This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/ZfGgxOD9oKOLO00K2AU9JKrI1kQ.roa File: ZfGgxOD9oKOLO00K2AU9JKrI1kQ.roa (raw, json) Hash identifier: MxwT8vbLLXhabuxFnu//UYyIHp8dV7WQm7/O2tItwaI= Subject key identifier: 65:F1:A0:C4:E0:FD:A0:A3:8B:3B:4D:0A:D8:05:3D:24:AA:C8:D6:44 Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e Certificate serial: 019A53A9E5932D89C87CA9823C771601AAE6 Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/ZfGgxOD9oKOLO00K2AU9JKrI1kQ.roa Signing time: Wed 05 Nov 2025 10:57:14 +0000 ROA not before: Wed 05 Nov 2025 10:57:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 39386 IP address blocks: 37.224.192.0/24 maxlen: 24 84.235.0.0/17 maxlen: 17 84.235.0.0/24 maxlen: 24 84.235.14.0/24 maxlen: 24 84.235.56.0/23 maxlen: 23 84.235.95.0/24 maxlen: 24 84.235.108.0/24 maxlen: 24 84.235.109.0/24 maxlen: 24 84.235.110.0/24 maxlen: 24 84.235.111.0/24 maxlen: 24 84.235.120.0/22 maxlen: 22 178.86.50.0/24 maxlen: 24 193.19.244.0/24 maxlen: 24 212.118.154.0/24 maxlen: 24 2001:16a0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:53:a9:e5:93:2d:89:c8:7c:a9:82:3c:77:16:01:aa:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e Validity Not Before: Nov 5 10:57:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=65f1a0c4e0fda0a38b3b4d0ad8053d24aac8d644 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:17:37:b7:d9:d0:47:e0:96:2b:de:97:42:6e: f8:ee:e0:e9:98:de:a3:c4:d4:75:45:72:69:55:1c: 58:83:3e:d2:02:16:e2:66:ef:e7:de:e6:5e:f2:56: 46:0c:23:f6:23:f4:b9:7a:d5:54:25:a5:9b:93:f3: 34:62:18:4b:26:e7:11:73:2b:48:df:45:9b:ca:74: 7b:76:d0:1e:9a:4d:d6:e7:1e:55:ae:98:28:a2:0e: cb:a5:4a:ff:e8:57:ce:63:b8:bb:4e:57:7b:02:3a: ed:df:9c:7b:34:8b:67:9c:48:01:62:83:d6:51:e7: 5c:f1:b9:bb:b9:ae:29:80:8d:e5:3e:52:a7:db:15: c9:e6:1c:b1:da:b0:51:58:da:00:22:fc:4a:c2:1e: 70:d4:df:7a:40:68:31:f0:79:ef:2f:a2:e8:2d:99: 7b:76:5d:d7:c7:4a:fe:a7:43:02:e6:24:27:48:af: 58:1c:f2:14:c6:71:4e:b4:47:4c:f5:db:0f:82:2c: 56:6a:55:81:b7:e9:c7:d9:d2:af:0f:68:da:3d:7f: 81:8e:9c:cc:a0:1c:44:e8:a8:1c:da:f6:00:6b:42: cc:be:ee:1f:23:b2:bf:29:c6:49:4d:18:84:b8:ea: e8:ca:04:43:97:93:3c:3f:8b:62:91:46:9a:87:22: ab:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:F1:A0:C4:E0:FD:A0:A3:8B:3B:4D:0A:D8:05:3D:24:AA:C8:D6:44 X509v3 Authority Key Identifier: keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/ZfGgxOD9oKOLO00K2AU9JKrI1kQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.224.192.0/24 