This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/jdzg16c7MaiOnZ9-kVnWfu-f5N0.roa File: jdzg16c7MaiOnZ9-kVnWfu-f5N0.roa (raw, json) Hash identifier: S7drwu7SeNZ2ONjCLahi8wl52GPXe3l+rn2lLGtlHNA= Subject key identifier: 8D:DC:E0:D7:A7:3B:31:A8:8E:9D:9F:7E:91:59:D6:7E:EF:9F:E4:DD Certificate issuer: /CN=87d990131467b77d11162b79fbe3b06ca8ab2d39 Certificate serial: 019AFD91EA551929A8F0D995CD1B5B350D44 Authority key identifier: 87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/jdzg16c7MaiOnZ9-kVnWfu-f5N0.roa Signing time: Mon 08 Dec 2025 10:46:29 +0000 ROA not before: Mon 08 Dec 2025 10:46:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 1299 IP address blocks: 2.59.144.0/22 maxlen: 24 5.10.128.0/21 maxlen: 24 5.183.248.0/22 maxlen: 24 23.90.192.0/18 maxlen: 24 31.204.80.0/21 maxlen: 24 45.80.252.0/22 maxlen: 24 45.86.96.0/22 maxlen: 24 45.89.76.0/22 maxlen: 24 45.92.180.0/22 maxlen: 24 45.129.216.0/24 maxlen: 24 45.129.217.0/24 maxlen: 24 45.129.218.0/24 maxlen: 24 45.133.68.0/22 maxlen: 24 45.142.108.0/22 maxlen: 24 45.152.16.0/22 maxlen: 24 46.18.120.0/22 maxlen: 24 46.18.124.0/24 maxlen: 24 46.18.125.0/24 maxlen: 24 46.18.126.0/23 maxlen: 24 62.192.156.0/22 maxlen: 24 79.99.160.0/21 maxlen: 24 88.86.224.0/19 maxlen: 19 88.218.12.0/22 maxlen: 24 92.119.232.0/22 maxlen: 24 94.154.4.0/24 maxlen: 24 94.187.128.0/19 maxlen: 24 168.220.128.0/19 maxlen: 24 185.20.16.0/22 maxlen: 24 185.48.252.0/22 maxlen: 24 185.86.88.0/22 maxlen: 24 185.87.100.0/22 maxlen: 24 185.98.116.0/22 maxlen: 24 185.132.64.0/22 maxlen: 24 185.133.80.0/22 maxlen: 24 185.134.156.0/22 maxlen: 24 185.135.176.0/22 maxlen: 24 185.138.116.0/22 maxlen: 24 185.163.136.0/22 maxlen: 24 185.163.212.0/22 maxlen: 24 185.163.220.0/22 maxlen: 24 185.163.228.0/22 maxlen: 24 185.169.156.0/22 maxlen: 24 185.186.88.0/22 maxlen: 24 185.191.36.0/22 maxlen: 24 185.197.108.0/22 maxlen: 24 185.241.140.0/22 maxlen: 24 185.254.8.0/22 maxlen: 24 192.214.192.0/19 maxlen: 24 195.216.140.0/22 maxlen: 24 2a00:41e0::/29 maxlen: 48 2a00:6780::/29 maxlen: 48 2a01:648::/29 maxlen: 48 2a05:b780::/29 maxlen: 48 2a05:c100::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.mft rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fd:91:ea:55:19:29:a8:f0:d9:95:cd:1b:5b:35:0d:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87d990131467b77d11162b79fbe3b06ca8ab2d39 Validity Not Before: Dec 8 10:46:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=8ddce0d7a73b31a88e9d9f7e9159d67eef9fe4dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:6b:5e:5c:99:1d:d1:04:17:a6:5e:47:01:fd: 