This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/dK8D14UQKbN9F_H7NixtSmYvgXY.roa File: dK8D14UQKbN9F_H7NixtSmYvgXY.roa (raw, json) Hash identifier: mElKhPTPHO/f1skgAvtj0q6ACgI5om0hRS8bXYIUXN0= Subject key identifier: 74:AF:03:D7:85:10:29:B3:7D:17:F1:FB:36:2C:6D:4A:66:2F:81:76 Certificate issuer: /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557 Certificate serial: 019A539100A1ACD4C229590222AE9DE5DD71 Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/dK8D14UQKbN9F_H7NixtSmYvgXY.roa Signing time: Wed 05 Nov 2025 10:30:03 +0000 ROA not before: Wed 05 Nov 2025 10:30:03 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 5400 IP address blocks: 62.5.0.0/17 maxlen: 17 62.102.0.0/17 maxlen: 17 62.134.0.0/16 maxlen: 16 62.173.192.0/18 maxlen: 18 62.180.0.0/16 maxlen: 16 82.150.0.0/19 maxlen: 19 185.94.0.0/22 maxlen: 22 194.213.64.0/19 maxlen: 19 195.90.64.0/19 maxlen: 19 195.100.0.0/16 maxlen: 16 195.163.0.0/16 maxlen: 16 195.182.96.0/19 maxlen: 19 212.8.160.0/19 maxlen: 19 212.21.192.0/19 maxlen: 19 212.31.192.0/19 maxlen: 19 212.41.128.0/19 maxlen: 19 212.108.0.0/19 maxlen: 19 212.127.0.0/19 maxlen: 19 212.162.192.0/18 maxlen: 18 213.15.0.0/16 maxlen: 16 213.137.160.0/19 maxlen: 19 213.194.0.0/18 maxlen: 18 213.236.64.0/18 maxlen: 18 2001:740::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.mft rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:53:91:00:a1:ac:d4:c2:29:59:02:22:ae:9d:e5:dd:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557 Validity Not Before: Nov 5 10:30:03 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=74af03d7851029b37d17f1fb362c6d4a662f8176 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:4c:e6:cd:8f:14:fe:49:6c:4f:cb:e8:22:ae: e0:e3:83:9d:54:61:43:1a:ee:bc:db:03:0b:5b:e1: 5c:38:aa:dc:77:50:19:87:94:bb:40:15:56:f8:fc: 44:de:96:f7:34:5f:14:aa:cc:96:84:63:ee:d8:d7: 64:07:53:52:f7:3b:85:23:78:01:fc:66:11:3b:ae: ec:e4:56:f3:26:e5:28:a0:d7:e7:b9:bc:7a:08:4f: 47:f7:16:7a:32:cd:ee:b9:49:8f:44:b6:91:22:79: 62:3d:c8:d5:2d:7d:3a:94:05:64:5c:8d:80:2d:b5: ca:b8:6e:da:12:f7:b4:b5:f1:e0:06:e2:22:6d:8d: c1:68:65:29:0a:b6:76:a2:77:20:0c:2c:9f:30:da: d3:e1:c9:5e:c2:6c:17:07:07:dd:db:a2:cf:31:d4: cd:ad:be:d8:d4:6b:a0:c6:b4:60:12:8a:7b:04:ea: 4b:a2:a7:cc:63:65:8d:6b:62:22:cb:31:8a:b0:79: 4d:d5:51:e0:ad:9f:7d:75:47:9c:a9:1e:da:7e:f2: fe:e1:5b:0e:1e:91:b1:b1:0f:7f:03:68:e4:42:99: 17:94:84:c2:9c:31:32:22:79:61:07:f2:ed:d7:d3: 00:7a:48:a8:d4:bc:ea:d3:a4:c0:2f:9d:c2:84:39: 20:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:AF:03:D7:85:10:29:B3:7D:17:F1:FB:36:2C:6D:4A:66:2F:81:76 X509v3 Authority Key Identifier: keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/dK8D14UQKbN9F_H7NixtSmYvgXY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.5.0.0/17 62.102.0.0/17 62.134.0.0/16 