This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KXkxzqRDE-JXXAvPktAPh5u6xEg.roa File: KXkxzqRDE-JXXAvPktAPh5u6xEg.roa (raw, json) Hash identifier: X2e3NSUCRHxz7/OCgsEMpRsdKMViosRCcZ2KmB1xkVo= Subject key identifier: 29:79:31:CE:A4:43:13:E2:57:5C:0B:CF:92:D0:0F:87:9B:BA:C4:48 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019AA0EFB5ECFB663EFEEBA97AE15F86BE5B Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KXkxzqRDE-JXXAvPktAPh5u6xEg.roa Signing time: Thu 20 Nov 2025 11:04:15 +0000 ROA not before: Thu 20 Nov 2025 11:04:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9304 IP address blocks: 158.173.192.0/24 maxlen: 24 158.173.206.0/24 maxlen: 24 158.173.207.0/24 maxlen: 24 158.173.211.0/24 maxlen: 24 158.173.213.0/24 maxlen: 24 158.173.214.0/24 maxlen: 24 158.173.215.0/24 maxlen: 24 158.173.217.0/24 maxlen: 24 158.173.218.0/24 maxlen: 24 158.173.220.0/24 maxlen: 24 158.173.222.0/24 maxlen: 24 158.173.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a0:ef:b5:ec:fb:66:3e:fe:eb:a9:7a:e1:5f:86:be:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Nov 20 11:04:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=297931cea44313e2575c0bcf92d00f879bbac448 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:32:92:d2:de:ed:14:67:ad:2a:c6:f1:bc:4a: 72:df:7a:95:dd:b5:a5:8b:da:33:a7:a6:3c:1e:c3: 3a:5d:7b:8c:29:5e:a7:21:e8:47:09:5f:94:81:bb: 2d:df:6e:db:cd:8c:aa:86:da:8f:2a:8e:f1:10:88: b0:a7:af:4a:5d:17:d9:ab:c0:f4:5f:54:42:b8:0e: 65:51:1d:74:ac:1d:43:60:3a:98:ef:e5:a3:b1:c7: f7:15:a7:98:d8:0f:0f:b8:a5:77:6c:6b:f9:1d:ce: de:9f:9b:54:0d:a8:c1:a2:81:0f:fb:66:9c:cb:3d: 72:d7:ff:3f:7d:9d:3b:c1:60:65:ea:9f:d6:4e:cb: 7f:67:9f:71:00:79:f9:61:1e:2c:23:e1:52:02:29: c3:f8:8c:b4:0a:dd:36:53:c7:02:e5:53:21:ec:61: c3:25:b1:02:6c:b9:1d:c0:0f:93:32:8c:ea:5e:ed: 2c:d5:2a:d8:9c:4f:90:b2:3e:b5:4c:25:6e:e8:a3: 1e:c5:4f:15:c0:43:76:eb:51:f5:52:dc:8f:0a:63: 07:82:bc:4f:58:29:f1:5b:45:3e:de:ce:ef:c1:4e: 9a:a0:a6:ef:9d:73:9b:95:43:33:e9:08:26:eb:44: 66:c5:37:60:c4:83:9c:98:ba:3b:1b:eb:d5:fd:77: d6:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:79:31:CE:A4:43:13:E2:57:5C:0B:CF:92:D0:0F:87:9B:BA:C4:48 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/KXkxzqRDE-JXXAvPktAPh5u6xEg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.192.0/24 158.173.206.0/23 158.173.211.0/24 158.173.213.0-158.173.215.255 158.173.217.0-158.173.218.255 158.173.220.0/24 158.173.222.0/23 Signature Algorithm: sha256WithRSAEncryption 58:30:e6:5b:89:3c:ba:c9:5d:35:3c:b9:5a:cc:f6:38:d1:43: 19:c0:8b:8f:bf:58:c9:3f:5e:f9:6a:c6:ec:33:04:12:18:ff: 1f:08:d1:67:fd:89:d9:09:0a:57:b7:18:d0:ff:52:dd:80:25: ca:d2:68:af:35:03:13:62:83:bf:f9:b0:8c:23:38:4f:65:8d: 72:32:d4:5e:d0:92:10:1a:14:2c:be:f1:95:10:62:31:61:e2: 0e:82:f2:2f:13:fe:d4:c3:76:a1:be:da:4d:a7:3b:45:64:d2: a5:fd:12:9f:10:f6:6e:55:34:d6:c0:99:63:45:15:fd:43:8e: 2b:e9:6f:f5:bb:28:dc:43:60:66:e6:48:bf:7f:17:5e:cf:9f: 34:45:ed:b8:e3:5f:88:69:08:5f:d1:ec:d9:30:ce:14:a3:8a: 36:11:18:89:ad:86:f1:fb:6c:e7:63:70:1a:55:6d:96:92:86: 87:a2:88:26:bf:13:72:ee:2d:f6:64:2c:cd:3f:af:03:67:c2: ad:85:05:90:4a:11:50:9f:fd:f6:92:2b:70:e4:5c:03:c1:a3: 98:ad:5c:41:24:cc:ee:fe:2e:b6:bf:17:1b:0c:c8:7c:d5:be: 9a:24:ff:46:a0:02:e3:a3:42:68:ea:eb:1a:a4:79:95:a5:60: ad:71:63:94 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZqg77Xs+2Y+/uupeuFfhr5bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjUxMTIwMTEwNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOTc5MzFjZWE0NDMxM2UyNTc1YzBiY2Y5MmQwMGY4NzliYmFjNDQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTKS0t7tFGetKsbxvEpy33qV3bWl i9ozp6Y8HsM6XXuMKV6nIehHCV+Ugbst327bzYyqhtqPKo7xEIiwp69KXRfZq8D0 X1RCuA5lUR10rB1DYDqY7+Wjscf3FaeY2A8PuKV3bGv5Hc7en5tUDajBooEP+2ac yz1y1/8/fZ07wWBl6p/WTst/Z59xAHn5YR4sI+FSAinD+Iy0Ct02U8cC5VMh7GHD JbECbLkdwA+TMozqXu0s1SrYnE+Qsj61TCVu6KMexU8VwEN261H1UtyPCmMHgrxP WCnxW0U+3s7vwU6aoKbvnXOblUMz6Qgm60RmxTdgxIOcmLo7G+vV/XfWjwIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFCl5Mc6kQxPiV1wLz5LQD4ebusRIMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvS1hreHpxUkRFLUpYWEF2UGt0QVBoNXU2eEVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAnq3AAwQB nq3OAwQAnq3TMAwDBACerdUDBAOerdAwDAMEAJ6t2QMEAJ6t2gMEAJ6t3AMEAZ6t 3jANBgkqhkiG9w0BAQsFAAOCAQEAWDDmW4k8usldNTy5Wsz2ONFDGcCLj79YyT9e +WrG7DMEEhj/HwjRZ/2J2QkKV7cY0P9S3YAlytJorzUDE2KDv/mwjCM4T2WNcjLU XtCSEBoULL7xlRBiMWHiDoLyLxP+1MN2ob7aTac7RWTSpf0SnxD2blU01sCZY0UV /UOOK+lv9bso3ENgZuZIv38XXs+fNEXtuONfiGkIX9Hs2TDOFKOKNhEYia2G8fts 52NwGlVtlpKGh6KIJr8Tcu4t9mQszT+vA2fCrYUFkEoRUJ/99pIrcORcA8GjmK1c QSTM7v4utr8XGwzIfNW+miT/RqAC46NCaOrrGqR5laVgrXFjlA== -----END CERTIFICATE-----Generated at Thu Dec 4 04:21:27 2025 by rpki-client