This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/aNFN_deRLTliE2Xht7fSVaNr7wE.roa File: aNFN_deRLTliE2Xht7fSVaNr7wE.roa (raw, json) Hash identifier: T4vy07sKMsQUWfCJQiD7caMWiUoGkiMPlqHDRvXrEdw= Subject key identifier: 68:D1:4D:FD:D7:91:2D:39:62:13:65:E1:B7:B7:D2:55:A3:6B:EF:01 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019A92CFB81E775A6735A30D267D7777F39E Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/aNFN_deRLTliE2Xht7fSVaNr7wE.roa Signing time: Mon 17 Nov 2025 17:14:37 +0000 ROA not before: Mon 17 Nov 2025 17:14:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 42689 IP address blocks: 158.173.194.0/24 maxlen: 24 158.173.196.0/24 maxlen: 24 158.173.201.0/24 maxlen: 24 158.173.209.0/24 maxlen: 24 158.173.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 10:28:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:92:cf:b8:1e:77:5a:67:35:a3:0d:26:7d:77:77:f3:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Nov 17 17:14:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=68d14dfdd7912d39621365e1b7b7d255a36bef01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0d:1a:8d:dd:ec:88:26:33:88:5b:32:69:df: 26:93:e2:a1:14:f8:6d:3e:ae:1b:8d:13:75:eb:b9: 4d:f0:78:65:a8:9e:fb:46:79:80:6d:71:f9:81:d2: b2:81:57:6c:19:ce:8a:53:65:b3:21:0b:df:fa:98: c3:76:7a:78:6e:f2:94:b7:a2:0d:1b:c6:70:86:07: 42:ed:f8:8f:7d:c8:4b:c5:d2:e9:19:16:46:59:c1: 1f:ab:8a:64:fb:d6:d1:36:e6:d8:42:b3:ce:86:fb: b3:14:de:79:1d:88:d7:9d:03:00:16:9e:c5:c1:e0: bd:cc:76:a7:52:5d:a8:a2:bd:54:22:2b:0e:64:54: c6:f0:81:f6:12:0f:b5:cb:e2:71:f3:15:3f:0d:a6: 89:c8:ce:df:f8:a9:a0:ee:8a:aa:2a:5f:3e:e7:43: fb:f2:72:9f:b0:50:81:5e:1b:87:9e:5a:3f:34:a9: 9b:db:ab:63:55:a1:10:4d:54:f0:7d:47:a2:42:f3: 58:c9:60:cd:3e:88:c1:ca:20:e4:b3:2a:10:fd:89: f3:0b:aa:69:05:b3:cd:29:14:86:fc:bd:af:37:c1: c2:97:a8:0d:f1:fe:e2:b8:e5:ae:31:ba:00:99:26: 79:6d:83:fc:6d:ed:57:68:36:23:ad:ac:de:52:22: 1c:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D1:4D:FD:D7:91:2D:39:62:13:65:E1:B7:B7:D2:55:A3:6B:EF:01 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/aNFN_deRLTliE2Xht7fSVaNr7wE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.194.0/24 158.173.196.0/24 158.173.201.0/24 158.173.209.0/24 158.173.212.0/24 Signature Algorithm: sha256WithRSAEncryption c2:ee:bd:72:15:ee:f0:9b:dd:91:1e:a3:e2:b2:7c:0b:ef:6f: 5f:62:ca:0b:6f:33:6f:44:ab:8f:80:d8:ce:fa:b9:4f:36:af: 7d:f7:06:8d:7e:6e:00:87:50:4a:6a:f2:3e:78:27:79:20:45: 5d:7a:67:04:37:6b:f8:f5:80:e4:73:87:0f:d2:75:7f:e3:fc: fb:ec:0a:15:9d:c4:f0:18:41:cc:83:d0:f4:dd:e2:50:9b:c7: a0:1a:4c:ce:bb:3e:bb:75:32:77:d0:d0:8a:f7:9a:25:c1:f1: de:1e:06:b0:95:8c:e0:cf:f4:f0:fe:a4:6f:50:22:6a:4d:ab: 6d:cf:59:37:6d:e2:e5:f8:46:3a:23:86:f4:82:4b:ca:02:6b: c6:7b:c0:cc:b3:0f:82:d7:6b:05:07:06:08:28:e4:17:72:80: 9a:f1:3b:a1:14:e8:59:f7:20:12:c1:4c:73:d4:da:98:36:76: 41:b7:2c:94:f5:a8:9b:21:d7:5b:50:7f:55:ba:5c:34:ec:1a: 76:4f:0a:e2:cf:20:bc:2f:28:25:3d:f6:d4:c9:7c:3c:73:05: 39:90:c3:86:61:f0:19:e7:3a:f5:d7:f9:3e:f7:71:15:c1:e1: c9:dd:d9:b2:bf:7a:98:31:92:4a:16:e0:72:a0:fb:3c:16:62: de:8c:f9:0c -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZqSz7ged1pnNaMNJn13d/OeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjUxMTE3MTcxNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGQxNGRmZGQ3OTEyZDM5NjIxMzY1ZTFiN2I3ZDI1NWEzNmJlZjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg0ajd3siCYziFsyad8mk+KhFPht Pq4bjRN167lN8HhlqJ77RnmAbXH5gdKygVdsGc6KU2WzIQvf+pjDdnp4bvKUt6IN G8ZwhgdC7fiPfchLxdLpGRZGWcEfq4pk+9bRNubYQrPOhvuzFN55HYjXnQMAFp7F weC9zHanUl2oor1UIisOZFTG8IH2Eg+1y+Jx8xU/DaaJyM7f+Kmg7oqqKl8+50P7 8nKfsFCBXhuHnlo/NKmb26tjVaEQTVTwfUeiQvNYyWDNPojByiDksyoQ/YnzC6pp BbPNKRSG/L2vN8HCl6gN8f7iuOWuMboAmSZ5bYP8be1XaDYjrazeUiIcgwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFGjRTf3XkS05YhNl4be30lWja+8BMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvYU5GTl9kZVJMVGxpRTJYaHQ3ZlNWYU5yN3dFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAnq3CAwQA nq3EAwQAnq3JAwQAnq3RAwQAnq3UMA0GCSqGSIb3DQEBCwUAA4IBAQDC7r1yFe7w m92RHqPisnwL729fYsoLbzNvRKuPgNjO+rlPNq999waNfm4Ah1BKavI+eCd5IEVd emcEN2v49YDkc4cP0nV/4/z77AoVncTwGEHMg9D03eJQm8egGkzOuz67dTJ30NCK 95olwfHeHgawlYzgz/Tw/qRvUCJqTattz1k3beLl+EY6I4b0gkvKAmvGe8DMsw+C 12sFBwYIKOQXcoCa8TuhFOhZ9yASwUxz1NqYNnZBtyyU9aibIddbUH9Vulw07Bp2 TwrizyC8LyglPfbUyXw8cwU5kMOGYfAZ5zr11/k+93EVweHJ3dmyv3qYMZJKFuBy oPs8FmLejPkM -----END CERTIFICATE-----Generated at Fri Dec 5 15:37:40 2025 by rpki-client