This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/930caf-76ee-456c-afe0-a25255329dc0/1/9hOySnoZoe98Vds65PO-k5WBbfQ.roa File: 9hOySnoZoe98Vds65PO-k5WBbfQ.roa (raw, json) Hash identifier: bWjpGXsf5+0jGIGSfAb5UBCCFfQkAKUBkc1nnoBo6sA= Subject key identifier: F6:13:B2:4A:7A:19:A1:EF:7C:55:DB:3A:E4:F3:BE:93:95:81:6D:F4 Certificate issuer: /CN=974506f3f202d86849bb4dd5c7539d22b4df5182 Certificate serial: 019AA6896C68A325A9350A453D6954ADACFC Authority key identifier: 97:45:06:F3:F2:02:D8:68:49:BB:4D:D5:C7:53:9D:22:B4:DF:51:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0UG8_IC2GhJu03Vx1OdIrTfUYI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/930caf-76ee-456c-afe0-a25255329dc0/1/9hOySnoZoe98Vds65PO-k5WBbfQ.roa Signing time: Fri 21 Nov 2025 13:10:15 +0000 ROA not before: Fri 21 Nov 2025 13:10:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 20967 IP address blocks: 91.209.205.0/24 maxlen: 24 193.39.78.0/24 maxlen: 24 193.108.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/930caf-76ee-456c-afe0-a25255329dc0/1/l0UG8_IC2GhJu03Vx1OdIrTfUYI.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/930caf-76ee-456c-afe0-a25255329dc0/1/l0UG8_IC2GhJu03Vx1OdIrTfUYI.mft rsync://rpki.ripe.net/repository/DEFAULT/l0UG8_IC2GhJu03Vx1OdIrTfUYI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a6:89:6c:68:a3:25:a9:35:0a:45:3d:69:54:ad:ac:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=974506f3f202d86849bb4dd5c7539d22b4df5182 Validity Not Before: Nov 21 13:10:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f613b24a7a19a1ef7c55db3ae4f3be9395816df4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3f:33:32:d2:3a:23:16:58:3b:fb:c9:58:01: 94:c3:80:56:95:28:25:ac:6d:a3:e8:10:8c:e2:6b: 2d:14:87:42:65:a7:2c:92:8c:3b:51:19:e6:c0:ca: 66:06:7f:61:7c:8f:22:e6:6b:fb:99:1f:91:a4:a7: 3b:1a:1b:10:5c:0c:6a:cf:81:87:d8:f2:87:8a:a2: 17:4d:b0:52:29:4b:d2:00:54:bc:74:13:50:a8:f8: 32:a9:fd:9d:41:e7:45:e9:2a:e9:5a:d0:42:9a:b7: af:3f:b6:31:17:c3:44:8d:b8:18:1f:1c:61:0a:56: 61:02:49:4d:94:6c:15:0c:5a:c8:58:c5:cc:38:6b: 9c:76:f8:e0:28:d4:94:c3:ed:05:e2:cd:52:fc:bf: 2a:14:24:f4:3e:4d:0a:99:73:ee:0b:66:5d:92:fe: 54:ef:43:18:13:ef:43:70:3f:d8:bc:f2:0e:5a:f3: aa:37:ae:1f:86:26:fe:57:c4:4b:73:64:25:dd:1c: 1e:75:01:cf:7e:ef:b5:b2:bc:6f:13:08:9f:5f:23: 77:9a:b1:d6:b8:f6:d6:66:90:b4:cf:8b:c8:21:ac: 9c:da:79:61:79:ee:b4:36:01:58:fc:d4:1f:6b:52: d0:8b:29:26:06:42:61:b0:79:81:f2:cf:8b:cd:62: 78:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:13:B2:4A:7A:19:A1:EF:7C:55:DB:3A:E4:F3:BE:93:95:81:6D:F4 X509v3 Authority Key Identifier: keyid:97:45:06:F3:F2:02:D8:68:49:BB:4D:D5:C7:53:9D:22:B4:DF:51:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0UG8_IC2GhJu03Vx1OdIrTfUYI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/930caf-76ee-456c-afe0-a25255329dc0/1/9hOySnoZoe98Vds65PO-k5WBbfQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/930caf-76ee-456c-afe0-a25255329dc0/1/l0UG8_IC2GhJu03Vx1OdIrTfUYI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.205.0/24 