This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/DdDaxfuDMZLmyhuw8yZ5MS08ias.roa File: DdDaxfuDMZLmyhuw8yZ5MS08ias.roa (raw, json) Hash identifier: xJixleOcp32TuE8FVysJEHDhjJvV5vi+KN5Idb3e7K4= Subject key identifier: 0D:D0:DA:C5:FB:83:31:92:E6:CA:1B:B0:F3:26:79:31:2D:3C:89:AB Certificate issuer: /CN=358cd267c54a3fc228bca1dee372d96c60373c27 Certificate serial: 019A783E42C753D10E86F0EEED6742B0095F Authority key identifier: 35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/DdDaxfuDMZLmyhuw8yZ5MS08ias.roa Signing time: Wed 12 Nov 2025 13:25:37 +0000 ROA not before: Wed 12 Nov 2025 13:25:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214895 IP address blocks: 2a0c:3b40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.mft rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 30 Nov 2025 19:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:78:3e:42:c7:53:d1:0e:86:f0:ee:ed:67:42:b0:09:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=358cd267c54a3fc228bca1dee372d96c60373c27 Validity Not Before: Nov 12 13:25:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0dd0dac5fb833192e6ca1bb0f32679312d3c89ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:98:e2:a4:ba:1e:0b:dd:69:80:d4:b5:33:2e: 50:ca:ac:87:b9:64:37:3a:2c:d6:51:19:37:e6:01: 88:e8:16:41:02:4c:87:b3:12:04:09:88:b3:0e:53: 80:97:7d:c2:87:f2:48:5b:0b:3c:5d:43:fd:84:16: b5:f2:e0:95:96:12:c8:e6:58:6b:b1:70:04:13:23: ce:f2:2a:64:48:14:66:20:c6:99:4c:ee:c7:40:8d: d1:dc:bb:69:2b:7c:aa:e9:2e:5a:de:a0:e1:ce:1b: 53:e4:12:b7:3f:d5:b8:dd:f4:9a:f7:80:4b:8d:10: 86:d9:72:c6:26:84:8f:21:1c:88:cf:0b:1a:7a:1e: f1:bf:a2:bf:0d:a1:77:54:07:b3:62:b6:a5:39:27: cc:07:c1:ac:bf:92:19:ea:02:c8:fe:7a:03:ac:fc: fc:52:18:a7:86:a8:75:3e:ab:0c:08:e1:3d:bb:3f: f8:f4:da:7e:d9:eb:f9:ab:33:58:e6:a6:f8:84:6f: 55:b2:38:64:83:b7:87:fd:4a:2a:34:43:75:0c:cf: d7:12:b0:15:d5:7b:9e:21:14:bf:d9:07:49:40:d1: 50:10:76:15:8d:9c:fd:bc:5b:f4:91:b8:31:ef:88: 19:77:93:69:25:e0:84:f8:ba:61:b6:ee:b2:7c:4a: e1:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D0:DA:C5:FB:83:31:92:E6:CA:1B:B0:F3:26:79:31:2D:3C:89:AB X509v3 Authority Key Identifier: keyid:35:8C:D2:67:C5:4A:3F:C2:28:BC:A1:DE:E3:72:D9:6C:60:37:3C:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYzSZ8VKP8IovKHe43LZbGA3PCc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/DdDaxfuDMZLmyhuw8yZ5MS08ias.