This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DfSK7HwBtyGY6TnJn4j2N_IG_kA.roa File: DfSK7HwBtyGY6TnJn4j2N_IG_kA.roa (raw, json) Hash identifier: Bi92kFSDKgmTLGOReJ1i5EO5CC02+NpKketGj2b4I0k= Subject key identifier: 0D:F4:8A:EC:7C:01:B7:21:98:E9:39:C9:9F:88:F6:37:F2:06:FE:40 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019B6EFE997A23667D118843B2F6FC26B759 Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DfSK7HwBtyGY6TnJn4j2N_IG_kA.roa Signing time: Tue 30 Dec 2025 11:22:17 +0000 ROA not before: Tue 30 Dec 2025 11:22:17 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 147.90.128.0/20 maxlen: 20 147.90.144.0/20 maxlen: 20 147.90.160.0/20 maxlen: 20 147.90.208.0/20 maxlen: 20 147.90.224.0/20 maxlen: 20 147.90.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6e:fe:99:7a:23:66:7d:11:88:43:b2:f6:fc:26:b7:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Dec 30 11:22:17 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0df48aec7c01b72198e939c99f88f637f206fe40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:7e:a0:f5:0c:5c:28:78:e2:32:50:b0:89:21: 69:f4:35:a3:08:8b:f0:4e:c7:08:0a:11:f6:dc:16: c0:54:58:87:d1:b7:b9:e5:b0:22:51:d1:4f:3c:36: 19:66:6c:18:6c:8e:68:b9:28:51:39:bb:09:81:36: cf:15:4e:1a:69:44:64:7b:17:79:51:4d:ee:ca:4c: a2:24:3b:f1:a7:02:9b:64:16:1f:be:70:12:f2:b0: d9:56:72:59:23:f4:9a:bd:cb:76:c4:74:c5:ce:ce: 48:ca:d1:44:b8:eb:e3:8e:94:c7:74:fe:34:08:8b: 6f:88:d7:28:2f:a8:cb:20:ec:17:24:e4:1c:a0:b7: 45:91:7c:da:43:cd:f1:ed:fb:69:e9:5e:ec:1a:1d: 13:8f:9b:32:db:fa:f3:a2:fc:0d:9a:eb:f8:54:b9: d4:92:e1:00:d2:86:6a:0c:1e:49:a3:d1:f9:5c:89: c7:14:e2:c2:aa:12:42:7a:25:df:e3:de:6b:42:29: 04:eb:c7:b5:9c:60:35:f1:aa:13:4f:d0:1a:7e:4e: 76:ed:44:bb:df:73:f9:8e:c9:e0:bb:8b:0c:96:d2: c8:c9:9c:45:2c:af:bd:d1:e2:32:8f:19:68:f6:fd: 21:a6:5c:c8:c0:47:ff:7f:6f:87:79:87:91:c2:de: ea:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:F4:8A:EC:7C:01:B7:21:98:E9:39:C9:9F:88:F6:37:F2:06:FE:40 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/DfSK7HwBtyGY6TnJn4j2N_IG_kA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.90.128.0-147.90.175.255 147.90.208.0-147.90.255.255 Signature Algorithm: sha256WithRSAEncryption dd:0f:01:20:2c:17:44:8b:37:ff:fe:39:a5:c2:c9:50:16:49: ba:dd:2f:9a:63:6e:64:e3:01:7a:2a:d3:8c:f1:b4:30:f4:23: 37:61:c4:0c:18:15:68:67:35:e7:4e:2f:a6:88:71:b9:48:f6: 0a:b1:a9:a7:52:29:70:d0:04:a8:cc:c7:0b:b8:bb:c7:a8:40: f9:54:50:fc:d3:b4:2a:c3:3d:99:cc:9c:37:6c:a6:7b:19:cf: bf:87:ea:e2:a5:a3:3e:ce:23:55:2f:f2:0f:d8:2e:33:b5:dd: 6c:bc:a4:e1:84:c6:14:f7:98:cc:42:2d:d0:3b:57:68:d8:92: bf:ab:fa:1a:6a:15:57:ec:33:ee:ba:b7:f3:fe:7e:d5:f2:19: 1e:e9:45:c9:7a:94:78:c5:58:1e:fa:88:3f:7e:61:65:c7:8c: ed:32:21:79:91:a4:2a:e4:bb:b9:16:42:26:e0:b3:fd:36:62: eb:df:f6:85:29:8a:aa:92:86:79:12:33:1a:7d:3f:36:01:33: 74:a0:3c:07:66:46:c4:40:16:ed:c6:b5:c8:e7:1a:ca:fc:d0: b0:62:c5:6b:b5:9f:6f:7a:a9:c5:24:35:37:74:1c:ea:2a:a1: eb:1d:4a:da:ac:aa:af:84:89:62:40:9b:cb:a5:8d:e7:92:ec: e2:f0:4b:2c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZtu/pl6I2Z9EYhDsvb8JrdZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjUxMjMwMTEyMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGY0OGFlYzdjMDFiNzIxOThlOTM5Yzk5Zjg4ZjYzN2YyMDZmZTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxX6g9QxcKHjiMlCwiSFp9DWjCIvw TscIChH23BbAVFiH0be55bAiUdFPPDYZZmwYbI5ouShRObsJgTbPFU4aaURkexd5 UU3uykyiJDvxpwKbZBYfvnAS8rDZVnJZI/Savct2xHTFzs5IytFEuOvjjpTHdP40 CItviNcoL6jLIOwXJOQcoLdFkXzaQ83x7ftp6V7sGh0Tj5sy2/rzovwNmuv4VLnU kuEA0oZqDB5Jo9H5XInHFOLCqhJCeiXf495rQikE68e1nGA18aoTT9Aafk527US7 33P5jsngu4sMltLIyZxFLK+90eIyjxlo9v0hplzIwEf/f2+HeYeRwt7qmQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFA30iux8AbchmOk5yZ+I9jfyBv5AMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvRGZTSzdId0J0eUdZNlRuSm40ajJOX0lHX2tBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAwDBAeTWoAD BASTWqAwCwMEBJNa0AMDAJNaMA0GCSqGSIb3DQEBCwUAA4IBAQDdDwEgLBdEizf/ /jmlwslQFkm63S+aY25k4wF6KtOM8bQw9CM3YcQMGBVoZzXnTi+miHG5SPYKsamn Uilw0ASozMcLuLvHqED5VFD807Qqwz2ZzJw3bKZ7Gc+/h+ripaM+ziNVL/IP2C4z td1svKThhMYU95jMQi3QO1do2JK/q/oaahVX7DPuurfz/n7V8hke6UXJepR4xVge +og/fmFlx4ztMiF5kaQq5Lu5FkIm4LP9NmLr3/aFKYqqkoZ5EjMafT82ATN0oDwH ZkbEQBbtxrXI5xrK/NCwYsVrtZ9veqnFJDU3dBzqKqHrHUrarKqvhIliQJvLpY3n kuzi8Ess -----END CERTIFICATE-----Generated at Tue Dec 30 21:08:28 2025 by rpki-client