This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/xDa2Pz3B2wJL0zsTAMbvnocyPXU.roa File: xDa2Pz3B2wJL0zsTAMbvnocyPXU.roa (raw, json) Hash identifier: 19U6IHM0vI18XeQ16uR+0FI1EeWINNJvH4VpJNwKK8o= Subject key identifier: C4:36:B6:3F:3D:C1:DB:02:4B:D3:3B:13:00:C6:EF:9E:87:32:3D:75 Certificate issuer: /CN=e30f8894f308172ace92fbe6052eec23853eadad Certificate serial: 019B3704E89CA573F7204B9E58264BC8DA7F Authority key identifier: E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/xDa2Pz3B2wJL0zsTAMbvnocyPXU.roa Signing time: Fri 19 Dec 2025 14:30:27 +0000 ROA not before: Fri 19 Dec 2025 14:30:27 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 3920 IP address blocks: 37.49.224.0/24 maxlen: 24 37.49.225.0/24 maxlen: 24 37.49.226.0/24 maxlen: 24 37.49.227.0/24 maxlen: 24 37.49.228.0/24 maxlen: 24 37.49.229.0/24 maxlen: 24 84.247.19.0/24 maxlen: 24 185.209.15.0/24 maxlen: 24 2a13:adc0::/48 maxlen: 48 2a13:adc0:1::/48 maxlen: 48 2a13:adc0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.crl rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.mft rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 08:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:37:04:e8:9c:a5:73:f7:20:4b:9e:58:26:4b:c8:da:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e30f8894f308172ace92fbe6052eec23853eadad Validity Not Before: Dec 19 14:30:27 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c436b63f3dc1db024bd33b1300c6ef9e87323d75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:21:2c:5a:06:e8:9c:3e:0f:bf:f8:55:78:fe: f0:83:3e:c3:ab:ca:bf:20:67:ec:86:59:18:0e:53: fe:87:c8:3a:74:92:6f:43:10:0a:7d:41:0c:76:a4: 87:db:77:80:c0:29:dc:6a:01:41:d3:20:26:f2:50: e8:e8:72:97:18:cb:92:53:fa:52:c0:a8:c4:29:5f: 71:ef:ac:d3:d7:73:ce:11:13:b0:32:54:78:17:9f: 47:12:34:63:94:d2:b3:83:6e:84:69:ab:3b:e4:8a: a9:c8:12:50:21:06:b2:f3:74:21:61:bf:0a:55:c9: 5a:f0:8b:0f:49:a8:8d:a9:c5:88:a4:58:a2:c5:69: e9:ed:9a:6d:5f:b6:ab:ec:98:8b:c2:4c:e8:a9:a1: 57:ac:ee:88:8f:0b:d1:dd:fb:df:bb:0d:27:94:c7: 53:cd:22:15:13:8a:8c:5e:5d:d3:24:1b:f6:ce:ee: b5:df:ea:16:ec:75:4c:a1:eb:a2:48:10:a0:c3:17: 26:04:45:62:0b:f3:bd:16:21:2d:60:ee:b4:f5:c2: c5:68:21:13:29:cd:82:d0:31:7a:71:3f:9d:35:13: a9:40:85:e1:82:14:75:b1:7b:b8:6f:d7:cf:04:f6: 6c:2e:af:cd:06:c0:00:9a:f1:1a:f5:27:de:16:cd: 53:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:36:B6:3F:3D:C1:DB:02:4B:D3:3B:13:00:C6:EF:9E:87:32:3D:75 X509v3 Authority Key Identifier: keyid:E3:0F:88:94:F3:08:17:2A:CE:92:FB:E6:05:2E:EC:23:85:3E:AD:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4w-IlPMIFyrOkvvmBS7sI4U-ra0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/xDa2Pz3B2wJL0zsTAMbvnocyPXU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/587460-eab7-40d9-a512-3e660d0252db/1/4w-IlPMIFyrOkvvmBS7sI4U-ra0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.49.224.0-37.49.229.255 