This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/s1zL6gzO0M3JzPyTKX8t1xaOUrA.roa File: s1zL6gzO0M3JzPyTKX8t1xaOUrA.roa (raw, json) Hash identifier: gZ7moKCsBrn+radMswHUegubuhNeWvXGn2oIRaI3hDc= Subject key identifier: B3:5C:CB:EA:0C:CE:D0:CD:C9:CC:FC:93:29:7F:2D:D7:16:8E:52:B0 Certificate issuer: /CN=9577345dfcc93478c5ff221d482ee4c98483f908 Certificate serial: 019B090BD7A1B565954708BB260AAAA7D00B Authority key identifier: 95:77:34:5D:FC:C9:34:78:C5:FF:22:1D:48:2E:E4:C9:84:83:F9:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/s1zL6gzO0M3JzPyTKX8t1xaOUrA.roa Signing time: Wed 10 Dec 2025 16:15:29 +0000 ROA not before: Wed 10 Dec 2025 16:15:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 216083 IP address blocks: 5.42.148.0/22 maxlen: 24 5.42.148.0/23 maxlen: 24 5.42.150.0/23 maxlen: 24 5.42.150.0/24 maxlen: 24 5.42.151.0/24 maxlen: 24 195.68.234.0/23 maxlen: 23 195.68.234.0/24 maxlen: 24 195.68.235.0/24 maxlen: 24 2a14:1a00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.crl rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.mft rsync://rpki.ripe.net/repository/DEFAULT/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:09:0b:d7:a1:b5:65:95:47:08:bb:26:0a:aa:a7:d0:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9577345dfcc93478c5ff221d482ee4c98483f908 Validity Not Before: Dec 10 16:15:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b35ccbea0cced0cdc9ccfc93297f2dd7168e52b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:9c:8b:e6:d9:a8:cc:f5:5d:27:ed:90:78:9c: b8:c5:c0:8d:e4:a7:a9:3a:35:76:87:72:28:e1:0e: 36:2c:3d:fc:30:43:df:67:b4:6d:3e:f3:0c:db:7e: 92:55:99:84:cf:fb:1c:0d:9d:77:7f:d9:4a:e4:14: 85:23:8a:61:b6:8d:c3:5f:ae:fa:51:74:14:da:bd: ad:75:1c:ea:12:9c:ac:2a:a1:e0:51:14:31:91:02: 8d:ed:bd:7e:72:b7:a5:0f:eb:36:9a:44:2f:f9:3a: 2b:a8:49:1d:f6:c6:0d:18:13:b3:0a:4c:2a:53:a0: 19:d0:44:e7:a7:92:86:42:76:64:bd:48:c7:e1:16: 64:99:51:42:b0:0e:57:5a:9a:27:1e:98:d5:09:2f: b2:b5:ae:f6:3f:05:7d:ae:60:a4:2b:94:ca:1d:18: 29:3c:19:14:e3:55:95:0b:0a:e3:dd:ca:51:99:3e: a4:47:98:af:02:35:47:e8:d1:35:3d:bb:e8:54:13: de:50:56:99:4a:f5:58:41:e2:b7:a5:23:4a:8b:21: 55:bf:2d:e3:64:9b:33:99:6c:90:70:92:dc:ff:f6: 36:d0:83:86:07:5b:49:b4:e7:58:8e:6b:80:00:db: 9c:8b:a9:ad:c1:4a:0a:0c:7f:69:4e:82:98:36:bc: 26:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:5C:CB:EA:0C:CE:D0:CD:C9:CC:FC:93:29:7F:2D:D7:16:8E:52:B0 X509v3 Authority Key Identifier: keyid:95:77:34:5D:FC:C9:34:78:C5:FF:22:1D:48:2E:E4:C9:84:83:F9:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/s1zL6gzO0M3JzPyTKX8t1xaOUrA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b16f66-2af4-463e-9785-433f5fa4f901/1/lXc0XfzJNHjF_yIdSC7kyYSD-Qg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.42.148.0/22 