This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/0jPQDDugM0hxwDfN_d6zOZk7XaQ.roa File: 0jPQDDugM0hxwDfN_d6zOZk7XaQ.roa (raw, json) Hash identifier: hfyIKRCp+vcrNKWRpUeeLp9YanOyoFs0d+dQEgLE2hU= Subject key identifier: D2:33:D0:0C:3B:A0:33:48:71:C0:37:CD:FD:DE:B3:39:99:3B:5D:A4 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B2681F56575F9E2560AB6382B91E889E2 Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/0jPQDDugM0hxwDfN_d6zOZk7XaQ.roa Signing time: Tue 16 Dec 2025 09:33:29 +0000 ROA not before: Tue 16 Dec 2025 09:33:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 8346 IP address blocks: 80.15.245.0/24 maxlen: 24 2a01:c9c0:c016::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 06:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:81:f5:65:75:f9:e2:56:0a:b6:38:2b:91:e8:89:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Dec 16 09:33:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d233d00c3ba0334871c037cdfddeb339993b5da4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:46:54:2a:3d:7d:84:e4:02:40:70:29:53:b8: 83:ec:de:26:66:4c:f2:f4:3c:5f:59:53:49:2f:8c: 45:fa:74:86:02:9a:9e:90:ea:04:3b:70:62:b5:ec: a1:d3:de:ab:d7:9a:88:8d:04:3c:e2:5f:18:c7:b0: f1:df:7b:82:bf:de:a9:a4:c2:87:81:e7:bb:00:bd: 7a:d5:98:05:f9:8a:b6:d9:2b:7b:2c:8d:c8:7b:d5: b1:4f:f6:6d:8b:63:92:1f:17:75:14:4f:ea:80:d8: 52:12:e7:3c:5c:34:ad:df:ef:b4:00:9e:fc:48:c6: c8:a4:a7:79:d6:a6:ba:6d:04:a5:1f:19:56:ce:11: 28:b2:25:6b:74:98:ac:3c:33:a5:ee:96:60:f4:ce: 15:08:cf:e3:fe:d0:62:4a:48:f5:1d:58:85:e2:de: 1d:7f:37:eb:a5:00:ce:ac:b6:6b:62:b8:ad:6d:37: c3:b1:2e:18:5d:a7:62:99:ac:4a:56:e4:c9:f5:53: 86:e4:e5:ae:87:6b:9a:e6:ad:bc:e8:64:e5:6d:a6: 91:1e:83:e4:01:62:53:c3:98:12:e2:f4:39:b4:23: da:50:46:96:0d:09:8a:63:30:da:99:23:1d:f3:3a: 28:3d:3f:0a:2f:cd:19:8f:2a:a1:8d:4f:99:9f:69: b0:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:33:D0:0C:3B:A0:33:48:71:C0:37:CD:FD:DE:B3:39:99:3B:5D:A4 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/0jPQDDugM0hxwDfN_d6zOZk7XaQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.15.245.0/24 IPv6: 2a01:c9c0:c016::/48 Signature Algorithm: sha256WithRSAEncryption a1:f0:4a:9c:c9:ac:47:93:0b:0f:b2:45:02:44:67:c6:58:ad: f9:bb:a9:a1:93:44:f3:2d:fe:db:ce:cb:d6:b0:64:76:ef:3d: 4b:c8:9b:8c:9b:5d:8c:5d:9b:b3:b0:1e:ba:62:d0:68:61:1e: bc:a8:b6:00:85:af:d6:d6:e6:15:ff:9e:a3:1f:7c:83:6a:eb: dc:a2:83:32:4b:c8:52:51:4b:99:21:e6:9a:02:8f:a2:90:19: 68:f5:3e:a6:2d:bd:37:72:07:77:18:79:1b:fd:50:94:d8:ba: 39:5c:ec:10:e1:c1:35:6b:a4:28:7b:80:3d:cb:72:8e:ec:a2: 14:4c:79:6a:2f:94:58:7e:86:7f:82:b1:cd:7d:c2:ff:0d:85: 3b:ad:31:53:91:bc:c6:90:e2:39:ac:9a:a4:32:80:9e:8f:6e: ae:55:b8:fd:0d:32:cf:bc:be:f3:6b:60:0f:0c:00:98:0b:f9: bf:5a:30:b1:8b:ee:d7:13:2c:9b:40:2e:73:d7:2e:27:df:70: 70:d0:12:6f:3f:e3:0f:44:12:07:3e:57:2e:18:05:e0:e0:bd: 1c:d3:43:5e:70:e0:e5:5b:36:60:3a:51:e8:9a:68:63:74:79: 23:bf:b6:6d:01:35:b7:cf:92:f5:e3:72:27:35:91:c0:76:e8: 64:33:e9:37 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZsmgfVldfniVgq2OCuR6IniMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjUxMjE2MDkzMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMjMzZDAwYzNiYTAzMzQ4NzFjMDM3Y2RmZGRlYjMzOTk5M2I1ZGE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kZUKj19hOQCQHApU7iD7N4mZkzy 9DxfWVNJL4xF+nSGApqekOoEO3Biteyh096r15qIjQQ84l8Yx7Dx33uCv96ppMKH gee7AL161ZgF+Yq22St7LI3Ie9WxT/Zti2OSHxd1FE/qgNhSEuc8XDSt3++0AJ78 SMbIpKd51qa6bQSlHxlWzhEosiVrdJisPDOl7pZg9M4VCM/j/tBiSkj1HViF4t4d fzfrpQDOrLZrYritbTfDsS4YXadimaxKVuTJ9VOG5OWuh2ua5q286GTlbaaRHoPk AWJTw5gS4vQ5tCPaUEaWDQmKYzDamSMd8zooPT8KL80ZjyqhjU+Zn2mw/wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNIz0Aw7oDNIccA3zf3eszmZO12kMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvMGpQUUREdWdNMGh4d0RmTl9kNnpPWms3WGFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUA/1MA8E AgACMAkDBwAqAcnAwBYwDQYJKoZIhvcNAQELBQADggEBAKHwSpzJrEeTCw+yRQJE Z8ZYrfm7qaGTRPMt/tvOy9awZHbvPUvIm4ybXYxdm7OwHrpi0GhhHryotgCFr9bW 5hX/nqMffINq69yigzJLyFJRS5kh5poCj6KQGWj1PqYtvTdyB3cYeRv9UJTYujlc 7BDhwTVrpCh7gD3Lco7sohRMeWovlFh+hn+Csc19wv8NhTutMVORvMaQ4jmsmqQy gJ6Pbq5VuP0NMs+8vvNrYA8MAJgL+b9aMLGL7tcTLJtALnPXLiffcHDQEm8/4w9E Egc+Vy4YBeDgvRzTQ15w4OVbNmA6UeiaaGN0eSO/tm0BNbfPkvXjcic1kcB26GQz 6Tc= -----END CERTIFICATE-----Generated at Sun Dec 21 15:16:08 2025 by rpki-client