This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/3abc74-a84f-4c6c-af0d-70c589dd2171/1/Zdpdfd3DNV2iwzW9YILlmzVL6v8.roa File: Zdpdfd3DNV2iwzW9YILlmzVL6v8.roa (raw, json) Hash identifier: 7ArMiFQWoDHYKGK+iJ3R0PJ5aN9xvw/KJGHrKJrBVTE= Subject key identifier: 65:DA:5D:7D:DD:C3:35:5D:A2:C3:35:BD:60:82:E5:9B:35:4B:EA:FF Certificate issuer: /CN=0f9fc011b5e8863bcf3bb72ad7695d319742b844 Certificate serial: 019B4B1C619C4D1CEF26A518CFBFDD991553 Authority key identifier: 0F:9F:C0:11:B5:E8:86:3B:CF:3B:B7:2A:D7:69:5D:31:97:42:B8:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5_AEbXohjvPO7cq12ldMZdCuEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/3abc74-a84f-4c6c-af0d-70c589dd2171/1/Zdpdfd3DNV2iwzW9YILlmzVL6v8.roa Signing time: Tue 23 Dec 2025 12:08:29 +0000 ROA not before: Tue 23 Dec 2025 12:08:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211535 IP address blocks: 148.222.248.0/22 maxlen: 22 148.222.248.0/24 maxlen: 24 148.222.249.0/24 maxlen: 24 2a14:8400::/32 maxlen: 32 2a14:8400:3e8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/3abc74-a84f-4c6c-af0d-70c589dd2171/1/D5_AEbXohjvPO7cq12ldMZdCuEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/3abc74-a84f-4c6c-af0d-70c589dd2171/1/D5_AEbXohjvPO7cq12ldMZdCuEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/D5_AEbXohjvPO7cq12ldMZdCuEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 12:08:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:1c:61:9c:4d:1c:ef:26:a5:18:cf:bf:dd:99:15:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f9fc011b5e8863bcf3bb72ad7695d319742b844 Validity Not Before: Dec 23 12:08:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=65da5d7dddc3355da2c335bd6082e59b354beaff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:be:9b:dd:4f:5f:28:3e:b5:d2:26:8d:19:ad: 30:b1:7e:70:ec:a4:10:a2:53:c3:f9:72:d8:49:b8: 15:50:31:fd:bb:d3:20:4e:e4:d8:94:43:88:ef:66: 48:b2:cf:b3:55:95:10:94:d8:32:03:e9:0d:8a:74: 38:8f:90:d2:80:ea:e5:6c:a8:1e:06:e8:7c:4f:49: b8:24:e4:91:2f:8f:7d:37:e8:3e:b6:8d:f3:40:97: a1:45:2c:26:67:38:40:3f:1b:2f:cb:82:d4:d5:65: 6a:c7:a4:56:43:0d:90:dd:2a:53:20:18:89:10:38: f7:86:8c:06:52:ab:b6:28:39:ed:11:4f:01:b6:db: 31:1b:97:91:45:22:d7:34:ad:44:2f:c8:2e:93:f6: 35:ff:1d:d3:4c:cb:5e:84:ff:9c:c5:cd:50:f9:70: b8:5c:c3:a3:f5:7a:83:1f:eb:8f:9e:04:00:3a:2d: 89:43:6a:d6:18:97:b9:48:ee:2f:a5:b8:01:27:b0: 57:76:d6:ae:c8:f8:29:fd:57:aa:8c:60:37:67:94: 28:f6:9d:cc:13:ab:b7:18:e4:55:ec:7e:00:e6:44: a7:65:4a:20:7f:37:e4:bf:25:a9:c2:43:50:1c:f8: 56:96:84:99:ce:79:ea:fc:79:ec:4b:22:c5:8c:ce: 3f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:DA:5D:7D:DD:C3:35:5D:A2:C3:35:BD:60:82:E5:9B:35:4B:EA:FF X509v3 Authority Key Identifier: