This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/rXdrQXveU3qj0FGkRcK0QMl-LXw.roa File: rXdrQXveU3qj0FGkRcK0QMl-LXw.roa (raw, json) Hash identifier: MqIHKMdtZYEs0bc9AhyZZKGumnTYkeuiPOOBSx8nfws= Subject key identifier: AD:77:6B:41:7B:DE:53:7A:A3:D0:51:A4:45:C2:B4:40:C9:7E:2D:7C Certificate issuer: /CN=8ab5b9a9368797a86baebc81f623b3f4e786f51a Certificate serial: 019AB65723DB033E3E7D5CC4E8EDFD9D26AF Authority key identifier: 8A:B5:B9:A9:36:87:97:A8:6B:AE:BC:81:F6:23:B3:F4:E7:86:F5:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irW5qTaHl6hrrryB9iOz9OeG9Ro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/rXdrQXveU3qj0FGkRcK0QMl-LXw.roa Signing time: Mon 24 Nov 2025 14:49:15 +0000 ROA not before: Mon 24 Nov 2025 14:49:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 39686 IP address blocks: 185.65.124.0/23 maxlen: 24 185.65.125.0/24 maxlen: 24 2a04:f840::/32 maxlen: 40 2a04:f840::/40 maxlen: 40 2a04:f840:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/irW5qTaHl6hrrryB9iOz9OeG9Ro.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/irW5qTaHl6hrrryB9iOz9OeG9Ro.mft rsync://rpki.ripe.net/repository/DEFAULT/irW5qTaHl6hrrryB9iOz9OeG9Ro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:57:23:db:03:3e:3e:7d:5c:c4:e8:ed:fd:9d:26:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ab5b9a9368797a86baebc81f623b3f4e786f51a Validity Not Before: Nov 24 14:49:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ad776b417bde537aa3d051a445c2b440c97e2d7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:62:b2:3d:11:c5:bc:f0:dd:db:a4:6c:7c:3a: a8:1b:bd:2c:eb:63:8d:ab:bf:0f:1b:cb:31:a9:e0: f6:79:88:fb:9b:b1:1b:cb:06:a9:43:0d:20:19:68: ef:a4:23:8a:a5:32:2c:37:c8:c9:00:78:d9:43:31: 68:4d:61:d3:bf:0b:2b:fa:25:81:ca:38:1e:14:5a: ff:ad:01:a2:09:60:64:2a:60:a8:53:e1:38:b1:82: f8:7b:9e:e4:f5:77:ce:7a:b6:5b:d4:97:54:e0:d3: 8b:7f:15:ba:22:89:db:ae:49:90:a7:4b:28:89:1c: b6:1d:93:38:d6:86:aa:89:27:1e:47:05:bf:dd:66: 34:f8:3f:4e:41:8d:bb:1d:75:c4:04:56:3e:18:0b: eb:f0:bf:5d:c0:7c:41:c4:f9:15:78:ae:d8:a9:04: 6c:2b:29:da:11:62:f8:96:3d:16:68:54:3a:a6:2a: 74:33:37:8e:46:36:7c:b4:c8:d3:a1:7f:40:e7:d1: 3c:c1:d5:36:e6:64:f7:f4:3f:b3:73:5c:ca:48:dd: 60:cd:b3:77:ca:ae:89:e7:6a:1e:f5:1c:de:c8:64: 51:14:d9:40:c1:7d:38:de:d8:3f:29:06:98:29:22: 40:b9:37:13:cc:c2:0f:47:71:ce:64:9d:89:af:2c: 23:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:77:6B:41:7B:DE:53:7A:A3:D0:51:A4:45:C2:B4:40:C9:7E:2D:7C X509v3 Authority Key Identifier: keyid:8A:B5:B9:A9:36:87:97:A8:6B:AE:BC:81:F6:23:B3:F4:E7:86:F5:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irW5qTaHl6hrrryB9iOz9OeG9Ro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/rXdrQXveU3qj0FGkRcK0QMl-LXw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/64c431-5330-437b-b207-28fecc63398c/1/irW5qTaHl6hrrryB9iOz9OeG9Ro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.65.124.0/23 