhFv/csLNYmxD36V+1eo8cj/7b 5yhwQafLCHNDAoJ2ipBRRTIHCgWUQgXcd+sZfRu+PuW+1gen3WTlgfshUuq8bMpx cwKX3QhuLJTswXDHk1nC8An/E21bpIP/jcQ= -----END CERTIFICATE-----Generated at Sat Dec 6 12:03:07 2025 by rpki-client