This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-TlohhJ4s5LlaWuT_-FVIYVAP9A.roa File: 1-TlohhJ4s5LlaWuT_-FVIYVAP9A.roa (raw, json) Hash identifier: NYOIYqmyE31spRz/+UGtr9lYJ/b9fw7ZP5zJXdmioAw= Subject key identifier: F9:39:68:86:12:78:B3:92:E5:69:6B:93:FF:E1:55:21:85:40:3F:D0 Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1 Certificate serial: 019AD679A88094BBDA139E4D5951D0842538 Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-TlohhJ4s5LlaWuT_-FVIYVAP9A.roa Signing time: Sun 30 Nov 2025 20:34:48 +0000 ROA not before: Sun 30 Nov 2025 20:34:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48678 IP address blocks: 2.56.108.0/24 maxlen: 24 2.56.109.0/24 maxlen: 24 5.181.85.0/24 maxlen: 24 5.181.87.0/24 maxlen: 24 45.13.190.0/24 maxlen: 24 45.81.113.0/24 maxlen: 24 45.81.115.0/24 maxlen: 24 45.88.139.0/24 maxlen: 24 45.94.170.0/24 maxlen: 24 45.132.181.0/24 maxlen: 24 45.132.183.0/24 maxlen: 24 45.144.213.0/24 maxlen: 24 85.209.120.0/24 maxlen: 24 193.57.41.0/24 maxlen: 24 194.15.52.0/24 maxlen: 24 195.211.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d6:79:a8:80:94:bb:da:13:9e:4d:59:51:d0:84:25:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1 Validity Not Before: Nov 30 20:34:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f93968861278b392e5696b93ffe1552185403fd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:04:b5:2a:8b:dd:03:b1:5c:3e:f9:5b:04:74: b4:0c:72:47:96:db:c3:df:b4:12:fe:36:b8:5c:99: 66:1e:68:9b:69:99:d1:2d:ea:93:1a:98:a7:1d:e3: 89:f1:d2:8f:3b:31:44:c6:de:a5:09:f6:01:a2:83: 1b:da:45:e6:50:33:b7:0f:ff:f9:f6:61:a0:16:84: 6d:e6:42:e9:cb:2c:6a:fc:27:6e:bd:00:1f:c5:9b: bd:12:f9:26:1d:36:57:bc:56:46:4d:f7:63:57:48: af:4b:72:54:9a:8e:79:5d:60:74:e8:ac:21:5d:58: be:a4:14:92:ee:97:ad:66:f9:7d:38:6f:c4:51:8b: 5d:9d:e3:b7:3e:c6:d9:77:a7:53:99:b8:b1:ee:7f: 0d:21:10:8b:b0:c2:88:55:e9:ab:d4:a0:76:70:10: 78:a8:47:d1:9f:b6:44:67:9a:47:7e:db:80:f0:15: df:d0:74:cc:f0:d2:9e:61:1e:7f:5f:43:5b:33:0f: f9:d0:ad:fd:5c:98:64:62:2c:cc:30:aa:87:64:7f: 3f:7a:79:51:8a:87:59:a8:92:c2:4b:15:c8:85:ce: a1:ff:1b:af:98:3f:99:61:08:72:53:24:f7:08:3a: 56:30:3f:89:0a:51:eb:95:9d:95:06:aa:c1:5d:51: dd:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:39:68:86:12:78:B3:92:E5:69:6B:93:FF:E1:55:21:85:40:3F:D0 X509v3 Authority Key Identifier: keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/1-TlohhJ4s5LlaWuT_-FVIYVAP9A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.108.0/23 5.181.85.0/24 5.181.87.0/24 45.13.190.0/24 45.81.113.0/24 45.81.115.0/24 45.88.139.0/24 45.94.170.0/24 