This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/esdPy3rm8msbFZlHJQBbuaedskU.roa File: esdPy3rm8msbFZlHJQBbuaedskU.roa (raw, json) Hash identifier: cVAbBucCtvsTEhKDd0tw+3bzht++bMkFBH6itODZsNY= Subject key identifier: 7A:C7:4F:CB:7A:E6:F2:6B:1B:15:99:47:25:00:5B:B9:A7:9D:B2:45 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B12DFB793DAC0D2D41B3C85DEC5DB451F Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/esdPy3rm8msbFZlHJQBbuaedskU.roa Signing time: Fri 12 Dec 2025 14:03:29 +0000 ROA not before: Fri 12 Dec 2025 14:03:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 27411 IP address blocks: 152.163.24.0/22 maxlen: 22 152.163.36.0/22 maxlen: 22 152.163.60.0/22 maxlen: 22 152.163.84.0/22 maxlen: 22 152.163.136.0/22 maxlen: 22 152.163.160.0/22 maxlen: 22 152.163.188.0/22 maxlen: 22 152.163.212.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 03:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:df:b7:93:da:c0:d2:d4:1b:3c:85:de:c5:db:45:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Dec 12 14:03:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7ac74fcb7ae6f26b1b15994725005bb9a79db245 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:bf:70:e1:b0:cd:1a:4f:e8:a5:10:2f:70:9e: a8:b9:21:aa:b1:78:7a:8e:57:8f:6f:20:8c:07:56: 8c:9d:e2:ce:d1:1c:bf:ae:9e:31:86:28:a2:a0:de: a5:34:3c:0f:7f:3c:65:b5:53:dc:11:29:55:92:30: d9:22:23:18:7b:b5:7a:8e:c2:94:12:45:29:95:90: 35:2c:f2:44:9a:f1:f6:77:8f:21:73:cc:51:89:68: 50:22:22:46:4d:7d:34:c0:35:85:01:84:58:fc:26: d1:d0:ee:14:6a:b3:e5:3f:8a:20:8c:b8:aa:91:4a: 54:3e:e6:9c:c8:05:e3:e2:03:70:50:df:0c:02:82: 0c:f4:8c:b0:6b:42:a5:3a:f8:c5:54:72:09:b5:84: dc:ec:f9:8b:26:42:d3:6a:09:94:f5:11:d8:dd:7f: ba:26:ee:19:95:35:72:e7:eb:e1:7d:60:f6:ff:b3: af:8b:18:f0:7f:3c:d1:bb:fb:70:77:04:40:0e:60: be:d6:b5:3e:55:e0:16:1b:6f:2f:c9:11:a1:fb:95: 12:c8:30:6e:ee:14:33:51:b8:e3:c2:b6:b7:14:8d: 00:a5:c7:06:84:f1:6e:d1:c9:4c:9d:7b:00:f6:26: f3:9b:08:8a:36:ce:34:aa:50:83:4a:8c:01:ce:32: df:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:C7:4F:CB:7A:E6:F2:6B:1B:15:99:47:25:00:5B:B9:A7:9D:B2:45 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/esdPy3rm8msbFZlHJQBbuaedskU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.163.24.0/22 152.163.36.0/22 152.163.60.0/22 152.163.84.0/22 152.163.136.0/22 152.163.160.0/22 152.163.188.0/22 152.163.212.0/22 Signature Algorithm: sha256WithRSAEncryption 14:79:1b:3c:b9:e9:d1:54:6a:db:40:e3:a1:83:6a:33:bd:ff: 89:4c:87:31:90:2d:46:d3:2d:1b:58:3f:3e:a8:80:d0:4d:79: d7:65:83:63:bc:36:53:47:a9:cd:62:a4:bd:5a:24:44:22:41: 9c:58:47:06:c0:48:09:f7:ca:1a:d0:5b:10:f2:a0:68:e8:4f: 48:0b:c7:b2:e4:a9:63:bb:52:1d:d6:80:66:a1:a8:0e:60:06: a5:8c:f0:6c:31:b2:7a:92:d2:fc:0a:f2:e8:42:6b:bb:c7:d5: c2:e9:c5:6f:46:bc:db:44:a1:08:04:66:8e:80:70:af:c0:24: 70:90:3b:ac:8f:3b:54:cd:76:c8:11:1e:34:38:59:a1:bc:07: a0:6c:b3:0e:0c:ea:2a:42:d3:e2:a9:2c:89:1c:d2:71:4a:8f: 00:91:0c:d0:d7:e6:ad:0a:1d:6a:f6:de:cf:f5:7c:6d:e9:e7: 94:49:bc:dd:b8:37:27:ae:64:17:f4:e8:44:8b:aa:84:fd:d6: a6:89:66:60:ab:42:36:24:3e:09:d3:9a:ef:82:18:61:7c:8d: c4:c5:73:f6:29:26:8d:f7:58:af:60:b5:ea:99:0c:ed:9b:12: 10:38:62:b1:46:91:9b:fb:8f:00:2b:e8:84:db:79:c4:60:e1: af:e6:09:6f -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZsS37eT2sDS1Bs8hd7F20UfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUxMjEyMTQwMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YWM3NGZjYjdhZTZmMjZiMWIxNTk5NDcyNTAwNWJiOWE3OWRiMjQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL9w4bDNGk/opRAvcJ6ouSGqsXh6 jlePbyCMB1aMneLO0Ry/rp4xhiiioN6lNDwPfzxltVPcESlVkjDZIiMYe7V6jsKU EkUplZA1LPJEmvH2d48hc8xRiWhQIiJGTX00wDWFAYRY/CbR0O4UarPlP4ogjLiq kUpUPuacyAXj4gNwUN8MAoIM9Iywa0KlOvjFVHIJtYTc7PmLJkLTagmU9RHY3X+6 Ju4ZlTVy5+vhfWD2/7OvixjwfzzRu/twdwRADmC+1rU+VeAWG28vyRGh+5USyDBu 7hQzUbjjwra3FI0ApccGhPFu0clMnXsA9ibzmwiKNs40qlCDSowBzjLfkQIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFHrHT8t65vJrGxWZRyUAW7mnnbJFMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvZXNkUHkzcm04bXNiRlpsSEpRQmJ1YWVkc2tVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCmKMYAwQC mKMkAwQCmKM8AwQCmKNUAwQCmKOIAwQCmKOgAwQCmKO8AwQCmKPUMA0GCSqGSIb3 DQEBCwUAA4IBAQAUeRs8uenRVGrbQOOhg2ozvf+JTIcxkC1G0y0bWD8+qIDQTXnX ZYNjvDZTR6nNYqS9WiREIkGcWEcGwEgJ98oa0FsQ8qBo6E9IC8ey5Klju1Id1oBm oagOYAaljPBsMbJ6ktL8CvLoQmu7x9XC6cVvRrzbRKEIBGaOgHCvwCRwkDusjztU zXbIER40OFmhvAegbLMODOoqQtPiqSyJHNJxSo8AkQzQ1+atCh1q9t7P9Xxt6eeU SbzduDcnrmQX9OhEi6qE/damiWZgq0I2JD4J05rvghhhfI3ExXP2KSaN91ivYLXq mQztmxIQOGKxRpGb+48AK+iE23nEYOGv5glv -----END CERTIFICATE-----Generated at Sat Dec 20 11:47:25 2025 by rpki-client