This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/zRtO1-BRSsUGXQcidImvfnLpcQ0.roa File: zRtO1-BRSsUGXQcidImvfnLpcQ0.roa (raw, json) Hash identifier: 2q+w34DDnqVMnx3DmxrSdduUyOAdrNZNrDnK8Xa9mGQ= Subject key identifier: CD:1B:4E:D7:E0:51:4A:C5:06:5D:07:22:74:89:AF:7E:72:E9:71:0D Certificate issuer: /CN=2f2a0fa20383332a3f414f054753a0b60b25ba10 Certificate serial: 019ACBE589E9268DD51AC0DE951B474F9FE5 Authority key identifier: 2F:2A:0F:A2:03:83:33:2A:3F:41:4F:05:47:53:A0:B6:0B:25:BA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/zRtO1-BRSsUGXQcidImvfnLpcQ0.roa Signing time: Fri 28 Nov 2025 19:16:49 +0000 ROA not before: Fri 28 Nov 2025 19:16:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 207456 IP address blocks: 91.197.32.0/22 maxlen: 22 185.239.204.0/22 maxlen: 22 185.239.207.0/24 maxlen: 24 185.241.156.0/22 maxlen: 22 193.108.84.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.crl rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.mft rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cb:e5:89:e9:26:8d:d5:1a:c0:de:95:1b:47:4f:9f:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f2a0fa20383332a3f414f054753a0b60b25ba10 Validity Not Before: Nov 28 19:16:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cd1b4ed7e0514ac5065d07227489af7e72e9710d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e4:5a:ff:aa:99:77:39:00:d6:47:c5:48:25: 4d:9c:4c:a2:3c:ad:3f:e6:44:a1:ad:a2:2c:99:1e: 78:0c:65:f9:b7:88:ad:c8:68:c8:5a:7c:53:1e:38: b3:ae:50:d0:83:ad:be:a4:a6:74:02:22:e5:1f:d1: 5e:f9:e7:98:21:a9:43:a8:7c:23:3a:93:bb:de:ae: ec:68:75:54:1c:2d:b2:59:d9:74:37:35:a4:6a:1f: 67:36:5e:06:d0:de:f8:a7:5b:47:fc:9d:af:4c:dd: 0f:91:9f:5c:1a:4f:92:db:87:ff:78:25:16:cd:4e: c5:3b:5a:09:3d:3f:12:6b:49:db:33:93:78:22:a7: b8:88:c9:1f:cc:fd:dc:35:6a:f2:25:c7:e4:14:51: ed:90:e3:d0:d9:9d:a8:e9:9e:bb:d9:ce:37:eb:da: d4:b5:57:3f:ef:b4:af:ea:d7:9b:93:74:cf:cb:1d: 17:1c:5b:3c:b0:65:d9:9f:13:38:8e:ef:45:1e:fd: a8:98:41:9c:e4:3a:6d:22:eb:d2:30:88:f8:6f:98: dd:a4:ce:94:97:c0:25:a1:20:5d:d7:28:f3:e9:c2: 31:04:7d:5a:67:16:68:0a:e9:cd:e0:c3:06:4f:84: c0:c5:87:28:0a:f0:5c:d0:f2:8b:4b:1c:42:e9:27: a9:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:1B:4E:D7:E0:51:4A:C5:06:5D:07:22:74:89:AF:7E:72:E9:71:0D X509v3 Authority Key Identifier: keyid:2F:2A:0F:A2:03:83:33:2A:3F:41:4F:05:47:53:A0:B6:0B:25:BA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LyoPogODMyo_QU8FR1OgtgsluhA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/zRtO1-BRSsUGXQcidImvfnLpcQ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d6d30b-0b9b-429e-8413-55a930fc0c71/1/LyoPogODMyo_QU8FR1OgtgsluhA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.32.0/22 