This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Bw2FujTWHMpYNTWhN02tbAlIgsw.roa File: Bw2FujTWHMpYNTWhN02tbAlIgsw.roa (raw, json) Hash identifier: xLrbRcYSVut1IaAOIBEYkh+llIkiJK/mUso2Hz1ldCA= Subject key identifier: 07:0D:85:BA:34:D6:1C:CA:58:35:35:A1:37:4D:AD:6C:09:48:82:CC Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654 Certificate serial: 019AEEB4125E375A6C64F398DAB5C53C851B Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Bw2FujTWHMpYNTWhN02tbAlIgsw.roa Signing time: Fri 05 Dec 2025 13:29:29 +0000 ROA not before: Fri 05 Dec 2025 13:29:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 8368 IP address blocks: 46.243.24.0/21 maxlen: 24 62.213.192.0/19 maxlen: 24 62.213.238.0/24 maxlen: 24 78.41.64.0/21 maxlen: 24 78.110.192.0/20 maxlen: 24 82.146.96.0/19 maxlen: 24 85.158.208.0/21 maxlen: 24 87.237.8.0/21 maxlen: 24 88.82.32.0/19 maxlen: 24 89.35.16.0/21 maxlen: 24 89.250.176.0/20 maxlen: 24 91.197.108.0/22 maxlen: 24 94.140.160.0/19 maxlen: 24 94.158.248.0/24 maxlen: 24 94.158.250.0/24 maxlen: 24 95.171.160.0/19 maxlen: 24 178.132.8.0/21 maxlen: 24 185.39.124.0/22 maxlen: 24 185.47.0.0/22 maxlen: 24 185.48.100.0/22 maxlen: 24 185.72.168.0/22 maxlen: 24 185.78.180.0/22 maxlen: 24 185.81.224.0/22 maxlen: 24 185.90.184.0/22 maxlen: 22 185.174.64.0/22 maxlen: 24 185.214.4.0/22 maxlen: 24 185.224.236.0/22 maxlen: 22 188.64.72.0/21 maxlen: 24 188.118.0.0/18 maxlen: 24 195.110.54.0/23 maxlen: 24 195.144.64.0/19 maxlen: 24 195.225.100.0/22 maxlen: 24 213.193.200.0/21 maxlen: 24 213.193.224.0/21 maxlen: 24 213.193.248.0/23 maxlen: 24 2001:4158::/29 maxlen: 48 2001:4c40::/32 maxlen: 48 2a00:1fb8::/32 maxlen: 48 2a01:8c20::/32 maxlen: 48 2a0b:8b00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ee:b4:12:5e:37:5a:6c:64:f3:98:da:b5:c5:3c:85:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654 Validity Not Before: Dec 5 13:29:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=070d85ba34d61cca583535a1374dad6c094882cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1e:50:f3:f0:10:72:d8:73:5d:43:21:22:0e: 21:14:1d:14:04:6e:67:e5:19:38:8b:47:fd:19:ac: ec:72:90:2e:2b:e5:4c:05:5c:b9:db:eb:bb:4d:6d: 86:9d:18:18:10:48:68:73:05:70:63:54:6c:47:24: af:dd:77:33:68:20:0b:b1:dc:45:5b:95:23:ab:92: 0b:d1:ab:7f:ba:14:56:05:e0:3d:56:ae:21:28:c9: 45:74:47:89:16:db:f8:7f:69:c2:97:fe:c6:ab:27: e6:a4:a6:0a:69:fc:3d:e3:d9:1e:71:dc:2e:4a:a0: 37:0f:0c:28:65:47:50:9c:87:6b:e1:f9:72:60:6f: 2f:40:4d:48:33:41:a5:56:d8:9b:78:5a:06:46:1e: 74:68:e3:d7:fb:0f:b7:69:6e:30:97:da:8a:c6:4e: 6a:ea:74:dc:55:f7:9d:81:74:eb:2c:2c:ac:00:22: 39:c4:2a:70:78:4d:64:05:13:a6:c0:56:51:c9:e5: 6d:8e:a5:33:80:97:d1:92:a9:c0:9f:ac:bd:11:bc: bb:d2:ee:1c:2e:cf:22:6c:6b:58:d4:93:64:3e:19: 7b:7f:52:1b:bc:d2:ea:ee:02:91:68:87:bb:7d:69: ee:f2:5f:b3:a6:dc:9d:7f:bf:01:13:51:90:f7:ad: 6f:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:0D:85:BA:34:D6:1C:CA:58:35:35:A1:37:4D:AD:6C:09:48:82:CC X509v3 Authority Key Identifier: keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/Bw2FujTWHMpYNTWhN02tbAlIgsw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.243.24.0/21 62.213.192.0/19 62.213.238.0/24 78.41.64.0/21 78.110.192.0/20 82.146.96.0/19 