5d:b0:06:81:d9:0f:4c:5c:f8:e9:7a:7c:d4:73:6e: 22:88:17:0a:08:66:4a:19:0d:47:ff:cb:4e:b7:bf: 9b:55:2c:d0:80:00:cb:5a:b3:07:a3:26:ed:d4:6c: 25:7d:1b:ea:d1:4b:bb:1f:41:c3:5c:58:38:a5:35: 50:e7:7d:5a:f5:a8:d5:18:90:a0:c0:91:de:5e:20: d5:b5:14:6d:18:d2:64:07:ce:25:5b:a2:f1:de:fc: 0f:4b:21:e6:0e:22:af:fd:6e:8f:bd:fb:0e:84:2a: 35:ee:dc:ac:88:e2:b8:d0:d3:ee:52:88:66:a2:56: 7d:5d:11:fa:42:62:91:ea:a4:a9:67:50:9e:07:d6: e2:99:d7:76:4e:fd:c4:42:c7:28:7a:39:c7:ab:be: 10:4b:f4:7f:47:c0:2a:93:5c:da:49:45:e4:b9:88: 94:00:d3:42:e7:3c:d5:b2:73:6e:99:37:3e:b4:bc: d0:cf:5f:69:b4:d7:27:0b:92:43:df:8c:8f:ef:b1: ab:ba:25:8e:c0:72:c3:50:19:bd:cf:14:89:5f:90: 7c:77:b3:4a:7e:b4:f5:e0:58:c2:7d:3f:dd:7b:49: ea:1c:41:c0:5c:8a:06:df:72:9f:c5:a2:76:9c:be: eb:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:DC:E0:D7:A7:3B:31:A8:8E:9D:9F:7E:91:59:D6:7E:EF:9F:E4:DD X509v3 Authority Key Identifier: keyid:87:D9:90:13:14:67:B7:7D:11:16:2B:79:FB:E3:B0:6C:A8:AB:2D:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9mQExRnt30RFit5--OwbKirLTk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/jdzg16c7MaiOnZ9-kVnWfu-f5N0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5dea97-7ef7-4db0-94bc-b8e8b34db290/1/h9mQExRnt30RFit5--OwbKirLTk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.144.0/22 5.10.128.0/21 5.183.248.0/22 23.90.192.0/18 31.204.80.0/21 45.80.252.0/22 45.86.96.0/22 45.89.76.0/22 45.92.180.0/22 45.129.216.0-45.129.218.255 45.133.68.0/22 45.142.108.0/22 45.152.16.0/22 46.18.120.0/21 62.192.156.0/22 79.99.160.0/21 88.86.224.0/19 88.218.12.0/22 92.119.232.0/22 94.154.4.0/24 94.187.128.0/19 168.220.128.0/19 185.20.16.0/22 185.48.252.0/22 185.86.88.0/22 185.87.100.0/22 185.98.116.0/22 185.132.64.0/22 185.133.80.0/22 185.134.156.0/22 185.135.176.0/22 185.138.116.0/22 185.163.136.0/22 185.163.212.0/22 185.163.220.0/22 185.163.228.0/22 185.169.156.0/22 185.186.88.0/22 185.191.36.0/22 185.197.108.0/22 185.241.140.0/22 185.254.8.0/22 192.214.192.0/19 195.216.140.0/22 IPv6: 2a00:41e0::/29 2a00:6780::/29 2a01:648::/29 2a05:b780::/29 2a05:c100::/29 Signature Algorithm: sha256WithRSAEncryption 96:b6:be:2a:61:c5:b2:fa:38:b1:63:94:e9:5f:e7:66:09:3d: 16:90:cb:fc:c0:7c:b5:e1:30:65:d1:40:06:4c:c4:23:86:09: bd:9e:be:9c:74:b0:73:33:4f:e5:32:2d:be:46:c5:ef:75:ff: 13:b7:c6:d9:37:31:fd:e1:86:f2:83:ed:9c:4c:35:89:0f:df: 36:dc:53:b4:9c:52:0a:9a:35:fb:c1:1c:b0:b0:3b:47:dd:95: 18:61:45:dd:43:23:ea:4b:ff:86:2e:fa:1b:53:88:68:cb:65: 