This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/rzoonpOYqtsXYM-mJZQxop7dil0.roa File: rzoonpOYqtsXYM-mJZQxop7dil0.roa (raw, json) Hash identifier: lIbVSUnM1Xd7KDGyRHuuckLocOUOG7DGlx7Gw/KOsHE= Subject key identifier: AF:3A:28:9E:93:98:AA:DB:17:60:CF:A6:25:94:31:A2:9E:DD:8A:5D Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B22776B0AB95BB94984EEDA256EB21F1C Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/rzoonpOYqtsXYM-mJZQxop7dil0.roa Signing time: Mon 15 Dec 2025 14:43:30 +0000 ROA not before: Mon 15 Dec 2025 14:43:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 7203 IP address blocks: 152.163.8.0/22 maxlen: 22 152.163.28.0/22 maxlen: 22 152.163.52.0/22 maxlen: 22 152.163.128.0/22 maxlen: 22 152.163.156.0/22 maxlen: 22 152.163.180.0/22 maxlen: 22 152.163.204.0/22 maxlen: 22 152.163.232.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:77:6b:0a:b9:5b:b9:49:84:ee:da:25:6e:b2:1f:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Dec 15 14:43:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=af3a289e9398aadb1760cfa6259431a29edd8a5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d3:96:ad:21:f0:9f:a3:84:f5:ac:29:ca:a4: 70:4b:c3:e6:36:40:ed:a7:af:d7:20:4c:1a:6d:87: d6:99:47:3d:1c:9c:41:3e:6e:1d:ec:a9:3a:a1:85: 3d:7c:c6:52:00:3b:b8:49:35:a1:5c:9e:e3:e1:7d: ef:ae:df:7d:f4:1b:a2:eb:28:c2:68:09:89:51:ae: 3c:39:41:18:7d:e6:81:0d:5d:6c:90:b2:cc:2c:3a: 42:bf:25:bb:7f:44:5c:54:3d:f3:c5:93:64:da:8d: fb:4a:58:8e:76:72:96:c6:29:26:63:59:c2:68:99: 5b:72:c4:78:c9:85:82:7b:20:5d:1e:25:77:7e:75: cc:8a:7b:66:ec:a5:90:91:09:56:10:6a:fe:05:b4: 58:bf:01:8b:8f:bd:e4:94:c6:53:62:07:8e:20:9d: 0e:35:85:a7:0b:b5:12:83:c0:68:f4:a4:62:6f:a0: 19:8b:f3:b2:fd:75:6e:6c:31:9c:c7:af:a6:e9:bc: 1a:e9:94:f0:e0:e0:9d:3a:9a:44:a3:a6:57:52:f1: f7:e2:ea:b0:fb:74:24:02:3d:6d:b0:1d:85:a7:25: 65:c9:8f:04:d6:ac:21:ba:f0:13:7c:66:5b:0b:a9: 98:d1:85:12:f9:06:c7:bd:ac:59:62:44:97:6d:40: 27:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:3A:28:9E:93:98:AA:DB:17:60:CF:A6:25:94:31:A2:9E:DD:8A:5D X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/rzoonpOYqtsXYM-mJZQxop7dil0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.163.8.0/22 152.163.28.0/22 152.163.52.0/22 152.163.128.0/22 152.163.156.0/22 152.163.180.0/22 152.163.204.0/22 152.163.232.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:ef:41:b8:1a:55:b7:0e:90:86:b8:55:20:3e:93:b3:55:ae: 59:09:ae:41:c0:c4:de:70:66:86:81:08:ae:56:e1:68:48:12: cc:0e:6e:94:4b:e2:16:af:c1:4f:bf:42:a6:20:7f:64:e1:68: a4:d0:c6:5e:0c:fe:2e:b2:b7:23:9b:16:c8:da:8f:8e:ba:1f: 21:18:07:86:67:5a:94:10:63:c0:4b:e3:58:3d:33:f2:0a:0e: 0f:41:71:00:aa:49:ee:cc:d2:c9:ef:ce:7d:9a:28:a1:62:cc: 55:d6:88:c9:fc:68:55:2c:09:c7:9a:aa:52:32:0e:3a:d9:3a: 0b:a6:7b:ec:0b:d5:93:e5:29:ad:df:8d:24:17:21:e1:af:fd: a7:37:07:98:13:12:cf:fe:07:2c:95:86:d8:5b:db:7c:06:5e: 30:1f:0c:57:c7:42:71:73:63:33:62:0b:74:27:8b:3c:57:0d: ba:e0:b0:0c:fd:fa:cb:9d:1c:47:b6:8f:ec:c2:f6:92:38:bd: b6:52:7b:bf:e7:30:39:82:6e:e9:78:e8:e5:f2:36:9e:e2:df: 1f:d8:72:d8:54:46:92:23:ec:d6:d9:d4:13:e2:c1:9d:00:ac: 80:a0:44:f0:d8:ed:45:2d:e2:37:ae:c3:c1:e4:af:9a:9f:fc: 69:45:ef:41 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZsid2sKuVu5SYTu2iVush8cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjUxMjE1MTQ0MzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjNhMjg5ZTkzOThhYWRiMTc2MGNmYTYyNTk0MzFhMjllZGQ4YTVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytOWrSHwn6OE9awpyqRwS8PmNkDt p6/XIEwabYfWmUc9HJxBPm4d7Kk6oYU9fMZSADu4STWhXJ7j4X3vrt999Bui6yjC aAmJUa48OUEYfeaBDV1skLLMLDpCvyW7f0RcVD3zxZNk2o37SliOdnKWxikmY1nC aJlbcsR4yYWCeyBdHiV3fnXMintm7KWQkQlWEGr+BbRYvwGLj73klMZTYgeOIJ0O NYWnC7USg8Bo9KRib6AZi/Oy/XVubDGcx6+m6bwa6ZTw4OCdOppEo6ZXUvH34uqw +3QkAj1tsB2FpyVlyY8E1qwhuvATfGZbC6mY0YUS+QbHvaxZYkSXbUAn9wIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFK86KJ6TmKrbF2DPpiWUMaKe3YpdMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvcnpvb25wT1lxdHNYWU0tbUpaUXhvcDdkaWwwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCmKMIAwQC mKMcAwQCmKM0AwQCmKOAAwQCmKOcAwQCmKO0AwQCmKPMAwQCmKPoMA0GCSqGSIb3 DQEBCwUAA4IBAQAO70G4GlW3DpCGuFUgPpOzVa5ZCa5BwMTecGaGgQiuVuFoSBLM Dm6US+IWr8FPv0KmIH9k4Wik0MZeDP4usrcjmxbI2o+Ouh8hGAeGZ1qUEGPAS+NY PTPyCg4PQXEAqknuzNLJ7859miihYsxV1ojJ/GhVLAnHmqpSMg462ToLpnvsC9WT 5Smt340kFyHhr/2nNweYExLP/gcslYbYW9t8Bl4wHwxXx0Jxc2MzYgt0J4s8Vw26 4LAM/frLnRxHto/swvaSOL22Unu/5zA5gm7peOjl8jae4t8f2HLYVEaSI+zW2dQT 4sGdAKyAoETw2O1FLeI3rsPB5K+an/xpRe9B -----END CERTIFICATE-----Generated at Sat Dec 20 01:10:34 2025 by rpki-client