This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/PZ4f-DMKLrdus7ifGNkwQRZC4kM.roa File: PZ4f-DMKLrdus7ifGNkwQRZC4kM.roa (raw, json) Hash identifier: Frtdi2vXGM+9Wk9SACf8JGX2R9YvRbq5Bqkpr3xBZIY= Subject key identifier: 3D:9E:1F:F8:33:0A:2E:B7:6E:B3:B8:9F:18:D9:30:41:16:42:E2:43 Certificate issuer: /CN=aa5212958d8e1baa144a82a821f93a890dcba49a Certificate serial: 019A9BB7624ABAB3670A2C719B343B712A53 Authority key identifier: AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/PZ4f-DMKLrdus7ifGNkwQRZC4kM.roa Signing time: Wed 19 Nov 2025 10:44:38 +0000 ROA not before: Wed 19 Nov 2025 10:44:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 38547 IP address blocks: 43.226.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.mft rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:b7:62:4a:ba:b3:67:0a:2c:71:9b:34:3b:71:2a:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa5212958d8e1baa144a82a821f93a890dcba49a Validity Not Before: Nov 19 10:44:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3d9e1ff8330a2eb76eb3b89f18d930411642e243 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:9a:87:e6:47:39:cc:98:61:be:c8:fe:82:08: 0e:4e:79:c3:a7:eb:4e:d6:c9:41:db:65:63:59:6e: f0:1b:58:56:4f:e5:63:ff:9d:40:5e:ce:e7:6e:7c: 07:a9:ff:cc:c5:87:f8:d8:fd:e1:65:46:75:22:21: 9c:8b:7e:3c:37:6f:6e:55:c5:cf:45:a0:a8:c8:c5: 5b:fe:00:dc:40:e3:23:03:2d:b5:f1:d4:14:66:25: 29:97:4d:0f:2e:75:75:54:ac:a2:f5:f1:12:f7:21: a8:f6:c7:b8:85:ce:12:8a:61:3b:b9:62:af:33:b2: fd:5c:ce:cd:e7:70:f1:51:c2:4f:ff:51:97:d9:46: 37:d1:ce:b2:af:a6:c7:a6:f2:4f:b0:3d:28:04:ee: 7f:f4:b0:8e:eb:a9:39:ef:0c:b2:99:3e:e9:fd:67: 8d:02:95:13:7b:ce:15:25:38:fa:e6:bd:55:b6:82: 7e:a9:ee:aa:f4:68:da:84:e1:5b:a4:b0:ea:6d:ce: 4b:7b:30:d2:85:72:e5:0b:91:52:7e:31:64:53:af: a6:85:90:20:1d:b2:89:9d:35:62:6c:b8:80:1f:88: c2:ad:41:76:2d:ae:76:f7:41:48:e0:9d:0d:50:82: e9:fe:d6:9b:09:19:21:d2:f9:1f:18:6d:58:18:fe: 93:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:9E:1F:F8:33:0A:2E:B7:6E:B3:B8:9F:18:D9:30:41:16:42:E2:43 X509v3 Authority Key Identifier: keyid:AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/PZ4f-DMKLrdus7ifGNkwQRZC4kM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.226.224.0/24 Signature Algorithm: sha256WithRSAEncryption a6:6b:dc:24:fd:ad:b4:bf:64:b3:dc:9c:59:af:31:d3:ca:d6: 0a:a4:f1:96:fd:00:d5:19:d0:fc:d9:4d:c0:12:99:6f:99:ea: 1c:2d:8d:fe:2a:4e:8e:65:43:11:1a:aa:f4:a5:9f:d9:12:d4: 81:e3:2c:07:ea:30:ff:56:c2:4b:23:3c:26:e6:74:7a:31:a1: 03:84:b2:cc:05:6f:b9:f0:af:49:b1:ac:8f:9b:e3:c7:3a:f3: df:cb:12:5c:bd:bf:73:f4:55:cb:b6:96:cb:46:a6:a4:04:ef: b0:0b:80:d5:33:99:3a:08:e2:ea:ad:41:c4:59:be:cf:59:bd: 12:9c:09:56:93:ee:9d:e9:4e:64:b1:80:ae:63:4a:a8:0b:8d: f5:07:d4:1b:c4:b1:a2:5a:33:ed:6d:55:02:a2:26:4e:43:9b: 39:58:96:89:6a:c9:64:12:08:21:6d:1f:8e:60:06:94:d5:79: 2f:10:f3:ab:47:33:62:73:64:2e:b8:af:5e:01:1d:d5:92:20: d5:d3:63:70:b9:14:ec:82:05:b0:09:27:13:7b:b0:21:50:17: c4:c5:24:67:34:20:18:26:6d:6c:7d:6f:f2:2e:47:c9:22:5b: a0:f8:32:94:05:c3:19:be:5d:a3:fa:15:39:f6:40:cf:00:b8: a1:f1:6a:54 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZqbt2JKurNnCixxmzQ7cSpTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNTIxMjk1OGQ4ZTFiYWExNDRhODJhODIxZjkzYTg5MGRj YmE0OWEwHhcNMjUxMTE5MTA0NDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDllMWZmODMzMGEyZWI3NmViM2I4OWYxOGQ5MzA0MTE2NDJlMjQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZqH5kc5zJhhvsj+gggOTnnDp+tO 1slB22VjWW7wG1hWT+Vj/51AXs7nbnwHqf/MxYf42P3hZUZ1IiGci348N29uVcXP RaCoyMVb/gDcQOMjAy218dQUZiUpl00PLnV1VKyi9fES9yGo9se4hc4SimE7uWKv M7L9XM7N53DxUcJP/1GX2UY30c6yr6bHpvJPsD0oBO5/9LCO66k57wyymT7p/WeN ApUTe84VJTj65r1VtoJ+qe6q9GjahOFbpLDqbc5LezDShXLlC5FSfjFkU6+mhZAg HbKJnTVibLiAH4jCrUF2La5290FI4J0NUILp/tabCRkh0vkfGG1YGP6TBwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFD2eH/gzCi63brO4nxjZMEEWQuJDMB8GA1UdIwQY MBaAFKpSEpWNjhuqFEqCqCH5OokNy6SaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYt YjQwMWE0YTA0NDkyLzEvUFo0Zi1ETUtMcmR1czdpZkdOa3dRUlpDNGtNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYtYjQwMWE0YTA0NDky LzEvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+LgMA0G CSqGSIb3DQEBCwUAA4IBAQCma9wk/a20v2Sz3JxZrzHTytYKpPGW/QDVGdD82U3A EplvmeocLY3+Kk6OZUMRGqr0pZ/ZEtSB4ywH6jD/VsJLIzwm5nR6MaEDhLLMBW+5 8K9JsayPm+PHOvPfyxJcvb9z9FXLtpbLRqakBO+wC4DVM5k6COLqrUHEWb7PWb0S nAlWk+6d6U5ksYCuY0qoC431B9QbxLGiWjPtbVUCoiZOQ5s5WJaJaslkEgghbR+O YAaU1XkvEPOrRzNic2QuuK9eAR3VkiDV02NwuRTsggWwCScTe7AhUBfExSRnNCAY Jm1sfW/yLkfJIlug+DKUBcMZvl2j+hU59kDPALih8WpU -----END CERTIFICATE-----Generated at Sun Dec 7 00:10:31 2025 by rpki-client