keyid:0F:9F:C0:11:B5:E8:86:3B:CF:3B:B7:2A:D7:69:5D:31:97:42:B8:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5_AEbXohjvPO7cq12ldMZdCuEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3abc74-a84f-4c6c-af0d-70c589dd2171/1/Zdpdfd3DNV2iwzW9YILlmzVL6v8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3abc74-a84f-4c6c-af0d-70c589dd2171/1/D5_AEbXohjvPO7cq12ldMZdCuEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 148.222.248.0/22 IPv6: 2a14:8400::/32 Signature Algorithm: sha256WithRSAEncryption 46:20:58:01:f7:da:15:5f:3f:32:0c:c3:77:28:97:2c:63:9f: 84:f7:ef:8c:47:95:50:a9:15:47:36:39:5f:b0:59:28:90:25: c8:60:49:a8:1e:67:83:17:5f:23:b7:fb:0a:28:fa:5b:96:25: 2d:50:6c:88:bb:0e:86:1c:f5:94:d0:d9:8c:9b:42:49:f8:8f: f1:d8:95:17:ee:ea:1c:cf:f8:dd:64:04:2d:50:d2:20:5d:7d: 5d:4f:cb:c0:53:b5:ff:7d:00:e8:98:be:1b:e1:2a:55:0d:c0: 3c:3d:c8:33:a0:c2:8d:0c:10:86:36:85:38:ce:ba:9a:37:9c: 57:16:c4:77:1e:96:49:d5:bf:b8:e5:d9:51:88:57:78:ac:2e: df:bd:c1:92:33:4f:18:b5:55:60:1d:c1:cb:d8:40:f6:da:af: f7:55:0d:5a:3d:2e:17:67:af:be:d8:c8:1c:88:b0:f1:94:32: 23:1b:f2:f5:a4:d5:51:56:b6:57:a4:1a:e7:b2:5e:93:14:bd: 4a:d0:c9:29:41:36:7e:38:bd:37:7b:fa:2f:a0:50:f0:f2:ab: c1:ff:0d:7e:4f:df:32:d6:c5:da:50:94:94:71:ec:33:64:14: 81:b3:b2:66:8a:a4:f1:9a:f8:e9:b3:dc:d2:df:37:2c:05:7d: 69:59:a9:52 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZtLHGGcTRzvJqUYz7/dmRVTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmOWZjMDExYjVlODg2M2JjZjNiYjcyYWQ3Njk1ZDMxOTc0 MmI4NDQwHhcNMjUxMjIzMTIwODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NWRhNWQ3ZGRkYzMzNTVkYTJjMzM1YmQ2MDgyZTU5YjM1NGJlYWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr6b3U9fKD610iaNGa0wsX5w7KQQ olPD+XLYSbgVUDH9u9MgTuTYlEOI72ZIss+zVZUQlNgyA+kNinQ4j5DSgOrlbKge Buh8T0m4JOSRL499N+g+to3zQJehRSwmZzhAPxsvy4LU1WVqx6RWQw2Q3SpTIBiJ EDj3howGUqu2KDntEU8BttsxG5eRRSLXNK1EL8guk/Y1/x3TTMtehP+cxc1Q+XC4 XMOj9XqDH+uPngQAOi2JQ2rWGJe5SO4vpbgBJ7BXdtauyPgp/VeqjGA3Z5Qo9p3M E6u3GORV7H4A5kSnZUogfzfkvyWpwkNQHPhWloSZznnq/HnsSyLFjM4/SwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGXaXX3dwzVdosM1vWCC5Zs1S+r/MB8GA1UdIwQY MBaAFA+fwBG16IY7zzu3KtdpXTGXQrhEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDVfQUViWG9oanZQTzdjcTEybGRNWmRDdUVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zYWJjNzQtYTg0Zi00YzZjLWFmMGQt NzBjNTg5ZGQyMTcxLzEvWmRwZGZkM0ROVjJpd3pXOVlJTGxtelZMNnY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy8zYWJjNzQtYTg0Zi00YzZjLWFmMGQtNzBjNTg5ZGQyMTcx LzEvRDVfQUViWG9oanZQTzdjcTEybGRNWmRDdUVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQClN74MA0E AgACMAcDBQAqFIQAMA0GCSqGSIb3DQEBCwUAA4IBAQBGIFgB99oVXz8yDMN3KJcs Y5+E9++MR5VQqRVHNjlfsFkokCXIYEmoHmeDF18jt/sKKPpbliUtUGyIuw6GHPWU 0NmMm0JJ+I/x2JUX7uocz/jdZAQtUNIgXX1dT8vAU7X/fQDomL4b4SpVDcA8Pcgz oMKNDBCGNoU4zrqaN5xXFsR3HpZJ1b+45dlRiFd4rC7fvcGSM08YtVVgHcHL2ED2 2q/3VQ1aPS4XZ6++2MgciLDxlDIjG/L1pNVRVrZXpBrnsl6TFL1K0MkpQTZ+OL03 e/ovoFDw8qvB/w1+T98y1sXaUJSUcewzZBSBs7JmiqTxmvjps9zS3zcsBX1pWalS -----END CERTIFICATE-----Generated at Tue Dec 23 19:15:27 2025 by rpki-client