This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/q8qAMkhA6HJlg0aSywXQrVdPv9I.roa File: q8qAMkhA6HJlg0aSywXQrVdPv9I.roa (raw, json) Hash identifier: TnA+ioTNoqnFdasYwvCbr2XZyb/3b5s6IyXOy8merdg= Subject key identifier: AB:CA:80:32:48:40:E8:72:65:83:46:92:CB:05:D0:AD:57:4F:BF:D2 Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003 Certificate serial: 019ADB305208FC0C5D2E76FFF6ED03E9249B Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/q8qAMkhA6HJlg0aSywXQrVdPv9I.roa Signing time: Mon 01 Dec 2025 18:32:48 +0000 ROA not before: Mon 01 Dec 2025 18:32:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 207957 IP address blocks: 64.188.89.0/24 maxlen: 24 64.188.90.0/24 maxlen: 24 64.188.98.0/24 maxlen: 24 64.188.127.0/24 maxlen: 24 77.239.107.0/24 maxlen: 24 144.31.82.0/24 maxlen: 24 144.31.83.0/24 maxlen: 24 144.31.93.0/24 maxlen: 24 144.31.107.0/24 maxlen: 24 144.31.108.0/24 maxlen: 24 144.31.188.0/24 maxlen: 24 144.31.189.0/24 maxlen: 24 144.31.213.0/24 maxlen: 24 144.31.214.0/24 maxlen: 24 144.31.215.0/24 maxlen: 24 144.31.216.0/24 maxlen: 24 144.31.217.0/24 maxlen: 24 144.31.218.0/24 maxlen: 24 144.31.219.0/24 maxlen: 24 144.31.222.0/24 maxlen: 24 150.241.82.0/24 maxlen: 24 150.241.83.0/24 maxlen: 24 185.170.153.0/24 maxlen: 24 185.170.154.0/24 maxlen: 24 193.23.195.0/24 maxlen: 24 193.23.200.0/24 maxlen: 24 193.23.201.0/24 maxlen: 24 193.23.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:db:30:52:08:fc:0c:5d:2e:76:ff:f6:ed:03:e9:24:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003 Validity Not Before: Dec 1 18:32:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=abca80324840e87265834692cb05d0ad574fbfd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:8d:2a:e7:a1:0e:e6:8e:cf:a6:1c:52:74:f8: e6:a3:91:11:57:ac:bf:46:fa:f6:be:8f:54:f7:1f: ea:77:71:3c:f8:07:58:ec:3a:29:b9:1f:0e:ce:ba: 23:08:99:15:f7:32:3f:55:97:14:6c:f1:b6:76:da: fb:25:54:fa:4f:bc:3f:5f:b6:07:84:88:2d:4c:40: e4:4f:48:d0:4e:ba:68:b7:2d:8a:9a:3c:76:32:83: b2:cf:32:09:16:9c:85:ff:8d:d3:60:71:94:d0:65: 8b:e0:e6:e1:c3:c0:1c:c2:66:a9:fe:5e:d1:b7:de: 37:a7:c7:27:d5:ce:8b:59:b1:a4:74:3f:e0:25:31: fe:ef:e1:b2:86:05:a3:b4:82:70:05:f1:51:81:0f: 46:6d:f0:2b:c5:31:0e:30:95:f4:1e:be:79:8d:38: 44:81:09:a9:a1:82:90:9f:40:c8:21:48:8d:40:84: b2:f5:06:ca:9e:62:f4:35:75:ef:09:63:9d:65:45: fe:d7:d9:9d:67:8f:5a:45:32:d3:51:ec:a8:3f:3d: 51:b9:3e:2e:73:b7:e9:9a:5e:49:24:2d:08:33:2e: 9a:ea:b2:8e:0c:3c:a0:07:64:01:4d:d3:47:51:1e: 72:3d:37:3b:5e:19:d1:1f:4a:ef:cf:01:0a:cb:81: 8a:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:CA:80:32:48:40:E8:72:65:83:46:92:CB:05:D0:AD:57:4F:BF:D2 X509v3 Authority Key Identifier: keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/q8qAMkhA6HJlg0aSywXQrVdPv9I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.188.89.0-64.188.90.255 