This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/et3srQscJDAkQCjPXkww4SZ8uao.roa File: et3srQscJDAkQCjPXkww4SZ8uao.roa (raw, json) Hash identifier: POnU+c1iT5dt+MRfECmBlHFKcYFs0h6C31m71g48i80= Subject key identifier: 7A:DD:EC:AD:0B:1C:24:30:24:40:28:CF:5E:4C:30:E1:26:7C:B9:AA Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B12CFD8536D2D8E82C767411BF610AEAF Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/et3srQscJDAkQCjPXkww4SZ8uao.roa Signing time: Fri 12 Dec 2025 13:46:09 +0000 ROA not before: Fri 12 Dec 2025 13:46:09 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 396362 IP address blocks: 152.163.40.0/22 maxlen: 22 152.163.68.0/22 maxlen: 22 152.163.92.0/22 maxlen: 22 152.163.144.0/22 maxlen: 22 152.163.168.0/22 maxlen: 22 152.163.196.0/22 maxlen: 22 152.163.220.0/22 maxlen: 22 152.163.244.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 03:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:cf:d8:53:6d:2d:8e:82:c7:67:41:1b:f6:10:ae:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Dec 12 13:46:09 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7addecad0b1c2430244028cf5e4c30e1267cb9aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:26:86:b1:e8:fe:85:e4:6a:ea:af:df:a1:fa: cd:4a:a4:3c:84:4c:e1:80:b2:43:84:8e:49:b8:6f: cd:55:cb:14:70:25:26:bf:83:f4:0e:b6:d9:ee:4f: ff:4f:c2:7b:7b:1f:78:68:d3:69:b4:fc:4e:03:9f: c8:f2:a4:df:95:53:6e:e2:02:32:ba:ab:cc:e9:75: bf:8a:ff:06:b4:f5:9d:63:02:92:0e:62:50:f8:ce: 3a:99:6c:ed:4e:75:6a:10:91:2e:86:88:45:cc:d6: 96:50:18:72:c3:3b:82:30:38:6a:c0:f2:0b:0d:aa: 8e:f4:8e:5d:d5:1e:f9:6a:78:17:df:73:d3:53:2a: dc:cd:bf:86:7d:b0:b1:4a:d5:6a:b0:de:a6:d2:c8: 4e:49:71:11:38:94:22:79:13:30:6f:b9:16:e9:7a: ba:6a:a8:2b:87:56:7b:21:a5:b2:e9:bb:e9:08:ea: a0:a3:85:3d:53:24:ea:fb:7e:29:88:6f:7b:8c:60: 58:f8:21:c1:97:28:85:55:e9:86:ba:12:b7:8f:37: 40:83:1e:df:d9:1f:c7:f5:0c:20:25:9d:1c:fa:14: ae:0c:4b:7a:2d:75:6a:05:03:1d:15:40:f6:5d:4a: 87:5c:88:d6:02:88:31:9f:46:7c:4f:a7:cd:fb:e4: 21:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:DD:EC:AD:0B:1C:24:30:24:40:28:CF:5E:4C:30:E1:26:7C:B9:AA X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/et3srQscJDAkQCjPXkww4SZ8uao.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.163.40.0/22 152.163.68.0/22 152.163.92.0/22 152.163.144.0/22 152.163.168.0/22 152.163.196.0/22 152.163.220.0/22 152.163.244.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:18:26:95:95:d2:81:5c:fe:ef:b8:ac:f2:d4:1b:20:15:00: 94:7b:19:be:6d:55:fd:38:e8:f2:2b:4e:be:21:bc:10:8f:17: 01:c4:8a:a8:29:3b:9e:19:f5:16:6e:fa:52:e0:9b:13:c3:3f: f9:fc:f1:ea:0c:a6:c7:51:3f:45:29:70:fb:ab:9b:6b:07:f4: 70:43:ec:27:a0:90:d7:01:4f:1d:19:93:00:c6:c4:bb:03:32: 2c:26:2b:47:bd:61:9f:db:ef:ed:2e:9e:81:c0:f4:4f:87:53: 0e:63:da:20:ca:1a:97:31:01:8f:7b:bc:f3:f8:6b:2d:c4:1b: d0:9a:34:44:b6:c1:84:cf:e6:7d:96:5e:af:35:8f:77:76:3c: b8:a0:8e:20:ec:8c:3a:f0:81:c9:1b:c2:34:20:95:ed:92:a3: 65:b4:05:2d:4f:9f:b2:2a:c4:2f:af:b9:4e:6b:5a:cd:79:21: c5:92:fc:1d:5a:e3:24:bf:27:97:ec:22:a4:92:e1:5d:cc:7a: 19:e7:0d:c6:63:20:99:19:09:ca:fc:df:ce:73:ad:7a:f2:d9: 74:f2:ee:19:14:70:85:f8:e5:65:61:c0:e4:9a:28:09:3b:f0: 3a:cc:fc:db:f3:80:4a:0c:a7:26:52:2b:07:6d:35:70:1d:1b: fe:c9:33:61 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZsSz9hTbS2OgsdnQRv2EK6vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUxMjEyMTM0NjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YWRkZWNhZDBiMWMyNDMwMjQ0MDI4Y2Y1ZTRjMzBlMTI2N2NiOWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSaGsej+heRq6q/fofrNSqQ8hEzh gLJDhI5JuG/NVcsUcCUmv4P0DrbZ7k//T8J7ex94aNNptPxOA5/I8qTflVNu4gIy uqvM6XW/iv8GtPWdYwKSDmJQ+M46mWztTnVqEJEuhohFzNaWUBhywzuCMDhqwPIL DaqO9I5d1R75angX33PTUyrczb+GfbCxStVqsN6m0shOSXEROJQieRMwb7kW6Xq6 aqgrh1Z7IaWy6bvpCOqgo4U9UyTq+34piG97jGBY+CHBlyiFVemGuhK3jzdAgx7f 2R/H9QwgJZ0c+hSuDEt6LXVqBQMdFUD2XUqHXIjWAogxn0Z8T6fN++QhyQIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFHrd7K0LHCQwJEAoz15MMOEmfLmqMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvZXQzc3JRc2NKREFrUUNqUFhrd3c0U1o4dWFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCmKMoAwQC mKNEAwQCmKNcAwQCmKOQAwQCmKOoAwQCmKPEAwQCmKPcAwQCmKP0MA0GCSqGSIb3 DQEBCwUAA4IBAQBOGCaVldKBXP7vuKzy1BsgFQCUexm+bVX9OOjyK06+IbwQjxcB xIqoKTueGfUWbvpS4JsTwz/5/PHqDKbHUT9FKXD7q5trB/RwQ+wnoJDXAU8dGZMA xsS7AzIsJitHvWGf2+/tLp6BwPRPh1MOY9ogyhqXMQGPe7zz+GstxBvQmjREtsGE z+Z9ll6vNY93djy4oI4g7Iw68IHJG8I0IJXtkqNltAUtT5+yKsQvr7lOa1rNeSHF kvwdWuMkvyeX7CKkkuFdzHoZ5w3GYyCZGQnK/N/Oc6168tl08u4ZFHCF+OVlYcDk migJO/A6zPzb84BKDKcmUisHbTVwHRv+yTNh -----END CERTIFICATE-----Generated at Sat Dec 20 11:46:50 2025 by rpki-client