45.132.181.0/24 45.132.183.0/24 45.144.213.0/24 85.209.120.0/24 193.57.41.0/24 194.15.52.0/24 195.211.188.0/24 Signature Algorithm: sha256WithRSAEncryption 67:aa:38:48:7e:d2:23:32:c0:66:14:72:40:3c:b7:24:39:0c: 97:bb:11:2c:47:8e:d2:db:fa:55:10:8e:35:62:45:df:8c:15: 1d:38:40:bb:60:41:18:f1:42:9b:e3:24:0a:03:0d:ea:3f:5c: 1b:cc:ce:30:56:40:02:5e:45:d9:90:bb:78:2d:9f:ec:89:ab: ac:06:f4:01:87:4c:5b:95:7f:7e:b2:a2:c4:6f:e9:32:62:9e: b5:7e:2a:0c:85:f6:a9:36:7c:7e:12:44:a2:94:10:05:87:0a: 3c:21:ec:71:0d:7f:52:8f:c9:e2:23:0e:9e:a1:71:8d:57:ea: bf:ff:c1:05:65:52:85:a7:a4:85:ac:ff:56:e4:42:1b:b3:67: 6c:ef:b1:3c:c4:b2:06:67:1c:1b:75:d8:53:18:2e:bb:e9:3b: 91:8f:f7:8e:34:2f:82:9f:82:6c:ac:2a:86:4e:27:ab:b6:e7: 2b:f3:7c:26:c3:eb:cd:d1:ae:47:fa:9d:05:b3:0d:e8:c8:0a: 93:bd:5c:e1:32:f0:32:cf:c6:30:bc:c9:1b:1b:f8:03:2d:56: b3:22:53:a2:96:3a:8a:07:fa:ee:d1:99:d6:60:32:f1:0b:07: ad:a1:a3:5c:e0:b5:8a:cf:33:d8:e3:3d:1f:ca:9e:4e:32:80: c7:cb:0b:2a -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgISAZrWeaiAlLvaE55NWVHQhCU4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy YTI4YTEwHhcNMjUxMTMwMjAzNDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTM5Njg4NjEyNzhiMzkyZTU2OTZiOTNmZmUxNTUyMTg1NDAzZmQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgS1KovdA7FcPvlbBHS0DHJHltvD 37QS/ja4XJlmHmibaZnRLeqTGpinHeOJ8dKPOzFExt6lCfYBooMb2kXmUDO3D//5 9mGgFoRt5kLpyyxq/CduvQAfxZu9EvkmHTZXvFZGTfdjV0ivS3JUmo55XWB06Kwh XVi+pBSS7petZvl9OG/EUYtdneO3PsbZd6dTmbix7n8NIRCLsMKIVemr1KB2cBB4 qEfRn7ZEZ5pHftuA8BXf0HTM8NKeYR5/X0NbMw/50K39XJhkYizMMKqHZH8/enlR iodZqJLCSxXIhc6h/xuvmD+ZYQhyUyT3CDpWMD+JClHrlZ2VBqrBXVHdXQIDAQAB o4ICXjCCAlowHQYDVR0OBBYEFPk5aIYSeLOS5Wlrk//hVSGFQD/QMB8GA1UdIwQY MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt ZWVmMzUxMWY2YzYwLzEvMS1UbG9oaEo0czVMbGFXdVRfLUZWSVlWQVA5QS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2 MC8xL25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjBzBggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAQI4bAME AAW1VQMEAAW1VwMEAC0NvgMEAC1RcQMEAC1RcwMEAC1YiwMEAC1eqgMEAC2EtQME AC2EtwMEAC2Q1QMEAFXReAMEAME5KQMEAMIPNAMEAMPTvDANBgkqhkiG9w0BAQsF AAOCAQEAZ6o4SH7SIzLAZhRyQDy3JDkMl7sRLEeO0tv6VRCONWJF34wVHThAu2BB GPFCm+MkCgMN6j9cG8zOMFZAAl5F2ZC7eC2f7ImrrAb0AYdMW5V/frKixG/pMmKe tX4qDIX2qTZ8fhJEopQQBYcKPCHscQ1/Uo/J4iMOnqFxjVfqv//BBWVShaekhaz/ VuRCG7NnbO+xPMSyBmccG3XYUxguu+k7kY/3jjQvgp+CbKwqhk4nq7bnK/N8JsPr zdGuR/qdBbMN6MgKk71c4TLwMs/GMLzJGxv4Ay1WsyJTopY6igf67tGZ1mAy8QsH raGjXOC1is8z2OM9H8qeTjKAx8sLKg== -----END CERTIFICATE-----Generated at Fri Dec 5 09:27:00 2025 by rpki-client