1e:33:43:94:f6:fb:08:c3:ce:28:3b:d2:33:a0:a7:00:ec:0c: 9a:62:0f:b3:44:30:92:7a:9f:46:ca:93:03:63:ff:17:dd:b2: 55:d8:48:13:98:45:08:a6:06:47:a1:1d:a2:b5:5a:3a:ab:71: f5:6c:19:5d:d4:6b:f3:90:72:52:f7:12:c2:82:67:38:d5:68: dc:62:18:15:91:c0:ca:74:43:4a:f8:5a:b1:b1:07:8c:3f:20: 82:1a:52:bb:20:f9:d0:5f:60:c6:bf:70:0c:06:f3:2c:e7:61: 40:55:79:26:d1:5c:17:89:c4:5d:24:e1:1a:cc:bb:9c:1e:62: 45:a6:57:d1:c2:ad:87:36:3c:23:47:25:13:15:8c:a5:2c:81: 46:dd:d6:52 -----BEGIN CERTIFICATE----- MIIGPDCCBSSgAwIBAgISAZr9kepVGSmo8NmVzRtbNQ1EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZDk5MDEzMTQ2N2I3N2QxMTE2MmI3OWZiZTNiMDZjYThh YjJkMzkwHhcNMjUxMjA4MTA0NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZGRjZTBkN2E3M2IzMWE4OGU5ZDlmN2U5MTU5ZDY3ZWVmOWZlNGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WteXJkd0QQXpl5HAf1dsAaB2Q9M XPjpenzUc24iiBcKCGZKGQ1H/8tOt7+bVSzQgADLWrMHoybt1GwlfRvq0Uu7H0HD XFg4pTVQ531a9ajVGJCgwJHeXiDVtRRtGNJkB84lW6Lx3vwPSyHmDiKv/W6PvfsO hCo17tysiOK40NPuUohmolZ9XRH6QmKR6qSpZ1CeB9bimdd2Tv3EQscoejnHq74Q S/R/R8Aqk1zaSUXkuYiUANNC5zzVsnNumTc+tLzQz19ptNcnC5JD34yP77GruiWO wHLDUBm9zxSJX5B8d7NKfrT14FjCfT/de0nqHEHAXIoG33KfxaJ2nL7r5QIDAQAB o4IDSDCCA0QwHQYDVR0OBBYEFI3c4NenOzGojp2ffpFZ1n7vn+TdMB8GA1UdIwQY MBaAFIfZkBMUZ7d9ERYrefvjsGyoqy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMt YjhlOGIzNGRiMjkwLzEvamR6ZzE2YzdNYWlPblo5LWtWbldmdS1mNU4wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81ZGVhOTctN2VmNy00ZGIwLTk0YmMtYjhlOGIzNGRiMjkw LzEvaDltUUV4Um50MzBSRml0NS0tT3diS2lyTFRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBXAYIKwYBBQUHAQcBAf8EggFLMIIBRzCCARgEAgABMIIB EAMEAgI7kAMEAwUKgAMEAgW3+AMEBhdawAMEAx/MUAMEAi1Q/AMEAi1WYAMEAi1Z TAMEAi1ctDAMAwQDLYHYAwQALYHaAwQCLYVEAwQCLY5sAwQCLZgQAwQDLhJ4AwQC PsCcAwQDT2OgAwQFWFbgAwQCWNoMAwQCXHfoAwQAXpoEAwQFXruAAwQFqNyAAwQC uRQQAwQCuTD8AwQCuVZYAwQCuVdkAwQCuWJ0AwQCuYRAAwQCuYVQAwQCuYacAwQC uYewAwQCuYp0AwQCuaOIAwQCuaPUAwQCuaPcAwQCuaPkAwQCuamcAwQCubpYAwQC ub8kAwQCucVsAwQCufGMAwQCuf4IAwQFwNbAAwQCw9iMMCkEAgACMCMDBQMqAEHg AwUDKgBngAMFAyoBBkgDBQMqBbeAAwUDKgXBADANBgkqhkiG9w0BAQsFAAOCAQEA lra+KmHFsvo4sWOU6V/nZgk9FpDL/MB8teEwZdFABkzEI4YJvZ6+nHSwczNP5TIt vkbF73X/E7fG2Tcx/eGG8oPtnEw1iQ/fNtxTtJxSCpo1+8EcsLA7R92VGGFF3UMj 6kv/hi76G1OIaMtlHjNDlPb7CMPOKDvSM6CnAOwMmmIPs0QwknqfRsqTA2P/F92y VdhIE5hFCKYGR6EdorVaOqtx9WwZXdRr85ByUvcSwoJnONVo3GIYFZHAynRDSvha sbEHjD8gghpSuyD50F9gxr9wDAbzLOdhQFV5JtFcF4nEXSThGsy7nB5iRaZX0cKt hzY8I0clExWMpSyBRt3WUg== -----END CERTIFICATE-----Generated at Sat Dec 20 05:42:46 2025 by rpki-client