85.158.208.0/21 87.237.8.0/21 88.82.32.0/19 89.35.16.0/21 89.250.176.0/20 91.197.108.0/22 94.140.160.0/19 94.158.248.0/24 94.158.250.0/24 95.171.160.0/19 178.132.8.0/21 185.39.124.0/22 185.47.0.0/22 185.48.100.0/22 185.72.168.0/22 185.78.180.0/22 185.81.224.0/22 185.90.184.0/22 185.174.64.0/22 185.214.4.0/22 185.224.236.0/22 188.64.72.0/21 188.118.0.0/18 195.110.54.0/23 195.144.64.0/19 195.225.100.0/22 213.193.200.0/21 213.193.224.0/21 213.193.248.0/23 IPv6: 2001:4158::/29 2001:4c40::/32 2a00:1fb8::/32 2a01:8c20::/32 2a0b:8b00::/29 Signature Algorithm: sha256WithRSAEncryption 3a:e6:fd:b2:f5:44:9e:c4:e6:13:d4:2b:81:51:5e:ce:d9:8c: fc:54:9e:10:f9:d3:5f:ee:af:2e:1a:76:c2:64:68:c4:50:1f: fa:e0:3d:17:14:75:1e:a6:7b:52:c4:e1:d2:8b:ba:82:77:d4: e0:6a:e0:ba:d1:6d:8a:68:ae:24:e5:87:61:3d:d9:5b:26:50: f5:07:5b:f3:14:7b:8f:43:ea:ad:79:d5:b4:fd:eb:eb:e2:5c: 3f:bb:74:f8:74:f8:47:84:df:91:dc:2d:8e:8a:e9:4b:86:fc: 44:0f:b6:97:b0:98:fc:f5:05:46:7e:a5:d4:ec:a7:91:83:1e: 22:de:78:48:04:48:0a:74:ea:e2:9d:0b:f7:3c:2d:d0:2b:cb: 38:02:83:d0:fd:73:63:aa:99:44:50:71:00:c5:e2:94:45:27: 41:a6:1f:4e:3a:bf:e0:6a:e7:43:3e:ef:f4:8a:3e:fe:e5:a1: 57:4a:73:90:fc:ab:ea:87:bb:82:1d:7e:bf:57:6f:89:57:9d: ad:53:ee:6f:7c:75:fe:32:63:51:ea:2e:f7:d8:12:08:4c:91: 8d:d0:00:d8:a9:ed:0c:0a:4d:7e:d3:16:09:17:86:ee:0e:f3: d4:72:53:f5:f5:30:91:53:ad:4b:76:5e:76:9c:5f:44:0c:4c: ac:2e:81:6b -----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgISAZrutBJeN1psZPOY2rXFPIUbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz MDQ2NTQwHhcNMjUxMjA1MTMyOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNzBkODViYTM0ZDYxY2NhNTgzNTM1YTEzNzRkYWQ2YzA5NDg4MmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzh5Q8/AQcthzXUMhIg4hFB0UBG5n 5Rk4i0f9GazscpAuK+VMBVy52+u7TW2GnRgYEEhocwVwY1RsRySv3XczaCALsdxF W5Ujq5IL0at/uhRWBeA9Vq4hKMlFdEeJFtv4f2nCl/7GqyfmpKYKafw949kecdwu SqA3DwwoZUdQnIdr4flyYG8vQE1IM0GlVtibeFoGRh50aOPX+w+3aW4wl9qKxk5q 6nTcVfedgXTrLCysACI5xCpweE1kBROmwFZRyeVtjqUzgJfRkqnAn6y9Eby70u4c Ls8ibGtY1JNkPhl7f1IbvNLq7gKRaIe7fWnu8l+zptydf78BE1GQ961vowIDAQAB o4IDCDCCAwQwHQYDVR0OBBYEFAcNhbo01hzKWDU1oTdNrWwJSILMMB8GA1UdIwQY MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct MGZiNDgyM2Y1Yjg3LzEvQncyRnVqVFdITXBZTlRXaE4wMnRiQWxJZ3N3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3 LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBHAYIKwYBBQUHAQcBAf8EggELMIIBBzCB2QQCAAEwgdID BAMu8xgDBAU+1cADBAA+1e4DBANOKUADBARObsADBAVSkmADBANVntADBANX7QgD BAVYUiADBANZIxADBARZ+rADBAJbxWwDBAVejKADBABenvgDBABenvoDBAVfq6AD BAOyhAgDBAK5J3wDBAK5LwADBAK5MGQDBAK5SKgDBAK5TrQDBAK5UeADBAK5WrgD BAK5rkADBAK51gQDBAK54OwDBAO8QEgDBAa8dgADBAHDbjYDBAXDkEADBALD4WQD BAPVwcgDBAPVweADBAHVwfgwKQQCAAIwIwMFAyABQVgDBQAgAUxAAwUAKgAfuAMF ACoBjCADBQMqC4sAMA0GCSqGSIb3DQEBCwUAA4IBAQA65v2y9USexOYT1CuBUV7O 2Yz8VJ4Q+dNf7q8uGnbCZGjEUB/64D0XFHUepntSxOHSi7qCd9TgauC60W2KaK4k 5YdhPdlbJlD1B1vzFHuPQ+qtedW0/evr4lw/u3T4dPhHhN+R3C2OiulLhvxED7aX sJj89QVGfqXU7KeRgx4i3nhIBEgKdOrinQv3PC3QK8s4AoPQ/XNjqplEUHEAxeKU RSdBph9OOr/gaudDPu/0ij7+5aFXSnOQ/Kvqh7uCHX6/V2+JV52tU+5vfHX+MmNR 6i732BIITJGN0ADYqe0MCk1+0xYJF4buDvPUclP19TCRU61Ldl52nF9EDEysLoFr -----END CERTIFICATE-----Generated at Sat Dec 6 12:44:41 2025 by rpki-client