This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/XD0PXwobbQjv2v0SAyif4Rt3QYU.roa File: XD0PXwobbQjv2v0SAyif4Rt3QYU.roa (raw, json) Hash identifier: Impuxhx1sitl+JUUEv0n/TPV0OeehyFvKjujO93QXyQ= Subject key identifier: 5C:3D:0F:5F:0A:1B:6D:08:EF:DA:FD:12:03:28:9F:E1:1B:77:41:85 Certificate issuer: /CN=97f19047f3f1e0593d1c317997bede2890aa0ffb Certificate serial: 019AE85F44457CA9C518A70BF55F69955452 Authority key identifier: 97:F1:90:47:F3:F1:E0:59:3D:1C:31:79:97:BE:DE:28:90:AA:0F:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_GQR_Px4Fk9HDF5l77eKJCqD_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/XD0PXwobbQjv2v0SAyif4Rt3QYU.roa Signing time: Thu 04 Dec 2025 07:59:08 +0000 ROA not before: Thu 04 Dec 2025 07:59:08 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 131613 IP address blocks: 103.156.185.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/l_GQR_Px4Fk9HDF5l77eKJCqD_s.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/l_GQR_Px4Fk9HDF5l77eKJCqD_s.mft rsync://rpki.ripe.net/repository/DEFAULT/l_GQR_Px4Fk9HDF5l77eKJCqD_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e8:5f:44:45:7c:a9:c5:18:a7:0b:f5:5f:69:95:54:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97f19047f3f1e0593d1c317997bede2890aa0ffb Validity Not Before: Dec 4 07:59:08 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5c3d0f5f0a1b6d08efdafd1203289fe11b774185 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fd:88:c8:7b:79:b8:4d:6a:bd:af:cd:79:fd: 30:65:20:cc:57:f5:8e:a1:9a:04:4f:b3:9c:c6:53: 66:6d:f2:04:cb:37:7e:0a:0a:2a:13:6f:11:be:95: 05:7c:56:88:36:d3:0f:d0:74:ea:76:d8:fe:ea:c7: d4:c8:6c:88:16:ba:79:16:72:a4:50:3d:f4:12:6f: e8:eb:d3:ef:d6:00:49:dd:98:b2:fc:e9:c0:4b:4d: 08:8c:d0:92:a6:d0:cc:a9:45:9f:89:74:3f:06:a8: a0:37:70:61:34:c7:4a:68:59:c8:9a:12:80:a5:c6: f5:26:3d:d7:1a:8e:c1:f1:f3:5c:9e:46:da:82:a1: 61:09:70:a6:40:5a:6c:9e:b5:79:cb:f1:07:ec:f4: 7b:c0:1e:6f:eb:41:32:93:36:40:28:76:99:85:80: fa:40:36:5e:14:81:f3:96:6c:f2:e8:38:e9:fd:93: e2:e3:5e:39:77:93:5e:82:0d:01:f8:f7:b1:01:a4: e7:54:f4:a6:34:5e:fe:f7:c8:28:b5:52:64:c8:da: 81:f9:39:e8:6e:74:27:e4:90:ce:df:6f:d4:1f:78: 58:bd:02:0a:67:e5:de:d4:d5:cd:f9:87:6e:e8:4e: 2a:5e:e7:cd:97:0d:dd:2a:2f:18:b6:4d:04:4b:98: e8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:3D:0F:5F:0A:1B:6D:08:EF:DA:FD:12:03:28:9F:E1:1B:77:41:85 X509v3 Authority Key Identifier: keyid:97:F1:90:47:F3:F1:E0:59:3D:1C:31:79:97:BE:DE:28:90:AA:0F:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_GQR_Px4Fk9HDF5l77eKJCqD_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/XD0PXwobbQjv2v0SAyif4Rt3QYU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/l_GQR_Px4Fk9HDF5l77eKJCqD_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.185.