This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/pWovmGtJJtoRmbGaF3naYxdLi4Q.roa File: pWovmGtJJtoRmbGaF3naYxdLi4Q.roa (raw, json) Hash identifier: GlTsCgCaW2G6hKoqCdMn6KY4SvgJXax+8KT+24OK4+U= Subject key identifier: A5:6A:2F:98:6B:49:26:DA:11:99:B1:9A:17:79:DA:63:17:4B:8B:84 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019AD6DC89446B295E41B0D075E85E52977B Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/pWovmGtJJtoRmbGaF3naYxdLi4Q.roa Signing time: Sun 30 Nov 2025 22:22:48 +0000 ROA not before: Sun 30 Nov 2025 22:22:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 204997 IP address blocks: 104.128.132.0/24 maxlen: 24 104.128.133.0/24 maxlen: 24 2a0c:5d00:3001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d6:dc:89:44:6b:29:5e:41:b0:d0:75:e8:5e:52:97:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Nov 30 22:22:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a56a2f986b4926da1199b19a1779da63174b8b84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1c:55:37:55:cc:cf:a6:d0:f8:82:9e:b1:36: 28:2a:00:3f:8e:ef:34:50:76:d7:bc:66:47:f5:30: df:46:f0:2a:b8:5a:64:27:cf:33:df:d9:df:6c:ba: 7d:1e:c0:34:7f:34:7f:2d:8c:53:b3:b5:b9:91:c0: aa:25:65:42:6d:2c:56:4c:c5:c5:72:39:c4:ca:e2: 97:c8:39:19:ad:0b:15:6e:ea:7c:3a:c7:6a:48:5d: 39:9f:56:0b:fb:08:be:d4:5a:2c:5f:a5:cf:ae:3f: 09:7f:be:39:1a:67:47:c7:35:79:a0:e1:e8:f5:bb: 18:e2:3c:b0:24:6e:f8:75:e1:9e:20:d2:3d:5b:b3: 5e:99:19:f4:e0:a0:8e:c1:01:76:02:2d:8c:82:84: dc:39:eb:e2:73:b9:ce:92:da:3a:c9:9d:2d:10:c4: 41:7b:d6:ab:57:e8:32:ab:bf:84:0c:c6:88:b4:1b: 0e:b9:d4:fe:ee:2b:ff:19:c6:71:98:b4:c4:91:15: 2a:ae:2d:28:c6:c9:a7:8c:5c:e4:22:b3:f3:68:d6: 39:01:bf:4c:1e:15:51:fc:87:54:2a:49:38:3e:29: 33:bc:4d:22:cb:ab:2e:a3:1f:12:bb:e5:07:80:eb: f7:a4:0a:b7:dc:c9:50:7b:fe:63:c7:06:d7:ba:92: 74:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:6A:2F:98:6B:49:26:DA:11:99:B1:9A:17:79:DA:63:17:4B:8B:84 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/pWovmGtJJtoRmbGaF3naYxdLi4Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.128.132.0/23 IPv6: 2a0c:5d00:3001::/48 Signature Algorithm: sha256WithRSAEncryption 6a:91:48:5b:6a:54:70:f2:9c:41:7d:88:1e:e6:f8:ec:06:10: 39:42:56:30:dd:3d:17:09:74:1c:e7:44:e0:f0:33:12:db:d2: 5f:8b:12:09:8d:4f:be:e2:31:b6:c1:e4:89:18:cc:fa:f4:bc: 67:af:c0:33:84:b9:6a:e8:e3:9e:75:47:33:d1:3b:f6:ed:7b: 3f:d3:2f:1a:df:74:00:a6:b1:20:76:24:2c:75:eb:08:e8:30: 24:cf:74:be:6d:13:70:d9:2e:7c:d7:2d:db:04:31:4c:8a:00: 8e:3c:61:5c:c1:1b:df:16:cf:15:f9:36:2a:34:63:a6:5b:8f: b7:eb:5b:83:89:f2:d8:3f:f2:09:56:ab:16:c7:b2:08:1d:95: c1:30:99:bb:9a:1f:35:ba:bb:ca:69:5a:e6:99:62:62:48:af: 28:64:75:2c:42:ce:9a:c1:a0:7c:2f:95:c5:f0:c5:c0:3e:0b: 4c:fb:cb:ad:bd:b9:e1:3d:37:7e:9d:85:7c:d3:6d:d5:1f:02: 12:fa:49:aa:cd:4a:d6:a4:ab:56:44:07:81:51:fe:7c:db:cb: ea:16:13:50:77:6b:9d:26:42:39:22:35:04:76:b3:c3:1e:77: 55:eb:6c:df:27:a8:e5:b8:f7:a3:83:7c:90:61:e0:44:c6:72: cb:14:eb:41 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZrW3IlEayleQbDQdeheUpd7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjUxMTMwMjIyMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNTZhMmY5ODZiNDkyNmRhMTE5OWIxOWExNzc5ZGE2MzE3NGI4Yjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxxVN1XMz6bQ+IKesTYoKgA/ju80 UHbXvGZH9TDfRvAquFpkJ88z39nfbLp9HsA0fzR/LYxTs7W5kcCqJWVCbSxWTMXF cjnEyuKXyDkZrQsVbup8OsdqSF05n1YL+wi+1FosX6XPrj8Jf745GmdHxzV5oOHo 9bsY4jywJG74deGeINI9W7NemRn04KCOwQF2Ai2MgoTcOevic7nOkto6yZ0tEMRB e9arV+gyq7+EDMaItBsOudT+7iv/GcZxmLTEkRUqri0oxsmnjFzkIrPzaNY5Ab9M HhVR/IdUKkk4PikzvE0iy6suox8Su+UHgOv3pAq33MlQe/5jxwbXupJ0IwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKVqL5hrSSbaEZmxmhd52mMXS4uEMB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvcFdvdm1HdEpKdG9SbWJHYUYzbmFZeGRMaTRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBaICEMA8E AgACMAkDBwAqDF0AMAEwDQYJKoZIhvcNAQELBQADggEBAGqRSFtqVHDynEF9iB7m +OwGEDlCVjDdPRcJdBznRODwMxLb0l+LEgmNT77iMbbB5IkYzPr0vGevwDOEuWro 4551RzPRO/btez/TLxrfdACmsSB2JCx16wjoMCTPdL5tE3DZLnzXLdsEMUyKAI48 YVzBG98WzxX5Nio0Y6Zbj7frW4OJ8tg/8glWqxbHsggdlcEwmbuaHzW6u8ppWuaZ YmJIryhkdSxCzprBoHwvlcXwxcA+C0z7y629ueE9N36dhXzTbdUfAhL6SarNStak q1ZEB4FR/nzby+oWE1B3a50mQjkiNQR2s8Med1XrbN8nqOW496ODfJBh4ETGcssU 60E= -----END CERTIFICATE-----Generated at Sat Dec 6 15:24:31 2025 by rpki-client