This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/aIw9rhpD5bOiIlZAqZVUvurijMA.roa File: aIw9rhpD5bOiIlZAqZVUvurijMA.roa (raw, json) Hash identifier: PFhebNxm67g4lRCcJKkvR6KXhdlN0MJaxI0ObUyJSp4= Subject key identifier: 68:8C:3D:AE:1A:43:E5:B3:A2:22:56:40:A9:95:54:BE:EA:E2:8C:C0 Certificate issuer: /CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e Certificate serial: 019ADDC37F670FF2335455B0477BAFE66DD9 Authority key identifier: 74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/aIw9rhpD5bOiIlZAqZVUvurijMA.roa Signing time: Tue 02 Dec 2025 06:32:48 +0000 ROA not before: Tue 02 Dec 2025 06:32:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210318 IP address blocks: 94.156.75.0/24 maxlen: 24 185.37.232.0/24 maxlen: 24 185.37.232.26/32 maxlen: 32 185.37.232.27/32 maxlen: 32 185.37.232.29/32 maxlen: 32 185.37.232.252/32 maxlen: 32 185.37.233.0/24 maxlen: 24 185.37.234.0/24 maxlen: 24 185.37.235.0/24 maxlen: 24 185.37.235.2/32 maxlen: 32 194.55.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.mft rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 17:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:dd:c3:7f:67:0f:f2:33:54:55:b0:47:7b:af:e6:6d:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e Validity Not Before: Dec 2 06:32:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=688c3dae1a43e5b3a2225640a99554beeae28cc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:6d:14:72:e9:66:e7:a0:9c:4a:5a:e2:9d:af: 56:56:c3:6c:6e:46:6d:8e:31:86:6f:24:69:0c:bc: 79:4a:cd:70:05:13:bb:c3:01:9f:bf:01:9f:26:70: 8f:31:47:66:a3:f1:4b:92:e5:9a:ad:2b:cf:2b:b4: 1e:1b:fc:5c:61:c8:00:c2:65:f0:40:bf:70:f5:b0: fe:f0:b0:84:67:80:d0:bd:97:71:ff:92:81:97:3a: 26:8c:b2:1f:1a:b5:86:1e:b2:f8:d0:32:bb:89:5d: 81:f9:20:59:f3:e1:8d:53:c3:a0:87:bd:b6:44:5c: c0:f3:06:63:ce:2b:13:8e:fa:08:95:95:03:1f:cc: 65:21:44:9b:20:c7:16:eb:6c:f7:bf:32:a2:be:c4: 7c:92:da:df:6e:8f:9a:7e:04:cd:b5:57:bf:30:0c: 7c:b0:b3:25:64:4e:91:e2:ec:4e:69:61:5c:0c:41: 4d:16:c4:a6:26:38:a4:56:6d:d9:75:86:5d:ea:0c: d9:e7:81:26:bd:64:98:dc:4f:1f:11:6f:93:9d:f0: 0c:02:bd:51:eb:1f:ab:79:da:6e:53:ba:3c:b9:66: 40:2c:d5:f0:0b:e5:c4:21:85:21:af:5c:16:30:46: a4:a4:30:79:7e:74:5a:e8:d2:90:33:64:aa:d1:89: 48:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:8C:3D:AE:1A:43:E5:B3:A2:22:56:40:A9:95:54:BE:EA:E2:8C:C0 X509v3 Authority Key Identifier: keyid:74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/aIw9rhpD5bOiIlZAqZVUvurijMA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.156.75.0/24 185.37.232.0/22 194.55.187.