This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/At4qwRrTCrzOC0eZH_FqPBlwba0.roa File: At4qwRrTCrzOC0eZH_FqPBlwba0.roa (raw, json) Hash identifier: 7UUSHILU28NArEIkSIIioL3aoyDaZRhNLbrCkN9h31U= Subject key identifier: 02:DE:2A:C1:1A:D3:0A:BC:CE:0B:47:99:1F:F1:6A:3C:19:70:6D:AD Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4 Certificate serial: 019B3BAFB6BA52A1DB5DF310A429870A5507 Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/At4qwRrTCrzOC0eZH_FqPBlwba0.roa Signing time: Sat 20 Dec 2025 12:15:29 +0000 ROA not before: Sat 20 Dec 2025 12:15:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 84.55.8.0/22 maxlen: 24 95.173.49.0/24 maxlen: 24 95.173.51.0/24 maxlen: 24 95.173.54.0/24 maxlen: 24 95.173.57.0/24 maxlen: 24 95.173.58.0/24 maxlen: 24 95.173.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:af:b6:ba:52:a1:db:5d:f3:10:a4:29:87:0a:55:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4 Validity Not Before: Dec 20 12:15:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=02de2ac11ad30abcce0b47991ff16a3c19706dad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:8f:f0:3a:f1:90:a9:aa:86:a1:91:e6:95:ea: 7d:ab:28:cd:61:9f:fa:2d:75:31:48:9a:fc:17:84: 1f:32:34:c5:e1:3a:c8:e0:fd:38:a6:ad:4c:44:f7: 41:44:87:8f:0d:15:c7:fd:7c:61:fd:e4:ae:9a:50: ba:6d:c9:bd:60:a3:96:58:6a:af:be:56:c9:23:83: ac:67:f9:25:2f:d6:30:f6:35:7d:50:e1:57:43:7c: 1c:7d:e0:9d:cc:a7:c0:fd:c6:87:81:5d:cc:37:34: 6c:61:92:e6:24:f5:dd:e7:7c:e6:5c:04:79:33:1a: df:ad:ec:e0:0e:a2:90:bf:bf:69:e6:02:bc:10:7c: aa:6d:ae:9e:1d:d5:c8:a7:ae:51:d4:41:91:88:c9: d1:8b:4d:fa:dc:b7:99:69:c4:da:cc:42:1f:b9:47: ef:ce:98:07:29:66:89:34:fc:fc:7a:60:5c:32:5f: 37:c0:a0:d2:9f:90:bc:cf:10:94:a2:a4:32:13:8b: 36:99:d0:b2:4a:f1:48:53:9b:16:6c:35:cc:14:24: f1:8c:05:ff:96:4b:b2:cc:f4:9f:73:64:19:11:c6: 2b:87:67:8c:8a:10:72:68:cf:3b:04:3e:1c:4d:d0: 2f:be:45:75:e7:c5:fc:e5:fc:62:f3:d8:3c:a6:0f: 43:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DE:2A:C1:1A:D3:0A:BC:CE:0B:47:99:1F:F1:6A:3C:19:70:6D:AD X509v3 Authority Key Identifier: keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/At4qwRrTCrzOC0eZH_FqPBlwba0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.55.8.0/22 95.173.49.0/24 95.173.51.0/24 95.173.54.0/24 95.173.57.0-95.173.58.255 95.173.60.0/24 Signature Algorithm: sha256WithRSAEncryption 92:c7:6d:e4:2d:d1:d2:a5:1f:ed:c1:14:d9:8c:27:84:d4:0a: 24:93:63:4f:dc:7c:11:99:2c:27:c3:1a:99:ca:7c:5b:89:f0: e7:ab:3f:a9:a7:a6:53:51:d0:f3:58:94:02:ad:97:6f:6d:e6: 21:6c:7f:40:43:f7:01:10:87:8c:17:d3:73:f2:dc:d6:b3:39: b7:e3:4e:d4:b2:a8:39:82:6a:e8:2f:00:7c:6e:0d:ef:ff:b6: ef:6d:9a:c4:d8:c5:77:17:8a:a1:a5:ee:a8:e0:3f:59:3d:fb: 98:e4:91:8b:14:b4:cd:49:7d:83:02:06:11:bd:89:1f:55:33: 8b:92:e6:36:73:98:72:c6:28:4b:a9:b7:0c:f4:77:79:e7:a1: 0c:85:cc:0e:ec:c2:39:e5:b3:35:b8:c5:f4:38:85:90:2a:f2: 92:c3:ea:ee:09:8e:fa:e5:f2:1b:ab:1c:4c:94:f4:ec:71:1f: 35:10:91:3a:d8:21:7e:c2:6e:5c:4e:a0:94:93:75:a2:66:c8: 60:f8:b3:fe:b9:39:d7:bc:26:03:ff:45:ca:ca:72:16:72:6d: 53:9b:be:59:02:6f:4b:d9:be:12:bd:73:3d:8e:30:2b:70:24: f1:07:9a:a9:89:78:43:59:72:92:31:93:cb:38:6b:78:5b:56: 8a:c8:2e:67 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZs7r7a6UqHbXfMQpCmHClUHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0 ZjgzYzQwHhcNMjUxMjIwMTIxNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMmRlMmFjMTFhZDMwYWJjY2UwYjQ3OTkxZmYxNmEzYzE5NzA2ZGFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4o/wOvGQqaqGoZHmlep9qyjNYZ/6 LXUxSJr8F4QfMjTF4TrI4P04pq1MRPdBRIePDRXH/Xxh/eSumlC6bcm9YKOWWGqv vlbJI4OsZ/klL9Yw9jV9UOFXQ3wcfeCdzKfA/caHgV3MNzRsYZLmJPXd53zmXAR5 MxrfrezgDqKQv79p5gK8EHyqba6eHdXIp65R1EGRiMnRi0363LeZacTazEIfuUfv zpgHKWaJNPz8emBcMl83wKDSn5C8zxCUoqQyE4s2mdCySvFIU5sWbDXMFCTxjAX/ lkuyzPSfc2QZEcYrh2eMihByaM87BD4cTdAvvkV158X85fxi89g8pg9DiQIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFALeKsEa0wq8zgtHmR/xajwZcG2tMB8GA1UdIwQY MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut MWY4NzQ2OTQ1NDgzLzEvQXQ0cXdSclRDcnpPQzBlWkhfRnFQQmx3YmEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCVDcIAwQA X60xAwQAX60zAwQAX602MAwDBABfrTkDBABfrToDBABfrTwwDQYJKoZIhvcNAQEL BQADggEBAJLHbeQt0dKlH+3BFNmMJ4TUCiSTY0/cfBGZLCfDGpnKfFuJ8OerP6mn plNR0PNYlAKtl29t5iFsf0BD9wEQh4wX03Py3NazObfjTtSyqDmCaugvAHxuDe// tu9tmsTYxXcXiqGl7qjgP1k9+5jkkYsUtM1JfYMCBhG9iR9VM4uS5jZzmHLGKEup twz0d3nnoQyFzA7swjnlszW4xfQ4hZAq8pLD6u4Jjvrl8hurHEyU9OxxHzUQkTrY IX7CblxOoJSTdaJmyGD4s/65Ode8JgP/RcrKchZybVObvlkCb0vZvhK9cz2OMCtw JPEHmqmJeENZcpIxk8s4a3hbVorILmc= -----END CERTIFICATE-----Generated at Tue Dec 30 21:06:01 2025 by rpki-client