This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/bXochpGWrfkL9JTx-tBya7FybWc.roa File: bXochpGWrfkL9JTx-tBya7FybWc.roa (raw, json) Hash identifier: GWw+pyqvyZwm3wir46g8ZzCYrwNMhLudtjpRVXUkGu8= Subject key identifier: 6D:7A:1C:86:91:96:AD:F9:0B:F4:94:F1:FA:D0:72:6B:B1:72:6D:67 Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123 Certificate serial: 019ADCB56BC73862998BD4F49D3E1523491D Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/bXochpGWrfkL9JTx-tBya7FybWc.roa Signing time: Tue 02 Dec 2025 01:37:48 +0000 ROA not before: Tue 02 Dec 2025 01:37:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 24753 IP address blocks: 62.32.32.0/24 maxlen: 24 81.85.52.0/22 maxlen: 22 81.85.96.0/22 maxlen: 22 81.85.100.0/24 maxlen: 24 81.85.160.0/20 maxlen: 20 89.21.160.0/19 maxlen: 19 89.21.167.0/24 maxlen: 24 89.21.173.0/24 maxlen: 24 89.21.189.0/24 maxlen: 24 213.187.128.0/22 maxlen: 24 213.187.132.0/22 maxlen: 24 213.187.139.0/24 maxlen: 24 213.187.152.0/22 maxlen: 24 2a00:df8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.mft rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:dc:b5:6b:c7:38:62:99:8b:d4:f4:9d:3e:15:23:49:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123 Validity Not Before: Dec 2 01:37:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6d7a1c869196adf90bf494f1fad0726bb1726d67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1f:eb:ad:30:4d:cf:66:4d:8e:df:db:24:9e: 20:33:aa:07:90:66:26:b4:d5:99:ea:5f:36:02:b5: 18:49:d5:d1:21:34:d1:8f:b4:05:9b:11:72:c0:c2: 3c:63:51:ac:7d:9f:86:d1:5c:de:96:a0:49:31:90: 9b:8d:28:9e:ab:98:e3:c1:fa:2f:f9:94:d5:af:70: 22:22:87:08:49:0b:ff:34:06:32:9e:52:f4:7b:70: b4:52:c5:a3:80:7b:6e:65:a3:49:d0:16:10:cf:93: fd:e1:d5:96:07:37:fb:94:19:75:d0:95:74:fc:1f: 76:e5:72:7e:70:46:e9:d0:f9:28:25:62:0f:c5:00: 03:00:f2:a5:f0:5a:7a:8c:8f:9d:43:4f:22:83:d0: cd:1c:16:12:07:9f:7d:82:bb:f1:c1:87:2b:0d:54: 9b:3c:ff:ee:0e:1c:f1:7d:b5:39:1b:2a:a0:e6:7b: 57:46:2a:b3:8f:c7:8b:59:aa:27:5d:38:a5:d0:10: 75:20:cb:dc:aa:53:05:df:2f:91:f9:9d:67:32:a6: e9:f1:3a:2b:79:17:9c:61:42:89:f9:86:e1:fe:b7: 8c:e6:95:fc:62:45:82:6b:99:bc:d3:32:f4:b1:73: cd:f0:be:9c:25:69:12:dd:4c:74:cc:91:bb:86:2f: f6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:7A:1C:86:91:96:AD:F9:0B:F4:94:F1:FA:D0:72:6B:B1:72:6D:67 X509v3 Authority Key Identifier: keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/bXochpGWrfkL9JTx-tBya7FybWc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.32.32.0/24 81.85.52.0/22 