62.173.192.0/18 62.180.0.0/16 82.150.0.0/19 185.94.0.0/22 194.213.64.0/19 195.90.64.0/19 195.100.0.0/16 195.163.0.0/16 195.182.96.0/19 212.8.160.0/19 212.21.192.0/19 212.31.192.0/19 212.41.128.0/19 212.108.0.0/19 212.127.0.0/19 212.162.192.0/18 213.15.0.0/16 213.137.160.0/19 213.194.0.0/18 213.236.64.0/18 IPv6: 2001:740::/32 Signature Algorithm: sha256WithRSAEncryption 89:7d:f8:b0:8e:dc:d5:69:b1:62:8b:56:3c:67:a9:b1:97:e1: 51:bc:1e:55:ec:27:8f:a6:1a:14:4e:4b:4c:6a:ee:0f:36:24: 1b:69:22:62:d2:5c:8f:82:ef:30:4a:40:f7:ff:2d:d2:8e:1a: 2a:8f:ba:dc:43:e8:bf:24:50:d0:66:aa:a7:d4:43:f2:dd:d1: bb:51:bb:0a:80:dd:64:e2:88:57:6a:0b:c9:e3:ae:e0:72:6c: fa:d1:24:52:97:78:af:6c:41:b2:57:0b:98:d2:b9:52:2b:c6: ba:24:82:d1:ae:fa:4c:c8:87:a7:29:1b:ff:dc:2e:06:68:eb: b5:75:19:06:3a:33:bb:17:f2:50:8c:bd:26:7c:c1:78:d0:32: db:41:1e:0a:27:ca:38:6a:45:5b:85:f6:9f:a4:6a:ab:87:d0: 5b:13:e7:7e:38:09:a9:3d:ec:6d:92:c4:2c:cf:6d:4d:b7:97: fe:e9:27:3d:42:6f:83:c9:11:f9:30:b0:61:95:b5:2b:98:d6: 65:0f:91:44:a9:47:51:f9:05:f9:1f:55:48:2b:f9:af:10:4f: 17:ae:66:1e:3d:9b:30:d5:48:9a:6b:c0:54:3b:c4:f2:e6:7d: 5b:b5:87:0e:bb:db:92:74:f2:8d:ec:f1:16:b9:ff:1b:04:08: 50:04:d7:f7 -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgISAZpTkQChrNTCKVkCIq6d5d1xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4 ZDA1NTcwHhcNMjUxMTA1MTAzMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NGFmMDNkNzg1MTAyOWIzN2QxN2YxZmIzNjJjNmQ0YTY2MmY4MTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0zmzY8U/klsT8voIq7g44OdVGFD Gu682wMLW+FcOKrcd1AZh5S7QBVW+PxE3pb3NF8UqsyWhGPu2NdkB1NS9zuFI3gB /GYRO67s5FbzJuUooNfnubx6CE9H9xZ6Ms3uuUmPRLaRInliPcjVLX06lAVkXI2A LbXKuG7aEve0tfHgBuIibY3BaGUpCrZ2oncgDCyfMNrT4clewmwXBwfd26LPMdTN rb7Y1GugxrRgEop7BOpLoqfMY2WNa2IiyzGKsHlN1VHgrZ99dUecqR7afvL+4VsO HpGxsQ9/A2jkQpkXlITCnDEyInlhB/Lt19MAekio1Lzq06TAL53ChDkgZQIDAQAB o4ICnDCCApgwHQYDVR0OBBYEFHSvA9eFECmzfRfx+zYsbUpmL4F2MB8GA1UdIwQY MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt OWRjYTVjYzgwZGQ5LzEvZEs4RDE0VVFLYk45Rl9IN05peHRTbVl2Z1hZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5 LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBjAQCAAEwgYUDBAc+ BQADBAc+ZgADAwA+hgMEBj6twAMDAD60AwQFUpYAAwQCuV4AAwQFwtVAAwQFw1pA AwMAw2QDAwDDowMEBcO2YAMEBdQIoAMEBdQVwAMEBdQfwAMEBdQpgAMEBdRsAAME BdR/AAMEBtSiwAMDANUPAwQF1YmgAwQG1cIAAwQG1exAMA0EAgACMAcDBQAgAQdA MA0GCSqGSIb3DQEBCwUAA4IBAQCJffiwjtzVabFii1Y8Z6mxl+FRvB5V7CePphoU TktMau4PNiQbaSJi0lyPgu8wSkD3/y3Sjhoqj7rcQ+i/JFDQZqqn1EPy3dG7UbsK gN1k4ohXagvJ467gcmz60SRSl3ivbEGyVwuY0rlSK8a6JILRrvpMyIenKRv/3C4G aOu1dRkGOjO7F/JQjL0mfMF40DLbQR4KJ8o4akVbhfafpGqrh9BbE+d+OAmpPext ksQsz21Nt5f+6Sc9Qm+DyRH5MLBhlbUrmNZlD5FEqUdR+QX5H1VIK/mvEE8XrmYe PZsw1Uiaa8BUO8Ty5n1btYcOu9uSdPKN7PEWuf8bBAhQBNf3 -----END CERTIFICATE-----Generated at Sat Dec 6 18:07:14 2025 by rpki-client