185.239.204.0/22 185.241.156.0/22 193.108.84.0/22 Signature Algorithm: sha256WithRSAEncryption 4a:ee:c5:f1:7b:b0:12:3f:a7:2d:72:60:cd:8b:1a:00:d4:49: 91:26:a8:b1:05:e2:89:08:9d:b5:9d:84:68:63:14:e5:57:74: 84:84:7c:2e:48:59:77:34:0a:9a:4d:80:4c:cb:2d:45:fd:cf: ad:98:13:94:f1:b3:b7:45:91:81:89:13:7e:f2:f0:ca:77:7e: 7a:b8:89:25:b0:13:d6:3b:29:27:87:50:42:83:02:dd:d8:2c: ee:8a:2c:75:54:b7:b7:a6:6a:39:6e:de:eb:75:2b:bf:93:c5: af:db:9c:2b:60:a7:88:a3:11:91:d8:0e:43:d9:4a:ae:b9:c1: 66:78:f5:f1:1a:b7:56:fb:a2:47:41:80:f7:43:c4:23:31:01: 73:98:bb:24:92:b6:fe:cf:95:06:f1:a9:b0:a8:40:a6:49:e4: f3:47:23:59:1d:d9:8b:53:8b:99:86:39:9e:c7:7f:b3:89:5b: f4:0b:ac:23:b7:3b:d2:35:c1:d5:8f:33:8a:46:fe:37:a0:99: ab:58:74:08:d9:9f:0f:56:4d:1a:6a:ac:9c:78:44:9e:8c:9f: 84:f2:42:00:b3:95:c4:8d:7b:83:7b:17:17:30:c6:63:f3:f7: 8e:ff:b6:0d:a9:45:a4:61:e5:00:6d:fc:7b:8f:6e:a7:72:13: 91:97:9d:0b -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZrL5YnpJo3VGsDelRtHT5/lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmMmEwZmEyMDM4MzMzMmEzZjQxNGYwNTQ3NTNhMGI2MGIy NWJhMTAwHhcNMjUxMTI4MTkxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDFiNGVkN2UwNTE0YWM1MDY1ZDA3MjI3NDg5YWY3ZTcyZTk3MTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseRa/6qZdzkA1kfFSCVNnEyiPK0/ 5kShraIsmR54DGX5t4ityGjIWnxTHjizrlDQg62+pKZ0AiLlH9Fe+eeYIalDqHwj OpO73q7saHVUHC2yWdl0NzWkah9nNl4G0N74p1tH/J2vTN0PkZ9cGk+S24f/eCUW zU7FO1oJPT8Sa0nbM5N4Iqe4iMkfzP3cNWryJcfkFFHtkOPQ2Z2o6Z672c4369rU tVc/77Sv6tebk3TPyx0XHFs8sGXZnxM4ju9FHv2omEGc5DptIuvSMIj4b5jdpM6U l8AloSBd1yjz6cIxBH1aZxZoCunN4MMGT4TAxYcoCvBc0PKLSxxC6Sep5QIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFM0bTtfgUUrFBl0HInSJr35y6XENMB8GA1UdIwQY MBaAFC8qD6IDgzMqP0FPBUdToLYLJboQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHlvUG9nT0RNeW9fUVU4RlIxT2d0Z3NsdWhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kNmQzMGItMGI5Yi00MjllLTg0MTMt NTVhOTMwZmMwYzcxLzEvelJ0TzEtQlJTc1VHWFFjaWRJbXZmbkxwY1EwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC9kNmQzMGItMGI5Yi00MjllLTg0MTMtNTVhOTMwZmMwYzcx LzEvTHlvUG9nT0RNeW9fUVU4RlIxT2d0Z3NsdWhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8UgAwQC ue/MAwQCufGcAwQCwWxUMA0GCSqGSIb3DQEBCwUAA4IBAQBK7sXxe7ASP6ctcmDN ixoA1EmRJqixBeKJCJ21nYRoYxTlV3SEhHwuSFl3NAqaTYBMyy1F/c+tmBOU8bO3 RZGBiRN+8vDKd356uIklsBPWOyknh1BCgwLd2Czuiix1VLe3pmo5bt7rdSu/k8Wv 25wrYKeIoxGR2A5D2UquucFmePXxGrdW+6JHQYD3Q8QjMQFzmLskkrb+z5UG8amw qECmSeTzRyNZHdmLU4uZhjmex3+ziVv0C6wjtzvSNcHVjzOKRv43oJmrWHQI2Z8P Vk0aaqyceESejJ+E8kIAs5XEjXuDexcXMMZj8/eO/7YNqUWkYeUAbfx7j26nchOR l50L -----END CERTIFICATE-----Generated at Sat Dec 6 14:55:10 2025 by rpki-client