This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cHEFAyA1-QzvGZ3k33CuEXP1PMY.roa File: cHEFAyA1-QzvGZ3k33CuEXP1PMY.roa (raw, json) Hash identifier: XFqQHkDiYrCYc7M4eK4EVFkWHMjh2a1MdEmvDSVj9JI= Subject key identifier: 70:71:05:03:20:35:F9:0C:EF:19:9D:E4:DF:70:AE:11:73:F5:3C:C6 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019ACF3BD378F4F588BF9C48FF96F23E3002 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cHEFAyA1-QzvGZ3k33CuEXP1PMY.roa Signing time: Sat 29 Nov 2025 10:49:55 +0000 ROA not before: Sat 29 Nov 2025 10:49:55 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 199439 IP address blocks: 151.243.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 05:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cf:3b:d3:78:f4:f5:88:bf:9c:48:ff:96:f2:3e:30:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Nov 29 10:49:55 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=707105032035f90cef199de4df70ae1173f53cc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c9:2a:56:28:f9:09:19:3e:00:f9:58:00:80: 7c:dc:79:ff:8b:49:ec:3d:26:d5:b6:4b:71:a2:e5: ae:6b:b5:da:55:d5:a2:45:ee:69:a6:f5:4c:8a:d5: e8:fc:42:8a:b5:7f:56:66:68:f3:68:d4:94:5e:76: 60:7c:32:6e:97:30:67:cd:4b:25:2b:61:9b:e0:c8: 6c:a3:46:b4:bb:cf:4e:17:8a:16:96:ee:a4:2a:35: 2e:67:09:ce:f7:b0:96:a5:3d:4d:ac:ac:05:a9:de: 99:e2:1a:96:c3:6c:bc:d6:30:8d:10:6b:dd:ce:00: 85:fb:23:97:06:3b:61:fb:9f:aa:67:3b:49:22:af: bf:7f:bf:37:0c:a3:02:17:ab:43:82:3a:c0:f7:57: 5c:8e:86:d3:66:8b:3a:14:11:47:07:5a:90:bc:8b: 45:a5:af:59:6f:d6:45:aa:21:4a:de:aa:c2:b1:7f: b1:a6:92:4c:4a:21:06:b8:c1:81:fa:6d:fe:2f:35: 42:8a:f7:62:75:9a:68:2e:4f:cd:45:a3:91:e2:13: 1f:5e:5a:ed:fb:d6:e1:e5:79:bf:1b:12:ff:ab:89: 40:b6:8e:73:49:c2:1d:d8:d2:e7:b5:00:7a:da:23: 47:a5:51:ec:8b:b7:e7:da:17:7b:72:c0:44:53:0b: 41:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:71:05:03:20:35:F9:0C:EF:19:9D:E4:DF:70:AE:11:73:F5:3C:C6 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cHEFAyA1-QzvGZ3k33CuEXP1PMY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.243.149.0/24 Signature Algorithm: sha256WithRSAEncryption 03:90:fd:b5:89:3f:b1:c5:3c:73:59:60:ee:8d:07:59:54:b0: e7:b7:a8:8e:a6:c8:fc:ee:f0:bd:9a:45:49:64:d4:66:e4:fc: 0d:d7:d2:51:8c:23:81:a9:1c:e5:0a:91:60:e5:fb:b1:d0:fa: 00:36:d9:70:0b:4e:bb:8b:63:ba:d2:3c:2a:67:7d:51:70:2e: d0:39:bc:68:7e:76:42:a3:60:ef:fb:21:a7:ca:d5:3c:1e:ee: 9a:c2:88:ce:81:c5:f9:49:c9:b1:ff:a1:18:ce:45:3f:dd:12: 1f:7e:33:eb:4e:0d:ca:02:a3:27:32:48:74:ae:2c:65:54:b9: 0b:a6:88:78:e1:52:3c:64:e2:bf:65:2c:e1:ec:8c:57:50:24: 00:20:ab:47:40:71:75:30:db:6d:0d:a1:c3:fc:61:84:b9:8f: 73:27:8f:10:e3:16:16:4b:40:7e:60:34:6c:4c:4f:68:50:cf: 16:2b:bb:00:f8:f9:8d:78:4f:21:b8:c2:53:39:67:b4:4f:4a: c4:f0:46:de:6b:18:cf:38:ce:cf:27:00:f3:a3:91:fe:0c:67: 72:79:68:0f:be:82:45:72:b5:a8:34:32:f5:2c:a2:69:df:5e: e8:18:48:e7:73:7d:3f:a5:2e:fe:c6:8e:ce:bb:57:01:ab:00: a7:8a:87:99 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZrPO9N49PWIv5xI/5byPjACMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjUxMTI5MTA0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDcxMDUwMzIwMzVmOTBjZWYxOTlkZTRkZjcwYWUxMTczZjUzY2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMkqVij5CRk+APlYAIB83Hn/i0ns PSbVtktxouWua7XaVdWiRe5ppvVMitXo/EKKtX9WZmjzaNSUXnZgfDJulzBnzUsl K2Gb4Mhso0a0u89OF4oWlu6kKjUuZwnO97CWpT1NrKwFqd6Z4hqWw2y81jCNEGvd zgCF+yOXBjth+5+qZztJIq+/f783DKMCF6tDgjrA91dcjobTZos6FBFHB1qQvItF pa9Zb9ZFqiFK3qrCsX+xppJMSiEGuMGB+m3+LzVCivdidZpoLk/NRaOR4hMfXlrt +9bh5Xm/GxL/q4lAto5zScId2NLntQB62iNHpVHsi7fn2hd7csBEUwtBNQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHBxBQMgNfkM7xmd5N9wrhFz9TzGMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvY0hFRkF5QTEtUXp2R1ozazMzQ3VFWFAxUE1ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/OVMA0G CSqGSIb3DQEBCwUAA4IBAQADkP21iT+xxTxzWWDujQdZVLDnt6iOpsj87vC9mkVJ ZNRm5PwN19JRjCOBqRzlCpFg5fux0PoANtlwC067i2O60jwqZ31RcC7QObxofnZC o2Dv+yGnytU8Hu6awojOgcX5Scmx/6EYzkU/3RIffjPrTg3KAqMnMkh0rixlVLkL poh44VI8ZOK/ZSzh7IxXUCQAIKtHQHF1MNttDaHD/GGEuY9zJ48Q4xYWS0B+YDRs TE9oUM8WK7sA+PmNeE8huMJTOWe0T0rE8EbeaxjPOM7PJwDzo5H+DGdyeWgPvoJF crWoNDL1LKJp317oGEjnc30/pS7+xo7Ou1cBqwCnioeZ -----END CERTIFICATE-----Generated at Wed Dec 3 09:41:57 2025 by rpki-client