This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/b36nBmQqZqOFHl2W44HTrgo9J-s.roa File: b36nBmQqZqOFHl2W44HTrgo9J-s.roa (raw, json) Hash identifier: X7DVNcFuRtB9rkxk2anvQRZFqcrk7B+X4asJMKNp5mQ= Subject key identifier: 6F:7E:A7:06:64:2A:66:A3:85:1E:5D:96:E3:81:D3:AE:0A:3D:27:EB Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Certificate serial: 019A525267427687B750469E836EAD632873 Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/b36nBmQqZqOFHl2W44HTrgo9J-s.roa Signing time: Wed 05 Nov 2025 04:42:03 +0000 ROA not before: Wed 05 Nov 2025 04:42:03 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215938 IP address blocks: 85.133.153.0/24 maxlen: 24 85.133.217.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:25:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:52:52:67:42:76:87:b7:50:46:9e:83:6e:ad:63:28:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Validity Not Before: Nov 5 04:42:03 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6f7ea706642a66a3851e5d96e381d3ae0a3d27eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:06:b9:79:dc:c8:04:cb:b8:ab:42:45:0c:1e: 6c:ed:96:f9:e4:b4:00:f1:a5:09:be:05:f8:ed:08: 26:e5:e9:e4:51:f0:53:88:ef:cd:74:2a:fb:1f:21: 57:01:aa:69:e9:b6:66:89:90:16:f6:91:6d:10:ce: 59:3b:ec:d8:09:09:4c:a7:b1:59:08:6b:fd:f3:28: b7:88:19:a9:52:45:27:2f:b0:73:11:4a:ba:ea:f7: d3:d7:2f:39:95:0d:1d:d9:0f:a1:a0:a2:c6:f4:6f: 5f:db:1e:e6:98:d2:5b:1b:ca:16:16:bb:b7:74:74: dd:ba:50:a3:d8:67:d6:c5:1b:21:80:fb:07:f9:16: ef:51:22:e4:69:ef:14:59:10:a9:32:d8:26:75:3a: cc:d1:4e:2e:85:15:cf:cf:64:8a:14:20:ed:f8:3f: bf:97:bf:ff:dc:bc:a0:d5:e0:ac:de:05:51:63:71: d2:f2:9f:7c:af:5b:5e:95:b9:67:14:af:5a:5c:7f: 40:20:3c:f5:78:75:e5:ac:91:af:7f:dd:a8:be:0a: 16:4c:f9:fd:2c:80:96:cd:af:b4:73:4c:6e:0e:39: 3d:cc:2d:69:aa:99:0a:b4:5f:b6:1b:de:86:a1:4b: 8a:db:24:0e:55:49:d8:a9:65:0b:f2:c5:84:a2:64: be:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:7E:A7:06:64:2A:66:A3:85:1E:5D:96:E3:81:D3:AE:0A:3D:27:EB X509v3 Authority Key Identifier: keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/b36nBmQqZqOFHl2W44HTrgo9J-s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.133.153.0/24 85.133.217.0/24 Signature Algorithm: sha256WithRSAEncryption 15:7c:3b:16:f4:2a:ac:d4:ae:d8:c9:1d:e3:5d:28:73:74:af: 79:41:1e:61:63:62:82:be:3b:d3:c1:ff:8f:aa:65:55:3d:c8: d6:d7:3d:d6:1e:b6:79:14:2b:e4:9c:75:77:c3:a8:ab:fc:72: 74:77:cc:cd:ee:28:5c:b8:c8:f2:75:5a:fe:58:e4:2f:a6:dd: e6:42:7e:7b:c5:6d:d0:30:a3:d1:7c:ef:7d:e4:a4:43:2f:1e: 15:80:ef:25:e7:0b:b7:86:9a:38:4e:1d:30:d7:c4:a7:29:bf: 71:8d:06:c2:4f:ad:c8:3f:92:12:3d:12:35:5c:dd:79:25:9c: b8:49:45:67:ec:51:81:ac:a3:4d:61:dd:9c:38:fe:dd:f2:72: 77:1f:56:b1:03:6f:93:68:62:c9:95:ed:7d:c5:3e:23:fb:a8: fb:a7:43:bf:4b:06:a3:e3:9d:73:49:2e:af:6c:ff:ac:a4:f8: ac:6b:d9:dc:c8:e0:9d:42:c3:45:b0:eb:c4:1a:fb:7f:bb:00: 33:67:64:97:98:be:5f:64:3f:49:80:15:64:dd:a2:96:f5:ac: 99:50:32:bb:72:b0:64:e9:ad:cc:32:70:c4:a3:d5:db:7c:f5: 14:7e:00:37:4f:b9:4c:89:c9:9a:17:2e:e1:90:48:80:77:ff: 93:47:fd:5f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZpSUmdCdoe3UEaeg26tYyhzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5 NDY3MDIwHhcNMjUxMTA1MDQ0MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZjdlYTcwNjY0MmE2NmEzODUxZTVkOTZlMzgxZDNhZTBhM2QyN2ViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwa5edzIBMu4q0JFDB5s7Zb55LQA 8aUJvgX47Qgm5enkUfBTiO/NdCr7HyFXAapp6bZmiZAW9pFtEM5ZO+zYCQlMp7FZ CGv98yi3iBmpUkUnL7BzEUq66vfT1y85lQ0d2Q+hoKLG9G9f2x7mmNJbG8oWFru3 dHTdulCj2GfWxRshgPsH+RbvUSLkae8UWRCpMtgmdTrM0U4uhRXPz2SKFCDt+D+/ l7//3Lyg1eCs3gVRY3HS8p98r1telblnFK9aXH9AIDz1eHXlrJGvf92ovgoWTPn9 LICWza+0c0xuDjk9zC1pqpkKtF+2G96GoUuK2yQOVUnYqWUL8sWEomS+ywIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFG9+pwZkKmajhR5dluOB064KPSfrMB8GA1UdIwQY MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt NWQxZmE2NmMzNjNiLzEvYjM2bkJtUXFacU9GSGwyVzQ0SFRyZ285Si1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVYWZAwQA VYXZMA0GCSqGSIb3DQEBCwUAA4IBAQAVfDsW9Cqs1K7YyR3jXShzdK95QR5hY2KC vjvTwf+PqmVVPcjW1z3WHrZ5FCvknHV3w6ir/HJ0d8zN7ihcuMjydVr+WOQvpt3m Qn57xW3QMKPRfO995KRDLx4VgO8l5wu3hpo4Th0w18SnKb9xjQbCT63IP5ISPRI1 XN15JZy4SUVn7FGBrKNNYd2cOP7d8nJ3H1axA2+TaGLJle19xT4j+6j7p0O/Swaj 451zSS6vbP+spPisa9ncyOCdQsNFsOvEGvt/uwAzZ2SXmL5fZD9JgBVk3aKW9ayZ UDK7crBk6a3MMnDEo9XbfPUUfgA3T7lMicmaFy7hkEiAd/+TR/1f -----END CERTIFICATE-----Generated at Sat Dec 6 18:40:06 2025 by rpki-client