This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OnApBFYPqwebprsVFy2UZ-6YF1U.roa File: OnApBFYPqwebprsVFy2UZ-6YF1U.roa (raw, json) Hash identifier: ERxzXFE+tGbz1uSbjrCzQS8cUZdyCi8DA98dRJ7NGpg= Subject key identifier: 3A:70:29:04:56:0F:AB:07:9B:A6:BB:15:17:2D:94:67:EE:98:17:55 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B500E932D303BE13074F041915BA32DD9 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OnApBFYPqwebprsVFy2UZ-6YF1U.roa Signing time: Wed 24 Dec 2025 11:11:31 +0000 ROA not before: Wed 24 Dec 2025 11:11:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214238 IP address blocks: 5.253.56.0/24 maxlen: 24 5.253.57.0/24 maxlen: 24 5.253.58.0/24 maxlen: 24 45.88.66.0/24 maxlen: 24 87.120.108.0/24 maxlen: 24 87.120.196.0/24 maxlen: 24 87.121.216.0/24 maxlen: 24 93.123.31.0/24 maxlen: 24 94.125.102.0/24 maxlen: 24 94.125.103.0/24 maxlen: 24 185.207.14.0/24 maxlen: 24 185.207.15.0/24 maxlen: 24 185.252.179.0/24 maxlen: 24 193.8.186.0/24 maxlen: 24 193.8.187.0/24 maxlen: 24 193.148.56.0/24 maxlen: 24 193.148.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 12:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:0e:93:2d:30:3b:e1:30:74:f0:41:91:5b:a3:2d:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Dec 24 11:11:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3a702904560fab079ba6bb15172d9467ee981755 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d3:7e:28:cf:da:a4:48:a1:1b:50:02:5c:83: 6d:71:30:30:31:35:0a:07:ed:db:bc:c7:9e:14:b4: 1a:3d:d7:1b:49:cb:6b:8e:e6:3a:43:01:c7:0c:dd: 52:81:9b:37:33:cf:7f:23:64:92:d8:0d:5f:28:25: de:8a:60:6a:2e:8f:d2:40:2e:51:c9:c4:d6:5f:f5: c0:9b:ce:54:a8:36:4e:df:44:ab:16:de:69:61:2f: ad:13:b3:1f:e4:2e:9c:c9:b1:3a:b9:f8:49:9e:51: be:6e:fe:b7:ed:63:c3:82:bf:af:14:8f:6d:39:59: 27:be:4b:04:f5:72:62:96:e4:67:b3:81:5b:fd:29: ae:ec:06:47:37:ca:e0:c3:4f:1c:70:5d:2d:14:00: 7d:26:19:b8:70:e3:f7:0f:d1:2d:9d:69:66:05:17: 4b:03:63:13:ca:df:e5:49:ef:9f:1b:ef:f1:69:d3: 03:3f:f7:ce:8b:42:7d:ba:c5:bb:a1:7d:83:7a:e1: 43:ea:be:22:b5:66:c4:37:45:3e:10:02:b9:7b:84: cf:ad:cd:09:d0:2a:97:71:34:90:3a:45:a8:9d:07: 77:01:d8:34:ab:a9:2e:a6:ba:58:57:62:f9:22:ee: c5:1b:03:3e:bc:a4:af:58:c1:41:7b:68:1b:c5:4f: 00:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:70:29:04:56:0F:AB:07:9B:A6:BB:15:17:2D:94:67:EE:98:17:55 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OnApBFYPqwebprsVFy2UZ-6YF1U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.253.56.0-5.253.58.255 45.88.66.0/24 87.120.108.0/24 87.120.196.0/24 87.121.216.0/24 93.123.31.0/24 94.125.102.0/23 185.207.14.0/23 185.252.179.0/24 193.8.186.0/23 193.148.56.