This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/cd448d-6470-4601-9e89-13fa412a17cf/1/VHqrHR3KAxyQVs5XqkuJUlTCqyQ.roa File: VHqrHR3KAxyQVs5XqkuJUlTCqyQ.roa (raw, json) Hash identifier: hg67UBoyW97yawl4BR0CcyZRfHg2HHLQE7gv+QJb6ws= Subject key identifier: 54:7A:AB:1D:1D:CA:03:1C:90:56:CE:57:AA:4B:89:52:54:C2:AB:24 Certificate issuer: /CN=737826f6dda5403491e487ca4eeb7d7cd76fa13e Certificate serial: 019AC57B7CF2C76B5605C0E37B9EF60C8C0A Authority key identifier: 73:78:26:F6:DD:A5:40:34:91:E4:87:CA:4E:EB:7D:7C:D7:6F:A1:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3gm9t2lQDSR5IfKTut9fNdvoT4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/cd448d-6470-4601-9e89-13fa412a17cf/1/VHqrHR3KAxyQVs5XqkuJUlTCqyQ.roa Signing time: Thu 27 Nov 2025 13:23:15 +0000 ROA not before: Thu 27 Nov 2025 13:23:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214547 IP address blocks: 31.3.222.0/24 maxlen: 24 194.117.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/cd448d-6470-4601-9e89-13fa412a17cf/1/c3gm9t2lQDSR5IfKTut9fNdvoT4.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/cd448d-6470-4601-9e89-13fa412a17cf/1/c3gm9t2lQDSR5IfKTut9fNdvoT4.mft rsync://rpki.ripe.net/repository/DEFAULT/c3gm9t2lQDSR5IfKTut9fNdvoT4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:c5:7b:7c:f2:c7:6b:56:05:c0:e3:7b:9e:f6:0c:8c:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=737826f6dda5403491e487ca4eeb7d7cd76fa13e Validity Not Before: Nov 27 13:23:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=547aab1d1dca031c9056ce57aa4b895254c2ab24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d2:25:27:0e:37:33:32:64:50:c6:a7:ae:bb: bc:ed:0b:64:4a:c5:bc:0e:5f:1d:1c:a8:e7:1e:b5: 92:fe:70:ef:b1:a0:ef:02:67:36:e8:21:92:78:2c: f9:77:e8:29:97:31:90:53:d0:2a:ab:bc:4d:52:f0: 10:9f:84:69:80:8a:44:19:55:56:d0:e3:e6:2a:30: 1c:b1:66:2d:bc:bb:2b:c7:70:d8:99:89:70:e4:ad: f4:1c:80:ae:0e:1f:f1:5f:5a:50:f9:c4:d9:10:7f: 45:22:6e:4c:67:98:c4:cf:c4:39:4c:ec:66:7b:47: af:47:80:44:8f:ce:4a:5c:59:00:b7:4f:18:c0:99: ca:46:5f:76:37:1e:ac:5a:50:34:e8:5d:ef:c3:83: 55:9d:bb:de:94:e8:8f:f8:62:9b:ff:10:83:ba:2b: 55:b3:29:45:bb:bf:67:f6:78:16:6d:48:63:27:66: 85:e5:33:51:fe:4a:66:47:64:f1:bb:87:f4:4d:9e: b0:07:0b:7b:67:b1:e6:e8:ac:b3:7c:04:89:e8:9f: eb:7b:03:d9:8d:32:3e:44:ed:7b:37:e1:63:ea:e2: bd:91:d1:e4:53:3d:26:4e:18:83:6f:fb:ff:7b:1a: e2:8d:19:d0:4d:78:31:36:06:fc:0a:42:f7:cd:47: 1f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:7A:AB:1D:1D:CA:03:1C:90:56:CE:57:AA:4B:89:52:54:C2:AB:24 X509v3 Authority Key Identifier: keyid:73:78:26:F6:DD:A5:40:34:91:E4:87:CA:4E:EB:7D:7C:D7:6F:A1:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3gm9t2lQDSR5IfKTut9fNdvoT4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cd448d-6470-4601-9e89-13fa412a17cf/1/VHqrHR3KAxyQVs5XqkuJUlTCqyQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/cd448d-6470-4601-9e89-13fa412a17cf/1/c3gm9t2lQDSR5IfKTut9fNdvoT4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.3.222.0/24 194.117.87.