This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/9kfN7xGstaFbxYGcvfs3i3H4Rfg.roa File: 9kfN7xGstaFbxYGcvfs3i3H4Rfg.roa (raw, json) Hash identifier: Qr7ehwqJLmUYKY4GpzfSTvkuH4ftLTItGDeW31rfUYc= Subject key identifier: F6:47:CD:EF:11:AC:B5:A1:5B:C5:81:9C:BD:FB:37:8B:71:F8:45:F8 Certificate issuer: /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e Certificate serial: 019AEEA56C3CFBBD0B413880E02FD9E4AAD7 Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/9kfN7xGstaFbxYGcvfs3i3H4Rfg.roa Signing time: Fri 05 Dec 2025 13:13:29 +0000 ROA not before: Fri 05 Dec 2025 13:13:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57797 IP address blocks: 81.27.84.0/24 maxlen: 24 209.131.64.0/21 maxlen: 21 2a12:8ac0::/29 maxlen: 48 2a12:8ac0::/40 maxlen: 48 2a12:8ac1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.mft rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ee:a5:6c:3c:fb:bd:0b:41:38:80:e0:2f:d9:e4:aa:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e Validity Not Before: Dec 5 13:13:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f647cdef11acb5a15bc5819cbdfb378b71f845f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:75:3f:11:7e:92:cd:c1:3f:8c:31:f0:a1:22: d0:54:0e:f0:71:04:05:d5:de:10:4e:4b:dd:55:e2: f5:f6:8f:c4:53:8c:0a:6b:23:69:bf:4d:4e:af:bc: 64:a1:42:c8:cb:a9:f5:e8:fd:2c:9f:d0:f2:e4:e9: bd:0a:3f:d2:eb:2c:46:c2:e0:98:3b:37:32:38:20: ae:27:cd:cd:69:8e:c7:b2:ff:26:5e:70:e1:ca:bb: 99:14:36:5a:16:c4:07:0e:6e:d6:f7:1f:c2:b4:17: 8b:dd:e1:f0:05:3c:9d:ca:58:64:dd:bd:27:55:7d: ea:1e:00:8c:65:eb:0f:98:60:ad:d2:09:8f:20:b3: 6b:78:7b:e4:51:26:9c:8f:07:55:cd:92:da:30:b3: ce:d8:cb:d1:e1:f8:dc:ea:80:eb:50:92:3a:f3:9f: 55:23:54:73:74:3e:9c:18:39:a7:61:ef:8a:e5:e4: d1:50:63:0a:bc:72:c6:89:33:b6:3e:2b:68:f4:bd: c1:98:3b:22:ac:e8:e2:d1:e2:c6:51:d4:7f:e0:4e: 5b:9d:4c:3b:74:e5:78:a3:8e:9e:82:49:d2:69:59: e5:4b:26:8c:02:0c:96:1f:bb:f5:4e:58:80:2f:19: f0:e5:cc:03:fe:99:fa:b7:18:37:05:57:ae:9c:40: fe:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:47:CD:EF:11:AC:B5:A1:5B:C5:81:9C:BD:FB:37:8B:71:F8:45:F8 X509v3 Authority Key Identifier: keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/9kfN7xGstaFbxYGcvfs3i3H4Rfg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.27.84.0/24 209.131.64.0/21 IPv6: 2a12:8ac0::/29 Signature Algorithm: sha256WithRSAEncryption 67:f0:a5:7f:b0:6a:75:54:47:f3:5d:17:76:5f:a1:8c:97:11: fc:8f:64:99:a8:33:4a:92:b1:31:fe:b0:b9:2e:0c:10:75:26: cb:86:04:6e:50:c8:b0:7a:d0:54:3b:47:b4:e5:7d:9e:4f:7c: d9:4e:fd:bb:72:79:d7:35:db:08:a4:2e:10:c7:9b:97:81:f0: 14:52:0c:00:9c:fd:7c:a2:79:2e:40:60:f5:7e:95:fa:15:6a: 69:a3:22:11:1d:a1:ff:51:0e:b1:94:d0:75:32:48:52:bd:8d: c5:d1:4a:92:8f:b9:5e:4d:8d:ee:b9:6b:cf:58:59:ba:e3:59: 0d:00:89:36:a7:e9:83:c7:6d:98:c4:d0:ef:39:0e:78:1b:a3: 96:05:ad:60:4d:44:3a:b8:78:9c:26:5f:3d:57:fc:88:12:8b: 5c:c9:8d:92:f3:39:69:32:8e:d1:6f:a0:81:ca:1c:73:e0:6b: be:66:e2:66:30:7b:39:d9:5c:00:6e:e0:d0:41:32:e7:c5:6c: e0:2f:88:ac:db:5e:1a:50:46:92:59:c8:8d:be:29:ec:8d:1d: e6:cc:65:79:e8:a3:54:1c:9a:c4:de:60:b6:0f:fe:5f:43:fd: b5:c1:a1:ef:94:4c:2b:e8:8d:da:e8:8f:42:6d:d7:b0:9e:b6: 0b:b6:13:c6 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZrupWw8+70LQTiA4C/Z5KrXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm MTlmN2UwHhcNMjUxMjA1MTMxMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNjQ3Y2RlZjExYWNiNWExNWJjNTgxOWNiZGZiMzc4YjcxZjg0NWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nU/EX6SzcE/jDHwoSLQVA7wcQQF 1d4QTkvdVeL19o/EU4wKayNpv01Or7xkoULIy6n16P0sn9Dy5Om9Cj/S6yxGwuCY OzcyOCCuJ83NaY7Hsv8mXnDhyruZFDZaFsQHDm7W9x/CtBeL3eHwBTydylhk3b0n VX3qHgCMZesPmGCt0gmPILNreHvkUSacjwdVzZLaMLPO2MvR4fjc6oDrUJI6859V I1RzdD6cGDmnYe+K5eTRUGMKvHLGiTO2Pito9L3BmDsirOji0eLGUdR/4E5bnUw7 dOV4o46egknSaVnlSyaMAgyWH7v1TliALxnw5cwD/pn6txg3BVeunED+RwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFPZHze8RrLWhW8WBnL37N4tx+EX4MB8GA1UdIwQY MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt ZGE0NTM4MDIyYWM3LzEvOWtmTjd4R3N0YUZieFlHY3ZmczNpM0g0UmZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3 LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAURtUAwQD 0YNAMA0EAgACMAcDBQMqEorAMA0GCSqGSIb3DQEBCwUAA4IBAQBn8KV/sGp1VEfz XRd2X6GMlxH8j2SZqDNKkrEx/rC5LgwQdSbLhgRuUMiwetBUO0e05X2eT3zZTv27 cnnXNdsIpC4Qx5uXgfAUUgwAnP18onkuQGD1fpX6FWppoyIRHaH/UQ6xlNB1MkhS vY3F0UqSj7leTY3uuWvPWFm641kNAIk2p+mDx22YxNDvOQ54G6OWBa1gTUQ6uHic Jl89V/yIEotcyY2S8zlpMo7Rb6CByhxz4Gu+ZuJmMHs52VwAbuDQQTLnxWzgL4is 214aUEaSWciNvinsjR3mzGV56KNUHJrE3mC2D/5fQ/21waHvlEwr6I3a6I9Cbdew nrYLthPG -----END CERTIFICATE-----Generated at Sat Dec 6 19:59:18 2025 by rpki-client