81.85.96.0-81.85.100.255 81.85.160.0/20 89.21.160.0/19 213.187.128.0/21 213.187.139.0/24 213.187.152.0/22 IPv6: 2a00:df8::/32 Signature Algorithm: sha256WithRSAEncryption 38:0c:ae:48:ba:e8:dd:d2:66:27:e0:72:4c:e6:47:0a:6a:e3: ab:51:ef:7f:13:78:8a:fc:26:fd:8b:3a:0e:78:a9:98:8d:39: ef:36:05:e9:30:11:d9:09:bc:38:40:62:be:c5:a2:42:02:14: c6:b2:b2:35:f2:38:9a:78:c9:7d:c0:12:d0:d5:bc:fe:c8:31: 43:93:29:1d:1e:47:4a:2d:dc:10:1c:82:76:5f:ea:c3:d3:3f: 8a:64:ee:9e:3c:6c:14:67:ac:33:b9:cd:a2:ee:c6:fd:4d:fa: 27:c6:db:fd:cf:4b:a8:9e:0a:46:2b:9f:10:85:1e:03:77:ee: 5d:d8:91:4f:e3:3e:51:f5:95:33:d8:6f:87:df:32:80:04:04: 87:2c:5f:ab:76:fd:77:4c:71:50:c6:03:d1:97:2d:d2:ba:d8: 29:7f:44:2a:5a:26:70:86:45:9c:c4:f9:6b:a8:1d:db:61:42: d2:19:a2:72:16:0b:bb:85:ae:7f:a0:14:52:36:47:35:66:e0: f6:db:f3:a5:5e:05:2f:30:e6:80:1b:af:f4:22:58:0b:d8:a2: d3:ea:21:a9:f3:15:d4:71:43:c3:64:af:1d:77:3e:ca:e1:f1: 1e:cc:25:75:7c:30:11:08:78:08:9c:e9:14:cb:6f:46:8e:d2: 9d:df:e7:46 -----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgISAZrctWvHOGKZi9T0nT4VI0kdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi N2QxMjMwHhcNMjUxMjAyMDEzNzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZDdhMWM4NjkxOTZhZGY5MGJmNDk0ZjFmYWQwNzI2YmIxNzI2ZDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth/rrTBNz2ZNjt/bJJ4gM6oHkGYm tNWZ6l82ArUYSdXRITTRj7QFmxFywMI8Y1GsfZ+G0VzelqBJMZCbjSieq5jjwfov +ZTVr3AiIocISQv/NAYynlL0e3C0UsWjgHtuZaNJ0BYQz5P94dWWBzf7lBl10JV0 /B925XJ+cEbp0PkoJWIPxQADAPKl8Fp6jI+dQ08ig9DNHBYSB599grvxwYcrDVSb PP/uDhzxfbU5Gyqg5ntXRiqzj8eLWaonXTil0BB1IMvcqlMF3y+R+Z1nMqbp8Tor eRecYUKJ+Ybh/reM5pX8YkWCa5m80zL0sXPN8L6cJWkS3Ux0zJG7hi/2awIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG16HIaRlq35C/SU8frQcmuxcm1nMB8GA1UdIwQY MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct Yjg0YzQxM2RmYWE0LzEvYlhvY2hwR1dyZmtMOUpUeC10QnlhN0Z5YldjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0 LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQAPiAgAwQC UVU0MAwDBAVRVWADBABRVWQDBARRVaADBAVZFaADBAPVu4ADBADVu4sDBALVu5gw DQQCAAIwBwMFACoADfgwDQYJKoZIhvcNAQELBQADggEBADgMrki66N3SZifgckzm Rwpq46tR738TeIr8Jv2LOg54qZiNOe82BekwEdkJvDhAYr7FokICFMaysjXyOJp4 yX3AEtDVvP7IMUOTKR0eR0ot3BAcgnZf6sPTP4pk7p48bBRnrDO5zaLuxv1N+ifG 2/3PS6ieCkYrnxCFHgN37l3YkU/jPlH1lTPYb4ffMoAEBIcsX6t2/XdMcVDGA9GX LdK62Cl/RCpaJnCGRZzE+WuoHdthQtIZonIWC7uFrn+gFFI2RzVm4Pbb86VeBS8w 5oAbr/QiWAvYotPqIanzFdRxQ8Nkrx13Psrh8R7MJXV8MBEIeAic6RTLb0aO0p3f 50Y= -----END CERTIFICATE-----Generated at Sat Dec 6 16:34:54 2025 by rpki-client