This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OAEfvndtsWAVXnTQq0jlO5ALLVM.roa File: OAEfvndtsWAVXnTQq0jlO5ALLVM.roa (raw, json) Hash identifier: yq1pKxQh9ToV/Utdu1U5PT9ZaRTr/aMzdWJ0QfDu0nI= Subject key identifier: 38:01:1F:BE:77:6D:B1:60:15:5E:74:D0:AB:48:E5:3B:90:0B:2D:53 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019AD87EF3E4513C178824CC7ACC331C6518 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OAEfvndtsWAVXnTQq0jlO5ALLVM.roa Signing time: Mon 01 Dec 2025 05:59:49 +0000 ROA not before: Mon 01 Dec 2025 05:59:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215304 IP address blocks: 151.240.14.0/24 maxlen: 24 151.241.128.0/22 maxlen: 24 151.241.218.0/24 maxlen: 24 151.242.4.0/24 maxlen: 24 151.242.14.0/24 maxlen: 24 151.242.32.0/24 maxlen: 24 151.242.139.0/24 maxlen: 24 151.243.44.0/24 maxlen: 24 151.243.115.0/24 maxlen: 24 151.243.181.0/24 maxlen: 24 151.244.128.0/24 maxlen: 24 151.244.130.0/24 maxlen: 24 151.244.236.0/24 maxlen: 24 151.245.86.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 05:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d8:7e:f3:e4:51:3c:17:88:24:cc:7a:cc:33:1c:65:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Dec 1 05:59:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=38011fbe776db160155e74d0ab48e53b900b2d53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b1:48:8a:7b:8b:9f:45:82:36:72:82:b9:9f: 31:1c:70:9a:72:29:3b:30:a8:55:61:13:34:d4:6b: 8d:22:75:ff:31:37:bb:94:33:ba:db:df:ac:de:ad: 6c:ee:58:66:52:b7:d8:e4:99:eb:ad:e7:3f:94:4d: 08:3e:e8:4c:c3:23:f4:04:90:78:73:ff:88:9e:63: b5:d1:ef:ac:82:bc:9e:05:c8:68:f8:89:36:cd:48: 63:90:34:ec:db:c8:b1:5e:66:c9:8f:e8:a3:4c:72: 01:ba:16:2f:10:59:28:83:bf:d1:a6:5a:1d:a9:a1: cb:c2:20:38:25:23:16:f3:36:cd:53:10:ce:34:2a: 64:fd:af:36:4a:47:81:2c:3c:96:f8:05:a4:20:6b: ac:3d:af:7a:e3:1f:c7:b8:05:96:ce:14:8c:8f:01: b3:14:a3:b3:c2:7d:5d:ae:b5:18:ea:4b:c7:b3:ed: 13:6d:ea:fa:a0:94:4e:c5:8a:b5:77:f3:de:66:47: 9d:6b:3e:80:5d:12:6d:2b:b0:fb:c7:4d:f6:e6:e0: c4:c1:b9:2c:ac:1d:26:38:2e:50:b9:80:8c:b0:93: 72:05:df:b3:8a:27:cb:6b:81:10:bb:32:38:1a:4e: b7:c2:ac:8f:e7:e7:59:77:26:a4:7f:1b:05:89:70: d7:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:01:1F:BE:77:6D:B1:60:15:5E:74:D0:AB:48:E5:3B:90:0B:2D:53 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OAEfvndtsWAVXnTQq0jlO5ALLVM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.240.14.0/24 151.241.128.0/22 151.241.218.0/24 