This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/dde351-79a2-43a4-81b9-6c9b48bdbfe5/1/NnZuswOPwOyv5PJYsdYEgFZh--Q.roa File: NnZuswOPwOyv5PJYsdYEgFZh--Q.roa (raw, json) Hash identifier: KmnhZxUDqI+Szjx8oy0l5GC3BvO/tVPZ6HRdpD2ICac= Subject key identifier: 36:76:6E:B3:03:8F:C0:EC:AF:E4:F2:58:B1:D6:04:80:56:61:FB:E4 Certificate issuer: /CN=42d9ec5e228b4af7f03c345bc3967f51d6ff8a09 Certificate serial: 019B224B77AA8A46FE299B9E9D8B5D1C4AA0 Authority key identifier: 42:D9:EC:5E:22:8B:4A:F7:F0:3C:34:5B:C3:96:7F:51:D6:FF:8A:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QtnsXiKLSvfwPDRbw5Z_Udb_igk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/dde351-79a2-43a4-81b9-6c9b48bdbfe5/1/NnZuswOPwOyv5PJYsdYEgFZh--Q.roa Signing time: Mon 15 Dec 2025 13:55:29 +0000 ROA not before: Mon 15 Dec 2025 13:55:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57707 IP address blocks: 171.25.220.0/23 maxlen: 32 171.25.222.0/24 maxlen: 32 2001:678:88c::/48 maxlen: 128 2a11:db80::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/dde351-79a2-43a4-81b9-6c9b48bdbfe5/1/QtnsXiKLSvfwPDRbw5Z_Udb_igk.crl rsync://rpki.ripe.net/repository/DEFAULT/62/dde351-79a2-43a4-81b9-6c9b48bdbfe5/1/QtnsXiKLSvfwPDRbw5Z_Udb_igk.mft rsync://rpki.ripe.net/repository/DEFAULT/QtnsXiKLSvfwPDRbw5Z_Udb_igk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:4b:77:aa:8a:46:fe:29:9b:9e:9d:8b:5d:1c:4a:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42d9ec5e228b4af7f03c345bc3967f51d6ff8a09 Validity Not Before: Dec 15 13:55:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=36766eb3038fc0ecafe4f258b1d604805661fbe4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:7f:74:a7:95:00:71:3e:60:a6:6c:b1:11:b7: 35:43:ff:68:59:dc:00:db:79:66:74:8d:9e:ba:7b: 09:83:c0:c0:fe:df:5a:0f:98:e2:99:f0:65:bf:91: 81:74:83:d4:b9:c3:58:ea:fa:f8:36:4f:f7:d6:fd: 6d:37:35:87:68:b0:49:79:3a:7b:ae:1c:ab:8a:48: 52:02:4c:b9:36:9c:77:f4:99:38:23:3b:89:44:91: 88:61:97:d4:e7:12:15:ea:c1:43:98:7f:b3:15:46: 17:b3:c1:59:11:d2:9a:1f:3e:ce:f1:e3:07:ee:0c: db:34:ca:c6:10:9d:d4:56:ad:4d:8f:de:92:64:01: ae:5f:2f:e3:81:18:12:65:e6:d6:6f:55:ac:36:dd: 75:b9:cf:a7:79:da:75:37:85:1a:2d:31:cb:a8:54: a4:b1:39:38:95:0f:a0:95:64:ea:dd:63:00:d5:5a: b0:f4:20:97:13:31:6b:00:33:38:2c:e7:da:0a:24: 94:1c:2d:6b:50:5b:f8:1f:a9:91:d2:8f:2a:35:75: 45:71:51:3e:e0:36:2d:1e:fa:10:5e:4e:af:81:77: 55:55:da:d9:83:13:f1:60:72:c1:2d:d2:9f:df:ac: 82:3c:33:2a:b5:07:2e:48:4c:ec:38:65:bd:11:0e: 4d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:76:6E:B3:03:8F:C0:EC:AF:E4:F2:58:B1:D6:04:80:56:61:FB:E4 X509v3 Authority Key Identifier: keyid:42:D9:EC:5E:22:8B:4A:F7:F0:3C:34:5B:C3:96:7F:51:D6:FF:8A:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QtnsXiKLSvfwPDRbw5Z_Udb_igk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/dde351-79a2-43a4-81b9-6c9b48bdbfe5/1/NnZuswOPwOyv5PJYsdYEgFZh--Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/dde351-79a2-43a4-81b9-6c9b48bdbfe5/1/QtnsXiKLSvfwPDRbw5Z_Udb_igk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 