This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/rAvqaXWido6bWlI2ZyzEOa-fJxY.roa File: rAvqaXWido6bWlI2ZyzEOa-fJxY.roa (raw, json) Hash identifier: mS4B6JctTZL+j9e8gePNzMiZWID31MHSX3j95UzrBZw= Subject key identifier: AC:0B:EA:69:75:A2:76:8E:9B:5A:52:36:67:2C:C4:39:AF:9F:27:16 Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Certificate serial: 019AAB0AFD745AF380741A6759C7890EB2E1 Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/rAvqaXWido6bWlI2ZyzEOa-fJxY.roa Signing time: Sat 22 Nov 2025 10:10:15 +0000 ROA not before: Sat 22 Nov 2025 10:10:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 142270 IP address blocks: 172.110.209.0/24 maxlen: 24 172.110.210.0/24 maxlen: 24 172.110.211.0/24 maxlen: 24 202.71.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ab:0a:fd:74:5a:f3:80:74:1a:67:59:c7:89:0e:b2:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Validity Not Before: Nov 22 10:10:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ac0bea6975a2768e9b5a5236672cc439af9f2716 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:40:54:9a:ab:fe:e4:0e:df:e5:1a:59:c6:10: 7e:b7:1f:88:bb:4a:12:00:ca:4e:b3:c0:75:8e:0e: a9:f1:8c:4d:93:f6:0f:7d:2c:0c:2d:9c:9e:af:75: 40:7a:83:a1:ed:7d:0d:c7:97:91:cb:7e:16:ee:6c: 21:a7:6c:a0:83:f7:5b:18:61:67:2c:d8:94:2b:0b: 1c:91:22:fc:de:d8:57:28:78:8f:4f:84:28:c2:01: 32:3a:69:6c:fc:49:7e:a2:59:27:7f:d3:a7:ce:fd: 8c:e3:88:55:ca:30:2d:ab:53:5e:a2:7b:61:7a:d9: 82:c9:6f:4f:c5:af:46:a6:6c:2c:82:67:63:f9:d1: 6e:57:36:3a:18:54:02:d9:d7:2c:95:b1:23:c3:a9: 4e:c1:40:23:91:c3:f5:6a:9d:6b:8a:39:73:af:a0: 79:c3:59:79:c3:25:76:59:ee:a4:cc:4f:dd:8a:fa: b5:3a:6f:70:5c:7d:c9:8b:85:eb:1f:9a:b1:1d:71: 35:35:1b:a6:d4:7b:2f:c2:c9:d2:a9:f6:60:df:ce: 99:59:87:38:5b:cd:91:91:ba:b9:e4:2f:45:d6:ac: fd:82:8b:1d:aa:54:94:da:a3:80:04:2e:c4:b3:dc: 9d:a2:84:b1:9d:09:fa:72:00:67:f9:2a:6f:de:bd: 32:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:0B:EA:69:75:A2:76:8E:9B:5A:52:36:67:2C:C4:39:AF:9F:27:16 X509v3 Authority Key Identifier: keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/rAvqaXWido6bWlI2ZyzEOa-fJxY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 172.110.209.0-172.110.211.255 202.71.9.0/24 Signature Algorithm: sha256WithRSAEncryption 44:6b:93:4c:96:49:7e:93:aa:03:10:95:fb:66:d7:03:ec:aa: 3f:c7:c8:48:8b:2c:26:03:16:e7:f4:e3:d4:37:9f:79:62:75: fe:32:06:d4:59:39:4e:95:f1:8d:7e:a4:9e:61:4b:7b:84:24: 81:bf:81:47:8f:d9:45:5a:44:f1:d6:c6:5e:4e:da:8d:3a:2d: 2e:b8:f1:5e:54:a8:b3:1d:c8:54:84:6c:52:02:2c:a5:c4:e1: 63:cd:10:a0:6e:ce:9c:64:42:79:65:43:c6:9d:4a:c2:4c:47: 46:1c:1d:74:ca:1e:7a:49:af:35:ad:79:d0:26:64:28:64:47: 50:81:0c:d0:25:17:24:f5:c8:a0:14:b0:a8:88:90:a0:9c:39: b6:20:d1:bf:4c:ae:57:a2:4c:fa:c0:4d:a7:92:cf:8c:14:e5: ec:f3:69:ff:92:1a:6b:20:99:bd:ba:a8:7a:08:10:c8:44:9a: ab:4b:57:37:a8:44:50:38:fe:d0:98:db:d7:0b:c3:94:73:e5: b2:0d:05:72:26:8d:99:09:8d:68:6c:57:53:a3:a5:6e:fa:98: 02:41:91:27:f6:d4:d2:b9:6a:f3:c8:75:d1:50:9f:f7:92:1c: 72:5e:9b:64:b3:d3:18:08:2d:5c:3b:23:bc:b6:a2:75:b9:04: d7:67:59:b9 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZqrCv10WvOAdBpnWceJDrLhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2 YzhkY2MwHhcNMjUxMTIyMTAxMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzBiZWE2OTc1YTI3NjhlOWI1YTUyMzY2NzJjYzQzOWFmOWYyNzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UBUmqv+5A7f5RpZxhB+tx+Iu0oS AMpOs8B1jg6p8YxNk/YPfSwMLZyer3VAeoOh7X0Nx5eRy34W7mwhp2ygg/dbGGFn LNiUKwsckSL83thXKHiPT4QowgEyOmls/El+olknf9Onzv2M44hVyjAtq1Neonth etmCyW9Pxa9Gpmwsgmdj+dFuVzY6GFQC2dcslbEjw6lOwUAjkcP1ap1rijlzr6B5 w1l5wyV2We6kzE/divq1Om9wXH3Ji4XrH5qxHXE1NRum1HsvwsnSqfZg386ZWYc4 W82Rkbq55C9F1qz9gosdqlSU2qOABC7Es9ydooSxnQn6cgBn+Spv3r0yewIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFKwL6ml1onaOm1pSNmcsxDmvnycWMB8GA1UdIwQY MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt OTE4YWM2NDYyNjc5LzEvckF2cWFYV2lkbzZiV2xJMlp5ekVPYS1mSnhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5 LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACsbtED BAKsbtADBADKRwkwDQYJKoZIhvcNAQELBQADggEBAERrk0yWSX6TqgMQlftm1wPs qj/HyEiLLCYDFuf049Q3n3lidf4yBtRZOU6V8Y1+pJ5hS3uEJIG/gUeP2UVaRPHW xl5O2o06LS648V5UqLMdyFSEbFICLKXE4WPNEKBuzpxkQnllQ8adSsJMR0YcHXTK HnpJrzWtedAmZChkR1CBDNAlFyT1yKAUsKiIkKCcObYg0b9MrleiTPrATaeSz4wU 5ezzaf+SGmsgmb26qHoIEMhEmqtLVzeoRFA4/tCY29cLw5Rz5bINBXImjZkJjWhs V1OjpW76mAJBkSf21NK5avPIddFQn/eSHHJem2Sz0xgILVw7I7y2onW5BNdnWbk= -----END CERTIFICATE-----Generated at Sat Dec 6 18:47:41 2025 by rpki-client