This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FvPKjQVXxDv5z7GgBdRoaiXeV3s.roa File: FvPKjQVXxDv5z7GgBdRoaiXeV3s.roa (raw, json) Hash identifier: WrkrrCdQ1+7SJ8e2H1Rg9do4fzcKcMWmlOSoFBQV3/8= Subject key identifier: 16:F3:CA:8D:05:57:C4:3B:F9:CF:B1:A0:05:D4:68:6A:25:DE:57:7B Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4 Certificate serial: 019B0F4134224B05C656B5324B32B7F5BBA0 Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FvPKjQVXxDv5z7GgBdRoaiXeV3s.roa Signing time: Thu 11 Dec 2025 21:11:29 +0000 ROA not before: Thu 11 Dec 2025 21:11:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 5.102.116.0/22 maxlen: 24 5.102.120.0/22 maxlen: 24 31.186.180.0/22 maxlen: 23 82.163.64.0/22 maxlen: 24 82.163.168.0/22 maxlen: 24 82.163.224.0/22 maxlen: 24 185.86.140.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:41:34:22:4b:05:c6:56:b5:32:4b:32:b7:f5:bb:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4 Validity Not Before: Dec 11 21:11:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=16f3ca8d0557c43bf9cfb1a005d4686a25de577b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:72:32:b3:a4:b9:31:fe:66:44:91:d1:4e:60: 8d:e0:f4:7d:55:3f:bb:ac:d2:71:dd:ed:3d:9b:64: cf:92:c3:5d:f3:cb:99:4e:7e:70:28:ad:47:0a:0b: 8d:6b:89:de:ca:5f:bc:53:6f:09:64:52:2d:f3:83: d9:d0:61:aa:bb:bc:8d:75:0d:ba:d4:f7:da:08:d2: 44:a6:13:db:a8:9e:5f:64:a3:28:30:41:2a:eb:ca: 5b:ba:bf:a5:d4:50:21:47:4d:94:c8:14:96:45:bb: be:b8:3a:66:1f:db:19:98:5f:c9:38:c9:64:90:d6: a5:12:70:86:1b:7a:25:dc:63:d6:38:b8:6f:85:e5: 4c:b3:55:15:9b:22:ce:9f:b5:21:31:11:f9:c8:09: c3:ef:04:dd:eb:16:a9:14:8d:4a:e8:13:c9:4d:2f: da:d2:62:fc:3f:76:01:6d:dc:a3:ee:c9:8d:2b:fd: 5e:f7:04:91:d1:26:e0:84:dc:de:b3:b0:30:4a:a9: 7c:2e:80:e2:72:7a:91:10:6d:73:36:50:cc:d2:6f: 28:8e:a8:bf:9a:28:83:e2:ef:e1:7f:fb:fb:2b:64: 40:81:c8:d4:2b:3a:64:2f:6d:a8:a6:e6:99:2a:b6: b5:2c:af:b1:31:c6:87:59:ad:0e:77:cf:da:ab:c5: 36:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:F3:CA:8D:05:57:C4:3B:F9:CF:B1:A0:05:D4:68:6A:25:DE:57:7B X509v3 Authority Key Identifier: keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/FvPKjQVXxDv5z7GgBdRoaiXeV3s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.102.116.0-5.102.123.255 31.186.180.0/22 82.163.64.0/22 82.163.168.0/22 82.163.224.0/22 185.86.140.0/23 Signature Algorithm: sha256WithRSAEncryption 40:5c:69:2b:94:ec:d9:ad:5b:da:79:21:86:40:c2:9c:51:15: e1:d9:80:ab:92:a1:b5:9f:12:5a:ac:3d:aa:b9:26:5b:95:5a: d0:ba:b6:b6:a0:0c:04:68:7c:fd:a1:b7:70:44:b7:12:aa:45: 39:d1:50:fe:71:c7:10:d5:22:d2:58:a4:b2:04:c1:81:e7:d8: 48:92:9d:15:0b:e4:f3:09:60:0a:ca:4f:b5:41:af:23:64:61: cc:8c:72:f7:77:88:6f:4a:c9:7e:c6:cc:2a:d8:d6:6b:d9:5e: 36:ad:90:b8:67:32:74:46:06:6e:16:df:79:5a:59:66:a0:49: 54:b5:21:77:70:31:60:b1:2f:57:a6:c2:f8:fc:cd:48:a2:fc: 91:32:b6:ba:51:12:30:bb:1e:e5:30:d6:b8:01:7c:10:61:56: 72:f1:ad:60:de:7c:25:c1:fe:02:8a:d5:6a:70:81:d5:f9:78: e3:f6:09:cf:8f:8f:6c:15:9e:09:3a:aa:b9:78:63:b8:62:89: 3d:ef:82:17:f2:7f:fe:01:00:15:54:4c:62:f7:0b:4a:c5:54: a9:13:22:dd:0c:36:da:7d:07:fb:c3:1c:28:e3:73:4a:1f:e5: b6:c1:d6:79:f7:b3:23:5a:78:f6:05:b1:87:3a:3b:4d:28:c3: 17:97:82:cd -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZsPQTQiSwXGVrUySzK39bugMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2 N2IxZTQwHhcNMjUxMjExMjExMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNmYzY2E4ZDA1NTdjNDNiZjljZmIxYTAwNWQ0Njg2YTI1ZGU1NzdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnIys6S5Mf5mRJHRTmCN4PR9VT+7 rNJx3e09m2TPksNd88uZTn5wKK1HCguNa4neyl+8U28JZFIt84PZ0GGqu7yNdQ26 1PfaCNJEphPbqJ5fZKMoMEEq68pbur+l1FAhR02UyBSWRbu+uDpmH9sZmF/JOMlk kNalEnCGG3ol3GPWOLhvheVMs1UVmyLOn7UhMRH5yAnD7wTd6xapFI1K6BPJTS/a 0mL8P3YBbdyj7smNK/1e9wSR0SbghNzes7AwSql8LoDicnqREG1zNlDM0m8ojqi/ miiD4u/hf/v7K2RAgcjUKzpkL22opuaZKra1LK+xMcaHWa0Od8/aq8U26QIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFBbzyo0FV8Q7+c+xoAXUaGol3ld7MB8GA1UdIwQY MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut ODk3MTRhN2U4ZDU4LzEvRnZQS2pRVlh4RHY1ejdHZ0JkUm9haVhlVjNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4 LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAIFZnQD BAIFZngDBAIfurQDBAJSo0ADBAJSo6gDBAJSo+ADBAG5VowwDQYJKoZIhvcNAQEL BQADggEBAEBcaSuU7NmtW9p5IYZAwpxRFeHZgKuSobWfElqsPaq5JluVWtC6trag DARofP2ht3BEtxKqRTnRUP5xxxDVItJYpLIEwYHn2EiSnRUL5PMJYArKT7VBryNk YcyMcvd3iG9KyX7GzCrY1mvZXjatkLhnMnRGBm4W33laWWagSVS1IXdwMWCxL1em wvj8zUii/JEytrpREjC7HuUw1rgBfBBhVnLxrWDefCXB/gKK1WpwgdX5eOP2Cc+P j2wVngk6qrl4Y7hiiT3vghfyf/4BABVUTGL3C0rFVKkTIt0MNtp9B/vDHCjjc0of 5bbB1nn3syNaePYFsYc6O00owxeXgs0= -----END CERTIFICATE-----Generated at Mon Dec 15 23:28:08 2025 by rpki-client