This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JO1RxUr1AQgIUSKT-oFyUkfuB9Q.roa File: JO1RxUr1AQgIUSKT-oFyUkfuB9Q.roa (raw, json) Hash identifier: s3pQ9HU5X8XuqSKKsU7H5JATqosRj5IfFp9jbgJql00= Subject key identifier: 24:ED:51:C5:4A:F5:01:08:08:51:22:93:FA:81:72:52:47:EE:07:D4 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B4040D7070C95D3BA46EE1F44F6B7A7EC Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JO1RxUr1AQgIUSKT-oFyUkfuB9Q.roa Signing time: Sun 21 Dec 2025 09:32:29 +0000 ROA not before: Sun 21 Dec 2025 09:32:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 77.242.146.0/23 maxlen: 24 83.137.153.0/24 maxlen: 24 83.137.158.0/24 maxlen: 24 88.151.56.0/23 maxlen: 24 88.151.61.0/24 maxlen: 24 88.209.198.0/24 maxlen: 24 88.209.201.0/24 maxlen: 24 88.209.209.0/24 maxlen: 24 88.209.226.0/24 maxlen: 24 88.209.227.0/24 maxlen: 24 88.209.232.0/22 maxlen: 24 88.209.247.0/24 maxlen: 24 88.209.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:21:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:40:d7:07:0c:95:d3:ba:46:ee:1f:44:f6:b7:a7:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Dec 21 09:32:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=24ed51c54af5010808512293fa81725247ee07d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:26:7d:8a:c9:97:e9:48:b1:e7:80:9e:61:38: 6c:3a:d8:b9:17:cc:cc:65:78:a9:2a:bb:9f:ee:15: 7b:9f:93:60:e1:c8:41:14:1e:32:c3:55:4d:55:5b: 8c:8b:f1:5f:1a:82:d1:f1:35:67:2d:4c:67:c6:5c: be:25:5f:b4:e4:85:b9:66:01:89:93:6a:47:2f:ad: 04:ba:ff:3b:ef:a1:22:42:18:f6:c8:1a:92:45:02: 00:53:cd:71:cd:d1:da:57:04:cb:a3:60:cb:c0:52: 20:d9:f7:54:b6:21:ef:b8:90:ba:be:ef:b2:ac:d8: 4b:02:5f:0f:46:be:f5:33:79:d6:fc:dc:10:9c:eb: 89:ef:4e:8a:f7:5e:fa:da:40:1c:ab:37:e0:d9:d9: 2a:07:90:93:b1:9e:a6:18:88:52:ee:40:0e:46:d9: a8:c0:dc:4a:50:5a:64:4a:c4:63:da:eb:3a:12:55: 65:33:3a:3e:3f:21:61:35:66:c6:43:71:0b:60:45: 38:ea:37:c2:a4:d1:95:ee:27:bb:7f:ae:c4:47:01: ad:37:ea:83:5a:66:e5:9b:d9:93:86:9b:6c:99:66: 8e:ed:11:6f:5b:d2:ee:6c:35:42:43:4b:e4:21:61: de:eb:cf:eb:0f:29:17:63:bd:cb:60:c3:56:d6:77: 83:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:ED:51:C5:4A:F5:01:08:08:51:22:93:FA:81:72:52:47:EE:07:D4 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JO1RxUr1AQgIUSKT-oFyUkfuB9Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.242.146.0/23 83.137.153.0/24 83.137.158.0/24 88.151.56.0/23 