195.68.234.0/23 IPv6: 2a14:1a00::/29 Signature Algorithm: sha256WithRSAEncryption 07:be:56:8a:60:c0:a3:01:5d:a5:34:5b:89:22:fe:0d:27:d4: 17:71:58:29:da:e3:af:6b:07:51:69:2b:a3:4c:3d:10:66:67: ce:09:dd:46:6e:c9:63:30:3f:fb:3e:58:e0:d1:54:cf:06:a6: 8e:a0:8a:e2:9a:01:c2:7e:0b:7a:a1:f5:bd:96:ee:5d:52:54: c1:a4:e6:8e:44:aa:35:06:0e:d2:6a:e9:51:00:c3:51:4b:6c: ea:9f:e7:4b:96:cb:fa:4b:a0:c1:b2:73:3f:89:de:ea:3e:d1: b7:3a:8b:0b:60:a6:b2:b9:ce:34:77:c6:cd:5f:bf:ef:8c:cd: 36:78:07:b3:b8:1a:06:8d:6d:bc:3d:6c:eb:96:8f:ad:5e:6e: c3:29:33:16:cd:29:22:3c:0b:be:1c:06:e4:b6:27:f3:61:31: c4:ef:7e:cc:ff:09:8b:a1:67:da:6b:6a:10:7c:c4:04:91:90: a5:c5:33:99:1a:3d:e2:64:3d:b6:d0:a9:95:52:a0:52:5e:9b: 50:0e:a3:f1:42:8b:4f:4c:11:82:ee:f5:86:33:d0:1b:22:08: 96:44:f3:d7:18:1e:43:ed:cd:b6:db:f2:c5:34:3f:c3:7f:d6: 22:2a:5a:4e:f5:ca:29:01:cc:80:20:ed:4f:0f:d5:05:12:6b: d6:d3:71:3e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZsJC9ehtWWVRwi7Jgqqp9ALMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1NzczNDVkZmNjOTM0NzhjNWZmMjIxZDQ4MmVlNGM5ODQ4 M2Y5MDgwHhcNMjUxMjEwMTYxNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzVjY2JlYTBjY2VkMGNkYzljY2ZjOTMyOTdmMmRkNzE2OGU1MmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pyL5tmozPVdJ+2QeJy4xcCN5Kep OjV2h3Io4Q42LD38MEPfZ7RtPvMM236SVZmEz/scDZ13f9lK5BSFI4phto3DX676 UXQU2r2tdRzqEpysKqHgURQxkQKN7b1+crelD+s2mkQv+TorqEkd9sYNGBOzCkwq U6AZ0ETnp5KGQnZkvUjH4RZkmVFCsA5XWponHpjVCS+yta72PwV9rmCkK5TKHRgp PBkU41WVCwrj3cpRmT6kR5ivAjVH6NE1PbvoVBPeUFaZSvVYQeK3pSNKiyFVvy3j ZJszmWyQcJLc//Y20IOGB1tJtOdYjmuAANuci6mtwUoKDH9pToKYNrwmfQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLNcy+oMztDNycz8kyl/LdcWjlKwMB8GA1UdIwQY MBaAFJV3NF38yTR4xf8iHUgu5MmEg/kIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFhjMFhmekpOSGpGX3lJZFNDN2t5WVNELVFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMTZmNjYtMmFmNC00NjNlLTk3ODUt NDMzZjVmYTRmOTAxLzEvczF6TDZnek8wTTNKelB5VEtYOHQxeGFPVXJBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iMTZmNjYtMmFmNC00NjNlLTk3ODUtNDMzZjVmYTRmOTAx LzEvbFhjMFhmekpOSGpGX3lJZFNDN2t5WVNELVFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBSqUAwQB w0TqMA0EAgACMAcDBQMqFBoAMA0GCSqGSIb3DQEBCwUAA4IBAQAHvlaKYMCjAV2l NFuJIv4NJ9QXcVgp2uOvawdRaSujTD0QZmfOCd1GbsljMD/7Pljg0VTPBqaOoIri mgHCfgt6ofW9lu5dUlTBpOaORKo1Bg7SaulRAMNRS2zqn+dLlsv6S6DBsnM/id7q PtG3OosLYKayuc40d8bNX7/vjM02eAezuBoGjW28PWzrlo+tXm7DKTMWzSkiPAu+ HAbktifzYTHE737M/wmLoWfaa2oQfMQEkZClxTOZGj3iZD220KmVUqBSXptQDqPx QotPTBGC7vWGM9AbIgiWRPPXGB5D7c222/LFND/Df9YiKlpO9copAcyAIO1PD9UF EmvW03E+ -----END CERTIFICATE-----Generated at Thu Dec 25 01:16:55 2025 by rpki-client