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:9b:f2:a2:cc:f2:45:53:fe:9d:f4:75:02:d9:a2:ec:61:ad: 4a:cd:56:fa:41:18:7a:33:24:57:81:59:df:78:c8:f9:ff:68: 72:4a:df:b3:f3:12:f9:fd:fa:60:50:43:9a:ae:27:de:85:84: 68:20:07:2f:ed:88:e4:c5:c2:89:34:6a:40:cf:38:da:55:7c: a4:c6:77:55:8e:23:95:83:6e:67:46:01:44:f3:84:8a:a3:3b: fc:ca:7b:e6:55:e9:a9:8e:dc:37:ef:9b:72:8a:dc:1f:01:3c: 09:4e:bc:d8:72:1a:23:13:0c:20:32:37:37:2d:d9:80:1d:d8: 89:93:77:a1:d0:db:34:eb:b2:30:c6:98:bd:85:ba:a0:5c:c7: 1b:6a:7f:9f:c9:c4:1a:f8:23:21:c0:ca:17:56:6f:99:a3:87: 2d:f2:a2:21:7d:02:a4:6e:12:aa:4f:06:4e:05:da:11:46:2f: db:87:08:81:98:2d:1c:9c:6d:f5:8a:e3:72:a4:a1:12:be:a0: 5d:e3:2a:d8:9d:cb:7c:76:7f:f0:57:48:1d:c2:bf:74:cd:9e: f5:3e:d3:44:4e:e0:4d:ad:67:d5:79:72:37:2b:93:4a:bb:be: db:27:30:6d:b9:65:fe:2d:3b:65:59:b0:38:9c:82:42:ff:f1: af:7e:ad:04 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZrdw39nD/IzVFWwR3uv5m3ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0YTU5YjdmYjRlMDM0ZjY3Nzc1ZjI4NzVlZmJmYzllZmYy NDdlOGUwHhcNMjUxMjAyMDYzMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODhjM2RhZTFhNDNlNWIzYTIyMjU2NDBhOTk1NTRiZWVhZTI4Y2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW0Uculm56CcSlrina9WVsNsbkZt jjGGbyRpDLx5Ss1wBRO7wwGfvwGfJnCPMUdmo/FLkuWarSvPK7QeG/xcYcgAwmXw QL9w9bD+8LCEZ4DQvZdx/5KBlzomjLIfGrWGHrL40DK7iV2B+SBZ8+GNU8Ogh722 RFzA8wZjzisTjvoIlZUDH8xlIUSbIMcW62z3vzKivsR8ktrfbo+afgTNtVe/MAx8 sLMlZE6R4uxOaWFcDEFNFsSmJjikVm3ZdYZd6gzZ54EmvWSY3E8fEW+TnfAMAr1R 6x+redpuU7o8uWZALNXwC+XEIYUhr1wWMEakpDB5fnRa6NKQM2Sq0YlIDwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGiMPa4aQ+WzoiJWQKmVVL7q4ozAMB8GA1UdIwQY MBaAFHSlm3+04DT2d3Xyh177/J7/JH6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2It YWQzMmVmNDlkNDE5LzEvYUl3OXJocEQ1Yk9pSWxaQXFaVlV2dXJpak1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2ItYWQzMmVmNDlkNDE5 LzEvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXpxLAwQC uSXoAwQAwje7MA0GCSqGSIb3DQEBCwUAA4IBAQAem/KizPJFU/6d9HUC2aLsYa1K zVb6QRh6MyRXgVnfeMj5/2hySt+z8xL5/fpgUEOarifehYRoIAcv7YjkxcKJNGpA zzjaVXykxndVjiOVg25nRgFE84SKozv8ynvmVempjtw375tyitwfATwJTrzYchoj EwwgMjc3LdmAHdiJk3eh0Ns067Iwxpi9hbqgXMcban+fycQa+CMhwMoXVm+Zo4ct 8qIhfQKkbhKqTwZOBdoRRi/bhwiBmC0cnG31iuNypKESvqBd4yrYnct8dn/wV0gd wr90zZ71PtNETuBNrWfVeXI3K5NKu77bJzBtuWX+LTtlWbA4nIJC//Gvfq0E -----END CERTIFICATE-----Generated at Mon Dec 8 01:40:32 2025 by rpki-client