151.242.4.0/24 151.242.14.0/24 151.242.32.0/24 151.242.139.0/24 151.243.44.0/24 151.243.115.0/24 151.243.181.0/24 151.244.128.0/24 151.244.130.0/24 151.244.236.0/24 151.245.86.0/24 Signature Algorithm: sha256WithRSAEncryption 83:b1:ff:f7:ed:3d:bc:eb:7b:fa:cc:bc:bc:31:6b:91:26:7f: c2:40:2f:e8:91:77:12:32:ab:f5:85:16:04:36:84:69:56:bb: 0d:63:62:39:19:3b:31:a6:2e:52:46:94:64:0e:5f:81:02:0a: a6:d8:7f:b3:6a:03:96:51:d1:dd:31:64:3a:d6:e5:0f:5a:76: ce:88:1c:d0:52:a4:03:cc:3d:8b:50:ac:b9:67:24:dc:a8:c7: 90:a2:fb:ac:ae:aa:d0:22:20:d1:83:e8:e1:d1:d0:dc:da:21: e5:f8:ec:13:2d:ec:49:4c:ab:47:3c:72:2a:71:31:c8:32:d7: f7:26:35:d2:b1:1b:08:3d:c6:36:8c:cd:0f:53:3b:ac:1e:b4: 78:c6:8a:a1:34:2f:9b:c5:fb:78:a3:46:82:13:c1:22:b2:92: 59:f5:c3:41:b9:d5:f5:8d:0b:fa:cd:c5:6e:35:fb:25:63:f9: 37:d9:00:5a:2f:7f:e0:f5:c4:a8:34:90:33:61:cd:0e:eb:29: 3d:f0:01:d2:b2:c1:1d:77:30:92:fd:46:05:0a:ca:fd:3a:e0: 36:eb:7c:55:eb:84:3c:70:2d:e0:65:a8:b7:c9:e5:05:1a:7e: 84:98:33:e0:c8:e6:91:8c:ca:2c:a4:97:c2:68:b8:a9:ad:cd: 66:19:f3:82 -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZrYfvPkUTwXiCTMeswzHGUYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMjAxMDU1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzODAxMWZiZTc3NmRiMTYwMTU1ZTc0ZDBhYjQ4ZTUzYjkwMGIyZDUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLFIinuLn0WCNnKCuZ8xHHCacik7 MKhVYRM01GuNInX/MTe7lDO629+s3q1s7lhmUrfY5Jnrrec/lE0IPuhMwyP0BJB4 c/+InmO10e+sgryeBcho+Ik2zUhjkDTs28ixXmbJj+ijTHIBuhYvEFkog7/Rplod qaHLwiA4JSMW8zbNUxDONCpk/a82SkeBLDyW+AWkIGusPa964x/HuAWWzhSMjwGz FKOzwn1drrUY6kvHs+0Tber6oJROxYq1d/PeZkedaz6AXRJtK7D7x0325uDEwbks rB0mOC5QuYCMsJNyBd+ziifLa4EQuzI4Gk63wqyP5+dZdyakfxsFiXDXrwIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFDgBH753bbFgFV500KtI5TuQCy1TMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvT0FFZnZuZHRzV0FWWG5UUXEwamxPNUFMTFZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAl/AOAwQC l/GAAwQAl/HaAwQAl/IEAwQAl/IOAwQAl/IgAwQAl/KLAwQAl/MsAwQAl/NzAwQA l/O1AwQAl/SAAwQAl/SCAwQAl/TsAwQAl/VWMA0GCSqGSIb3DQEBCwUAA4IBAQCD sf/37T2863v6zLy8MWuRJn/CQC/okXcSMqv1hRYENoRpVrsNY2I5GTsxpi5SRpRk Dl+BAgqm2H+zagOWUdHdMWQ61uUPWnbOiBzQUqQDzD2LUKy5ZyTcqMeQovusrqrQ IiDRg+jh0dDc2iHl+OwTLexJTKtHPHIqcTHIMtf3JjXSsRsIPcY2jM0PUzusHrR4 xoqhNC+bxft4o0aCE8EispJZ9cNBudX1jQv6zcVuNfslY/k32QBaL3/g9cSoNJAz Yc0O6yk98AHSssEddzCS/UYFCsr9OuA263xV64Q8cC3gZai3yeUFGn6EmDPgyOaR jMospJfCaLiprc1mGfOC -----END CERTIFICATE-----Generated at Wed Dec 3 09:41:55 2025 by rpki-client