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:14:3a:e3:f8:10:e6:b1:00:9c:c8:cc:44:52:b7:71:07:f9: 42:31:46:33:40:af:9d:b2:54:52:16:35:ee:5d:6b:39:c2:bf: f9:15:10:16:2c:6e:8e:2f:f6:f6:25:8b:28:f1:96:be:a5:23: c8:aa:40:6f:9e:b4:1b:25:3d:86:cb:03:33:b0:47:4c:91:77: e1:ba:14:27:a4:85:23:6c:2e:05:a8:cd:30:1c:89:13:43:9f: 53:eb:02:69:46:55:51:60:02:a7:4e:c3:9e:5e:14:67:54:aa: 5a:9b:65:57:cc:a0:d8:64:e7:8b:49:28:c0:ec:4a:53:54:5c: fc:bc:8a:1f:06:7b:3b:b7:b7:60:f1:a8:b1:b0:65:4c:e3:11: 4c:bd:19:5f:20:5f:cb:e3:ff:86:9a:bd:93:bb:c1:da:fb:25: 8c:34:59:d9:df:f8:34:62:c0:7f:23:82:fb:57:22:d1:be:33: 76:29:09:51:2b:f4:31:f6:18:80:19:01:97:cb:c9:df:0d:00: cb:11:5e:82:66:df:ab:a3:fe:e4:0e:49:01:c3:8f:83:1d:7e: f9:af:67:36:f0:57:73:09:a1:c0:13:f6:ec:79:98:ee:68:86: 63:26:6a:ba:cc:ae:1b:44:75:86:66:46:31:95:96:5d:23:5c: fc:b7:63:22 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZrFe3zyx2tWBcDje572DIwKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczNzgyNmY2ZGRhNTQwMzQ5MWU0ODdjYTRlZWI3ZDdjZDc2 ZmExM2UwHhcNMjUxMTI3MTMyMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NDdhYWIxZDFkY2EwMzFjOTA1NmNlNTdhYTRiODk1MjU0YzJhYjI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytIlJw43MzJkUManrru87QtkSsW8 Dl8dHKjnHrWS/nDvsaDvAmc26CGSeCz5d+gplzGQU9Aqq7xNUvAQn4RpgIpEGVVW 0OPmKjAcsWYtvLsrx3DYmYlw5K30HICuDh/xX1pQ+cTZEH9FIm5MZ5jEz8Q5TOxm e0evR4BEj85KXFkAt08YwJnKRl92Nx6sWlA06F3vw4NVnbvelOiP+GKb/xCDuitV sylFu79n9ngWbUhjJ2aF5TNR/kpmR2Txu4f0TZ6wBwt7Z7Hm6KyzfASJ6J/rewPZ jTI+RO17N+Fj6uK9kdHkUz0mThiDb/v/exrijRnQTXgxNgb8CkL3zUcf+QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFR6qx0dygMckFbOV6pLiVJUwqskMB8GA1UdIwQY MBaAFHN4JvbdpUA0keSHyk7rfXzXb6E+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYzNnbTl0MmxRRFNSNUlmS1R1dDlmTmR2b1Q0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jZDQ0OGQtNjQ3MC00NjAxLTllODkt MTNmYTQxMmExN2NmLzEvVkhxckhSM0tBeHlRVnM1WHFrdUpVbFRDcXlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9jZDQ0OGQtNjQ3MC00NjAxLTllODktMTNmYTQxMmExN2Nm LzEvYzNnbTl0MmxRRFNSNUlmS1R1dDlmTmR2b1Q0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHwPeAwQA wnVXMA0GCSqGSIb3DQEBCwUAA4IBAQAdFDrj+BDmsQCcyMxEUrdxB/lCMUYzQK+d slRSFjXuXWs5wr/5FRAWLG6OL/b2JYso8Za+pSPIqkBvnrQbJT2GywMzsEdMkXfh uhQnpIUjbC4FqM0wHIkTQ59T6wJpRlVRYAKnTsOeXhRnVKpam2VXzKDYZOeLSSjA 7EpTVFz8vIofBns7t7dg8aixsGVM4xFMvRlfIF/L4/+Gmr2Tu8Ha+yWMNFnZ3/g0 YsB/I4L7VyLRvjN2KQlRK/Qx9hiAGQGXy8nfDQDLEV6CZt+ro/7kDkkBw4+DHX75 r2c28FdzCaHAE/bseZjuaIZjJmq6zK4bRHWGZkYxlZZdI1z8t2Mi -----END CERTIFICATE-----Generated at Sat Dec 6 16:36:02 2025 by rpki-client