This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Wnr0lXuWTJoZzaah1NvolOPBUh0.roa File: Wnr0lXuWTJoZzaah1NvolOPBUh0.roa (raw, json) Hash identifier: jRLUOpF8RN1gslPD3/yupad1j6H1drudzBxTJOPRCN0= Subject key identifier: 5A:7A:F4:95:7B:96:4C:9A:19:CD:A6:A1:D4:DB:E8:94:E3:C1:52:1D Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019A9B5740E489E0695F8C2137A8FE72DE68 Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Wnr0lXuWTJoZzaah1NvolOPBUh0.roa Signing time: Wed 19 Nov 2025 08:59:37 +0000 ROA not before: Wed 19 Nov 2025 08:59:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 20473 IP address blocks: 2a0c:b641:20::/44 maxlen: 48 2a0c:b641:130::/44 maxlen: 48 2a0c:b642:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 20:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:57:40:e4:89:e0:69:5f:8c:21:37:a8:fe:72:de:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Nov 19 08:59:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5a7af4957b964c9a19cda6a1d4dbe894e3c1521d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e9:d8:55:a3:38:9e:a6:a9:09:02:10:38:3c: d3:0a:6d:c4:d7:a2:f2:18:06:22:2a:cb:2e:3e:a4: 9d:aa:09:4f:6e:f9:82:92:ff:8c:9f:dc:dc:54:9f: 86:33:d9:44:e2:96:b3:41:29:31:5c:34:fa:17:e9: ef:c8:15:f3:7d:8b:c6:02:c3:5a:56:45:a0:69:a5: bd:99:3c:bd:bb:e4:b5:45:c7:b5:03:fc:64:4b:63: 8f:65:78:0d:de:a3:b8:d1:7a:71:b1:96:2e:4c:c7: 59:a8:a4:ef:49:43:25:00:92:e6:fc:95:e0:e7:4a: a9:1c:15:ea:24:4b:2c:bd:e3:5a:71:83:17:c0:41: e2:a4:f1:ed:de:51:db:de:2e:f8:ae:7b:a0:51:b0: 15:b9:63:be:d0:08:e9:f5:6e:e1:36:b6:47:47:f2: b0:c3:bf:66:87:97:ef:c5:cb:24:4e:37:ef:03:60: 87:84:b5:2c:02:9d:c0:5f:48:74:4e:c4:fd:d8:6d: 13:1b:cf:8f:e2:88:be:7b:9f:71:3a:2b:8b:35:2e: b0:d8:55:37:32:9e:02:b4:37:f1:d0:c5:51:da:e1: ab:65:17:aa:44:df:2c:34:09:14:7c:95:f1:81:d2: d3:22:a3:87:56:dc:eb:f7:72:7c:4a:79:d7:42:3b: 3d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:7A:F4:95:7B:96:4C:9A:19:CD:A6:A1:D4:DB:E8:94:E3:C1:52:1D X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/Wnr0lXuWTJoZzaah1NvolOPBUh0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:20::/44 2a0c:b641:130::/44 2a0c:b642:2000::/36 Signature Algorithm: sha256WithRSAEncryption 28:ee:d2:82:52:6e:f5:6b:de:e0:52:0e:8d:d5:fe:cf:69:fb: 2b:6c:d3:81:ba:6b:6d:1e:d7:5d:3d:73:50:53:44:3c:21:43: 37:69:63:13:5f:22:70:5a:64:48:46:a0:e0:e8:79:48:95:fa: e1:34:f3:53:c6:8b:0c:76:d9:30:a9:05:48:23:eb:5e:84:2f: ba:5e:8d:65:f2:a5:10:6f:ae:3b:1d:65:80:aa:f2:0f:89:1a: 68:37:97:b1:8e:ce:c6:e5:56:bc:46:5c:e8:6c:19:6f:b8:d4: 6d:e6:c8:d2:c3:d9:72:04:40:f2:1e:97:10:c0:4f:28:b0:77: 9a:27:25:8f:a8:44:2c:76:24:a7:99:42:d2:b4:21:d8:22:7d: da:01:b8:d0:20:c9:37:25:15:53:bc:0f:26:3e:e4:22:a0:42: f6:bd:92:88:c0:ee:80:a6:f3:2d:92:f3:c6:01:b3:85:c3:8f: 26:4f:14:63:64:3f:d1:e2:2b:63:d3:6b:5c:69:3c:e0:ec:6c: 5e:53:50:22:3d:9e:3f:e5:10:96:eb:6b:7b:52:e8:20:95:98: 02:f2:1a:0f:a1:cc:a7:4e:b3:0d:69:97:c0:0e:03:59:7b:b9: 6f:4f:b0:77:f5:69:b9:bc:f4:10:dd:41:e5:61:d2:4f:f6:5b: 9b:4d:5c:2d -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZqbV0DkieBpX4whN6j+ct5oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjUxMTE5MDg1OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YTdhZjQ5NTdiOTY0YzlhMTljZGE2YTFkNGRiZTg5NGUzYzE1MjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsenYVaM4nqapCQIQODzTCm3E16Ly GAYiKssuPqSdqglPbvmCkv+Mn9zcVJ+GM9lE4pazQSkxXDT6F+nvyBXzfYvGAsNa VkWgaaW9mTy9u+S1Rce1A/xkS2OPZXgN3qO40XpxsZYuTMdZqKTvSUMlAJLm/JXg 50qpHBXqJEssveNacYMXwEHipPHt3lHb3i74rnugUbAVuWO+0Ajp9W7hNrZHR/Kw w79mh5fvxcskTjfvA2CHhLUsAp3AX0h0TsT92G0TG8+P4oi+e59xOiuLNS6w2FU3 Mp4CtDfx0MVR2uGrZReqRN8sNAkUfJXxgdLTIqOHVtzr93J8SnnXQjs9LwIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFFp69JV7lkyaGc2modTb6JTjwVIdMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvV25yMGxYdVdUSm9aemFhaDFOdm9sT1BCVWgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcEKgy2QQAg AwcEKgy2QQEwAwYEKgy2QiAwDQYJKoZIhvcNAQELBQADggEBACju0oJSbvVr3uBS Do3V/s9p+yts04G6a20e1109c1BTRDwhQzdpYxNfInBaZEhGoODoeUiV+uE081PG iwx22TCpBUgj616EL7pejWXypRBvrjsdZYCq8g+JGmg3l7GOzsblVrxGXOhsGW+4 1G3myNLD2XIEQPIelxDATyiwd5onJY+oRCx2JKeZQtK0IdgifdoBuNAgyTclFVO8 DyY+5CKgQva9kojA7oCm8y2S88YBs4XDjyZPFGNkP9HiK2PTa1xpPODsbF5TUCI9 nj/lEJbra3tS6CCVmALyGg+hzKdOsw1pl8AOA1l7uW9PsHf1abm89BDdQeVh0k/2 W5tNXC0= -----END CERTIFICATE-----Generated at Fri Nov 28 05:01:32 2025 by rpki-client