IPv6: 2a04:f840::/32 Signature Algorithm: sha256WithRSAEncryption ab:27:3d:1d:18:c1:b2:5c:bd:91:23:74:28:b5:e8:05:68:ed: 21:dc:fd:50:79:09:5c:ad:57:37:da:aa:11:cf:a9:db:38:63: 43:22:47:06:7a:ef:2a:f5:1c:42:ee:d2:c4:ad:8b:7e:b5:8e: 86:e3:2c:7d:bc:82:16:db:40:fe:45:2c:4d:96:76:cc:6c:62: 4d:26:3b:1c:fb:e1:66:ae:7c:35:16:16:07:05:5d:12:6b:f6: 9f:e5:ca:3c:82:f5:50:3b:bc:2d:a0:7c:28:e2:7c:b3:15:98: bd:e8:d5:02:83:d0:81:93:70:59:81:08:ce:68:92:b9:d2:f1: 61:c7:0a:72:9a:d3:66:be:b9:b3:fc:d7:31:18:cb:e9:86:dc: 8a:71:a1:94:11:28:dd:33:9e:69:54:91:1f:ed:d9:b0:5a:ee: d7:7d:7b:1f:1c:04:a1:d7:8d:0e:2e:ff:6a:50:55:ec:62:9d: 78:93:be:72:5d:8d:0b:b0:33:e1:62:3e:c4:3d:3b:8b:1b:74: 14:b9:02:3a:6b:fe:56:19:9c:c2:2c:19:25:25:9e:e6:f6:11: 39:95:3d:d0:5a:f9:5b:57:62:36:8f:8f:b0:1f:3d:da:52:c1: 42:7f:d3:1e:23:28:e1:35:bc:af:d7:2f:00:87:cb:e1:14:61: 62:16:e3:18 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZq2VyPbAz4+fVzE6O39nSavMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYjViOWE5MzY4Nzk3YTg2YmFlYmM4MWY2MjNiM2Y0ZTc4 NmY1MWEwHhcNMjUxMTI0MTQ0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDc3NmI0MTdiZGU1MzdhYTNkMDUxYTQ0NWMyYjQ0MGM5N2UyZDdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2KyPRHFvPDd26RsfDqoG70s62ON q78PG8sxqeD2eYj7m7EbywapQw0gGWjvpCOKpTIsN8jJAHjZQzFoTWHTvwsr+iWB yjgeFFr/rQGiCWBkKmCoU+E4sYL4e57k9XfOerZb1JdU4NOLfxW6IonbrkmQp0so iRy2HZM41oaqiSceRwW/3WY0+D9OQY27HXXEBFY+GAvr8L9dwHxBxPkVeK7YqQRs KynaEWL4lj0WaFQ6pip0MzeORjZ8tMjToX9A59E8wdU25mT39D+zc1zKSN1gzbN3 yq6J52oe9RzeyGRRFNlAwX043tg/KQaYKSJAuTcTzMIPR3HOZJ2JrywjnwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFK13a0F73lN6o9BRpEXCtEDJfi18MB8GA1UdIwQY MBaAFIq1uak2h5eoa668gfYjs/TnhvUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXJXNXFUYUhsNmhycnJ5QjlpT3o5T2VHOVJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NGM0MzEtNTMzMC00MzdiLWIyMDct MjhmZWNjNjMzOThjLzEvclhkclFYdmVVM3FqMEZHa1JjSzBRTWwtTFh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy82NGM0MzEtNTMzMC00MzdiLWIyMDctMjhmZWNjNjMzOThj LzEvaXJXNXFUYUhsNmhycnJ5QjlpT3o5T2VHOVJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuUF8MA0E AgACMAcDBQAqBPhAMA0GCSqGSIb3DQEBCwUAA4IBAQCrJz0dGMGyXL2RI3QotegF aO0h3P1QeQlcrVc32qoRz6nbOGNDIkcGeu8q9RxC7tLErYt+tY6G4yx9vIIW20D+ RSxNlnbMbGJNJjsc++Fmrnw1FhYHBV0Sa/af5co8gvVQO7wtoHwo4nyzFZi96NUC g9CBk3BZgQjOaJK50vFhxwpymtNmvrmz/NcxGMvphtyKcaGUESjdM55pVJEf7dmw Wu7XfXsfHASh140OLv9qUFXsYp14k75yXY0LsDPhYj7EPTuLG3QUuQI6a/5WGZzC LBklJZ7m9hE5lT3QWvlbV2I2j4+wHz3aUsFCf9MeIyjhNbyv1y8Ah8vhFGFiFuMY -----END CERTIFICATE-----Generated at Sat Dec 6 09:08:59 2025 by rpki-client