84.235.0.0/17 178.86.50.0/24 193.19.244.0/24 212.118.154.0/24 IPv6: 2001:16a0::/29 Signature Algorithm: sha256WithRSAEncryption 64:77:14:01:61:ea:78:74:59:36:e5:35:91:05:93:e5:52:0b: a5:66:73:1d:86:38:84:e2:cd:9f:13:91:1b:34:96:09:d2:cb: a5:f4:48:48:83:43:58:28:64:37:57:d4:0f:b9:6f:9d:ba:fd: 65:fc:2d:1c:51:62:50:0b:79:a8:dc:6b:55:66:22:7c:f3:bf: 88:d8:b0:76:ba:e5:04:a8:6a:9e:5b:ed:23:a5:46:f0:90:18: ac:25:9c:b0:8a:98:5d:eb:ba:dc:b4:b9:8c:48:13:a4:23:ae: 93:18:7e:5e:83:6e:c6:a1:a4:0b:8a:4d:1d:cc:5c:e3:ad:a9: 28:a1:ec:1e:0c:58:d7:ff:2d:aa:87:c0:4b:bf:ef:d3:f9:b1: f7:6b:fc:08:d9:2c:ca:d8:d5:e0:16:4e:a4:99:03:c9:cc:72: 34:11:41:40:2b:59:4d:50:32:97:dd:67:ad:58:01:58:35:7d: 6d:2f:bd:6c:a1:64:27:23:33:c9:0c:e7:37:fc:57:84:91:b8: 86:34:5e:76:4d:ad:a8:e8:3c:e8:b2:77:41:c7:6e:11:45:08: 86:fc:0f:57:0f:d4:ae:1e:a4:de:f5:44:2a:28:09:60:a8:71: d5:57:86:6b:7c:3e:e4:12:80:64:75:b4:83:f2:01:83:db:93: 4e:bd:ad:30 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZpTqeWTLYnIfKmCPHcWAarmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk ZjNlMWUwHhcNMjUxMTA1MTA1NzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWYxYTBjNGUwZmRhMGEzOGIzYjRkMGFkODA1M2QyNGFhYzhkNjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhc3t9nQR+CWK96XQm747uDpmN6j xNR1RXJpVRxYgz7SAhbiZu/n3uZe8lZGDCP2I/S5etVUJaWbk/M0YhhLJucRcytI 30WbynR7dtAemk3W5x5Vrpgoog7LpUr/6FfOY7i7Tld7Ajrt35x7NItnnEgBYoPW Uedc8bm7ua4pgI3lPlKn2xXJ5hyx2rBRWNoAIvxKwh5w1N96QGgx8HnvL6LoLZl7 dl3Xx0r+p0MC5iQnSK9YHPIUxnFOtEdM9dsPgixWalWBt+nH2dKvD2jaPX+BjpzM oBxE6Kgc2vYAa0LMvu4fI7K/KcZJTRiEuOroygRDl5M8P4tikUaahyKrZwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFGXxoMTg/aCjiztNCtgFPSSqyNZEMB8GA1UdIwQY MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt YjU5MDk1N2Q5NDE1LzEvWmZHZ3hPRDlvS09MTzAwSzJBVTlKS3JJMWtRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1 LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeDAAwQH VOsAAwQAslYyAwQAwRP0AwQA1HaaMA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEB CwUAA4IBAQBkdxQBYep4dFk25TWRBZPlUgulZnMdhjiE4s2fE5EbNJYJ0sul9EhI g0NYKGQ3V9QPuW+duv1l/C0cUWJQC3mo3GtVZiJ887+I2LB2uuUEqGqeW+0jpUbw kBisJZywiphd67rctLmMSBOkI66TGH5eg27GoaQLik0dzFzjrakooeweDFjX/y2q h8BLv+/T+bH3a/wI2SzK2NXgFk6kmQPJzHI0EUFAK1lNUDKX3WetWAFYNX1tL71s oWQnIzPJDOc3/FeEkbiGNF52Ta2o6DzosndBx24RRQiG/A9XD9SuHqTe9UQqKAlg qHHVV4ZrfD7kEoBkdbSD8gGD25NOva0w -----END CERTIFICATE-----Generated at Sat Dec 6 14:54:18 2025 by rpki-client