This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/aIQ6T9M-ZW8dTL9yRqFo_su0e0o.roa File: aIQ6T9M-ZW8dTL9yRqFo_su0e0o.roa (raw, json) Hash identifier: SBSK2fnbFlrBlmbYvciDCFJM3OHWg55h/k+fRxOD2Q4= Subject key identifier: 68:84:3A:4F:D3:3E:65:6F:1D:4C:BF:72:46:A1:68:FE:CB:B4:7B:4A Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Certificate serial: 019B4591519ABC9F8DA5885D8FC675431540 Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/aIQ6T9M-ZW8dTL9yRqFo_su0e0o.roa Signing time: Mon 22 Dec 2025 10:18:30 +0000 ROA not before: Mon 22 Dec 2025 10:18:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 202656 IP address blocks: 2.59.212.0/24 maxlen: 24 188.64.162.0/24 maxlen: 24 193.38.50.0/24 maxlen: 24 193.38.51.0/24 maxlen: 24 194.169.162.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:45:91:51:9a:bc:9f:8d:a5:88:5d:8f:c6:75:43:15:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Validity Not Before: Dec 22 10:18:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68843a4fd33e656f1d4cbf7246a168fecbb47b4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:04:c0:0e:b0:b0:c6:ed:47:f4:90:39:9b:46: 7b:46:26:30:33:51:f8:9d:f2:e0:2b:a6:8b:0b:d9: e0:b3:85:f2:03:69:28:93:e6:41:1d:56:54:28:65: 92:5b:ce:96:80:a5:90:58:ce:b7:72:e3:26:99:72: 65:e8:f6:b2:74:c5:b9:01:23:4d:11:31:ce:b3:13: cb:6a:05:70:68:7a:c2:bf:14:2f:67:cd:49:01:ad: bd:ea:42:88:33:cc:1f:1e:89:2c:46:9f:00:71:91: a8:71:2a:23:a1:85:2d:f6:9d:3d:d4:91:9f:96:9f: b3:32:78:6b:f0:a4:f7:8d:21:9b:96:cc:7b:37:dd: e5:8e:4e:6f:d7:db:a3:24:f0:1e:6e:f5:ab:6a:37: 40:88:7a:4a:ea:ef:6a:27:f7:21:92:76:0b:fc:6e: 50:69:3a:d7:d0:28:0e:3c:18:13:a8:96:32:3f:4b: 3a:4e:9d:3f:f0:48:de:43:da:5c:4e:02:7e:ab:f5: 21:9d:fb:69:c3:05:e8:0c:d8:3f:80:3b:e9:9f:df: 85:35:13:4b:3f:c2:7b:f6:c9:47:0c:f5:6b:74:20: fc:78:25:53:86:3b:65:0f:1a:93:dd:67:cd:55:58: 1a:1f:8c:67:44:12:41:10:87:a2:6e:88:4b:ae:b4: 96:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:84:3A:4F:D3:3E:65:6F:1D:4C:BF:72:46:A1:68:FE:CB:B4:7B:4A X509v3 Authority Key Identifier: keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/aIQ6T9M-ZW8dTL9yRqFo_su0e0o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.212.0/24 188.64.162.0/24 193.38.50.0/23 194.169.162.0/24 Signature Algorithm: sha256WithRSAEncryption 97:e4:97:a0:ea:27:37:8f:23:87:f1:aa:12:99:46:32:29:74: 85:dc:99:39:3e:4a:6a:74:36:1d:3a:25:d6:2b:05:6a:0f:d6: 03:51:0e:8c:37:f5:cf:0b:e5:f9:86:b5:26:32:be:e2:4e:96: fe:ee:8f:15:94:7f:8d:10:c2:0a:2c:44:e3:9c:d6:70:50:5c: 5b:c0:08:94:2c:c1:5a:81:e5:7d:38:99:e8:29:77:d2:c7:cb: b6:83:50:36:a6:5e:90:e4:11:0e:84:50:b8:a8:ef:a4:fe:9f: eb:26:17:0b:a6:13:be:44:84:bc:ff:0d:3c:84:fc:13:ae:89: 64:bf:34:69:52:41:e9:9b:9b:b9:45:5b:c7:dc:87:5c:d5:2f: b3:84:eb:db:37:26:d5:be:4e:3a:ab:0d:99:65:c7:87:3d:47: 71:91:88:ff:89:83:2d:ce:ef:1e:f8:8a:97:de:e2:10:85:b1: 5c:4c:1f:23:d0:d5:65:d6:ab:fb:e3:f4:7a:b1:69:fa:c8:a7: 05:14:f8:6f:54:05:7a:67:47:52:bf:7f:e1:70:91:b1:0f:8a: 41:85:7e:57:c8:af:e0:63:fa:13:30:2d:6e:fc:12:78:3c:d2: 13:e2:6d:7f:d1:a0:05:48:69:02:8f:e6:ae:48:d0:a9:a8:92: 8e:bb:ab:89 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZtFkVGavJ+NpYhdj8Z1QxVAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4 YWJjYzUwHhcNMjUxMjIyMTAxODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODg0M2E0ZmQzM2U2NTZmMWQ0Y2JmNzI0NmExNjhmZWNiYjQ3YjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxATADrCwxu1H9JA5m0Z7RiYwM1H4 nfLgK6aLC9ngs4XyA2kok+ZBHVZUKGWSW86WgKWQWM63cuMmmXJl6PaydMW5ASNN ETHOsxPLagVwaHrCvxQvZ81JAa296kKIM8wfHoksRp8AcZGocSojoYUt9p091JGf lp+zMnhr8KT3jSGblsx7N93ljk5v19ujJPAebvWrajdAiHpK6u9qJ/chknYL/G5Q aTrX0CgOPBgTqJYyP0s6Tp0/8EjeQ9pcTgJ+q/UhnftpwwXoDNg/gDvpn9+FNRNL P8J79slHDPVrdCD8eCVThjtlDxqT3WfNVVgaH4xnRBJBEIeibohLrrSWywIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFGiEOk/TPmVvHUy/ckahaP7LtHtKMB8GA1UdIwQY MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt NmZlOWJmNjA1NjFjLzEvYUlRNlQ5TS1aVzhkVEw5eVJxRm9fc3UwZTBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjvUAwQA vECiAwQBwSYyAwQAwqmiMA0GCSqGSIb3DQEBCwUAA4IBAQCX5Jeg6ic3jyOH8aoS mUYyKXSF3Jk5PkpqdDYdOiXWKwVqD9YDUQ6MN/XPC+X5hrUmMr7iTpb+7o8VlH+N EMIKLETjnNZwUFxbwAiULMFageV9OJnoKXfSx8u2g1A2pl6Q5BEOhFC4qO+k/p/r JhcLphO+RIS8/w08hPwTrolkvzRpUkHpm5u5RVvH3Idc1S+zhOvbNybVvk46qw2Z ZceHPUdxkYj/iYMtzu8e+IqX3uIQhbFcTB8j0NVl1qv74/R6sWn6yKcFFPhvVAV6 Z0dSv3/hcJGxD4pBhX5XyK/gY/oTMC1u/BJ4PNIT4m1/0aAFSGkCj+auSNCpqJKO u6uJ -----END CERTIFICATE-----Generated at Sat Dec 27 08:05:11 2025 by rpki-client