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:a4:12:d9:6e:9b:71:73:a4:d1:36:21:e5:6a:bd:3e:d7:94: b4:2f:ea:59:38:76:e4:59:9f:9a:fa:ec:1b:bf:ae:ff:b2:17: 19:bb:ab:a0:f3:8f:42:2f:1a:a3:07:40:49:9d:36:06:3b:7e: f4:73:59:8b:1a:ac:8a:75:91:07:87:7c:3e:0f:3d:be:d0:b8: b9:8b:55:10:3f:95:e4:45:d3:4f:4d:98:88:58:ce:b7:14:ce: 1a:4a:6b:35:aa:51:bf:a0:80:33:a9:57:33:dc:0b:29:ff:72: 86:ae:a1:e5:46:4a:b1:53:71:df:d2:20:b5:c4:7c:e7:28:e2: f4:c4:31:d4:83:2f:df:7e:6c:90:d8:6f:26:75:e2:4f:ab:fc: 3c:fe:74:38:32:9b:61:8e:09:ec:db:62:39:5b:e2:74:8f:70: c6:0d:7c:bb:d7:21:70:dc:92:4b:1c:37:5f:39:db:b8:98:ea: 2b:76:54:ba:93:ed:49:d6:9a:a3:8d:29:41:a7:28:6f:b5:06: c1:21:b2:2a:46:74:2e:7e:70:48:bc:e9:39:32:3a:00:09:a0: e6:e9:38:23:a7:aa:01:c2:0d:f2:f3:53:a8:ac:c1:de:84:96: f4:28:f9:0b:eb:dc:ac:35:a8:8c:98:5b:a0:98:e9:9b:d1:c4: d4:e4:45:a8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZroX0RFfKnFGKcL9V9plVRSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3ZjE5MDQ3ZjNmMWUwNTkzZDFjMzE3OTk3YmVkZTI4OTBh YTBmZmIwHhcNMjUxMjA0MDc1OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzNkMGY1ZjBhMWI2ZDA4ZWZkYWZkMTIwMzI4OWZlMTFiNzc0MTg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/2IyHt5uE1qva/Nef0wZSDMV/WO oZoET7OcxlNmbfIEyzd+CgoqE28RvpUFfFaINtMP0HTqdtj+6sfUyGyIFrp5FnKk UD30Em/o69Pv1gBJ3Ziy/OnAS00IjNCSptDMqUWfiXQ/BqigN3BhNMdKaFnImhKA pcb1Jj3XGo7B8fNcnkbagqFhCXCmQFpsnrV5y/EH7PR7wB5v60EykzZAKHaZhYD6 QDZeFIHzlmzy6Djp/ZPi4145d5Negg0B+PexAaTnVPSmNF7+98gotVJkyNqB+Tno bnQn5JDO32/UH3hYvQIKZ+Xe1NXN+Ydu6E4qXufNlw3dKi8Ytk0ES5joyQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFw9D18KG20I79r9EgMon+Ebd0GFMB8GA1UdIwQY MBaAFJfxkEfz8eBZPRwxeZe+3iiQqg/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbF9HUVJfUHg0Rms5SERGNWw3N2VLSkNxRF9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8yMGIzZmUtZWViZi00MmZmLWIwMTIt N2EzZTM5NGMwNDkzLzEvWEQwUFh3b2JiUWp2MnYwU0F5aWY0UnQzUVlVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi8yMGIzZmUtZWViZi00MmZmLWIwMTItN2EzZTM5NGMwNDkz LzEvbF9HUVJfUHg0Rms5SERGNWw3N2VLSkNxRF9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5y5MA0G CSqGSIb3DQEBCwUAA4IBAQBbpBLZbptxc6TRNiHlar0+15S0L+pZOHbkWZ+a+uwb v67/shcZu6ug849CLxqjB0BJnTYGO370c1mLGqyKdZEHh3w+Dz2+0Li5i1UQP5Xk RdNPTZiIWM63FM4aSms1qlG/oIAzqVcz3Asp/3KGrqHlRkqxU3Hf0iC1xHznKOL0 xDHUgy/ffmyQ2G8mdeJPq/w8/nQ4Mpthjgns22I5W+J0j3DGDXy71yFw3JJLHDdf Odu4mOordlS6k+1J1pqjjSlBpyhvtQbBIbIqRnQufnBIvOk5MjoACaDm6Tgjp6oB wg3y81OorMHehJb0KPkL69ysNaiMmFugmOmb0cTU5EWo -----END CERTIFICATE-----Generated at Sat Dec 6 08:18:01 2025 by rpki-client