This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/4BRf9QEM8HRGBLk-AoS4Oo-qwJE.roa File: 4BRf9QEM8HRGBLk-AoS4Oo-qwJE.roa (raw, json) Hash identifier: 5AHXjtuq+kTYWfnBOXLhKcC6BCQTDutSSrluB2da0xU= Subject key identifier: E0:14:5F:F5:01:0C:F0:74:46:04:B9:3E:02:84:B8:3A:8F:AA:C0:91 Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d Certificate serial: 019A73BCE20BF918A1BC44A8F0A1915884C8 Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/4BRf9QEM8HRGBLk-AoS4Oo-qwJE.roa Signing time: Tue 11 Nov 2025 16:25:49 +0000 ROA not before: Tue 11 Nov 2025 16:25:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 59645 IP address blocks: 45.91.12.0/22 maxlen: 22 193.104.168.0/24 maxlen: 24 195.191.196.0/23 maxlen: 24 195.191.196.0/24 maxlen: 24 195.191.197.0/24 maxlen: 24 2a06:d1c0::/29 maxlen: 29 2a06:d1c0:a761::/48 maxlen: 48 2a06:d1c0:ac5a::/48 maxlen: 48 2a06:d1c0:deac::/48 maxlen: 48 2a06:d1c0:dead::/48 maxlen: 48 2a06:d1c0:deae::/48 maxlen: 48 2a06:d1c0:f761::/48 maxlen: 48 2a06:d1c1::/32 maxlen: 48 2a06:d1c1:a::/48 maxlen: 48 2a06:d1c1:e::/48 maxlen: 48 2a06:d1c1:23::/48 maxlen: 48 2a06:d1c1:30::/44 maxlen: 48 2a06:d1c1:30::/48 maxlen: 48 2a06:d1c1:ac5a::/48 maxlen: 48 2a06:d1c2::/36 maxlen: 48 2a06:d1c2:a000::/36 maxlen: 36 2a06:d1c2:b000::/36 maxlen: 36 2a06:d1c2:d000::/36 maxlen: 36 2a06:d1c7::/48 maxlen: 48 2a06:d1c7:a::/48 maxlen: 48 2a06:d1c7:b::/48 maxlen: 48 2a06:d1c7:d::/48 maxlen: 48 2a0e:a40::/29 maxlen: 29 2a0e:a40::/32 maxlen: 32 2a0e:a41::/32 maxlen: 32 2a0e:a42::/32 maxlen: 32 2a0e:a43::/32 maxlen: 32 2a0e:a44::/32 maxlen: 32 2a0e:a45::/32 maxlen: 32 2a0e:a46::/32 maxlen: 32 2a0e:a47::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.mft rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:73:bc:e2:0b:f9:18:a1:bc:44:a8:f0:a1:91:58:84:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d Validity Not Before: Nov 11 16:25:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e0145ff5010cf0744604b93e0284b83a8faac091 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:ac:da:c8:be:39:ae:4b:eb:80:1e:01:99:84: 45:9f:cd:3b:f7:e2:51:d5:35:42:b6:fb:94:b3:3b: 50:1e:d8:e2:26:25:ee:d8:a3:37:2c:5f:30:63:10: 08:9d:84:a3:12:14:88:a7:6a:c1:6c:8f:04:df:05: cc:26:4c:12:df:6e:f9:c8:88:5d:45:bb:32:b5:0e: a5:ed:2a:f4:b4:26:5b:de:03:c8:8c:c9:ca:27:64: 00:7b:87:3e:29:1e:ba:fe:fe:1f:55:9d:fc:16:4b: b0:15:35:1e:e5:3f:f7:0f:ae:33:8f:a2:d5:99:34: c6:19:18:5c:b0:2f:b9:3b:99:be:0a:8a:64:ac:46: 9a:58:94:b3:c2:a9:67:79:0c:a7:0d:7b:6e:a3:09: dc:95:68:b9:09:fd:55:88:7a:45:10:86:a4:a4:24: d2:a4:af:30:79:71:6b:83:83:21:2c:b6:18:11:c8: 21:ad:26:cd:b5:89:23:48:a7:db:7a:f5:a1:d1:43: 2a:35:89:2b:9b:36:7a:06:e5:14:bf:64:a5:2d:fa: c7:ab:9b:7c:c1:7a:d0:dd:4b:ef:61:a5:c0:02:b2: 