This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/7LQsU_KV_tIcLIU7dA9rtZKLMTM.roa File: 7LQsU_KV_tIcLIU7dA9rtZKLMTM.roa (raw, json) Hash identifier: xrcsphxK2D1Xb5MVHaZbEUvUpb1Tm02Ld1ztT+1vkjw= Subject key identifier: EC:B4:2C:53:F2:95:FE:D2:1C:2C:85:3B:74:0F:6B:B5:92:8B:31:33 Certificate issuer: /CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae Certificate serial: 019B366FCE3461F0CE56F8E1FEACBF217496 Authority key identifier: 72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/7LQsU_KV_tIcLIU7dA9rtZKLMTM.roa Signing time: Fri 19 Dec 2025 11:47:35 +0000 ROA not before: Fri 19 Dec 2025 11:47:35 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 43458 IP address blocks: 185.17.248.0/24 maxlen: 24 213.159.136.0/24 maxlen: 24 213.159.137.0/24 maxlen: 24 213.159.138.0/24 maxlen: 24 213.159.140.0/24 maxlen: 24 2a0a:d7c0:724::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.mft rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 11:47:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:6f:ce:34:61:f0:ce:56:f8:e1:fe:ac:bf:21:74:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae Validity Not Before: Dec 19 11:47:35 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ecb42c53f295fed21c2c853b740f6bb5928b3133 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:68:3b:76:30:4b:a2:4f:c9:a7:22:4e:24:ff: 68:86:56:d5:c5:47:a2:9c:2c:99:9d:b0:67:b5:f8: 52:d0:c4:40:2a:49:3a:b3:0a:c2:b0:97:1e:03:2a: 99:4b:e6:76:65:ea:69:91:6f:22:e3:75:7f:db:fb: 5a:95:a7:90:a0:70:2e:2e:ae:20:ef:09:eb:1c:86: a2:bc:5f:ec:a2:9c:1a:cd:17:8e:04:c6:ce:cd:02: e7:a9:c3:cb:33:c5:e8:93:fe:8b:c1:23:7c:2b:52: b0:03:e4:64:10:9b:f2:9a:af:54:e5:8b:d9:13:bc: b8:89:90:27:bb:14:2c:d4:e5:04:8e:4d:59:ff:a1: 83:2e:16:86:4f:4b:40:ad:01:bc:39:67:d3:7b:d7: 03:52:3b:c4:e1:a0:db:10:ae:85:d5:d8:50:eb:84: 1e:51:69:c4:f8:3b:7a:d0:16:78:fd:d9:ed:aa:9c: 08:fc:57:31:ec:23:9f:d6:80:e4:b8:2a:9e:8b:75: 36:fc:31:49:93:54:e5:e7:61:a3:5b:7a:c2:3e:49: f7:d1:4a:20:ac:17:9c:82:f3:9c:47:d4:19:44:03: d1:79:e5:7f:43:c8:0d:0d:20:c7:40:ba:a8:c7:02: a1:91:2e:e4:ea:2e:20:4f:ad:42:a6:24:d2:83:37: 05:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:B4:2C:53:F2:95:FE:D2:1C:2C:85:3B:74:0F:6B:B5:92:8B:31:33 X509v3 Authority Key Identifier: keyid:72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/7LQsU_KV_tIcLIU7dA9rtZKLMTM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.17.248.0/24 213.159.136.0-213.159.138.255 