This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ds4O-E8NPiMK_2y1J2YXEFXW7V8.roa File: Ds4O-E8NPiMK_2y1J2YXEFXW7V8.roa (raw, json) Hash identifier: 5iEifpcs8/0UTeF6U+UH2snVghNurEYq26lTYygbKuw= Subject key identifier: 0E:CE:0E:F8:4F:0D:3E:23:0A:FF:6C:B5:27:66:17:10:55:D6:ED:5F Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019ADD7A488F5F51039BD34D9D11E7A4EE6D Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ds4O-E8NPiMK_2y1J2YXEFXW7V8.roa Signing time: Tue 02 Dec 2025 05:12:49 +0000 ROA not before: Tue 02 Dec 2025 05:12:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215152 IP address blocks: 151.243.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 05:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:dd:7a:48:8f:5f:51:03:9b:d3:4d:9d:11:e7:a4:ee:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Dec 2 05:12:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0ece0ef84f0d3e230aff6cb52766171055d6ed5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:86:5a:95:fb:ce:79:ae:38:ed:5c:ec:4e:dd: 8a:6a:ed:d3:af:58:55:2f:f0:c9:ae:96:1f:f2:13: 4f:6d:f5:c7:27:e3:67:8b:3c:94:50:31:cc:11:2b: c5:81:26:1e:96:ef:05:43:fa:10:5f:26:77:3b:ce: ce:8e:d3:97:af:a3:e9:1b:89:50:0f:30:df:00:6d: ee:d1:4f:37:e8:e3:07:09:0a:59:25:00:b0:5b:a1: ea:bf:db:81:56:64:7e:9e:cc:71:ac:8b:09:00:80: c5:ee:1a:25:e3:0d:08:fe:0a:7c:f4:46:0d:32:a5: 26:36:f2:17:3b:7c:7d:dd:23:6d:6f:01:b3:40:0e: af:44:ad:c2:fc:53:82:4a:e3:ff:80:37:1b:85:bb: e2:c7:8c:aa:00:9f:bf:90:2b:6d:6b:c8:ab:4a:e2: 7a:86:24:78:a9:44:74:ac:79:c8:1d:5f:33:12:59: de:94:43:33:0e:48:73:67:96:37:0b:e7:f5:f4:24: 93:0c:dd:7a:ce:5f:a3:2e:29:ea:ed:d5:5c:a7:bc: c6:ba:e0:fc:9d:01:1b:58:11:da:c9:6f:d7:ee:11: c3:e6:22:82:68:eb:95:e8:a6:09:d4:57:95:8c:00: 55:df:1f:01:97:a3:48:78:ee:44:6f:a2:ca:f2:4d: 3c:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:CE:0E:F8:4F:0D:3E:23:0A:FF:6C:B5:27:66:17:10:55:D6:ED:5F X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ds4O-E8NPiMK_2y1J2YXEFXW7V8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.243.157.0/24 Signature Algorithm: sha256WithRSAEncryption 03:6f:bf:c4:61:89:dc:19:e5:b6:f6:f8:b5:4a:70:d7:f0:52: d6:25:d2:db:ff:aa:56:0e:94:19:cc:01:42:f7:f2:3a:99:90: be:41:83:d2:78:86:3c:28:5b:c1:06:92:a5:ca:51:ad:9e:f7: 1a:19:0f:60:69:89:57:16:6c:6a:81:91:c7:1d:b0:78:ee:de: 45:a3:8b:a7:0e:b2:b3:5a:2a:f2:4c:00:9a:0e:ed:a2:6e:b1: 41:55:31:98:3b:7f:5b:f6:7b:04:52:0c:c8:67:a5:9b:99:c8: 81:2e:9a:43:23:75:1e:c7:38:12:9c:42:d1:4e:65:4e:1d:a7: f7:df:02:a6:20:be:42:ec:dc:25:2c:bd:00:03:2c:9d:16:ee: e3:62:17:a4:40:7a:8a:ba:16:a5:b0:d9:75:5d:f9:05:6e:de: 9c:ed:8e:4a:bf:41:10:f0:62:fe:43:e9:1b:0e:39:03:59:d0: 0a:3c:1b:f0:6c:44:8e:12:a2:45:64:e3:71:40:f2:49:aa:bd: 04:29:56:41:b3:e9:40:60:35:b3:79:c5:07:0a:ef:de:a9:9e: ca:4b:91:2e:e7:26:8c:04:8d:25:4f:fe:10:0b:c2:17:08:42: 0f:ba:68:db:2c:d5:fe:23:40:9a:c2:1d:8f:32:ab:94:fc:06: c9:91:68:27 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZrdekiPX1EDm9NNnRHnpO5tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMjAyMDUxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZWNlMGVmODRmMGQzZTIzMGFmZjZjYjUyNzY2MTcxMDU1ZDZlZDVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44ZalfvOea447VzsTt2Kau3Tr1hV L/DJrpYf8hNPbfXHJ+NnizyUUDHMESvFgSYelu8FQ/oQXyZ3O87OjtOXr6PpG4lQ DzDfAG3u0U836OMHCQpZJQCwW6Hqv9uBVmR+nsxxrIsJAIDF7hol4w0I/gp89EYN MqUmNvIXO3x93SNtbwGzQA6vRK3C/FOCSuP/gDcbhbvix4yqAJ+/kCtta8irSuJ6 hiR4qUR0rHnIHV8zElnelEMzDkhzZ5Y3C+f19CSTDN16zl+jLinq7dVcp7zGuuD8 nQEbWBHayW/X7hHD5iKCaOuV6KYJ1FeVjABV3x8Bl6NIeO5Eb6LK8k08GQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA7ODvhPDT4jCv9stSdmFxBV1u1fMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvRHM0Ty1FOE5QaU1LXzJ5MUoyWVhFRlhXN1Y4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/OdMA0G CSqGSIb3DQEBCwUAA4IBAQADb7/EYYncGeW29vi1SnDX8FLWJdLb/6pWDpQZzAFC 9/I6mZC+QYPSeIY8KFvBBpKlylGtnvcaGQ9gaYlXFmxqgZHHHbB47t5Fo4unDrKz WiryTACaDu2ibrFBVTGYO39b9nsEUgzIZ6WbmciBLppDI3UexzgSnELRTmVOHaf3 3wKmIL5C7NwlLL0AAyydFu7jYhekQHqKuhalsNl1XfkFbt6c7Y5Kv0EQ8GL+Q+kb DjkDWdAKPBvwbESOEqJFZONxQPJJqr0EKVZBs+lAYDWzecUHCu/eqZ7KS5Eu5yaM BI0lT/4QC8IXCEIPumjbLNX+I0Cawh2PMquU/AbJkWgn -----END CERTIFICATE-----Generated at Wed Dec 3 09:42:32 2025 by rpki-client