This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/st3XzWy3kVw5eSgd3eXzrBXfyS4.roa File: st3XzWy3kVw5eSgd3eXzrBXfyS4.roa (raw, json) Hash identifier: rj2XLQ0AbepWdsYqWC5/MBNdFyocme+9RLaP45aqwCw= Subject key identifier: B2:DD:D7:CD:6C:B7:91:5C:39:79:28:1D:DD:E5:F3:AC:15:DF:C9:2E Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019AE31977BA89615AF66F98B1B99A5999E7 Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/st3XzWy3kVw5eSgd3eXzrBXfyS4.roa Signing time: Wed 03 Dec 2025 07:24:48 +0000 ROA not before: Wed 03 Dec 2025 07:24:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 13335 IP address blocks: 138.249.21.0/24 maxlen: 24 170.168.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:19:77:ba:89:61:5a:f6:6f:98:b1:b9:9a:59:99:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Dec 3 07:24:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b2ddd7cd6cb7915c3979281ddde5f3ac15dfc92e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:45:b9:49:e1:15:00:b0:8b:e6:6a:c5:e1:fe: 91:b3:de:33:55:fb:77:e0:91:a3:0d:df:eb:68:12: 7b:a4:ce:4e:40:23:13:17:35:1b:0e:01:de:68:5f: 54:bf:75:41:70:88:3f:cd:1f:fe:04:fb:a6:2b:c4: b6:2b:eb:cb:ab:3d:2b:dd:62:35:96:8f:ea:55:69: 7f:eb:fd:b1:4c:2f:26:b8:48:9a:a7:a0:03:f6:91: af:35:23:28:d7:29:73:2b:8d:52:3a:99:40:22:d3: 8c:43:9a:1a:6d:40:51:27:9d:0e:3f:04:28:5c:5f: 08:f4:aa:ab:dc:51:42:70:d4:b8:de:03:60:a8:19: 0d:89:1f:9d:af:25:d8:b8:67:b0:7d:c8:41:ce:df: 75:f9:d6:32:53:3d:a0:da:7d:7d:e6:33:cf:ec:7c: 3c:90:69:6b:ca:4e:97:a4:d2:98:d8:c7:27:62:bb: 91:a5:5c:02:79:15:d4:5b:6e:88:f6:ea:93:8b:49: f0:fe:00:86:55:e4:f1:a6:f2:8c:f8:63:f0:87:31: c0:0c:89:49:cd:35:44:21:11:58:8d:23:f9:35:65: 57:04:62:be:c0:9c:8e:2b:75:d7:d7:d1:1c:04:15: f4:ff:b4:05:92:a4:ce:e1:9c:3c:06:fb:20:66:59: f3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:DD:D7:CD:6C:B7:91:5C:39:79:28:1D:DD:E5:F3:AC:15:DF:C9:2E X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/st3XzWy3kVw5eSgd3eXzrBXfyS4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.249.21.0/24 170.168.7.0/24 Signature Algorithm: sha256WithRSAEncryption 07:55:cd:55:c3:70:1d:d8:8b:03:4a:d8:50:5e:2f:b6:c2:db: 0d:f9:56:07:7d:1e:20:69:39:a6:6a:c4:f4:0c:4b:a6:5f:65: e5:18:c9:18:7e:5e:2e:a1:ec:18:7a:fa:bd:b3:32:24:fc:eb: 80:42:b7:99:9a:da:b2:24:66:5a:33:5c:03:8d:36:1d:e4:b8: 56:94:f0:a6:ed:5e:e9:76:59:6d:32:35:4f:df:8e:33:b3:45: 38:b1:8c:58:4b:ae:c6:d3:e5:db:c7:30:c5:bc:f6:ef:45:50: 47:d8:2b:ec:71:84:8d:53:fd:30:f2:ee:7f:92:81:85:8e:dc: 8f:00:91:57:d1:82:16:3a:33:3a:80:72:43:02:bb:b4:8b:86: 8c:39:0d:96:5a:5b:83:5d:fd:19:62:7b:e3:45:4c:97:61:f4: 5a:91:a5:02:36:65:58:7c:ce:47:55:80:2f:b1:ce:02:da:c4: b3:7b:d4:b7:c9:69:26:6e:24:d1:d7:b5:fd:e6:19:b8:ce:da: 93:9e:6b:01:1c:84:ed:95:67:d2:64:dc:1e:c6:54:08:16:a1: d8:a3:14:53:2e:c3:a2:34:73:60:68:0a:da:cc:cb:c6:91:c7: 69:5d:74:5e:dc:e6:06:f4:e3:12:cd:dd:67:28:e9:d7:28:95: e1:36:d2:2d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZrjGXe6iWFa9m+YsbmaWZnnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjUxMjAzMDcyNDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMmRkZDdjZDZjYjc5MTVjMzk3OTI4MWRkZGU1ZjNhYzE1ZGZjOTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEW5SeEVALCL5mrF4f6Rs94zVft3 4JGjDd/raBJ7pM5OQCMTFzUbDgHeaF9Uv3VBcIg/zR/+BPumK8S2K+vLqz0r3WI1 lo/qVWl/6/2xTC8muEiap6AD9pGvNSMo1ylzK41SOplAItOMQ5oabUBRJ50OPwQo XF8I9Kqr3FFCcNS43gNgqBkNiR+dryXYuGewfchBzt91+dYyUz2g2n195jPP7Hw8 kGlryk6XpNKY2McnYruRpVwCeRXUW26I9uqTi0nw/gCGVeTxpvKM+GPwhzHADIlJ zTVEIRFYjSP5NWVXBGK+wJyOK3XX19EcBBX0/7QFkqTO4Zw8BvsgZlnz9wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLLd181st5FcOXkoHd3l86wV38kuMB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEvc3QzWHpXeTNrVnc1ZVNnZDNlWHpyQlhmeVM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAivkVAwQA qqgHMA0GCSqGSIb3DQEBCwUAA4IBAQAHVc1Vw3Ad2IsDSthQXi+2wtsN+VYHfR4g aTmmasT0DEumX2XlGMkYfl4uoewYevq9szIk/OuAQreZmtqyJGZaM1wDjTYd5LhW lPCm7V7pdlltMjVP344zs0U4sYxYS67G0+XbxzDFvPbvRVBH2CvscYSNU/0w8u5/ koGFjtyPAJFX0YIWOjM6gHJDAru0i4aMOQ2WWluDXf0ZYnvjRUyXYfRakaUCNmVY fM5HVYAvsc4C2sSze9S3yWkmbiTR17X95hm4ztqTnmsBHITtlWfSZNwexlQIFqHY oxRTLsOiNHNgaArazMvGkcdpXXRe3OYG9OMSzd1nKOnXKJXhNtIt -----END CERTIFICATE-----Generated at Thu Dec 4 07:32:14 2025 by rpki-client