This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/JtkcpM1l5RxpvaIb8kNT0dPSR4Q.roa File: JtkcpM1l5RxpvaIb8kNT0dPSR4Q.roa (raw, json) Hash identifier: 3Dwj6Rh+MtNPBiT9j8BbiG18xMzCiU+EOSfKQeQx+k8= Subject key identifier: 26:D9:1C:A4:CD:65:E5:1C:69:BD:A2:1B:F2:43:53:D1:D3:D2:47:84 Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20 Certificate serial: 019ADCB397025534183CBBDA588A99A0DAB5 Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/JtkcpM1l5RxpvaIb8kNT0dPSR4Q.roa Signing time: Tue 02 Dec 2025 01:35:48 +0000 ROA not before: Tue 02 Dec 2025 01:35:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 22616 IP address blocks: 147.161.128.0/23 maxlen: 24 159.254.60.0/23 maxlen: 24 159.254.62.0/23 maxlen: 24 159.254.64.0/23 maxlen: 24 159.254.66.0/23 maxlen: 24 159.254.69.0/24 maxlen: 24 159.254.84.0/24 maxlen: 24 159.254.85.0/24 maxlen: 24 159.254.86.0/24 maxlen: 24 159.254.92.0/24 maxlen: 24 159.254.93.0/24 maxlen: 24 159.254.94.0/24 maxlen: 24 159.254.95.0/24 maxlen: 24 159.254.96.0/24 maxlen: 24 159.254.97.0/24 maxlen: 24 159.254.99.0/24 maxlen: 24 159.254.100.0/24 maxlen: 24 159.254.182.0/23 maxlen: 24 159.254.184.0/23 maxlen: 24 164.137.4.0/24 maxlen: 24 164.137.5.0/24 maxlen: 24 164.137.6.0/24 maxlen: 24 164.137.7.0/24 maxlen: 24 164.137.8.0/24 maxlen: 24 164.137.9.0/24 maxlen: 24 164.137.10.0/24 maxlen: 24 164.137.11.0/24 maxlen: 24 164.137.12.0/24 maxlen: 24 164.137.13.0/24 maxlen: 24 164.137.14.0/24 maxlen: 24 164.137.15.0/24 maxlen: 24 164.137.16.0/24 maxlen: 24 164.137.17.0/24 maxlen: 24 164.137.18.0/24 maxlen: 24 164.137.19.0/24 maxlen: 24 164.137.20.0/24 maxlen: 24 164.137.21.0/24 maxlen: 24 164.137.22.0/24 maxlen: 24 164.137.23.0/24 maxlen: 24 164.137.24.0/24 maxlen: 24 164.137.25.0/24 maxlen: 24 164.137.26.0/24 maxlen: 24 164.137.27.0/24 maxlen: 24 164.137.28.0/24 maxlen: 24 164.137.29.0/24 maxlen: 24 164.137.30.0/24 maxlen: 24 164.137.31.0/24 maxlen: 24 164.137.32.0/24 maxlen: 24 164.137.33.0/24 maxlen: 24 164.137.34.0/24 maxlen: 24 164.137.35.0/24 maxlen: 24 164.137.36.0/24 maxlen: 24 164.137.37.0/24 maxlen: 24 164.137.38.0/24 maxlen: 24 164.137.39.0/24 maxlen: 24 164.137.40.0/24 maxlen: 24 164.137.41.0/24 maxlen: 24 164.137.42.0/24 maxlen: 24 164.137.43.0/24 maxlen: 24 164.137.44.0/24 maxlen: 24 164.137.45.0/24 maxlen: 24 164.137.46.0/24 maxlen: 24 164.137.47.0/24 maxlen: 24 164.137.48.0/24 maxlen: 24 164.137.49.0/24 maxlen: 24 164.137.50.0/24 maxlen: 24 164.137.51.0/24 maxlen: 24 164.137.52.0/24 maxlen: 24 164.137.53.0/24 maxlen: 24 2a03:eec0:322b::/48 maxlen: 48 2a03:eec0:322c::/48 maxlen: 48 2a03:eec0:322d::/48 maxlen: 48 2a03:eec0:322e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 13:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:dc:b3:97:02:55:34:18:3c:bb:da:58:8a:99:a0:da:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20 Validity Not Before: Dec 2 01:35:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=26d91ca4cd65e51c69bda21bf24353d1d3d24784 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:5f:43:7d:2e:97:5d:ab:94:58:fc:de:db:9c: e8:c8:dd:8c:1c:5b:cf:e8:ec:bd:71:ed:e9:97:d5: c0:f4:13:f7:04:77:6a:3e:fe:14:9a:e8:da:d7:98: 26:26:f8:9b:82:f9:7d:c3:53:36:63:b0:7e:b6:df: 7f:a7:93:c7:b1:f1:0b:e9:eb:4e:0b:d1:22:0f:1d: c2:bf:a3:ad:56:ef:e5:50:40:78:a9:98:fe:4f:58: 78:27:9e:b0:7a:18:c7:27:4a:95:5f:12:15:6e:2c: dd:8f:72:bc:cb:89:64:25:ba:a1:70:b6:ab:51:7b: 