This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/rD9vHXlVEIB8M3cZw6Ig3zqOjSY.roa File: rD9vHXlVEIB8M3cZw6Ig3zqOjSY.roa (raw, json) Hash identifier: LqdT+kDN7EAKsUrhE7I32HrIwpzhpfN+fHExPsMZ/NQ= Subject key identifier: AC:3F:6F:1D:79:55:10:80:7C:33:77:19:C3:A2:20:DF:3A:8E:8D:26 Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a Certificate serial: 019A786A359C740F439872BAFA043D38EDD7 Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/rD9vHXlVEIB8M3cZw6Ig3zqOjSY.roa Signing time: Wed 12 Nov 2025 14:13:37 +0000 ROA not before: Wed 12 Nov 2025 14:13:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206120 IP address blocks: 185.155.175.0/24 maxlen: 24 194.147.230.0/24 maxlen: 24 2a0f:b0c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.mft rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:78:6a:35:9c:74:0f:43:98:72:ba:fa:04:3d:38:ed:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a Validity Not Before: Nov 12 14:13:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ac3f6f1d795510807c337719c3a220df3a8e8d26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2c:b2:26:38:84:fb:c9:10:10:06:ab:a3:4a: 58:ac:0f:40:89:0c:c9:f7:01:05:f3:06:fa:b1:8a: 29:05:62:37:8c:6f:ed:d7:a9:0b:d7:f1:6d:8a:cf: 3e:13:6c:8a:eb:9f:d0:fe:e8:31:82:c7:4c:7c:f4: d4:cf:82:00:ae:72:06:4c:c3:ea:b4:3e:cf:c2:36: 5b:58:72:ab:e4:7b:fc:c0:be:d2:4a:8f:ff:ec:65: 10:ae:5b:c9:18:ad:2d:25:9f:86:16:b8:3b:df:a8: 6e:ac:99:1e:c4:a4:c2:c5:bb:8b:62:b6:15:af:b8: 44:a1:86:0e:b7:c0:28:85:98:30:6d:d5:47:e0:f7: db:d1:ef:56:ac:d1:0d:58:35:79:19:01:4d:68:af: ae:e1:04:5d:b6:87:ba:f5:06:56:c9:df:a0:98:96: 20:67:4c:8d:11:52:d9:0b:a6:9d:3e:40:41:67:1a: 7f:15:f4:51:39:a1:69:6f:45:b2:44:3c:00:f0:b8: 73:24:1d:43:b4:f9:80:21:27:cd:f3:d1:c0:fa:6e: 98:6d:b5:25:7c:04:cb:66:54:7a:42:b5:51:d1:da: 7c:d6:6a:e5:4d:19:db:f2:93:6b:fb:6b:15:82:28: 0e:86:ae:12:f9:4a:ec:80:b2:b3:7e:57:c4:f7:e0: 13:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:3F:6F:1D:79:55:10:80:7C:33:77:19:C3:A2:20:DF:3A:8E:8D:26 X509v3 Authority Key Identifier: keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/rD9vHXlVEIB8M3cZw6Ig3zqOjSY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.155.175.0/24 194.147.230.0/24 IPv6: 2a0f:b0c0::/29 Signature Algorithm: sha256WithRSAEncryption 17:91:36:23:58:1b:f0:1f:1f:0b:26:37:fc:db:ec:86:6b:42: b0:fc:65:4d:86:c6:29:a9:6d:ab:a3:17:1b:3e:f7:57:60:39: 95:c2:25:e9:be:f8:0e:94:40:e4:99:dd:a0:9c:60:97:60:31: bd:95:6c:9a:52:c6:88:03:85:81:ff:91:dd:44:59:1d:7c:30: 49:07:cb:5a:68:09:11:1f:d3:c7:c0:f0:28:64:4f:00:95:0a: 92:b6:af:e9:72:50:ae:94:41:57:35:d5:09:32:ac:ec:fc:7f: 43:0e:fe:66:d8:03:84:0d:7c:85:4a:9a:a2:2d:8e:13:0f:2b: 4d:c4:21:69:9c:a4:02:73:9a:c8:90:e0:1d:e7:66:45:5c:eb: 6b:5d:75:70:b8:4e:02:17:d0:f2:9b:69:18:16:c7:12:45:63: ca:d7:6f:6e:3c:a6:ea:09:84:17:ba:27:b3:6a:8f:e1:98:88: c8:06:2d:a1:a2:3b:88:46:fc:79:39:89:d5:35:ff:2c:ae:15: f9:78:91:ae:77:7f:d5:d2:2a:07:a0:a2:76:db:31:a4:2e:a3: 94:e7:ef:05:3d:e9:07:6d:8a:f6:bf:35:5d:26:b0:5f:dd:a0: 4d:22:19:68:27:83:09:48:19:df:92:81:42:89:bc:38:4b:12: d5:34:9a:43 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZp4ajWcdA9DmHK6+gQ9OO3XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2 ZjcxNWEwHhcNMjUxMTEyMTQxMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzNmNmYxZDc5NTUxMDgwN2MzMzc3MTljM2EyMjBkZjNhOGU4ZDI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyyyJjiE+8kQEAaro0pYrA9AiQzJ 9wEF8wb6sYopBWI3jG/t16kL1/Ftis8+E2yK65/Q/ugxgsdMfPTUz4IArnIGTMPq tD7PwjZbWHKr5Hv8wL7SSo//7GUQrlvJGK0tJZ+GFrg736hurJkexKTCxbuLYrYV r7hEoYYOt8AohZgwbdVH4Pfb0e9WrNENWDV5GQFNaK+u4QRdtoe69QZWyd+gmJYg Z0yNEVLZC6adPkBBZxp/FfRROaFpb0WyRDwA8LhzJB1DtPmAISfN89HA+m6YbbUl fATLZlR6QrVR0dp81mrlTRnb8pNr+2sVgigOhq4S+UrsgLKzflfE9+ATVwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKw/bx15VRCAfDN3GcOiIN86jo0mMB8GA1UdIwQY MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt NmMzMDVhNmRiYWI5LzEvckQ5dkhYbFZFSUI4TTNjWnc2SWczenFPalNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5 LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuZuvAwQA wpPmMA0EAgACMAcDBQMqD7DAMA0GCSqGSIb3DQEBCwUAA4IBAQAXkTYjWBvwHx8L Jjf82+yGa0Kw/GVNhsYpqW2roxcbPvdXYDmVwiXpvvgOlEDkmd2gnGCXYDG9lWya UsaIA4WB/5HdRFkdfDBJB8taaAkRH9PHwPAoZE8AlQqStq/pclCulEFXNdUJMqzs /H9DDv5m2AOEDXyFSpqiLY4TDytNxCFpnKQCc5rIkOAd52ZFXOtrXXVwuE4CF9Dy m2kYFscSRWPK129uPKbqCYQXuiezao/hmIjIBi2hojuIRvx5OYnVNf8srhX5eJGu d3/V0ioHoKJ22zGkLqOU5+8FPekHbYr2vzVdJrBf3aBNIhloJ4MJSBnfkoFCibw4 SxLVNJpD -----END CERTIFICATE-----Generated at Sat Dec 6 21:26:28 2025 by rpki-client