06:74:dd:91:b8:0e:68:30:5a:00:b1:15:4c:1b:d3: 65:63:47:64:7f:20:a6:dd:89:8a:1b:21:99:4c:86: 74:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:14:5F:F5:01:0C:F0:74:46:04:B9:3E:02:84:B8:3A:8F:AA:C0:91 X509v3 Authority Key Identifier: keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/4BRf9QEM8HRGBLk-AoS4Oo-qwJE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.91.12.0/22 193.104.168.0/24 195.191.196.0/23 IPv6: 2a06:d1c0::/29 2a0e:a40::/29 Signature Algorithm: sha256WithRSAEncryption 52:7b:24:24:1e:fc:b8:96:35:05:4b:df:05:fe:99:2a:d6:9a: c2:08:66:d8:85:cc:15:68:a8:70:14:97:69:8a:ac:23:26:46: c3:54:18:47:c0:85:1c:16:52:6f:fb:61:a9:1e:7a:8d:92:4d: 25:f3:d4:25:2b:4f:d2:53:9d:ee:95:ac:cb:98:df:f9:23:60: 86:67:3e:b9:4c:3b:a2:e0:e6:1e:6c:d0:c6:e3:21:eb:7e:c6: 64:51:9a:1f:93:6e:99:c7:93:fd:f8:87:b8:08:56:8b:ec:f1: ff:56:ae:d5:21:23:30:98:b3:7d:da:49:12:e5:c0:90:7e:fc: 3f:56:ff:7d:f9:33:98:78:93:6e:7a:d7:a8:37:81:eb:61:09: 9e:d6:b6:57:59:f8:65:9f:48:72:c0:ee:62:2f:14:a0:08:2e: ae:7c:9e:9e:67:96:8c:25:0c:90:c3:3f:ce:6f:bf:3b:73:f7: 14:4d:a8:95:15:3e:ca:55:9b:56:98:38:5e:f4:1e:36:06:a9: 01:cd:21:7a:ea:3b:7e:16:4f:a7:ea:d1:30:f2:43:42:a0:e5: e9:a6:94:92:11:8b:b9:d2:3e:2e:e8:17:31:05:e9:af:9a:78: c2:79:95:17:22:bb:ff:75:ee:00:f1:97:b9:43:eb:d6:85:ec: 95:c3:18:cc -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZpzvOIL+RihvESo8KGRWITIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi ZjQ3NWQwHhcNMjUxMTExMTYyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMDE0NWZmNTAxMGNmMDc0NDYwNGI5M2UwMjg0YjgzYThmYWFjMDkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqzayL45rkvrgB4BmYRFn8079+JR 1TVCtvuUsztQHtjiJiXu2KM3LF8wYxAInYSjEhSIp2rBbI8E3wXMJkwS3275yIhd RbsytQ6l7Sr0tCZb3gPIjMnKJ2QAe4c+KR66/v4fVZ38FkuwFTUe5T/3D64zj6LV mTTGGRhcsC+5O5m+CopkrEaaWJSzwqlneQynDXtuownclWi5Cf1ViHpFEIakpCTS pK8weXFrg4MhLLYYEcghrSbNtYkjSKfbevWh0UMqNYkrmzZ6BuUUv2SlLfrHq5t8 wXrQ3UvvYaXAArIGdN2RuA5oMFoAsRVMG9NlY0dkfyCm3YmKGyGZTIZ07QIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFOAUX/UBDPB0RgS5PgKEuDqPqsCRMB8GA1UdIwQY MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt YmNmNzcwMjY5MzlkLzEvNEJSZjlRRU04SFJHQkxrLUFvUzRPby1xd0pFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLVsMAwQA wWioAwQBw7/EMBQEAgACMA4DBQMqBtHAAwUDKg4KQDANBgkqhkiG9w0BAQsFAAOC AQEAUnskJB78uJY1BUvfBf6ZKtaawghm2IXMFWiocBSXaYqsIyZGw1QYR8CFHBZS b/thqR56jZJNJfPUJStP0lOd7pWsy5jf+SNghmc+uUw7ouDmHmzQxuMh637GZFGa H5NumceT/fiHuAhWi+zx/1au1SEjMJizfdpJEuXAkH78P1b/ffkzmHiTbnrXqDeB 62EJnta2V1n4ZZ9IcsDuYi8UoAgurnyenmeWjCUMkMM/zm+/O3P3FE2olRU+ylWb Vpg4XvQeNgapAc0heuo7fhZPp+rRMPJDQqDl6aaUkhGLudI+LugXMQXpr5p4wnmV FyK7/3XuAPGXuUPr1oXslcMYzA== -----END CERTIFICATE-----Generated at Sat Dec 6 05:44:42 2025 by rpki-client