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/84a1b5-1aad-4edf-ab9b-8a2e9a46819b/1/NYzSZ8VKP8IovKHe43LZbGA3PCc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:3b40::/29 Signature Algorithm: sha256WithRSAEncryption 72:82:20:2e:90:58:51:6e:7a:1f:92:fe:fd:68:12:ec:ef:aa: 87:82:fb:bf:9b:41:59:e6:c5:e8:da:cb:eb:e2:59:07:44:4b: 60:29:b2:f3:87:37:6a:8f:fb:a9:2a:ca:48:67:a8:12:a4:f4: 2f:51:2f:fd:84:7e:7e:5e:61:1a:be:76:c3:09:c6:08:6f:81: 00:3c:dd:84:b5:a7:8b:b1:0e:3e:3c:fe:3a:42:c9:c3:38:72: 6b:0d:08:da:6b:9a:3f:ad:02:91:c4:c4:b2:46:0d:55:3f:b8: ba:bb:ec:c3:5a:03:0c:f2:da:1e:d5:33:b4:29:49:5f:17:28: 10:5f:d4:b9:34:51:14:7e:0c:2e:71:7e:ee:e6:c2:34:7b:f5: 81:f7:09:21:71:04:9a:aa:79:94:06:4b:11:10:d8:74:be:25: 6a:71:62:06:46:00:4b:99:07:99:31:4f:50:59:40:a2:b8:1c: 5a:b7:98:d3:cf:d6:82:44:24:82:f2:40:57:17:53:cb:fb:5f: 5a:36:f2:fe:f5:43:99:0a:b0:96:3c:46:b1:73:c8:93:8d:5e: 52:1e:f6:21:98:bc:2e:e6:30:90:a7:1b:60:b9:e3:9f:bb:2a: 01:1c:ad:72:20:32:37:d3:7c:c6:83:bf:98:75:30:13:3d:d8: b5:35:f4:0a -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZp4PkLHU9EOhvDu7WdCsAlfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OGNkMjY3YzU0YTNmYzIyOGJjYTFkZWUzNzJkOTZjNjAz NzNjMjcwHhcNMjUxMTEyMTMyNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGQwZGFjNWZiODMzMTkyZTZjYTFiYjBmMzI2NzkzMTJkM2M4OWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpjipLoeC91pgNS1My5QyqyHuWQ3 OizWURk35gGI6BZBAkyHsxIECYizDlOAl33Ch/JIWws8XUP9hBa18uCVlhLI5lhr sXAEEyPO8ipkSBRmIMaZTO7HQI3R3LtpK3yq6S5a3qDhzhtT5BK3P9W43fSa94BL jRCG2XLGJoSPIRyIzwsaeh7xv6K/DaF3VAezYralOSfMB8Gsv5IZ6gLI/noDrPz8 Uhinhqh1PqsMCOE9uz/49Np+2ev5qzNY5qb4hG9Vsjhkg7eH/UoqNEN1DM/XErAV 1XueIRS/2QdJQNFQEHYVjZz9vFv0kbgx74gZd5NpJeCE+Lphtu6yfErhVwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFA3Q2sX7gzGS5sobsPMmeTEtPImrMB8GA1UdIwQY MBaAFDWM0mfFSj/CKLyh3uNy2WxgNzwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWIt OGEyZTlhNDY4MTliLzEvRGREYXhmdURNWkxteWh1dzh5WjVNUzA4aWFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi84NGExYjUtMWFhZC00ZWRmLWFiOWItOGEyZTlhNDY4MTli LzEvTll6U1o4VktQOElvdktIZTQzTFpiR0EzUENjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgw7QDAN BgkqhkiG9w0BAQsFAAOCAQEAcoIgLpBYUW56H5L+/WgS7O+qh4L7v5tBWebF6NrL 6+JZB0RLYCmy84c3ao/7qSrKSGeoEqT0L1Ev/YR+fl5hGr52wwnGCG+BADzdhLWn i7EOPjz+OkLJwzhyaw0I2muaP60CkcTEskYNVT+4urvsw1oDDPLaHtUztClJXxco EF/UuTRRFH4MLnF+7ubCNHv1gfcJIXEEmqp5lAZLERDYdL4lanFiBkYAS5kHmTFP UFlAorgcWreY08/WgkQkgvJAVxdTy/tfWjby/vVDmQqwljxGsXPIk41eUh72IZi8 LuYwkKcbYLnjn7sqARytciAyN9N8xoO/mHUwEz3YtTX0Cg== -----END CERTIFICATE-----Generated at Sun Nov 30 04:45:32 2025 by rpki-client