This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/ytsdXsngpxwz20OV_36VGmLPYVE.roa File: ytsdXsngpxwz20OV_36VGmLPYVE.roa (raw, json) Hash identifier: qoL5BTxf6o2mmunutMWsgNJ+XPHw/w4Mm3tFhVSljGU= Subject key identifier: CA:DB:1D:5E:C9:E0:A7:1C:33:DB:43:95:FF:7E:95:1A:62:CF:61:51 Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe Certificate serial: 019A91CE738D4F48CEC2E536B0EE14F96AF3 Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/ytsdXsngpxwz20OV_36VGmLPYVE.roa Signing time: Mon 17 Nov 2025 12:33:37 +0000 ROA not before: Mon 17 Nov 2025 12:33:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 80.174.113.0/24 maxlen: 24 80.174.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:91:ce:73:8d:4f:48:ce:c2:e5:36:b0:ee:14:f9:6a:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe Validity Not Before: Nov 17 12:33:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cadb1d5ec9e0a71c33db4395ff7e951a62cf6151 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:25:d4:5b:a2:e3:8c:9e:68:d6:06:8c:a4:4d: a7:b0:01:9e:2a:3b:cf:61:09:30:d1:d5:95:43:8b: e3:d0:38:2f:7c:41:b8:d9:e5:2d:e6:a7:35:86:79: 5d:30:d1:96:47:80:67:c8:79:e9:30:55:58:a6:9e: fc:db:e5:77:d4:7b:e7:4c:3b:8f:c9:67:e6:af:a7: dd:30:fc:1c:ac:89:79:0b:c9:71:88:b7:8c:ed:cb: 0e:d4:0b:f6:18:da:8e:c0:0a:c1:ee:cb:fd:3c:8c: ec:3b:7a:9c:cd:08:8c:ef:60:62:0b:c7:18:7d:e1: b3:69:f2:b2:94:c6:c8:1f:c4:d9:94:34:70:2d:34: 1c:87:39:56:0b:ce:0e:70:35:63:d8:86:b8:80:97: a5:ee:5a:7e:d4:b2:d9:3e:bb:4e:f9:ad:f9:ef:b8: b4:b2:1a:40:3e:a4:d4:ff:58:5e:3c:1d:93:49:d8: 63:aa:1c:b7:58:cb:00:94:3b:71:86:90:41:e7:0f: 38:3c:f6:bb:0d:bb:97:8a:72:08:cd:53:e1:66:e4: 7f:5d:57:01:b0:42:fe:1c:fb:71:4b:f3:99:24:62: d0:5f:4c:dd:21:b3:ca:f5:da:67:f8:25:7b:54:fb: 1e:31:f4:7a:79:71:87:2e:77:be:9b:11:ed:07:9f: a1:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:DB:1D:5E:C9:E0:A7:1C:33:DB:43:95:FF:7E:95:1A:62:CF:61:51 X509v3 Authority Key Identifier: keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/ytsdXsngpxwz20OV_36VGmLPYVE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.174.113.0-80.174.114.255 Signature Algorithm: sha256WithRSAEncryption 57:92:e2:67:bf:c1:e0:52:3c:49:cd:16:2f:48:f4:c7:f0:4e: bd:e5:a8:c0:d6:f3:6b:01:8a:b0:35:d1:87:13:2a:92:04:37: b6:c7:85:93:84:d1:ce:03:51:08:aa:1c:65:fe:e0:8b:cc:d9: 0c:b2:8d:61:0c:36:84:13:d0:e8:84:c7:f3:15:db:41:d6:97: f8:da:94:dc:a0:a2:71:e8:69:b2:01:fb:e5:2e:28:7f:01:37: 9d:7b:47:0a:76:85:13:53:b5:5b:3c:53:cf:ab:78:cf:c6:aa: 03:85:dd:6d:88:00:f5:77:34:cf:87:72:49:0f:71:31:8d:92: 49:48:c7:05:1d:b3:40:c1:f2:40:c4:f1:0c:d7:5b:76:38:1f: ca:95:54:a4:26:75:4d:aa:a9:01:f9:1b:a9:58:90:78:52:3d: 25:2e:3b:52:64:90:df:eb:b3:58:74:79:20:50:66:dc:4d:01: 4c:37:4e:ae:ae:0b:12:0d:ed:bd:63:54:bf:f4:7b:2f:3f:fc: 34:cf:d1:f9:eb:de:0f:3a:a2:5b:4f:0f:e0:af:1c:88:92:c0: f8:c3:2e:21:92:e0:33:77:24:83:3a:35:b9:cc:70:bf:d2:b6: 23:32:3f:dd:5e:95:98:75:f2:0c:ac:f0:5b:de:34:84:a7:e6: 28:57:17:43 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZqRznONT0jOwuU2sO4U+WrzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj MDZiYmUwHhcNMjUxMTE3MTIzMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWRiMWQ1ZWM5ZTBhNzFjMzNkYjQzOTVmZjdlOTUxYTYyY2Y2MTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriXUW6LjjJ5o1gaMpE2nsAGeKjvP YQkw0dWVQ4vj0DgvfEG42eUt5qc1hnldMNGWR4BnyHnpMFVYpp782+V31HvnTDuP yWfmr6fdMPwcrIl5C8lxiLeM7csO1Av2GNqOwArB7sv9PIzsO3qczQiM72BiC8cY feGzafKylMbIH8TZlDRwLTQchzlWC84OcDVj2Ia4gJel7lp+1LLZPrtO+a3577i0 shpAPqTU/1hePB2TSdhjqhy3WMsAlDtxhpBB5w84PPa7DbuXinIIzVPhZuR/XVcB sEL+HPtxS/OZJGLQX0zdIbPK9dpn+CV7VPseMfR6eXGHLne+mxHtB5+hTwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFMrbHV7J4KccM9tDlf9+lRpiz2FRMB8GA1UdIwQY MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt NzM0MjhmOWM3YmZmLzEveXRzZFhzbmdweHd6MjBPVl8zNlZHbUxQWVZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABQrnED BABQrnIwDQYJKoZIhvcNAQELBQADggEBAFeS4me/weBSPEnNFi9I9MfwTr3lqMDW 82sBirA10YcTKpIEN7bHhZOE0c4DUQiqHGX+4IvM2QyyjWEMNoQT0OiEx/MV20HW l/jalNygonHoabIB++UuKH8BN517Rwp2hRNTtVs8U8+reM/GqgOF3W2IAPV3NM+H ckkPcTGNkklIxwUds0DB8kDE8QzXW3Y4H8qVVKQmdU2qqQH5G6lYkHhSPSUuO1Jk kN/rs1h0eSBQZtxNAUw3Tq6uCxIN7b1jVL/0ey8//DTP0fnr3g86oltPD+CvHIiS wPjDLiGS4DN3JIM6NbnMcL/StiMyP91elZh18gys8FveNISn5ihXF0M= -----END CERTIFICATE-----Generated at Sat Dec 6 18:24:12 2025 by rpki-client