This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/aCI8Jo962pd2BoQhf-dPqcGKVgE.roa File: aCI8Jo962pd2BoQhf-dPqcGKVgE.roa (raw, json) Hash identifier: M5raHpaPR3ugbk/T1ToK6O7tBcNA5IW/XHB83K5aUEA= Subject key identifier: 68:22:3C:26:8F:7A:DA:97:76:06:84:21:7F:E7:4F:A9:C1:8A:56:01 Certificate issuer: /CN=cbdfce3a5355f861fdc48c32012c78c9daf9a5a4 Certificate serial: 019AA36018C56BBCBC10A4F255B4E9F135A5 Authority key identifier: CB:DF:CE:3A:53:55:F8:61:FD:C4:8C:32:01:2C:78:C9:DA:F9:A5:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/aCI8Jo962pd2BoQhf-dPqcGKVgE.roa Signing time: Thu 20 Nov 2025 22:26:15 +0000 ROA not before: Thu 20 Nov 2025 22:26:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31655 IP address blocks: 5.2.96.0/19 maxlen: 24 5.144.156.0/22 maxlen: 24 62.223.128.0/17 maxlen: 24 80.252.64.0/20 maxlen: 24 88.215.0.0/18 maxlen: 29 89.213.8.0/21 maxlen: 24 89.213.16.0/20 maxlen: 24 89.213.32.0/21 maxlen: 24 185.4.196.0/22 maxlen: 24 185.21.208.0/22 maxlen: 24 188.66.64.0/18 maxlen: 24 195.162.96.0/19 maxlen: 24 213.218.192.0/20 maxlen: 24 2a02:c1c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.mft rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a3:60:18:c5:6b:bc:bc:10:a4:f2:55:b4:e9:f1:35:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbdfce3a5355f861fdc48c32012c78c9daf9a5a4 Validity Not Before: Nov 20 22:26:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68223c268f7ada97760684217fe74fa9c18a5601 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d1:37:3a:fa:12:d8:26:8a:81:1b:f4:c4:3a: 23:fd:4c:94:cf:79:bf:dd:9b:11:60:1e:8e:4e:04: ca:dc:ae:0f:05:17:05:66:c3:dd:99:0d:61:f2:f2: b3:19:be:e6:9d:f0:23:0b:1c:6d:2b:a9:7c:50:63: 5a:b7:aa:2e:78:6e:be:e1:07:c3:70:36:3a:30:28: 6a:6a:78:15:39:5a:4b:0e:3d:42:b1:8c:b7:c5:c5: 02:aa:d8:51:b8:f4:f0:fc:30:56:99:97:36:cb:85: c3:9e:9d:af:28:65:05:e6:0d:12:8c:20:76:72:e9: 26:5e:6b:3d:41:ba:0c:96:e2:1c:c6:6e:f2:c2:72: f0:3e:5f:c5:04:16:d0:3c:4e:38:46:0c:cc:0d:53: 77:25:48:f0:cc:26:03:69:16:22:92:0f:be:84:e6: b5:5e:53:c1:cb:b3:6d:ba:3e:3f:79:b5:94:2b:85: fd:07:7d:1c:06:9f:1c:06:fb:95:0b:4a:41:d0:12: 4c:01:ed:55:d1:39:37:44:99:5a:2c:a5:83:40:52: 44:c9:3d:a8:94:d3:18:18:23:fa:11:d6:17:83:e6: 9d:8f:89:db:e8:85:f8:08:2c:b5:6b:3b:15:13:fa: 55:01:6a:f2:7c:6e:9d:1b:83:e3:32:9d:89:60:5e: e9:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:22:3C:26:8F:7A:DA:97:76:06:84:21:7F:E7:4F:A9:C1:8A:56:01 X509v3 Authority Key Identifier: keyid:CB:DF:CE:3A:53:55:F8:61:FD:C4:8C:32:01:2C:78:C9:DA:F9:A5:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/aCI8Jo962pd2BoQhf-dPqcGKVgE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.2.96.0/19 5.144.156.0/22 62.223.128.0/17 80.252.64.0/20 88.215.0.0/18 89.213.8.0-89.213.39.255 