This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Ck3VHyoqtaLe0NEfRSvDDIsAan4.roa File: Ck3VHyoqtaLe0NEfRSvDDIsAan4.roa (raw, json) Hash identifier: aNJ/6JoAfN8nN7gCIc/xQJeGz8NPOPwaBMeKzZgaQJw= Subject key identifier: 0A:4D:D5:1F:2A:2A:B5:A2:DE:D0:D1:1F:45:2B:C3:0C:8B:00:6A:7E Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019A83A32253F07D664FA291CF3CD648D3E0 Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Ck3VHyoqtaLe0NEfRSvDDIsAan4.roa Signing time: Fri 14 Nov 2025 18:31:37 +0000 ROA not before: Fri 14 Nov 2025 18:31:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205828 IP address blocks: 2a0d:5340::/29 maxlen: 29 2a0d:b2c0::/29 maxlen: 29 2a0f:2200::/29 maxlen: 29 2a0f:cb80::/29 maxlen: 29 2a11:25c0::/29 maxlen: 29 2a12:2f80::/29 maxlen: 29 2a12:ce00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 08:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:83:a3:22:53:f0:7d:66:4f:a2:91:cf:3c:d6:48:d3:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Nov 14 18:31:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0a4dd51f2a2ab5a2ded0d11f452bc30c8b006a7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:5b:17:42:28:7f:bf:7d:98:f3:ac:4b:3d:2a: 8f:91:ac:86:ca:8c:90:4f:ea:6b:33:37:5c:29:72: 8f:2e:10:c8:a7:f2:2b:cc:c3:3b:c5:45:1d:56:ab: 70:c7:2b:27:48:fd:b6:2c:96:dd:76:63:27:b1:64: a4:cd:ff:d9:72:37:42:38:18:d0:d4:1b:91:b0:99: f0:6a:b0:1d:ac:69:48:35:af:02:07:4d:cc:df:82: 6d:06:84:3a:01:95:14:20:c4:9b:f2:77:40:be:85: 14:fc:e6:d7:ca:8e:76:20:04:59:5e:06:e9:00:f6: 65:49:35:11:1b:f2:34:7a:98:50:45:65:d4:a8:46: 80:31:eb:20:b6:1b:27:cc:74:de:96:44:f9:f1:80: 27:3c:6c:5b:87:9c:1e:c2:0b:bb:3d:cf:85:ca:c9: 9e:de:62:65:24:98:db:34:8f:1b:83:63:d6:80:cf: 61:29:6d:7e:73:15:03:87:e1:bb:8d:34:a7:a0:dc: c2:93:da:75:75:2e:6a:ba:7f:ee:9f:28:23:ed:aa: 6f:35:0f:95:9e:b6:37:b6:c6:26:d2:df:38:a4:5b: bf:a6:a8:db:f9:d4:15:de:51:fe:87:37:1c:4d:3a: 42:bf:5c:7d:1c:02:4c:a2:af:47:19:8b:db:c3:b9: 2c:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:4D:D5:1F:2A:2A:B5:A2:DE:D0:D1:1F:45:2B:C3:0C:8B:00:6A:7E X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Ck3VHyoqtaLe0NEfRSvDDIsAan4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:5340::/29 2a0d:b2c0::/29 2a0f:2200::/29 2a0f:cb80::/29 2a11:25c0::/29 2a12:2f80::/29 2a12:ce00::/29 Signature Algorithm: sha256WithRSAEncryption 1b:74:fe:49:d5:22:67:54:a9:58:6f:7f:ec:c4:4b:7d:ee:d3: ea:77:db:0e:0d:e0:4a:e1:ab:c4:60:64:1e:3a:00:c3:18:f0: 94:46:b9:67:8d:2a:86:ec:9f:9c:92:e7:60:e7:3f:0d:a6:e6: 7e:ac:5b:ea:02:41:69:fd:ec:ba:4a:12:1c:61:e9:13:76:62: 48:6f:61:11:ef:5f:ed:e2:a9:99:21:a3:eb:65:01:18:dd:df: 2c:2d:d7:d1:2e:25:35:42:fa:66:04:91:7e:f1:9c:a1:48:8b: 33:66:59:bf:87:21:93:18:6b:ed:b2:b9:3a:c8:61:05:b4:ac: a8:22:77:c2:05:53:bc:fc:84:b8:aa:41:e9:2a:37:c9:49:47: 86:7b:66:43:25:b7:3b:92:8a:d3:28:21:48:67:c8:ad:4f:d9: aa:78:67:91:b7:f8:53:ef:57:4b:2c:7b:a9:80:f0:79:93:4a: dd:5f:b1:ab:ff:15:bd:41:2c:f1:d3:64:56:7a:8f:6c:6c:c1: 92:c3:b7:d8:03:ca:7b:3e:c6:e4:60:35:13:cd:53:7f:7f:74: c3:bd:ac:bc:4d:aa:5b:df:04:c1:89:5a:a5:35:cc:76:23:66: 55:8e:86:f8:c8:d8:cb:21:63:fe:8a:99:37:9a:f9:54:91:03: c6:25:f0:e5 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgISAZqDoyJT8H1mT6KRzzzWSNPgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjUxMTE0MTgzMTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTRkZDUxZjJhMmFiNWEyZGVkMGQxMWY0NTJiYzMwYzhiMDA2YTdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lsXQih/v32Y86xLPSqPkayGyoyQ T+prMzdcKXKPLhDIp/IrzMM7xUUdVqtwxysnSP22LJbddmMnsWSkzf/ZcjdCOBjQ 1BuRsJnwarAdrGlINa8CB03M34JtBoQ6AZUUIMSb8ndAvoUU/ObXyo52IARZXgbp APZlSTURG/I0ephQRWXUqEaAMesgthsnzHTelkT58YAnPGxbh5wewgu7Pc+Fysme 3mJlJJjbNI8bg2PWgM9hKW1+cxUDh+G7jTSnoNzCk9p1dS5qun/unygj7apvNQ+V nrY3tsYm0t84pFu/pqjb+dQV3lH+hzccTTpCv1x9HAJMoq9HGYvbw7ksuQIDAQAB o4ICNDCCAjAwHQYDVR0OBBYEFApN1R8qKrWi3tDRH0UrwwyLAGp+MB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvQ2szVkh5b3F0YUxlME5FZlJTdkRESXNBYW40LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg1TQAMF AyoNssADBQMqDyIAAwUDKg/LgAMFAyoRJcADBQMqEi+AAwUDKhLOADANBgkqhkiG 9w0BAQsFAAOCAQEAG3T+SdUiZ1SpWG9/7MRLfe7T6nfbDg3gSuGrxGBkHjoAwxjw lEa5Z40qhuyfnJLnYOc/Dabmfqxb6gJBaf3sukoSHGHpE3ZiSG9hEe9f7eKpmSGj 62UBGN3fLC3X0S4lNUL6ZgSRfvGcoUiLM2ZZv4chkxhr7bK5OshhBbSsqCJ3wgVT vPyEuKpB6So3yUlHhntmQyW3O5KK0yghSGfIrU/Zqnhnkbf4U+9XSyx7qYDweZNK 3V+xq/8VvUEs8dNkVnqPbGzBksO32APKez7G5GA1E81Tf390w72svE2qW98EwYla pTXMdiNmVY6G+MjYyyFj/oqZN5r5VJEDxiXw5Q== -----END CERTIFICATE-----Generated at Fri Dec 5 13:23:01 2025 by rpki-client