171.25.220.0-171.25.222.255 IPv6: 2001:678:88c::/48 2a11:db80::/29 Signature Algorithm: sha256WithRSAEncryption 95:4b:c4:a6:9a:35:9a:83:c4:73:63:a7:71:5a:d9:3f:84:dc: 70:cb:fe:18:13:dc:21:26:7c:95:a7:01:0d:7c:9a:a0:c6:50: af:fc:06:ad:50:ae:27:9c:95:29:79:02:2a:8a:97:a7:8d:74: 0c:1d:e9:96:28:aa:85:e9:87:cb:89:60:45:b5:a7:6c:a2:9b: 94:a5:dc:27:60:84:b1:1c:af:93:d0:36:cb:2c:b3:9b:f2:e8: 85:69:07:7c:be:c0:1b:32:34:0b:70:46:05:cb:91:fa:4f:68: 2d:28:39:4c:7b:7c:24:2a:9f:2e:01:fd:8b:72:4c:40:48:4c: 66:58:27:a9:bc:6f:7e:0b:8c:fe:4e:a0:d6:c0:13:8e:16:53: 1a:a8:09:11:ee:45:7e:1e:b2:25:8e:f5:ba:17:55:d6:1f:fc: d9:a7:20:83:af:ab:b9:4d:b3:7a:d8:bf:76:9f:a2:ce:b2:62: 11:8b:25:2b:e0:30:8d:fb:ec:2b:94:0d:f2:e0:fb:7e:05:c5: 82:00:bd:e0:92:c8:41:11:eb:27:b2:e2:f5:01:cc:24:d2:e5: 41:e0:b6:f1:73:73:4f:08:d9:8f:63:55:2b:55:10:19:07:38: ac:a2:2b:d2:9f:32:67:6d:59:14:84:70:26:3b:b3:f5:ba:38: ed:7c:6b:0c -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZsiS3eqikb+KZuenYtdHEqgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyZDllYzVlMjI4YjRhZjdmMDNjMzQ1YmMzOTY3ZjUxZDZm ZjhhMDkwHhcNMjUxMjE1MTM1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNjc2NmViMzAzOGZjMGVjYWZlNGYyNThiMWQ2MDQ4MDU2NjFmYmU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n90p5UAcT5gpmyxEbc1Q/9oWdwA 23lmdI2eunsJg8DA/t9aD5jimfBlv5GBdIPUucNY6vr4Nk/31v1tNzWHaLBJeTp7 rhyrikhSAky5Npx39Jk4IzuJRJGIYZfU5xIV6sFDmH+zFUYXs8FZEdKaHz7O8eMH 7gzbNMrGEJ3UVq1Nj96SZAGuXy/jgRgSZebWb1WsNt11uc+nedp1N4UaLTHLqFSk sTk4lQ+glWTq3WMA1Vqw9CCXEzFrADM4LOfaCiSUHC1rUFv4H6mR0o8qNXVFcVE+ 4DYtHvoQXk6vgXdVVdrZgxPxYHLBLdKf36yCPDMqtQcuSEzsOGW9EQ5NQwIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFDZ2brMDj8Dsr+TyWLHWBIBWYfvkMB8GA1UdIwQY MBaAFELZ7F4ii0r38Dw0W8OWf1HW/4oJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXRuc1hpS0xTdmZ3UERSYnc1Wl9VZGJfaWdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9kZGUzNTEtNzlhMi00M2E0LTgxYjkt NmM5YjQ4YmRiZmU1LzEvTm5adXN3T1B3T3l2NVBKWXNkWUVnRlpoLS1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi9kZGUzNTEtNzlhMi00M2E0LTgxYjktNmM5YjQ4YmRiZmU1 LzEvUXRuc1hpS0xTdmZ3UERSYnc1Wl9VZGJfaWdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAKrGdwD BACrGd4wFgQCAAIwEAMHACABBngIjAMFAyoR24AwDQYJKoZIhvcNAQELBQADggEB AJVLxKaaNZqDxHNjp3Fa2T+E3HDL/hgT3CEmfJWnAQ18mqDGUK/8Bq1QrieclSl5 AiqKl6eNdAwd6ZYoqoXph8uJYEW1p2yim5Sl3CdghLEcr5PQNssss5vy6IVpB3y+ wBsyNAtwRgXLkfpPaC0oOUx7fCQqny4B/YtyTEBITGZYJ6m8b34LjP5OoNbAE44W UxqoCRHuRX4esiWO9boXVdYf/NmnIIOvq7lNs3rYv3afos6yYhGLJSvgMI377CuU DfLg+34FxYIAveCSyEER6yey4vUBzCTS5UHgtvFzc08I2Y9jVStVEBkHOKyiK9Kf MmdtWRSEcCY7s/W6OO18aww= -----END CERTIFICATE-----Generated at Sat Dec 20 21:03:32 2025 by rpki-client