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:14:92:2b:cf:30:3f:67:6c:ed:44:92:0c:43:91:b9:97:5b: 69:20:e4:f6:04:aa:4c:3a:95:0e:de:fc:ce:c8:ee:a6:d2:ad: 75:07:74:3c:05:4c:e0:55:f0:4b:a0:63:5e:24:7e:ab:b8:40: a8:a3:f1:82:ba:08:9b:4f:ce:f7:17:c8:95:6a:b6:f1:52:94: 87:43:74:07:90:54:75:b4:af:71:4f:9e:10:cc:42:a4:ae:5d: 8e:f3:05:2e:f6:a3:dd:38:7a:d2:8e:fc:bc:d4:3a:d5:dd:4f: 1f:71:f6:c1:c0:96:a9:1f:cf:c3:20:e6:18:6d:3a:f1:a1:5a: f5:1c:b6:b4:78:6c:16:7e:b7:47:13:7b:7e:59:c0:db:3a:ea: 90:1e:c8:f4:46:78:4e:ac:b3:5f:13:7d:b2:a0:b9:8e:d8:c4: 80:da:f5:bb:02:6a:0f:ca:db:13:cc:1d:90:e3:32:88:4e:53: 44:a5:32:bd:59:ad:e5:8d:e6:e6:34:0e:f2:f3:42:ab:1d:fa: 43:73:d5:6e:40:1e:60:bc:b8:d4:ec:f3:7c:1e:da:3b:62:3d: 28:77:9f:95:31:44:15:5f:63:21:dd:b3:e6:5d:01:68:7d:68: 75:ff:3b:ab:1a:a8:56:5b:bf:a2:4a:07:ae:2e:9c:43:74:a9: 79:0b:2f:25 -----BEGIN CERTIFICATE----- MIIFQTCCBCmgAwIBAgISAZtQDpMtMDvhMHTwQZFboy3ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjUxMjI0MTExMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYTcwMjkwNDU2MGZhYjA3OWJhNmJiMTUxNzJkOTQ2N2VlOTgxNzU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29N+KM/apEihG1ACXINtcTAwMTUK B+3bvMeeFLQaPdcbSctrjuY6QwHHDN1SgZs3M89/I2SS2A1fKCXeimBqLo/SQC5R ycTWX/XAm85UqDZO30SrFt5pYS+tE7Mf5C6cybE6ufhJnlG+bv637WPDgr+vFI9t OVknvksE9XJiluRns4Fb/Smu7AZHN8rgw08ccF0tFAB9Jhm4cOP3D9EtnWlmBRdL A2MTyt/lSe+fG+/xadMDP/fOi0J9usW7oX2DeuFD6r4itWbEN0U+EAK5e4TPrc0J 0CqXcTSQOkWonQd3Adg0q6kuprpYV2L5Iu7FGwM+vKSvWMFBe2gbxU8AGQIDAQAB o4ICTTCCAkkwHQYDVR0OBBYEFDpwKQRWD6sHm6a7FRctlGfumBdVMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvT25BcEJGWVBxd2VicHJzVkZ5MlVaLTZZRjFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAMF/TgD BAAF/ToDBAAtWEIDBABXeGwDBABXeMQDBABXedgDBABdex8DBAFefWYDBAG5zw4D BAC5/LMDBAHBCLoDBAHBlDgwDQYJKoZIhvcNAQELBQADggEBAA4UkivPMD9nbO1E kgxDkbmXW2kg5PYEqkw6lQ7e/M7I7qbSrXUHdDwFTOBV8EugY14kfqu4QKij8YK6 CJtPzvcXyJVqtvFSlIdDdAeQVHW0r3FPnhDMQqSuXY7zBS72o904etKO/LzUOtXd Tx9x9sHAlqkfz8Mg5hhtOvGhWvUctrR4bBZ+t0cTe35ZwNs66pAeyPRGeE6ss18T fbKguY7YxIDa9bsCag/K2xPMHZDjMohOU0SlMr1ZreWN5uY0DvLzQqsd+kNz1W5A HmC8uNTs83we2jtiPSh3n5UxRBVfYyHds+ZdAWh9aHX/O6saqFZbv6JKB64unEN0 qXkLLyU= -----END CERTIFICATE-----Generated at Sun Dec 28 22:27:25 2025 by rpki-client