64.188.98.0/24 64.188.127.0/24 77.239.107.0/24 144.31.82.0/23 144.31.93.0/24 144.31.107.0-144.31.108.255 144.31.188.0/23 144.31.213.0-144.31.219.255 144.31.222.0/24 150.241.82.0/23 185.170.153.0-185.170.154.255 193.23.195.0/24 193.23.200.0-193.23.202.255 Signature Algorithm: sha256WithRSAEncryption ae:8a:44:3d:aa:77:28:b5:9e:43:56:65:60:81:1b:5a:5f:9f: f7:98:fe:6d:07:c1:e5:d0:89:19:98:c1:b5:20:40:93:05:b6: 3c:56:47:69:15:1e:52:60:3b:eb:ab:27:55:41:5a:ce:e5:fb: 9c:5b:33:bc:39:19:86:ce:26:fb:fe:ed:8f:87:e8:34:88:af: 02:05:e7:0b:3a:a1:6e:d4:f8:e0:ec:a4:b8:d9:fb:aa:85:e8: 3d:83:8f:6e:3c:73:66:aa:51:37:a4:a3:e0:13:12:8c:f1:9c: d8:df:e8:0e:9c:67:b4:5d:f3:1d:a8:e9:ed:6c:c2:8f:d0:6f: f8:91:12:b5:02:c7:b1:e0:0c:7b:fb:11:7d:03:91:e6:16:7c: 9f:07:fb:e1:28:44:0a:8c:ea:0e:3f:39:8b:34:40:de:72:08: 0e:9e:f6:d3:ba:6b:19:63:23:50:6a:c4:2c:6c:15:70:0f:64: fd:90:f4:90:78:ef:d1:98:4c:ab:7e:a6:1b:7a:eb:83:ed:13: aa:38:31:74:4c:f1:f5:75:94:bb:01:0b:51:5f:86:e7:a2:38: f2:75:4d:31:ec:0b:aa:8c:44:64:1c:47:d4:ac:7b:3e:87:2d: 11:01:49:3c:68:e2:1e:64:4a:f2:d4:17:58:82:5d:0e:32:65: 24:c6:91:ac -----BEGIN CERTIFICATE----- MIIFdzCCBF+gAwIBAgISAZrbMFII/AxdLnb/9u0D6SSbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4 NDAwMDMwHhcNMjUxMjAxMTgzMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYmNhODAzMjQ4NDBlODcyNjU4MzQ2OTJjYjA1ZDBhZDU3NGZiZmQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko0q56EO5o7PphxSdPjmo5ERV6y/ Rvr2vo9U9x/qd3E8+AdY7DopuR8OzrojCJkV9zI/VZcUbPG2dtr7JVT6T7w/X7YH hIgtTEDkT0jQTrpoty2Kmjx2MoOyzzIJFpyF/43TYHGU0GWL4Obhw8Acwmap/l7R t943p8cn1c6LWbGkdD/gJTH+7+GyhgWjtIJwBfFRgQ9GbfArxTEOMJX0Hr55jThE gQmpoYKQn0DIIUiNQISy9QbKnmL0NXXvCWOdZUX+19mdZ49aRTLTUeyoPz1RuT4u c7fpml5JJC0IMy6a6rKODDygB2QBTdNHUR5yPTc7XhnRH0rvzwEKy4GKLQIDAQAB o4ICgzCCAn8wHQYDVR0OBBYEFKvKgDJIQOhyZYNGkssF0K1XT7/SMB8GA1UdIwQY MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt MTQzOTY3YThmZTA4LzEvcThxQU1raEE2SEpsZzBhU3l3WFFyVmRQdjlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4 LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfDAMAwQA QLxZAwQAQLxaAwQAQLxiAwQAQLx/AwQATe9rAwQBkB9SAwQAkB9dMAwDBACQH2sD BACQH2wDBAGQH7wwDAMEAJAf1QMEApAf2AMEAJAf3gMEAZbxUjAMAwQAuaqZAwQA uaqaAwQAwRfDMAwDBAPBF8gDBADBF8owDQYJKoZIhvcNAQELBQADggEBAK6KRD2q dyi1nkNWZWCBG1pfn/eY/m0HweXQiRmYwbUgQJMFtjxWR2kVHlJgO+urJ1VBWs7l +5xbM7w5GYbOJvv+7Y+H6DSIrwIF5ws6oW7U+ODspLjZ+6qF6D2Dj248c2aqUTek o+ATEozxnNjf6A6cZ7Rd8x2o6e1swo/Qb/iRErUCx7HgDHv7EX0DkeYWfJ8H++Eo RAqM6g4/OYs0QN5yCA6e9tO6axljI1BqxCxsFXAPZP2Q9JB479GYTKt+pht664Pt E6o4MXRM8fV1lLsBC1FfhueiOPJ1TTHsC6qMRGQcR9Ssez6HLREBSTxo4h5kSvLU F1iCXQ4yZSTGkaw= -----END CERTIFICATE-----Generated at Fri Dec 5 17:53:15 2025 by rpki-client