This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/VuRbCRzNdVj7Da31s78PgUjiOl0.roa File: VuRbCRzNdVj7Da31s78PgUjiOl0.roa (raw, json) Hash identifier: Fj03uhLkzjcI1YlWFMwWHT7H1EslNRIoLpvbqQ7YVcY= Subject key identifier: 56:E4:5B:09:1C:CD:75:58:FB:0D:AD:F5:B3:BF:0F:81:48:E2:3A:5D Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4 Certificate serial: 019A811DAF239368EB8B5D926930914D52E6 Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/VuRbCRzNdVj7Da31s78PgUjiOl0.roa Signing time: Fri 14 Nov 2025 06:46:37 +0000 ROA not before: Fri 14 Nov 2025 06:46:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 24852 IP address blocks: 79.132.160.0/20 maxlen: 20 84.55.32.0/22 maxlen: 24 84.55.32.0/24 maxlen: 24 84.55.33.0/24 maxlen: 24 84.55.34.0/23 maxlen: 23 84.55.36.0/23 maxlen: 23 84.55.48.0/20 maxlen: 24 84.55.56.0/21 maxlen: 24 84.55.56.0/23 maxlen: 23 84.55.58.0/23 maxlen: 23 84.55.60.0/23 maxlen: 23 84.55.62.0/23 maxlen: 23 88.223.0.0/20 maxlen: 20 88.223.24.0/21 maxlen: 21 88.223.32.0/21 maxlen: 24 88.223.40.0/23 maxlen: 24 88.223.48.0/20 maxlen: 24 88.223.96.0/22 maxlen: 22 88.223.104.0/21 maxlen: 21 88.223.112.0/20 maxlen: 20 88.223.128.0/22 maxlen: 22 88.223.144.0/21 maxlen: 21 88.223.152.0/23 maxlen: 24 88.223.153.0/24 maxlen: 24 88.223.160.0/22 maxlen: 22 88.223.192.0/20 maxlen: 20 95.173.32.0/23 maxlen: 23 185.104.176.0/22 maxlen: 22 213.164.112.0/22 maxlen: 22 213.164.116.0/23 maxlen: 23 213.164.118.0/24 maxlen: 24 217.147.34.0/23 maxlen: 24 217.147.35.0/24 maxlen: 24 217.147.36.0/23 maxlen: 23 217.147.38.0/24 maxlen: 24 217.147.40.0/23 maxlen: 24 217.147.41.0/24 maxlen: 24 217.147.44.0/22 maxlen: 24 217.147.46.0/24 maxlen: 24 217.147.47.0/24 maxlen: 24 2a01:7c80::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:81:1d:af:23:93:68:eb:8b:5d:92:69:30:91:4d:52:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4 Validity Not Before: Nov 14 06:46:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=56e45b091ccd7558fb0dadf5b3bf0f8148e23a5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0d:31:f8:9f:18:b4:31:90:62:41:86:3d:7d: 0b:d5:78:47:68:9c:33:0b:56:5e:25:64:49:57:bf: 01:88:c2:71:da:f3:f3:d2:08:f8:14:9f:17:96:84: d9:84:ab:a3:fe:70:c6:f2:64:b6:55:97:6e:71:9e: a6:d2:5e:30:03:d1:53:f1:5f:4e:e3:e4:7a:a0:33: 2f:f4:28:98:8d:02:1e:e0:c9:50:25:79:86:dd:74: 62:c6:59:dd:0d:81:38:6a:14:01:81:dc:97:b1:a7: 1e:3c:38:9b:f6:04:8a:a5:a3:33:32:29:c6:86:17: ff:e1:19:ce:12:c0:de:39:29:43:9c:34:06:a2:dd: 98:60:e0:e0:fd:97:b9:ff:76:cf:b1:13:14:c9:81: 83:30:18:98:08:03:5c:3e:19:00:bc:fc:f7:2e:45: 77:3e:f5:fc:ec:70:e8:cd:fd:ab:f0:6c:eb:87:c7: 0e:a4:58:36:ee:40:94:52:5a:3b:3e:20:69:71:fe: f7:c4:4d:13:65:b8:19:73:bc:88:5e:0c:d3:c4:34: 00:b2:ad:7b:66:44:cc:08:58:a0:18:97:d7:39:66: 47:84:d7:5e:d5:3e:10:44:a9:2f:8f:d4:1d:b8:a4: 65:f9:52:7f:a8:2d:ad:11:61:92:8f:16:a0:af:ea: a6:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:E4:5B:09:1C:CD:75:58:FB:0D:AD:F5:B3:BF:0F:81:48:E2:3A:5D