213.159.140.0/24 IPv6: 2a0a:d7c0:724::/48 Signature Algorithm: sha256WithRSAEncryption 96:7b:e1:3f:51:51:eb:c8:51:35:e2:8d:e6:93:64:d4:2d:89: 36:94:8a:e1:86:19:c2:f1:d4:06:fd:8b:9a:f1:b1:96:4b:1d: ba:75:d4:a3:64:57:10:36:bf:49:69:f6:29:f3:a7:0b:28:a7: 5c:ca:c5:72:67:d5:9c:db:79:3e:0d:b6:cb:73:8a:f9:1b:d8: d3:70:6a:cc:d1:4f:a0:72:09:10:45:63:f7:9f:64:bb:11:d2: 33:23:a2:f3:01:8b:12:28:ed:9d:ae:92:36:34:70:de:50:12: a0:8d:be:e6:0b:f4:87:38:b9:f5:c3:22:78:a3:61:83:b3:d1: 57:d5:63:cf:2b:6c:73:ca:b0:23:f2:3b:b0:66:b3:37:a1:96: 09:18:72:7e:e2:57:d9:8d:89:e7:11:52:f4:40:0d:ed:66:16: 92:0a:5b:76:88:33:05:f9:25:9f:b8:44:bb:c0:3b:da:3b:cb: cd:76:34:04:ce:f6:c8:df:a3:b4:a7:47:7b:04:05:07:ea:88: 26:f4:c6:60:75:8d:0b:53:d9:e6:71:c9:65:bc:50:48:fe:2c: 25:0a:44:ef:b3:82:e5:c0:54:d3:e8:66:5b:a1:3d:e6:d4:eb: 63:57:bc:ff:c8:91:ac:3b:2e:3f:68:57:ad:4f:4c:16:a4:97: 85:8b:a7:81 -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgISAZs2b840YfDOVvjh/qy/IXSWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYmJkMmZhMTgzMTk2MzllMjVmZmJmNGJkYmZhMDA4NjYw MTU4YWUwHhcNMjUxMjE5MTE0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlY2I0MmM1M2YyOTVmZWQyMWMyYzg1M2I3NDBmNmJiNTkyOGIzMTMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Gg7djBLok/JpyJOJP9ohlbVxUei nCyZnbBntfhS0MRAKkk6swrCsJceAyqZS+Z2ZeppkW8i43V/2/talaeQoHAuLq4g 7wnrHIaivF/sopwazReOBMbOzQLnqcPLM8Xok/6LwSN8K1KwA+RkEJvymq9U5YvZ E7y4iZAnuxQs1OUEjk1Z/6GDLhaGT0tArQG8OWfTe9cDUjvE4aDbEK6F1dhQ64Qe UWnE+Dt60BZ4/dntqpwI/Fcx7COf1oDkuCqei3U2/DFJk1Tl52GjW3rCPkn30Uog rBecgvOcR9QZRAPReeV/Q8gNDSDHQLqoxwKhkS7k6i4gT61CpiTSgzcFVQIDAQAB o4ICLjCCAiowHQYDVR0OBBYEFOy0LFPylf7SHCyFO3QPa7WSizEzMB8GA1UdIwQY MBaAFHK70voYMZY54l/79L2/oAhmAViuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgt MGFmMmU1NDE2NDZjLzEvN0xRc1VfS1ZfdEljTElVN2RBOXJ0WktMTVRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgtMGFmMmU1NDE2NDZj LzEvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAuRH4MAwD BAPVn4gDBADVn4oDBADVn4wwDwQCAAIwCQMHACoK18AHJDANBgkqhkiG9w0BAQsF AAOCAQEAlnvhP1FR68hRNeKN5pNk1C2JNpSK4YYZwvHUBv2LmvGxlksdunXUo2RX EDa/SWn2KfOnCyinXMrFcmfVnNt5Pg22y3OK+RvY03BqzNFPoHIJEEVj959kuxHS MyOi8wGLEijtna6SNjRw3lASoI2+5gv0hzi59cMieKNhg7PRV9Vjzytsc8qwI/I7 sGazN6GWCRhyfuJX2Y2J5xFS9EAN7WYWkgpbdogzBfkln7hEu8A72jvLzXY0BM72 yN+jtKdHewQFB+qIJvTGYHWNC1PZ5nHJZbxQSP4sJQpE77OC5cBU0+hmW6E95tTr Y1e8/8iRrDsuP2hXrU9MFqSXhYungQ== -----END CERTIFICATE-----Generated at Fri Dec 19 17:35:33 2025 by rpki-client