This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/XACDzW2DvJtXZqh32shSyTGpMfo.roa File: XACDzW2DvJtXZqh32shSyTGpMfo.roa (raw, json) Hash identifier: 7jDJaTEf/pbjfn/nXaVKj3Ipty/13MWGNhQwOBvO9uQ= Subject key identifier: 5C:00:83:CD:6D:83:BC:9B:57:66:A8:77:DA:C8:52:C9:31:A9:31:FA Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8 Certificate serial: 019A913DCC85301A7B4AD67473404D7E9E57 Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/XACDzW2DvJtXZqh32shSyTGpMfo.roa Signing time: Mon 17 Nov 2025 09:55:37 +0000 ROA not before: Mon 17 Nov 2025 09:55:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 384 IP address blocks: 95.170.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:91:3d:cc:85:30:1a:7b:4a:d6:74:73:40:4d:7e:9e:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8 Validity Not Before: Nov 17 09:55:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5c0083cd6d83bc9b5766a877dac852c931a931fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:11:de:45:14:fa:f1:00:fe:b8:99:30:48:df: 48:32:89:5a:a4:8e:2b:44:12:b8:e4:04:d2:f5:5e: e4:b6:96:87:29:9e:3a:58:f6:aa:21:ec:23:7a:ee: d3:db:11:fa:b5:1e:59:81:55:f1:b1:04:7b:0f:e3: 6f:a7:25:61:66:f1:08:be:4c:aa:c2:7a:89:69:7a: 88:01:4e:71:07:95:16:e4:e6:94:48:13:54:8c:bb: 6e:57:32:0f:59:e9:ea:66:c8:6d:33:64:b7:75:32: 5f:3a:1d:7f:20:57:2f:bc:d8:bb:05:35:8b:e9:5e: 40:4b:d5:92:35:2d:0c:6b:82:a5:b3:1d:05:88:da: 5f:de:35:25:2c:97:1e:ff:36:05:3f:2f:5c:09:99: 44:4e:a2:aa:62:ae:8a:28:0f:38:39:e1:8d:ac:dc: 9f:24:4b:36:f7:eb:5b:cb:f6:35:43:14:c1:0d:5c: 8f:22:5c:6a:cd:e3:59:1b:f8:2f:50:89:c4:b1:0c: 91:c5:c0:0b:c0:aa:3a:27:c4:c8:e6:5e:c6:80:db: 8e:7f:c5:9e:43:7d:8d:7b:be:f3:ee:02:66:1c:8f: e9:26:e3:88:e8:6a:d9:ff:48:36:55:75:d6:ee:7b: 86:83:39:b6:4a:60:d7:a5:59:13:fb:19:3c:cb:20: 1d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:00:83:CD:6D:83:BC:9B:57:66:A8:77:DA:C8:52:C9:31:A9:31:FA X509v3 Authority Key Identifier: keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/XACDzW2DvJtXZqh32shSyTGpMfo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.170.20.0/24 Signature Algorithm: sha256WithRSAEncryption 11:5b:20:93:62:07:2e:35:bc:67:79:42:b9:18:26:82:fd:56: 9a:b3:84:7f:c4:4d:8a:b7:85:a5:e9:79:a9:49:30:31:d6:a3: fb:b5:59:5a:05:0e:7b:55:51:5a:4f:f5:71:e2:2d:41:7f:d3: 7b:4b:a7:c9:0f:3c:4d:d2:e1:05:5f:f7:ff:1f:04:24:6e:40: 66:c3:aa:89:30:d4:2a:11:7d:3f:64:9b:b7:fd:9c:11:46:8e: f8:85:4e:fd:ce:6b:a0:f0:47:57:c9:15:f6:13:8c:4e:cd:b9: 17:b3:5c:7e:5f:c1:58:e6:67:8d:93:70:ce:33:d0:b8:63:96: 1b:2d:1f:48:6f:7c:72:ba:e4:31:f4:d1:87:dd:cf:ab:1a:c8: ff:8c:e7:f7:71:aa:08:20:0c:fc:11:1f:96:b4:67:db:b5:fb: 70:ee:d0:f6:be:cb:c1:12:88:b7:ba:a2:13:83:6d:4e:31:ac: 2f:5e:74:a0:8f:5c:b4:06:4c:96:51:97:10:f8:41:60:88:13: 16:1b:23:70:1e:41:d4:07:16:75:ca:d7:ea:db:b0:6e:c4:f6: bb:82:5c:8d:11:0d:e2:4a:5b:fa:35:1c:88:ea:3e:ef:52:f6: 7f:37:01:7d:41:9b:63:55:22:73:76:57:6a:a8:df:c4:12:e8: 3b:f2:f6:d6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZqRPcyFMBp7StZ0c0BNfp5XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj NGM4ZTgwHhcNMjUxMTE3MDk1NTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzAwODNjZDZkODNiYzliNTc2NmE4NzdkYWM4NTJjOTMxYTkzMWZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xHeRRT68QD+uJkwSN9IMolapI4r RBK45ATS9V7ktpaHKZ46WPaqIewjeu7T2xH6tR5ZgVXxsQR7D+NvpyVhZvEIvkyq wnqJaXqIAU5xB5UW5OaUSBNUjLtuVzIPWenqZshtM2S3dTJfOh1/IFcvvNi7BTWL 6V5AS9WSNS0Ma4Klsx0FiNpf3jUlLJce/zYFPy9cCZlETqKqYq6KKA84OeGNrNyf JEs29+tby/Y1QxTBDVyPIlxqzeNZG/gvUInEsQyRxcALwKo6J8TI5l7GgNuOf8We Q32Ne77z7gJmHI/pJuOI6GrZ/0g2VXXW7nuGgzm2SmDXpVkT+xk8yyAdtQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFwAg81tg7ybV2aod9rIUskxqTH6MB8GA1UdIwQY MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt ZWNkMjk2NWNiN2U3LzEvWEFDRHpXMkR2SnRYWnFoMzJzaFN5VEdwTWZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3 LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6oUMA0G CSqGSIb3DQEBCwUAA4IBAQARWyCTYgcuNbxneUK5GCaC/Vaas4R/xE2Kt4Wl6Xmp STAx1qP7tVlaBQ57VVFaT/Vx4i1Bf9N7S6fJDzxN0uEFX/f/HwQkbkBmw6qJMNQq EX0/ZJu3/ZwRRo74hU79zmug8EdXyRX2E4xOzbkXs1x+X8FY5meNk3DOM9C4Y5Yb LR9Ib3xyuuQx9NGH3c+rGsj/jOf3caoIIAz8ER+WtGfbtftw7tD2vsvBEoi3uqIT g21OMawvXnSgj1y0BkyWUZcQ+EFgiBMWGyNwHkHUBxZ1ytfq27BuxPa7glyNEQ3i Slv6NRyI6j7vUvZ/NwF9QZtjVSJzdldqqN/EEug78vbW -----END CERTIFICATE-----Generated at Sat Dec 6 21:51:16 2025 by rpki-client