185.4.196.0/22 185.21.208.0/22 188.66.64.0/18 195.162.96.0/19 213.218.192.0/20 IPv6: 2a02:c1c0::/29 Signature Algorithm: sha256WithRSAEncryption 8f:56:04:b6:29:e5:95:ac:91:23:8a:36:63:e0:9e:06:8a:65: f0:cd:cc:f8:b0:96:ae:6b:c9:e5:49:8b:0d:53:62:23:b3:3f: a3:25:25:ab:04:75:2d:bc:c1:13:41:da:b4:ee:94:92:fe:7d: 96:5d:5c:01:33:6d:7e:40:de:a7:b5:3c:a5:7b:df:6e:e8:fb: b1:2a:c7:58:8a:0d:cc:b1:e5:d5:c6:8c:f0:6a:1a:4e:29:13: fa:12:91:20:12:d5:e1:13:56:5c:35:c1:88:b6:4e:f9:5c:93: 66:46:01:e3:6a:d4:da:e5:5a:ae:9a:56:51:25:b3:18:4a:21: e8:be:b1:95:a4:cc:b2:cc:53:e4:ce:08:08:4d:b6:6f:08:20: 93:7f:3f:95:e8:73:fc:fa:0c:6a:86:1f:71:17:24:c9:ab:fe: eb:9b:b0:f1:f4:fa:c6:60:e0:9d:49:8d:c6:c1:8c:de:64:4e: 99:95:28:57:37:de:20:11:55:03:ba:92:b4:2b:a2:a4:32:15: 47:15:25:22:a1:8c:65:7f:29:80:11:6a:d1:5c:d7:e1:79:39: be:a5:0a:c5:f8:42:3f:b5:4c:71:75:b9:05:f3:40:5b:4b:ac: 0a:b0:df:83:6e:2d:31:b8:b3:37:a6:7a:c8:2e:50:c9:4f:d2: 68:03:8b:df -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgISAZqjYBjFa7y8EKTyVbTp8TWlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZGZjZTNhNTM1NWY4NjFmZGM0OGMzMjAxMmM3OGM5ZGFm OWE1YTQwHhcNMjUxMTIwMjIyNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODIyM2MyNjhmN2FkYTk3NzYwNjg0MjE3ZmU3NGZhOWMxOGE1NjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNE3OvoS2CaKgRv0xDoj/UyUz3m/ 3ZsRYB6OTgTK3K4PBRcFZsPdmQ1h8vKzGb7mnfAjCxxtK6l8UGNat6oueG6+4QfD cDY6MChqangVOVpLDj1CsYy3xcUCqthRuPTw/DBWmZc2y4XDnp2vKGUF5g0SjCB2 cukmXms9QboMluIcxm7ywnLwPl/FBBbQPE44RgzMDVN3JUjwzCYDaRYikg++hOa1 XlPBy7Ntuj4/ebWUK4X9B30cBp8cBvuVC0pB0BJMAe1V0Tk3RJlaLKWDQFJEyT2o lNMYGCP6EdYXg+adj4nb6IX4CCy1azsVE/pVAWryfG6dG4PjMp2JYF7pKwIDAQAB o4ICXDCCAlgwHQYDVR0OBBYEFGgiPCaPetqXdgaEIX/nT6nBilYBMB8GA1UdIwQY MBaAFMvfzjpTVfhh/cSMMgEseMna+aWkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTlfT09sTlYtR0g5eEl3eUFTeDR5ZHI1cGFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi83NGExYjUtM2MyZS00OGUyLTkwZmQt YjQ5ZDg5ZTMwZGRkLzEvYUNJOEpvOTYycGQyQm9RaGYtZFBxY0dLVmdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi83NGExYjUtM2MyZS00OGUyLTkwZmQtYjQ5ZDg5ZTMwZGRk LzEveTlfT09sTlYtR0g5eEl3eUFTeDR5ZHI1cGFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQFBQJgAwQC BZCcAwQHPt+AAwQEUPxAAwQGWNcAMAwDBANZ1QgDBANZ1SADBAK5BMQDBAK5FdAD BAa8QkADBAXDomADBATV2sAwDQQCAAIwBwMFAyoCwcAwDQYJKoZIhvcNAQELBQAD ggEBAI9WBLYp5ZWskSOKNmPgngaKZfDNzPiwlq5ryeVJiw1TYiOzP6MlJasEdS28 wRNB2rTulJL+fZZdXAEzbX5A3qe1PKV7327o+7Eqx1iKDcyx5dXGjPBqGk4pE/oS kSAS1eETVlw1wYi2Tvlck2ZGAeNq1NrlWq6aVlElsxhKIei+sZWkzLLMU+TOCAhN tm8IIJN/P5Xoc/z6DGqGH3EXJMmr/uubsPH0+sZg4J1JjcbBjN5kTpmVKFc33iAR VQO6krQroqQyFUcVJSKhjGV/KYARatFc1+F5Ob6lCsX4Qj+1THF1uQXzQFtLrAqw 34NuLTG4szemesguUMlP0mgDi98= -----END CERTIFICATE-----Generated at Sat Dec 6 18:40:01 2025 by rpki-client