193.39.78.0/24 193.108.213.0/24 Signature Algorithm: sha256WithRSAEncryption 49:68:d5:bc:94:e8:cf:c9:d5:cf:e0:ae:3e:7c:e1:b7:4d:3c: e7:06:42:b0:2d:e6:39:bf:90:6e:1c:61:5f:9d:51:5e:8f:28: e9:ac:45:05:4b:80:4b:1c:c1:18:dc:93:ee:9b:b9:c3:f8:92: bc:bc:24:8d:37:9d:0f:f5:33:ae:fe:e1:64:11:c4:4e:cc:f0: 01:23:d8:2b:b0:c5:47:b2:a4:9c:ef:a1:da:ed:b8:7c:1e:dd: 2e:df:b8:67:91:9a:c9:1a:8b:a1:15:d2:2d:d6:dd:16:dd:eb: 0a:82:09:01:0b:f1:f3:a8:85:fc:93:a5:e1:02:95:f6:ec:6b: ab:b6:84:6a:23:56:54:8a:d8:02:81:09:9e:50:3b:6c:a2:69: 65:61:8a:c5:28:4d:f4:c4:8e:ab:82:91:29:bc:c4:a2:71:e3: b6:bd:f9:19:af:9a:a7:01:20:31:88:44:1b:34:67:9f:72:54: 4e:9c:43:d4:14:a6:13:9d:fa:5c:3c:9f:7e:9b:85:50:70:6f: 23:ec:55:89:df:7a:b8:0d:08:da:35:0f:f9:61:61:1d:7b:65: 92:4b:90:7a:99:a2:49:53:f3:ad:3c:67:f0:df:30:80:56:ef: a9:80:a0:8d:f2:11:bc:a5:03:46:3f:65:b7:05:14:f6:c3:ac: 28:81:f4:b6 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZqmiWxooyWpNQpFPWlUraz8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3NDUwNmYzZjIwMmQ4Njg0OWJiNGRkNWM3NTM5ZDIyYjRk ZjUxODIwHhcNMjUxMTIxMTMxMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNjEzYjI0YTdhMTlhMWVmN2M1NWRiM2FlNGYzYmU5Mzk1ODE2ZGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj8zMtI6IxZYO/vJWAGUw4BWlSgl rG2j6BCM4mstFIdCZacskow7URnmwMpmBn9hfI8i5mv7mR+RpKc7GhsQXAxqz4GH 2PKHiqIXTbBSKUvSAFS8dBNQqPgyqf2dQedF6SrpWtBCmrevP7YxF8NEjbgYHxxh ClZhAklNlGwVDFrIWMXMOGucdvjgKNSUw+0F4s1S/L8qFCT0Pk0KmXPuC2Zdkv5U 70MYE+9DcD/YvPIOWvOqN64fhib+V8RLc2Ql3RwedQHPfu+1srxvEwifXyN3mrHW uPbWZpC0z4vIIayc2nlhee60NgFY/NQfa1LQiykmBkJhsHmB8s+LzWJ4WQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFPYTskp6GaHvfFXbOuTzvpOVgW30MB8GA1UdIwQY MBaAFJdFBvPyAthoSbtN1cdTnSK031GCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDBVRzhfSUMyR2hKdTAzVngxT2RJclRmVVlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85MzBjYWYtNzZlZS00NTZjLWFmZTAt YTI1MjU1MzI5ZGMwLzEvOWhPeVNub1pvZTk4VmRzNjVQTy1rNVdCYmZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi85MzBjYWYtNzZlZS00NTZjLWFmZTAtYTI1MjU1MzI5ZGMw LzEvbDBVRzhfSUMyR2hKdTAzVngxT2RJclRmVVlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9HNAwQA wSdOAwQAwWzVMA0GCSqGSIb3DQEBCwUAA4IBAQBJaNW8lOjPydXP4K4+fOG3TTzn BkKwLeY5v5BuHGFfnVFejyjprEUFS4BLHMEY3JPum7nD+JK8vCSNN50P9TOu/uFk EcROzPABI9grsMVHsqSc76Ha7bh8Ht0u37hnkZrJGouhFdIt1t0W3esKggkBC/Hz qIX8k6XhApX27GurtoRqI1ZUitgCgQmeUDtsomllYYrFKE30xI6rgpEpvMSiceO2 vfkZr5qnASAxiEQbNGefclROnEPUFKYTnfpcPJ9+m4VQcG8j7FWJ33q4DQjaNQ/5 YWEde2WSS5B6maJJU/OtPGfw3zCAVu+pgKCN8hG8pQNGP2W3BRT2w6wogfS2 -----END CERTIFICATE-----Generated at Sat Dec 6 14:06:16 2025 by rpki-client