This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/VUHc1KjtIfYjmNEdSGPUlUJ4fi4.roa File: VUHc1KjtIfYjmNEdSGPUlUJ4fi4.roa (raw, json) Hash identifier: 8qyyorbzGiXmM0ae0euzHEycmczWxq6A21gLOn7zqfM= Subject key identifier: 55:41:DC:D4:A8:ED:21:F6:23:98:D1:1D:48:63:D4:95:42:78:7E:2E Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d Certificate serial: 019ABA25430BE934DBAC6DA73602EE0D85A4 Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/VUHc1KjtIfYjmNEdSGPUlUJ4fi4.roa Signing time: Tue 25 Nov 2025 08:33:15 +0000 ROA not before: Tue 25 Nov 2025 08:33:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31368 IP address blocks: 89.107.128.0/24 maxlen: 24 89.107.130.0/23 maxlen: 23 89.107.132.0/23 maxlen: 23 185.173.156.0/24 maxlen: 24 185.173.158.0/24 maxlen: 24 185.173.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.mft rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ba:25:43:0b:e9:34:db:ac:6d:a7:36:02:ee:0d:85:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d Validity Not Before: Nov 25 08:33:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5541dcd4a8ed21f62398d11d4863d49542787e2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a4:d5:1f:19:92:00:ae:bc:da:41:cc:ff:24: 71:29:79:9c:96:fe:e9:ec:2c:ea:c0:f2:7e:d7:95: 44:20:a6:fc:ad:b5:5e:62:39:e3:fa:1a:32:8f:c3: 49:1b:9f:97:7a:ec:8c:f0:b2:52:1b:1b:94:17:e1: 6c:6a:1f:99:f4:0a:31:6e:7e:c2:2a:52:5c:38:87: e7:91:a5:1f:5f:a4:ec:0f:1d:93:b3:5e:61:67:4a: 48:97:cc:de:1b:a1:44:7a:89:63:fd:04:18:74:8b: e7:b9:75:4b:29:e6:95:1d:24:46:f9:5f:e4:72:7a: b0:3d:c8:db:92:f4:b7:4c:44:87:26:d1:bf:41:81: 4a:7f:17:9b:0d:1c:46:2f:af:5b:51:d1:d9:b8:6e: ee:43:cc:bf:52:ea:cd:d4:f6:bd:4b:8b:8b:1c:ff: 71:13:ae:79:be:d4:85:33:09:57:f7:a9:03:04:36: a4:d8:f7:6a:61:8e:a3:6f:b7:de:37:5e:94:24:7d: 91:ce:56:b1:ec:b9:2a:dc:61:ff:61:26:19:37:e9: e9:47:b9:78:57:ec:3b:80:be:16:2b:87:c2:d5:90: 2b:73:79:4a:88:e7:b1:6f:b0:41:f9:5b:8d:e1:98: 45:67:29:b5:0a:51:f1:c8:06:5a:20:96:37:61:34: 99:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:41:DC:D4:A8:ED:21:F6:23:98:D1:1D:48:63:D4:95:42:78:7E:2E X509v3 Authority Key Identifier: keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/VUHc1KjtIfYjmNEdSGPUlUJ4fi4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.107.128.0/24 89.107.130.0-89.107.133.255 185.173.156.0/24 185.173.158.0/23 Signature Algorithm: sha256WithRSAEncryption 1c:fb:9a:25:ec:06:3b:ba:00:ac:b4:a5:16:dc:7a:d6:04:07: fb:8e:29:6d:9f:e2:c0:82:99:0d:e9:4a:1c:f1:16:36:d2:18: 74:97:c1:e7:1c:3e:8d:d6:0c:dc:51:05:f1:f2:a6:2a:bf:13: cb:24:94:d2:22:98:d1:90:c7:46:8b:15:6a:82:f8:69:0c:67: fc:ad:c4:55:55:bf:c2:0a:22:16:bd:b1:d3:af:7d:9d:34:fe: 16:23:d9:b7:fc:c5:e1:99:80:ba:2b:af:82:a3:e3:2d:4b:74: af:c2:4a:f0:7c:e2:85:2e:e9:9b:0d:c7:2c:87:d4:71:e4:29: eb:19:46:6a:13:6a:57:30:61:71:f4:d3:ca:7a:57:62:f8:80: b2:f0:9d:93:be:d2:a7:8e:30:23:0b:63:3f:c7:be:b7:fa:2d: 61:34:63:0c:03:2f:09:96:e7:01:51:7f:8a:ce:a2:d2:fd:10: 35:1f:51:4e:13:fb:f2:18:66:4d:ba:9f:38:d9:37:4e:99:b6: bc:b5:ee:f7:0f:56:6f:5e:64:33:2a:98:57:06:8d:53:f7:83: 10:7c:03:53:09:ff:a0:e0:79:22:fa:d8:b3:19:3c:11:85:a6: ae:18:8c:cb:61:8a:3a:da:53:d7:0f:fd:3b:6d:9c:df:af:72: 4c:0d:4c:92 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZq6JUML6TTbrG2nNgLuDYWkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw OWU1MGQwHhcNMjUxMTI1MDgzMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NTQxZGNkNGE4ZWQyMWY2MjM5OGQxMWQ0ODYzZDQ5NTQyNzg3ZTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaTVHxmSAK682kHM/yRxKXmclv7p 7CzqwPJ+15VEIKb8rbVeYjnj+hoyj8NJG5+XeuyM8LJSGxuUF+Fsah+Z9Aoxbn7C KlJcOIfnkaUfX6TsDx2Ts15hZ0pIl8zeG6FEeolj/QQYdIvnuXVLKeaVHSRG+V/k cnqwPcjbkvS3TESHJtG/QYFKfxebDRxGL69bUdHZuG7uQ8y/UurN1Pa9S4uLHP9x E655vtSFMwlX96kDBDak2PdqYY6jb7feN16UJH2Rzlax7Lkq3GH/YSYZN+npR7l4 V+w7gL4WK4fC1ZArc3lKiOexb7BB+VuN4ZhFZym1ClHxyAZaIJY3YTSZJQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFFVB3NSo7SH2I5jRHUhj1JVCeH4uMB8GA1UdIwQY MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt MmIxMDUwNTFiYTU5LzEvVlVIYzFLanRJZllqbU5FZFNHUFVsVUo0Zmk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5 LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWWuAMAwD BAFZa4IDBAFZa4QDBAC5rZwDBAG5rZ4wDQYJKoZIhvcNAQELBQADggEBABz7miXs Bju6AKy0pRbcetYEB/uOKW2f4sCCmQ3pShzxFjbSGHSXweccPo3WDNxRBfHypiq/ E8sklNIimNGQx0aLFWqC+GkMZ/ytxFVVv8IKIha9sdOvfZ00/hYj2bf8xeGZgLor r4Kj4y1LdK/CSvB84oUu6ZsNxyyH1HHkKesZRmoTalcwYXH008p6V2L4gLLwnZO+ 0qeOMCMLYz/Hvrf6LWE0YwwDLwmW5wFRf4rOotL9EDUfUU4T+/IYZk26nzjZN06Z try17vcPVm9eZDMqmFcGjVP3gxB8A1MJ/6DgeSL62LMZPBGFpq4YjMthijraU9cP /TttnN+vckwNTJI= -----END CERTIFICATE-----Generated at Sat Dec 6 08:50:39 2025 by rpki-client