This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/dbZOoJhkkFnex2VHS7p9UJwGGNs.roa File: dbZOoJhkkFnex2VHS7p9UJwGGNs.roa (raw, json) Hash identifier: fcaEeeACTWbu5WAsJb+fAQHrpfZWGUkv+JveTzdgMDM= Subject key identifier: 75:B6:4E:A0:98:64:90:59:DE:C7:65:47:4B:BA:7D:50:9C:06:18:DB Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B35BD3AC3E31BBFB2D97072A28014FC3F Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/dbZOoJhkkFnex2VHS7p9UJwGGNs.roa Signing time: Fri 19 Dec 2025 08:32:32 +0000 ROA not before: Fri 19 Dec 2025 08:32:32 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 25198 IP address blocks: 151.240.152.0/24 maxlen: 24 151.240.226.0/24 maxlen: 24 151.242.128.0/24 maxlen: 24 151.243.223.0/24 maxlen: 24 151.247.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:bd:3a:c3:e3:1b:bf:b2:d9:70:72:a2:80:14:fc:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Dec 19 08:32:32 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=75b64ea098649059dec765474bba7d509c0618db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:99:0b:93:1a:98:f1:e9:52:f8:fb:49:39:7d: ba:72:3a:0a:a4:06:e4:23:76:23:d8:5f:9e:d0:a0: ba:68:54:0b:2e:55:6d:c6:d0:11:04:1e:d2:1f:21: be:c3:2a:59:89:3e:28:f0:92:fd:4c:2b:58:f0:63: 1a:fe:a8:03:e8:f7:81:cf:d0:78:9e:73:51:24:54: 58:3f:18:cb:6f:af:9c:ee:91:3a:38:26:79:e2:ea: 8c:29:4c:1b:44:c5:b7:89:c7:c1:ed:d5:dc:41:5b: c5:5a:eb:f1:27:c1:e3:cc:22:31:7f:92:4c:1d:38: 7c:4a:f6:4c:40:e8:34:83:4f:68:0a:d3:58:78:21: 37:3f:2a:c1:03:4b:b2:6e:52:ae:46:c4:96:01:f2: ad:21:13:ee:f6:c3:53:6e:a6:23:f3:ef:c0:a9:40: 0a:eb:30:21:d8:59:cf:86:ef:e5:06:6f:43:8e:d8: de:cd:07:4b:0d:e5:5d:4e:f8:8e:64:53:58:5f:11: e6:35:21:e5:8e:9c:c6:61:02:03:46:e8:6f:5d:f1: 59:8d:ac:6b:46:2c:86:13:43:11:f5:00:1f:02:f3: 14:01:02:e7:30:5f:e6:90:fa:0c:e2:3a:44:b7:30: bc:d8:ac:b6:ed:0e:ee:7a:5d:c1:0d:8f:70:0d:b6: 5a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:B6:4E:A0:98:64:90:59:DE:C7:65:47:4B:BA:7D:50:9C:06:18:DB X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/dbZOoJhkkFnex2VHS7p9UJwGGNs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.240.152.0/24 151.240.226.0/24 151.242.128.0/24 151.243.223.0/24 151.247.145.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:4b:e9:28:53:97:1c:a6:c9:bf:ef:25:5f:3d:a7:3f:0d:3b: 95:2d:69:97:b7:97:5d:7f:dc:7b:1b:75:59:48:85:9d:61:1d: cc:78:f0:46:0f:5f:23:b9:e4:89:c7:b3:51:ab:33:30:94:51: e5:11:3b:f4:da:df:7c:5f:51:34:11:ad:43:0a:03:8e:2d:87: 67:1a:d8:81:c8:ce:47:56:a1:cd:5c:bf:e2:2d:d6:71:78:7c: 9c:f1:36:68:4d:4d:e7:d5:c3:44:7d:f2:d8:a0:b1:cc:70:bc: dd:f3:b5:3f:27:59:09:8c:a6:9f:f0:8e:cd:bb:08:8b:a3:1e: f2:da:24:d5:ce:c6:33:b3:07:76:2d:9b:62:19:40:2a:56:c2: 58:0e:15:f4:31:83:04:c8:34:d5:74:7c:00:07:4d:cc:85:7b: 77:1e:01:04:b7:94:55:1e:b0:97:5d:fe:05:65:34:8a:5d:56: 40:7a:d8:0c:ee:85:dd:fc:e7:57:26:75:b1:a8:08:18:6d:db: 87:bc:4b:1f:24:b7:cc:b7:f7:d8:98:20:11:ac:95:e3:5e:48: 9d:22:db:75:83:03:4d:89:b6:69:5e:93:b4:38:66:bd:ff:81: e3:56:03:78:f6:69:c3:8c:78:95:83:a7:eb:ff:50:9b:05:55: 1d:57:d0:e9 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZs1vTrD4xu/stlwcqKAFPw/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMjE5MDgzMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NWI2NGVhMDk4NjQ5MDU5ZGVjNzY1NDc0YmJhN2Q1MDljMDYxOGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5kLkxqY8elS+PtJOX26cjoKpAbk I3Yj2F+e0KC6aFQLLlVtxtARBB7SHyG+wypZiT4o8JL9TCtY8GMa/qgD6PeBz9B4 nnNRJFRYPxjLb6+c7pE6OCZ54uqMKUwbRMW3icfB7dXcQVvFWuvxJ8HjzCIxf5JM HTh8SvZMQOg0g09oCtNYeCE3PyrBA0uyblKuRsSWAfKtIRPu9sNTbqYj8+/AqUAK 6zAh2FnPhu/lBm9DjtjezQdLDeVdTviOZFNYXxHmNSHljpzGYQIDRuhvXfFZjaxr RiyGE0MR9QAfAvMUAQLnMF/mkPoM4jpEtzC82Ky27Q7uel3BDY9wDbZaFQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFHW2TqCYZJBZ3sdlR0u6fVCcBhjbMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvZGJaT29KaGtrRm5leDJWSFM3cDlVSndHR05zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/CYAwQA l/DiAwQAl/KAAwQAl/PfAwQAl/eRMA0GCSqGSIb3DQEBCwUAA4IBAQBNS+koU5cc psm/7yVfPac/DTuVLWmXt5ddf9x7G3VZSIWdYR3MePBGD18jueSJx7NRqzMwlFHl ETv02t98X1E0Ea1DCgOOLYdnGtiByM5HVqHNXL/iLdZxeHyc8TZoTU3n1cNEffLY oLHMcLzd87U/J1kJjKaf8I7NuwiLox7y2iTVzsYzswd2LZtiGUAqVsJYDhX0MYME yDTVdHwAB03MhXt3HgEEt5RVHrCXXf4FZTSKXVZAetgM7oXd/OdXJnWxqAgYbduH vEsfJLfMt/fYmCARrJXjXkidItt1gwNNibZpXpO0OGa9/4HjVgN49mnDjHiVg6fr /1CbBVUdV9Dp -----END CERTIFICATE-----Generated at Fri Dec 19 21:21:21 2025 by rpki-client