84.247.19.0/24 185.209.15.0/24 IPv6: 2a13:adc0::-2a13:adc0:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 16:eb:54:0c:ce:4d:f1:b8:28:40:c6:94:57:a8:5d:24:2f:5d: bb:0f:9f:c4:38:6d:bf:bb:98:40:7a:76:f9:33:0a:67:02:f9: 6d:ef:f8:87:5b:f3:31:dd:55:9d:8d:12:35:35:de:33:8f:9e: 81:81:c2:88:09:25:ab:86:43:3b:0a:21:85:86:ed:16:76:ff: 7c:1a:8d:da:b8:3f:39:bb:a2:d9:7f:0a:90:9a:9a:32:0e:10: 49:7a:35:25:88:66:1a:75:9c:fe:cb:cb:cd:91:8b:d8:c5:fc: 74:45:84:0f:42:33:e4:bb:12:c6:8a:93:d1:51:cf:d1:97:8b: 0a:2c:06:d3:16:9d:d8:44:41:ac:75:82:b5:26:1a:42:bf:6e: e1:17:f0:72:d0:7f:6a:ea:e8:f2:d3:51:ae:f4:2d:75:36:6d: fa:a2:32:7d:84:b7:99:c3:f3:b0:75:ac:6c:99:52:78:64:e3: 32:38:27:d1:a3:ed:83:4e:3f:b8:26:ba:43:90:63:21:96:c6: 1a:73:a3:d4:4d:ba:77:4d:a9:32:93:98:56:56:17:56:cb:f0: e0:41:4d:1b:84:87:68:00:91:91:9d:e6:9b:7f:da:4d:fa:ae: 7e:7e:bc:36:4c:2a:21:b0:49:c7:1b:ca:da:55:7a:b6:69:a4: b1:09:32:6b -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgISAZs3BOicpXP3IEueWCZLyNp/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzMGY4ODk0ZjMwODE3MmFjZTkyZmJlNjA1MmVlYzIzODUz ZWFkYWQwHhcNMjUxMjE5MTQzMDI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDM2YjYzZjNkYzFkYjAyNGJkMzNiMTMwMGM2ZWY5ZTg3MzIzZDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SEsWgbonD4Pv/hVeP7wgz7Dq8q/ IGfshlkYDlP+h8g6dJJvQxAKfUEMdqSH23eAwCncagFB0yAm8lDo6HKXGMuSU/pS wKjEKV9x76zT13POEROwMlR4F59HEjRjlNKzg26Eaas75IqpyBJQIQay83QhYb8K Vcla8IsPSaiNqcWIpFiixWnp7ZptX7ar7JiLwkzoqaFXrO6IjwvR3fvfuw0nlMdT zSIVE4qMXl3TJBv2zu613+oW7HVMoeuiSBCgwxcmBEViC/O9FiEtYO609cLFaCET Kc2C0DF6cT+dNROpQIXhghR1sXu4b9fPBPZsLq/NBsAAmvEa9SfeFs1TZwIDAQAB o4ICNzCCAjMwHQYDVR0OBBYEFMQ2tj89wdsCS9M7EwDG756HMj11MB8GA1UdIwQY MBaAFOMPiJTzCBcqzpL75gUu7COFPq2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTIt M2U2NjBkMDI1MmRiLzEveERhMlB6M0Iyd0pMMHpzVEFNYnZub2N5UFhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS81ODc0NjAtZWFiNy00MGQ5LWE1MTItM2U2NjBkMDI1MmRi LzEvNHctSWxQTUlGeXJPa3Z2bUJTN3NJNFUtcmEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaMAwDBAUlMeAD BAElMeQDBABU9xMDBAC50Q8wGAQCAAIwEjAQAwUGKhOtwAMHACoTrcAAAjANBgkq hkiG9w0BAQsFAAOCAQEAFutUDM5N8bgoQMaUV6hdJC9duw+fxDhtv7uYQHp2+TMK ZwL5be/4h1vzMd1VnY0SNTXeM4+egYHCiAklq4ZDOwohhYbtFnb/fBqN2rg/Obui 2X8KkJqaMg4QSXo1JYhmGnWc/svLzZGL2MX8dEWED0Iz5LsSxoqT0VHP0ZeLCiwG 0xad2ERBrHWCtSYaQr9u4RfwctB/auro8tNRrvQtdTZt+qIyfYS3mcPzsHWsbJlS eGTjMjgn0aPtg04/uCa6Q5BjIZbGGnOj1E26d02pMpOYVlYXVsvw4EFNG4SHaACR kZ3mm3/aTfqufn68NkwqIbBJxxvK2lV6tmmksQkyaw== -----END CERTIFICATE-----Generated at Fri Dec 26 17:16:33 2025 by rpki-client