This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/iuGj-59YkdETVJYHjQMTTtBg93o.roa File: iuGj-59YkdETVJYHjQMTTtBg93o.roa (raw, json) Hash identifier: qnnLWf0qzs2vAg52EM/Nl3P2tHvdwKQgHsebChSy3Bk= Subject key identifier: 8A:E1:A3:FB:9F:58:91:D1:13:54:96:07:8D:03:13:4E:D0:60:F7:7A Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe Certificate serial: 019AE38BE7F521E4370AAEF47C70E876900D Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/iuGj-59YkdETVJYHjQMTTtBg93o.roa Signing time: Wed 03 Dec 2025 09:29:48 +0000 ROA not before: Wed 03 Dec 2025 09:29:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 212238 IP address blocks: 5.1.40.0/24 maxlen: 24 2a06:fe40::/32 maxlen: 32 2a06:fe41::/32 maxlen: 32 2a06:fe42::/32 maxlen: 32 2a06:fe43::/32 maxlen: 32 2a06:fe44::/32 maxlen: 32 2a06:fe45::/32 maxlen: 32 2a06:fe46::/32 maxlen: 32 2a06:fe47::/32 maxlen: 32 2a09:1d80::/29 maxlen: 29 2a09:1d80::/32 maxlen: 32 2a09:1d81::/32 maxlen: 32 2a09:1d82::/32 maxlen: 32 2a09:1d83::/32 maxlen: 32 2a09:1d84::/32 maxlen: 32 2a09:1d85::/32 maxlen: 32 2a09:1d86::/32 maxlen: 32 2a09:1d87::/32 maxlen: 32 2a0e:2c00::/29 maxlen: 29 2a0e:6c00::/29 maxlen: 29 2a0e:6c00::/32 maxlen: 32 2a0e:6c01::/32 maxlen: 32 2a0e:6c02::/32 maxlen: 32 2a0e:6c03::/32 maxlen: 32 2a0e:6c04::/32 maxlen: 32 2a0e:6c05::/32 maxlen: 32 2a0e:6c06::/32 maxlen: 32 2a0e:6c07::/32 maxlen: 32 2a0e:8400::/29 maxlen: 29 2a11:ed80::/29 maxlen: 29 2a12:f80::/29 maxlen: 29 2a12:2f00::/29 maxlen: 29 2a12:3a80::/32 maxlen: 32 2a12:3a81::/32 maxlen: 32 2a12:3a82::/32 maxlen: 32 2a12:3a83::/32 maxlen: 32 2a12:3a84::/32 maxlen: 32 2a12:3a85::/32 maxlen: 32 2a12:3a86::/32 maxlen: 32 2a12:3a87::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 09:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:8b:e7:f5:21:e4:37:0a:ae:f4:7c:70:e8:76:90:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe Validity Not Before: Dec 3 09:29:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=8ae1a3fb9f5891d1135496078d03134ed060f77a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:da:49:33:9f:9b:6e:19:8b:ff:00:53:ad:58: 86:cf:dd:72:97:27:7e:c3:df:30:49:8f:4d:a4:56: 2a:c7:5a:c0:f1:49:90:ac:2f:d7:0e:c7:9b:30:90: 30:94:3e:28:0f:84:7c:ca:ad:2e:9e:62:d4:91:04: 0b:f8:3a:56:a0:1f:b4:5a:db:85:b7:fc:63:da:23: 55:0d:5a:0b:cf:50:09:af:9f:89:ce:ff:92:76:43: 45:0d:e0:4c:02:e3:e0:7e:ea:89:02:b5:d6:c9:23: e6:45:fc:86:71:5e:8d:a3:8e:16:66:1f:a8:2d:d3: a4:0b:d4:80:c5:7a:2d:29:52:3f:d3:dd:17:30:7b: 93:93:a9:bb:b6:9d:4d:2b:53:46:17:f8:43:d6:78: 43:c7:0e:3e:c4:06:e7:3e:6a:64:f8:c0:55:e1:35: 9d:07:66:4e:34:51:3f:7a:00:1d:ec:2b:c4:86:ef: 09:95:d9:a0:ee:fb:10:70:fd:d9:b0:e3:30:52:7c: 4c:cc:10:84:a9:37:bb:54:b4:b4:fa:b3:9e:2b:6b: 79:b9:f5:92:5c:fc:06:90:3a:22:18:5c:6a:07:56: 03:16:1c:c4:13:30:c0:c8:dc:a8:8b:6a:d8:d4:c9: 