1e:e1:99:94:87:2e:6f:e1:a3:52:6f:71:d3:df:19: a3:69:3d:7c:9b:c3:16:8c:37:15:35:1d:5a:4d:83: 9c:76:1f:14:13:38:5a:f5:39:e3:90:a2:08:3e:6f: fc:f0:3e:fc:14:64:8f:85:49:83:ee:84:44:2e:a7: 9b:6e:f3:fe:64:45:95:a4:2a:bb:0d:b6:88:71:0d: 8c:cf:23:61:46:c9:a7:0b:fc:96:55:6c:04:89:8e: aa:4a:53:ac:6c:04:50:f0:16:35:bb:58:84:69:35: 9e:65:23:7f:d4:7d:a0:be:15:6a:4d:16:f4:02:81: cf:4e:b5:97:2c:62:69:1b:09:fe:17:1f:a2:b4:03: 75:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:D9:1C:A4:CD:65:E5:1C:69:BD:A2:1B:F2:43:53:D1:D3:D2:47:84 X509v3 Authority Key Identifier: keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/JtkcpM1l5RxpvaIb8kNT0dPSR4Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.161.128.0/23 159.254.60.0-159.254.67.255 159.254.69.0/24 159.254.84.0-159.254.86.255 159.254.92.0-159.254.97.255 159.254.99.0-159.254.100.255 159.254.182.0-159.254.185.255 164.137.4.0-164.137.53.255 IPv6: 2a03:eec0:322b::-2a03:eec0:322e:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 87:5c:0d:33:7d:0e:5c:25:da:17:92:ec:73:ae:6b:92:ed:26: f1:10:aa:0d:ca:17:59:1c:fa:85:d9:bf:e5:8f:4e:db:d6:d3: 5b:db:33:b5:e8:d0:16:51:38:23:3a:56:d7:14:b3:2f:d2:1e: 19:a6:fa:ec:1f:06:b9:06:d1:17:0b:3e:2f:d5:8f:2d:21:66: e1:e5:e1:8d:0f:1b:9b:0f:76:bd:25:d3:e1:d2:41:25:1c:3f: 86:c9:04:46:75:8c:d0:f9:94:01:c3:6c:ac:7e:cd:ff:b0:c5: fe:b4:f6:92:97:83:cb:8f:58:c1:fc:bf:fb:58:a0:a9:ee:6c: 6e:2b:de:a1:60:fa:49:5a:3d:97:cf:c1:32:ca:3d:26:4c:69: 4a:4f:a5:79:b3:aa:0f:a5:03:46:c8:25:d9:92:db:fc:fe:a0: 75:dd:68:72:8d:91:36:e2:b1:91:ed:97:ec:56:df:46:57:e1: 60:6d:df:dd:4f:b0:8d:1d:86:7a:bd:0c:67:aa:a6:89:a1:3f: 74:a1:6d:31:b1:8d:ca:39:3c:f7:6a:1c:13:bf:c4:68:7e:cf: 25:2e:79:73:f4:d7:07:ba:59:4d:f5:81:64:55:6e:cb:58:26: 8d:33:e5:46:b7:9c:7a:f1:96:47:cf:bd:fd:2c:ab:d0:3b:10: e2:79:fa:c4 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgISAZrcs5cCVTQYPLvaWIqZoNq1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi OGFhMjAwHhcNMjUxMjAyMDEzNTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNmQ5MWNhNGNkNjVlNTFjNjliZGEyMWJmMjQzNTNkMWQzZDI0Nzg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl9DfS6XXauUWPze25zoyN2MHFvP 6Oy9ce3pl9XA9BP3BHdqPv4Umuja15gmJvibgvl9w1M2Y7B+tt9/p5PHsfEL6etO C9EiDx3Cv6OtVu/lUEB4qZj+T1h4J56wehjHJ0qVXxIVbizdj3K8y4lkJbqhcLar UXse4ZmUhy5v4aNSb3HT3xmjaT18m8MWjDcVNR1aTYOcdh8UEzha9TnjkKIIPm/8 8D78FGSPhUmD7oRELqebbvP+ZEWVpCq7DbaIcQ2MzyNhRsmnC/yWVWwEiY6qSlOs bARQ8BY1u1iEaTWeZSN/1H2gvhVqTRb0AoHPTrWXLGJpGwn+Fx+itAN1lwIDAQAB o4ICgjCCAn4wHQYDVR0OBBYEFCbZHKTNZeUcab2iG/JDU9HT0keEMB8GA1UdIwQY MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt YjliNjU0MDJiOTI4LzEvSnRrY3BNMWw1UnhwdmFJYjhrTlQwZFBTUjRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4 LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBmBAIAATBgAwQBk6GA MAwDBAKf/jwDBAKf/kADBACf/kUwDAMEAp/+VAMEAJ/+VjAMAwQCn/5cAwQBn/5g MAwDBACf/mMDBACf/mQwDAMEAZ/+tgMEAZ/+uDAMAwQCpIkEAwQBpIk0MBoEAgAC MBQwEgMHACoD7sAyKwMHACoD7sAyLjANBgkqhkiG9w0BAQsFAAOCAQEAh1wNM30O XCXaF5Lsc65rku0m8RCqDcoXWRz6hdm/5Y9O29bTW9sztejQFlE4IzpW1xSzL9Ie Gab67B8GuQbRFws+L9WPLSFm4eXhjQ8bmw92vSXT4dJBJRw/hskERnWM0PmUAcNs rH7N/7DF/rT2kpeDy49Ywfy/+1igqe5sbiveoWD6SVo9l8/BMso9JkxpSk+lebOq D6UDRsgl2ZLb/P6gdd1oco2RNuKxke2X7FbfRlfhYG3f3U+wjR2Ger0MZ6qmiaE/ dKFtMbGNyjk892ocE7/EaH7PJS55c/TXB7pZTfWBZFVuy1gmjTPlRrecevGWR8+9 /Syr0DsQ4nn6xA== -----END CERTIFICATE-----Generated at Wed Dec 3 23:00:56 2025 by rpki-client