This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/pIC-whUriXBZUStrVpAYvl470Dw.roa File: pIC-whUriXBZUStrVpAYvl470Dw.roa (raw, json) Hash identifier: P8U8HyziEmzl2lHRrN+KrJgIgKMcwZzkigHQuPfUZ+s= Subject key identifier: A4:80:BE:C2:15:2B:89:70:59:51:2B:6B:56:90:18:BE:5E:3B:D0:3C Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39 Certificate serial: 019A82F9EC3EC9B579AC96FC34AAAE1CF65F Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/pIC-whUriXBZUStrVpAYvl470Dw.roa Signing time: Fri 14 Nov 2025 15:26:48 +0000 ROA not before: Fri 14 Nov 2025 15:26:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 42330 IP address blocks: 185.250.8.0/24 maxlen: 24 185.250.9.0/24 maxlen: 24 185.250.10.0/23 maxlen: 23 2a0b:9400::/30 maxlen: 30 2a0b:9400:8::/48 maxlen: 48 2a0b:9400:1000::/48 maxlen: 48 2a0b:9400:1001::/48 maxlen: 48 2a0b:9401::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.mft rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:82:f9:ec:3e:c9:b5:79:ac:96:fc:34:aa:ae:1c:f6:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39 Validity Not Before: Nov 14 15:26:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a480bec2152b897059512b6b569018be5e3bd03c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:87:ea:a5:c9:35:46:03:23:f5:e0:b6:0e:ca: 1f:dc:60:9f:52:a1:18:8b:db:70:00:ea:02:7b:7d: cf:d1:5d:91:7d:7a:36:d1:cf:1d:c6:38:11:54:86: 8f:af:51:f4:2f:2a:3c:75:27:63:1c:ab:4a:a6:33: 21:8f:14:61:5e:de:46:ec:c9:a2:71:ef:6c:a6:b9: 32:f2:d7:16:95:a3:d3:9f:20:f3:fb:a4:c7:b1:68: 4b:b3:4f:aa:20:50:96:14:20:e3:12:40:d7:74:b0: 4b:5b:20:ad:ee:e4:f8:55:ac:16:dd:fc:c3:91:29: 15:0a:8d:05:0a:f3:55:67:4e:a7:b7:72:95:30:d3: 20:e4:4d:67:0c:af:4a:a1:bd:19:d8:f5:a0:48:2f: 37:37:69:f1:88:fa:b1:c9:22:33:cd:9a:c1:f4:40: d1:d5:6d:99:3e:4d:91:e0:59:ce:17:c5:bd:a8:8a: 11:bb:bd:0e:ef:44:2b:f4:6b:39:f6:2b:e7:4d:26: cc:3f:70:51:35:61:ca:9c:3d:8e:c9:a3:3c:78:aa: 92:9b:e9:62:12:89:be:35:ce:eb:d4:d3:85:92:a9: 68:50:33:9d:02:1e:51:82:14:ef:c3:b6:b3:a8:90: 92:02:5a:6d:1a:5d:79:bc:90:72:c6:7c:2c:a3:e9: 99:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:80:BE:C2:15:2B:89:70:59:51:2B:6B:56:90:18:BE:5E:3B:D0:3C X509v3 Authority Key Identifier: keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/pIC-whUriXBZUStrVpAYvl470Dw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.250.8.0/22 IPv6: 2a0b:9400::/30 Signature Algorithm: sha256WithRSAEncryption 2b:4e:02:2b:10:4f:df:a9:bc:c2:21:82:5a:df:66:03:fe:1a: 2d:7f:87:f4:52:d7:07:e8:d8:92:8c:60:f5:f9:ba:5b:f9:e4: 77:4f:69:bb:f3:a2:b1:5c:45:46:aa:52:b5:bc:92:2b:b7:75: 87:af:7e:21:3e:51:25:1f:16:b0:cf:05:15:72:72:10:fd:52: 65:aa:43:94:f5:24:ba:70:63:a0:78:dc:9a:02:30:8f:29:cc: 7f:d0:54:88:60:d0:7f:25:cd:d6:28:aa:10:d0:9f:d9:e6:2f: 8c:52:c5:b5:54:0a:4f:54:57:48:14:b0:08:9f:a8:2a:62:2b: 4d:dd:89:89:ed:e3:6c:47:ee:de:41:39:20:ef:3b:5f:e5:4f: 89:f2:8c:bb:4f:d8:04:bb:b0:d0:5e:66:84:fc:2e:ed:bc:a7: 77:fe:5c:f2:72:df:9e:84:cb:93:2f:32:43:e2:6b:31:a4:2b: b2:64:ff:32:79:68:b0:e7:dd:79:73:1e:7a:ba:23:ac:9c:03: f7:64:c3:02:c5:8c:04:c3:72:e3:f9:9b:94:2e:8b:b4:45:f2: 55:53:f9:55:0d:b6:44:cf:35:0f:65:04:d3:bb:67:5b:6e:39: e6:d6:3f:5e:b6:32:10:26:6d:5e:fa:ff:ee:1a:9e:50:fc:9f: 58:f3:a5:0f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZqC+ew+ybV5rJb8NKquHPZfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi MGNlMzkwHhcNMjUxMTE0MTUyNjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDgwYmVjMjE1MmI4OTcwNTk1MTJiNmI1NjkwMThiZTVlM2JkMDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYfqpck1RgMj9eC2Dsof3GCfUqEY i9twAOoCe33P0V2RfXo20c8dxjgRVIaPr1H0Lyo8dSdjHKtKpjMhjxRhXt5G7Mmi ce9sprky8tcWlaPTnyDz+6THsWhLs0+qIFCWFCDjEkDXdLBLWyCt7uT4VawW3fzD kSkVCo0FCvNVZ06nt3KVMNMg5E1nDK9Kob0Z2PWgSC83N2nxiPqxySIzzZrB9EDR 1W2ZPk2R4FnOF8W9qIoRu70O70Qr9Gs59ivnTSbMP3BRNWHKnD2OyaM8eKqSm+li Eom+Nc7r1NOFkqloUDOdAh5RghTvw7azqJCSAlptGl15vJByxnwso+mZhQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKSAvsIVK4lwWVEra1aQGL5eO9A8MB8GA1UdIwQY MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt NTFkNzU1NjhhOWUzLzEvcElDLXdoVXJpWEJaVVN0clZwQVl2bDQ3MER3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufoIMA0E AgACMAcDBQIqC5QAMA0GCSqGSIb3DQEBCwUAA4IBAQArTgIrEE/fqbzCIYJa32YD /hotf4f0UtcH6NiSjGD1+bpb+eR3T2m786KxXEVGqlK1vJIrt3WHr34hPlElHxaw zwUVcnIQ/VJlqkOU9SS6cGOgeNyaAjCPKcx/0FSIYNB/Jc3WKKoQ0J/Z5i+MUsW1 VApPVFdIFLAIn6gqYitN3YmJ7eNsR+7eQTkg7ztf5U+J8oy7T9gEu7DQXmaE/C7t vKd3/lzyct+ehMuTLzJD4msxpCuyZP8yeWiw5915cx56uiOsnAP3ZMMCxYwEw3Lj +ZuULou0RfJVU/lVDbZEzzUPZQTTu2dbbjnm1j9etjIQJm1e+v/uGp5Q/J9Y86UP -----END CERTIFICATE-----Generated at Sat Dec 6 23:57:49 2025 by rpki-client