X509v3 Authority Key Identifier: keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/VuRbCRzNdVj7Da31s78PgUjiOl0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.132.160.0/20 84.55.32.0-84.55.37.255 84.55.48.0/20 88.223.0.0/20 88.223.24.0-88.223.41.255 88.223.48.0/20 88.223.96.0/22 88.223.104.0-88.223.131.255 88.223.144.0-88.223.153.255 88.223.160.0/22 88.223.192.0/20 95.173.32.0/23 185.104.176.0/22 213.164.112.0-213.164.118.255 217.147.34.0-217.147.38.255 217.147.40.0/23 217.147.44.0/22 IPv6: 2a01:7c80::/33 Signature Algorithm: sha256WithRSAEncryption 2d:2a:0b:c4:60:74:43:82:8d:f4:04:03:7a:f6:ed:03:c7:8a: f1:7b:ed:20:a7:6a:38:8c:10:13:1c:ba:f6:e8:66:de:8b:af: dd:9a:b9:d6:6c:4b:fb:54:8e:a4:94:60:d6:17:47:98:a4:c4: 08:d6:a0:30:ff:5d:f8:80:5c:0b:c0:51:15:1e:a4:a2:d0:ff: dc:5d:0b:63:13:41:35:4c:e8:d6:df:ed:b7:0a:88:78:42:0a: d0:09:f4:4b:49:4e:cd:53:13:5a:76:03:ed:58:78:48:42:c1: f0:92:8c:62:0d:aa:33:e7:db:c8:ad:80:e3:02:06:84:e9:24: bf:e0:79:4f:41:4f:ba:59:7a:02:54:58:a5:a5:40:6d:5c:d2: 78:df:47:67:90:77:01:71:20:c1:e4:0f:d1:4b:36:a3:36:f1: 7d:65:d4:f7:7d:a5:f1:52:56:54:d0:40:c4:af:98:44:37:14: 7c:49:be:cd:d6:92:b7:ae:5e:e2:6e:0b:c0:74:fe:77:84:ab: 92:c0:db:c2:47:d2:99:86:14:ec:52:72:d9:ee:c7:36:12:c8: e4:e8:ec:f0:46:b0:5e:fb:d5:0f:82:c1:1d:f2:09:a9:16:05: a3:c6:2a:a2:7d:8e:d3:35:41:93:3a:40:32:7e:41:d0:b3:37: 60:81:44:3a -----BEGIN CERTIFICATE----- MIIFojCCBIqgAwIBAgISAZqBHa8jk2jri12SaTCRTVLmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0 ZjgzYzQwHhcNMjUxMTE0MDY0NjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NmU0NWIwOTFjY2Q3NTU4ZmIwZGFkZjViM2JmMGY4MTQ4ZTIzYTVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w0x+J8YtDGQYkGGPX0L1XhHaJwz C1ZeJWRJV78BiMJx2vPz0gj4FJ8XloTZhKuj/nDG8mS2VZducZ6m0l4wA9FT8V9O 4+R6oDMv9CiYjQIe4MlQJXmG3XRixlndDYE4ahQBgdyXsacePDib9gSKpaMzMinG hhf/4RnOEsDeOSlDnDQGot2YYODg/Ze5/3bPsRMUyYGDMBiYCANcPhkAvPz3LkV3 PvX87HDozf2r8Gzrh8cOpFg27kCUUlo7PiBpcf73xE0TZbgZc7yIXgzTxDQAsq17 ZkTMCFigGJfXOWZHhNde1T4QRKkvj9QduKRl+VJ/qC2tEWGSjxagr+qmGwIDAQAB o4ICrjCCAqowHQYDVR0OBBYEFFbkWwkczXVY+w2t9bO/D4FI4jpdMB8GA1UdIwQY MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut MWY4NzQ2OTQ1NDgzLzEvVnVSYkNSek5kVmo3RGEzMXM3OFBnVWppT2wwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBnQQCAAEwgZYDBARP hKAwDAMEBVQ3IAMEAVQ3JAMEBFQ3MAMEBFjfADAMAwQDWN8YAwQBWN8oAwQEWN8w AwQCWN9gMAwDBANY32gDBAJY34AwDAMEBFjfkAMEAVjfmAMEAljfoAMEBFjfwAME AV+tIAMEArlosDAMAwQE1aRwAwQA1aR2MAwDBAHZkyIDBADZkyYDBAHZkygDBALZ kywwDgQCAAIwCAMGByoBfIAAMA0GCSqGSIb3DQEBCwUAA4IBAQAtKgvEYHRDgo30 BAN69u0Dx4rxe+0gp2o4jBATHLr26Gbei6/dmrnWbEv7VI6klGDWF0eYpMQI1qAw /134gFwLwFEVHqSi0P/cXQtjE0E1TOjW3+23Coh4QgrQCfRLSU7NUxNadgPtWHhI QsHwkoxiDaoz59vIrYDjAgaE6SS/4HlPQU+6WXoCVFilpUBtXNJ430dnkHcBcSDB 5A/RSzajNvF9ZdT3faXxUlZU0EDEr5hENxR8Sb7N1pK3rl7ibgvAdP53hKuSwNvC R9KZhhTsUnLZ7sc2Esjk6OzwRrBe+9UPgsEd8gmpFgWjxiqifY7TNUGTOkAyfkHQ szdggUQ6 -----END CERTIFICATE-----Generated at Wed Dec 10 06:40:19 2025 by rpki-client