This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/811110-7fe7-4d34-aec0-f385df6d944a/1/nIlbDkvyopl-3WYpmEvoZXqQSUk.roa File: nIlbDkvyopl-3WYpmEvoZXqQSUk.roa (raw, json) Hash identifier: I7qZ2TL0VhTQPFTNQyzHllm0ncLq1MQM+/15MkPJP8Q= Subject key identifier: 9C:89:5B:0E:4B:F2:A2:99:7E:DD:66:29:98:4B:E8:65:7A:90:49:49 Certificate issuer: /CN=de0d6ad73e188a859372b613a3a2704b9c330fed Certificate serial: 019A97891FC25F714228423564E0E7CC4E6A Authority key identifier: DE:0D:6A:D7:3E:18:8A:85:93:72:B6:13:A3:A2:70:4B:9C:33:0F:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g1q1z4YioWTcrYTo6JwS5wzD-0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/811110-7fe7-4d34-aec0-f385df6d944a/1/nIlbDkvyopl-3WYpmEvoZXqQSUk.roa Signing time: Tue 18 Nov 2025 15:15:37 +0000 ROA not before: Tue 18 Nov 2025 15:15:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 204024 IP address blocks: 158.94.167.0/24 maxlen: 24 2a10:1140:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/811110-7fe7-4d34-aec0-f385df6d944a/1/3g1q1z4YioWTcrYTo6JwS5wzD-0.crl rsync://rpki.ripe.net/repository/DEFAULT/02/811110-7fe7-4d34-aec0-f385df6d944a/1/3g1q1z4YioWTcrYTo6JwS5wzD-0.mft rsync://rpki.ripe.net/repository/DEFAULT/3g1q1z4YioWTcrYTo6JwS5wzD-0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:97:89:1f:c2:5f:71:42:28:42:35:64:e0:e7:cc:4e:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=de0d6ad73e188a859372b613a3a2704b9c330fed Validity Not Before: Nov 18 15:15:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=9c895b0e4bf2a2997edd6629984be8657a904949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:e2:a2:e5:f3:be:a1:80:4a:b2:cc:9a:af:38: fc:18:78:f3:c6:3e:27:a6:34:c2:5e:d8:60:6a:6c: 93:2c:ca:a9:1d:97:45:d1:12:17:ca:82:31:b4:94: c3:d6:36:da:3f:81:2d:12:38:5b:ab:54:c4:6c:e1: 86:be:a9:13:40:be:cf:8a:33:c8:1c:60:2b:01:a1: fe:b7:d5:07:1c:c2:1a:91:cd:8d:31:ba:af:34:ad: 5a:fb:1e:f9:54:73:89:9a:6b:f2:ca:d3:0c:22:51: ba:96:d5:74:64:1e:ee:15:e3:8c:fd:a7:bb:1d:b2: 51:b4:3b:62:eb:18:1a:46:a5:e1:88:a8:43:8f:ac: b8:26:bd:05:1c:f6:e9:92:b5:01:ff:04:a4:44:1a: 79:82:99:7c:cf:98:4b:e6:48:e5:ad:33:be:6f:84: ee:4d:58:b4:7e:01:23:59:a9:a3:bb:25:6c:3c:0a: f8:87:ef:e4:c2:54:ae:06:d4:a0:38:7a:16:6a:fb: 78:0f:5e:76:dc:b3:51:64:a2:aa:9e:f1:69:40:c7: ad:83:79:de:8a:a8:cb:31:7a:cf:03:87:d1:9b:d8: 7d:66:88:d3:73:61:94:ef:85:7c:88:06:3d:b4:d3: 2a:b3:4f:09:26:f2:94:01:2a:ce:c2:df:5a:79:3e: 23:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:89:5B:0E:4B:F2:A2:99:7E:DD:66:29:98:4B:E8:65:7A:90:49:49 X509v3 Authority Key Identifier: keyid:DE:0D:6A:D7:3E:18:8A:85:93:72:B6:13:A3:A2:70:4B:9C:33:0F:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g1q1z4YioWTcrYTo6JwS5wzD-0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/811110-7fe7-4d34-aec0-f385df6d944a/1/nIlbDkvyopl-3WYpmEvoZXqQSUk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/811110-7fe7-4d34-aec0-f385df6d944a/1/3g1q1z4YioWTcrYTo6JwS5wzD-0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.94.167.0/24 