88.151.61.0/24 88.209.198.0/24 88.209.201.0/24 88.209.209.0/24 88.209.226.0/23 88.209.232.0/22 88.209.247.0/24 88.209.254.0/24 Signature Algorithm: sha256WithRSAEncryption 90:ee:27:db:6b:b6:2a:5c:de:fe:ce:f4:49:1e:8f:66:05:6b: 72:a6:59:33:7c:72:62:7a:53:f1:bb:c9:74:cb:7f:5e:05:2e: 7a:99:7d:61:12:d9:ec:c4:0f:f2:db:2e:f4:b0:74:9b:63:32: 92:b8:93:04:16:60:e8:f7:22:d4:b9:aa:42:51:78:b1:1f:bc: 0a:20:21:b5:1e:70:95:44:cc:86:32:82:3b:de:c2:4c:2f:d6: 4f:97:5d:1a:4b:74:96:8e:44:d7:11:4e:29:5d:76:10:62:e6: a2:33:b5:ff:d6:5a:80:58:fd:79:3e:ee:e1:9e:a3:61:29:42: b6:dd:64:59:32:4d:49:b9:9d:b6:e3:c6:08:95:f4:9e:29:8a: 24:2b:e0:cb:14:a5:b3:22:38:77:86:28:b2:8f:ec:44:d3:85: 07:0e:fd:6a:99:af:fe:d7:03:85:13:80:05:2b:31:1f:ef:23: 04:74:bd:fd:f9:1c:b1:1e:d6:c6:84:0b:1a:70:94:39:b4:9e: 72:c5:32:15:6f:fd:c4:f5:79:3e:cf:22:1f:1d:82:33:1d:d5: ea:a2:6d:ef:41:fe:76:4b:b2:a5:ac:ca:90:a4:20:3b:6a:2e: 86:53:39:c6:44:80:e8:27:2e:1f:63:1e:10:85:88:6a:c4:65: b7:40:c5:b7 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgISAZtAQNcHDJXTukbuH0T2t6fsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjUxMjIxMDkzMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNGVkNTFjNTRhZjUwMTA4MDg1MTIyOTNmYTgxNzI1MjQ3ZWUwN2Q0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiZ9ismX6Uix54CeYThsOti5F8zM ZXipKruf7hV7n5Ng4chBFB4yw1VNVVuMi/FfGoLR8TVnLUxnxly+JV+05IW5ZgGJ k2pHL60Euv8776EiQhj2yBqSRQIAU81xzdHaVwTLo2DLwFIg2fdUtiHvuJC6vu+y rNhLAl8PRr71M3nW/NwQnOuJ706K91762kAcqzfg2dkqB5CTsZ6mGIhS7kAORtmo wNxKUFpkSsRj2us6ElVlMzo+PyFhNWbGQ3ELYEU46jfCpNGV7ie7f67ERwGtN+qD Wmblm9mThptsmWaO7RFvW9LubDVCQ0vkIWHe68/rDykXY73LYMNW1neDvwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCTtUcVK9QEICFEik/qBclJH7gfUMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvSk8xUnhVcjFBUWdJVVNLVC1vRnlVa2Z1QjlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBTfKSAwQA U4mZAwQAU4meAwQBWJc4AwQAWJc9AwQAWNHGAwQAWNHJAwQAWNHRAwQBWNHiAwQC WNHoAwQAWNH3AwQAWNH+MA0GCSqGSIb3DQEBCwUAA4IBAQCQ7ifba7YqXN7+zvRJ Ho9mBWtyplkzfHJielPxu8l0y39eBS56mX1hEtnsxA/y2y70sHSbYzKSuJMEFmDo 9yLUuapCUXixH7wKICG1HnCVRMyGMoI73sJML9ZPl10aS3SWjkTXEU4pXXYQYuai M7X/1lqAWP15Pu7hnqNhKUK23WRZMk1JuZ2248YIlfSeKYokK+DLFKWzIjh3hiiy j+xE04UHDv1qma/+1wOFE4AFKzEf7yMEdL39+RyxHtbGhAsacJQ5tJ5yxTIVb/3E 9Xk+zyIfHYIzHdXqom3vQf52S7KlrMqQpCA7ai6GUznGRIDoJy4fYx4QhYhqxGW3 QMW3 -----END CERTIFICATE-----Generated at Tue Dec 30 21:09:26 2025 by rpki-client