57:bd:8c:d0:57:70:76:fe:d8:0c:fa:8f:a6:a1:49: 66:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:E1:A3:FB:9F:58:91:D1:13:54:96:07:8D:03:13:4E:D0:60:F7:7A X509v3 Authority Key Identifier: keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/iuGj-59YkdETVJYHjQMTTtBg93o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.1.40.0/24 IPv6: 2a06:fe40::/29 2a09:1d80::/29 2a0e:2c00::/29 2a0e:6c00::/29 2a0e:8400::/29 2a11:ed80::/29 2a12:f80::/29 2a12:2f00::/29 2a12:3a80::/29 Signature Algorithm: sha256WithRSAEncryption 22:7e:ae:f7:9f:6f:d7:79:99:c2:b8:6e:7c:b2:c4:73:13:cf: 21:b1:3d:19:b9:e7:53:2d:35:ad:74:c4:7d:d8:36:84:f8:5d: 8f:4e:c9:14:5d:0d:05:78:21:62:d7:37:70:67:e4:f9:bc:28: 05:ba:23:a4:27:3d:06:93:b0:d1:4e:3d:76:f3:c3:bb:0f:52: bb:d5:42:c2:16:f4:fc:b2:cf:20:0b:5e:fa:d5:b5:78:82:87: 05:e6:f0:bd:80:b0:d4:91:4a:e9:bb:33:29:12:e3:fb:96:51: d2:8f:26:9a:6d:b1:12:ff:f7:f3:5c:f0:b4:ca:64:07:1e:3b: 81:b4:5e:63:f8:91:3b:bf:eb:b8:a2:1c:2d:63:01:ce:10:73: d8:ab:bc:a0:82:9d:2c:bc:09:47:92:cc:2c:d0:91:cf:de:ea: db:1b:db:bf:b7:f5:b7:56:13:8c:b5:14:8c:6d:fa:bf:0a:11: 4c:f9:6a:a0:31:6d:f3:88:9d:c4:da:3b:70:5b:00:ed:02:97: 29:a6:fb:00:4d:77:ab:bc:8f:c0:2f:45:b2:ce:d7:1d:2a:93: 54:d4:0c:64:81:e1:84:1f:61:22:e8:a9:51:ad:d1:9e:c4:9f: b6:7f:a2:13:4c:ba:65:38:96:c3:f0:ff:ba:a2:c2:05:e5:34: 7e:f6:64:4b -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgISAZrji+f1IeQ3Cq70fHDodpANMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw MjNlYmUwHhcNMjUxMjAzMDkyOTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWUxYTNmYjlmNTg5MWQxMTM1NDk2MDc4ZDAzMTM0ZWQwNjBmNzdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9pJM5+bbhmL/wBTrViGz91ylyd+ w98wSY9NpFYqx1rA8UmQrC/XDsebMJAwlD4oD4R8yq0unmLUkQQL+DpWoB+0WtuF t/xj2iNVDVoLz1AJr5+Jzv+SdkNFDeBMAuPgfuqJArXWySPmRfyGcV6No44WZh+o LdOkC9SAxXotKVI/090XMHuTk6m7tp1NK1NGF/hD1nhDxw4+xAbnPmpk+MBV4TWd B2ZONFE/egAd7CvEhu8Jldmg7vsQcP3ZsOMwUnxMzBCEqTe7VLS0+rOeK2t5ufWS XPwGkDoiGFxqB1YDFhzEEzDAyNyoi2rY1MlXvYzQV3B2/tgM+o+moUlmRQIDAQAB o4ICUDCCAkwwHQYDVR0OBBYEFIrho/ufWJHRE1SWB40DE07QYPd6MB8GA1UdIwQY MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt OTlhY2I5OWNlNzU0LzEvaXVHai01OVlrZEVUVkpZSGpRTVRUdEJnOTNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0 LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAMBAIAATAGAwQABQEoMEUE AgACMD8DBQMqBv5AAwUDKgkdgAMFAyoOLAADBQMqDmwAAwUDKg6EAAMFAyoR7YAD BQMqEg+AAwUDKhIvAAMFAyoSOoAwDQYJKoZIhvcNAQELBQADggEBACJ+rvefb9d5 mcK4bnyyxHMTzyGxPRm551MtNa10xH3YNoT4XY9OyRRdDQV4IWLXN3Bn5Pm8KAW6 I6QnPQaTsNFOPXbzw7sPUrvVQsIW9PyyzyALXvrVtXiChwXm8L2AsNSRSum7MykS 4/uWUdKPJpptsRL/9/Nc8LTKZAceO4G0XmP4kTu/67iiHC1jAc4Qc9irvKCCnSy8 CUeSzCzQkc/e6tsb27+39bdWE4y1FIxt+r8KEUz5aqAxbfOIncTaO3BbAO0Clymm +wBNd6u8j8AvRbLO1x0qk1TUDGSB4YQfYSLoqVGt0Z7En7Z/ohNMumU4lsPw/7qi wgXlNH72ZEs= -----END CERTIFICATE-----Generated at Wed Dec 3 12:02:01 2025 by rpki-client