IPv6: 2a10:1140:1000::/48 Signature Algorithm: sha256WithRSAEncryption c8:a1:a5:74:c3:96:91:0a:52:07:8f:d9:23:dc:cf:9c:05:b4: 5a:ce:e7:54:55:8b:1e:51:27:ed:4d:e9:a7:e6:f7:4a:04:be: c9:d2:6f:af:48:37:25:31:d2:6c:de:09:7c:77:26:ce:17:5f: 31:d5:cc:40:c2:9d:61:92:14:f7:70:54:3e:a7:cd:ca:43:34: 53:3b:ed:6a:29:2b:bc:e4:8e:5a:b3:1f:b5:cb:15:7a:d6:16: e6:c6:26:10:2b:ea:01:16:6c:e2:14:e0:cb:13:c2:ad:12:89: e2:a6:7e:79:23:9e:54:c5:3c:ff:7b:96:e8:5e:f8:f9:c1:64: a4:9f:1b:e6:2b:78:b4:bc:43:61:1d:e8:fc:67:b8:af:51:46: 5a:2c:b3:91:fd:fc:f5:64:ca:1c:b3:75:7f:ec:a1:fe:34:50: c4:db:45:6f:3e:4b:2a:f4:72:36:67:da:79:50:b3:44:f8:ee: 25:78:11:fe:6a:fa:12:19:11:6d:5d:88:b4:f6:76:0e:23:2a: f1:16:f5:c0:e9:9c:08:9f:1b:6c:b8:aa:bb:b3:6f:d5:8c:cf: c9:e2:cf:be:b3:28:63:b7:f5:8e:1b:34:b3:67:80:66:05:15: 24:47:77:1a:9b:88:13:a3:2c:5d:70:f1:3b:fb:36:07:c2:74: fd:4a:f1:c5 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZqXiR/CX3FCKEI1ZODnzE5qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRlMGQ2YWQ3M2UxODhhODU5MzcyYjYxM2EzYTI3MDRiOWMz MzBmZWQwHhcNMjUxMTE4MTUxNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Yzg5NWIwZTRiZjJhMjk5N2VkZDY2Mjk5ODRiZTg2NTdhOTA0OTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OKi5fO+oYBKssyarzj8GHjzxj4n pjTCXthgamyTLMqpHZdF0RIXyoIxtJTD1jbaP4EtEjhbq1TEbOGGvqkTQL7PijPI HGArAaH+t9UHHMIakc2NMbqvNK1a+x75VHOJmmvyytMMIlG6ltV0ZB7uFeOM/ae7 HbJRtDti6xgaRqXhiKhDj6y4Jr0FHPbpkrUB/wSkRBp5gpl8z5hL5kjlrTO+b4Tu TVi0fgEjWamjuyVsPAr4h+/kwlSuBtSgOHoWavt4D1523LNRZKKqnvFpQMetg3ne iqjLMXrPA4fRm9h9ZojTc2GU74V8iAY9tNMqs08JJvKUASrOwt9aeT4jzQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJyJWw5L8qKZft1mKZhL6GV6kElJMB8GA1UdIwQY MBaAFN4Natc+GIqFk3K2E6OicEucMw/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM2cxcTF6NFlpb1dUY3JZVG82SndTNXd6RC0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84MTExMTAtN2ZlNy00ZDM0LWFlYzAt ZjM4NWRmNmQ5NDRhLzEvbklsYkRrdnlvcGwtM1dZcG1Fdm9aWHFRU1VrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi84MTExMTAtN2ZlNy00ZDM0LWFlYzAtZjM4NWRmNmQ5NDRh LzEvM2cxcTF6NFlpb1dUY3JZVG82SndTNXd6RC0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAnl6nMA8E AgACMAkDBwAqEBFAEAAwDQYJKoZIhvcNAQELBQADggEBAMihpXTDlpEKUgeP2SPc z5wFtFrO51RVix5RJ+1N6afm90oEvsnSb69INyUx0mzeCXx3Js4XXzHVzEDCnWGS FPdwVD6nzcpDNFM77WopK7zkjlqzH7XLFXrWFubGJhAr6gEWbOIU4MsTwq0SieKm fnkjnlTFPP97luhe+PnBZKSfG+YreLS8Q2Ed6PxnuK9RRloss5H9/PVkyhyzdX/s of40UMTbRW8+Syr0cjZn2nlQs0T47iV4Ef5q+hIZEW1diLT2dg4jKvEW9cDpnAif G2y4qruzb9WMz8niz76zKGO39Y4bNLNngGYFFSRHdxqbiBOjLF1w8Tv7NgfCdP1K 8cU= -----END CERTIFICATE-----Generated at Sat Dec 6 13:19:56 2025 by rpki-client