This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XrFN-m79vMOWBRZFhOTVNQbttdE.roa File: XrFN-m79vMOWBRZFhOTVNQbttdE.roa (raw, json) Hash identifier: GiVFAFVl9FNOt47MZ5KW7YmYFu8SagTJrg9KYyvDvWQ= Subject key identifier: 5E:B1:4D:FA:6E:FD:BC:C3:96:05:16:45:84:E4:D5:35:06:ED:B5:D1 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019A718F2737B7A7938F7D2F347C33334B02 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XrFN-m79vMOWBRZFhOTVNQbttdE.roa Signing time: Tue 11 Nov 2025 06:16:38 +0000 ROA not before: Tue 11 Nov 2025 06:16:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 23470 IP address blocks: 151.243.162.0/24 maxlen: 24 151.243.254.0/24 maxlen: 24 151.245.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:71:8f:27:37:b7:a7:93:8f:7d:2f:34:7c:33:33:4b:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Nov 11 06:16:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5eb14dfa6efdbcc39605164584e4d53506edb5d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:76:21:d2:cb:60:fd:99:c1:0c:42:f6:43:d1: d2:8e:7c:3d:44:93:98:72:3e:a3:b3:f3:5a:14:e7: 3b:4f:ab:db:de:2b:63:59:1b:f4:b9:6f:c2:ab:67: 6a:1b:93:f0:35:e4:bb:e1:87:21:a4:46:b0:76:17: d3:42:79:00:cf:dd:3b:2a:3d:36:66:c7:57:fe:dc: 8e:3a:ea:ed:8a:1f:6c:30:39:c3:31:af:b6:2d:94: 31:76:0b:38:f8:58:2e:00:b7:4f:9f:f8:a4:a5:9d: 6d:e4:bc:07:de:b7:0a:1f:28:b9:3c:d5:0a:bd:e1: 50:eb:0e:44:3c:52:c1:b5:60:e4:a4:9a:cb:f5:b7: f4:4b:43:0c:2f:2e:0e:2c:18:0a:3c:6d:30:12:b1: c2:53:2b:c9:19:4a:b9:27:45:7d:bd:5f:72:b8:1f: 4a:34:7f:bd:60:f6:ea:8b:c1:3d:21:af:a0:b1:eb: db:03:9e:fe:fa:3d:66:61:a5:1e:8e:8c:20:9c:16: 3c:85:c7:c5:52:47:ca:50:06:33:cb:f8:25:ac:37: 16:84:91:ad:8b:3b:00:2e:23:77:b9:12:a3:cb:19: ca:c0:c7:c1:45:ad:66:a0:b9:e4:6e:e2:cb:4c:7f: 88:cd:e1:1b:5f:52:b5:c6:85:5b:a0:9f:b9:5b:97: 9e:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:B1:4D:FA:6E:FD:BC:C3:96:05:16:45:84:E4:D5:35:06:ED:B5:D1 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XrFN-m79vMOWBRZFhOTVNQbttdE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.243.162.0/24 151.243.254.0/24 151.245.32.0/24 Signature Algorithm: sha256WithRSAEncryption 9f:ca:76:43:1e:7e:b0:6d:3f:d9:5c:0c:02:86:dc:98:1e:48: 54:2b:05:5d:ad:ae:b4:a8:5b:42:69:fc:a8:19:5e:e9:f9:d5: 66:97:df:6f:1e:69:05:b8:82:fa:60:1d:7f:48:6f:98:bc:e5: 11:d1:02:c7:fb:8b:3c:38:90:70:24:13:f0:ea:1f:84:28:07: c1:86:4e:6c:94:ba:87:df:ad:b7:ab:fc:12:7f:6f:a6:dc:c3: 70:aa:a3:f7:38:0f:58:84:ca:90:bf:15:23:97:b2:f2:5a:0e: 3b:3e:8a:ab:4c:23:fb:78:cf:8d:f3:87:0f:a3:ea:9a:cb:a9: 00:f4:27:8c:f8:4d:8a:51:2f:3e:c8:eb:d4:4d:f7:1f:38:39: 2d:bf:dd:b4:61:88:3d:40:07:09:de:90:cb:2a:bb:03:20:05: 23:3f:30:ba:e0:c5:9a:eb:a2:71:b6:a4:49:e3:df:e0:a7:7b: 9c:a1:1c:86:b7:a1:e2:91:36:60:ea:11:f3:3a:46:8d:c9:49: b1:00:f4:8e:c9:0d:18:7a:e5:55:0f:a8:ac:79:c7:94:47:d1: e2:01:da:70:3e:fa:b7:98:cb:69:41:ef:56:39:78:30:2b:c2: 41:86:91:5c:43:c4:74:16:8f:51:4e:e2:cf:e0:ad:6a:02:1c: e5:73:70:88 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZpxjyc3t6eTj30vNHwzM0sCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMTExMDYxNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZWIxNGRmYTZlZmRiY2MzOTYwNTE2NDU4NGU0ZDUzNTA2ZWRiNWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43Yh0stg/ZnBDEL2Q9HSjnw9RJOY cj6js/NaFOc7T6vb3itjWRv0uW/Cq2dqG5PwNeS74YchpEawdhfTQnkAz907Kj02 ZsdX/tyOOurtih9sMDnDMa+2LZQxdgs4+FguALdPn/ikpZ1t5LwH3rcKHyi5PNUK veFQ6w5EPFLBtWDkpJrL9bf0S0MMLy4OLBgKPG0wErHCUyvJGUq5J0V9vV9yuB9K NH+9YPbqi8E9Ia+gsevbA57++j1mYaUejowgnBY8hcfFUkfKUAYzy/glrDcWhJGt izsALiN3uRKjyxnKwMfBRa1moLnkbuLLTH+IzeEbX1K1xoVboJ+5W5eevwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFF6xTfpu/bzDlgUWRYTk1TUG7bXRMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvWHJGTi1tNzl2TU9XQlJaRmhPVFZOUWJ0dGRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/OiAwQA l/P+AwQAl/UgMA0GCSqGSIb3DQEBCwUAA4IBAQCfynZDHn6wbT/ZXAwChtyYHkhU KwVdra60qFtCafyoGV7p+dVml99vHmkFuIL6YB1/SG+YvOUR0QLH+4s8OJBwJBPw 6h+EKAfBhk5slLqH3623q/wSf2+m3MNwqqP3OA9YhMqQvxUjl7LyWg47PoqrTCP7 eM+N84cPo+qay6kA9CeM+E2KUS8+yOvUTfcfODktv920YYg9QAcJ3pDLKrsDIAUj PzC64MWa66JxtqRJ49/gp3ucoRyGt6HikTZg6hHzOkaNyUmxAPSOyQ0YeuVVD6is eceUR9HiAdpwPvq3mMtpQe9WOXgwK8JBhpFcQ8R0Fo9RTuLP4K1qAhzlc3CI -----END CERTIFICATE-----Generated at Sat Nov 22 22:10:54 2025 by rpki-client