This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d81b59-c05a-48fe-b5b1-158927337689/1/opT_I9F9NlBeldQr0GrqFI_DCW8.roa File: opT_I9F9NlBeldQr0GrqFI_DCW8.roa (raw, json) Hash identifier: MFWRH48M0sUB0KCZQGPrxKIdCpAK4ygrD33P9KlMNcM= Subject key identifier: A2:94:FF:23:D1:7D:36:50:5E:95:D4:2B:D0:6A:EA:14:8F:C3:09:6F Certificate issuer: /CN=45617d2e086358dda7bdb0dc466ca1c86ed4feca Certificate serial: 019ABBD822067BEFB886521E713E5E35A0C1 Authority key identifier: 45:61:7D:2E:08:63:58:DD:A7:BD:B0:DC:46:6C:A1:C8:6E:D4:FE:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWF9LghjWN2nvbDcRmyhyG7U_so.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d81b59-c05a-48fe-b5b1-158927337689/1/opT_I9F9NlBeldQr0GrqFI_DCW8.roa Signing time: Tue 25 Nov 2025 16:28:15 +0000 ROA not before: Tue 25 Nov 2025 16:28:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 209050 IP address blocks: 195.2.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/d81b59-c05a-48fe-b5b1-158927337689/1/RWF9LghjWN2nvbDcRmyhyG7U_so.crl rsync://rpki.ripe.net/repository/DEFAULT/65/d81b59-c05a-48fe-b5b1-158927337689/1/RWF9LghjWN2nvbDcRmyhyG7U_so.mft rsync://rpki.ripe.net/repository/DEFAULT/RWF9LghjWN2nvbDcRmyhyG7U_so.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:bb:d8:22:06:7b:ef:b8:86:52:1e:71:3e:5e:35:a0:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=45617d2e086358dda7bdb0dc466ca1c86ed4feca Validity Not Before: Nov 25 16:28:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a294ff23d17d36505e95d42bd06aea148fc3096f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:4e:6a:c0:c3:1b:61:15:b6:af:94:20:bd:c0: a9:e4:cd:53:d3:df:43:88:3d:87:d6:f8:dd:34:46: 64:e1:0f:97:2c:ae:7e:9d:2a:df:5e:81:cc:9b:d1: 4a:1b:f8:06:4e:cb:d0:d9:41:f5:13:a7:fd:eb:bf: ad:b7:a7:7f:3c:d1:89:47:e7:71:54:71:87:7a:cc: d7:e3:97:30:06:54:67:74:d0:fe:4e:26:98:65:59: 73:0c:ae:98:ba:e5:08:7a:79:16:eb:3d:01:fb:34: 0e:d1:a0:d7:33:9e:c4:50:0a:46:e8:35:73:d8:1c: 32:94:86:54:75:53:eb:7d:9f:e4:fc:c8:89:db:b1: 4e:72:65:55:2d:67:4c:00:70:2d:80:e3:dc:85:87: 9d:a7:bb:a4:cd:a1:a3:27:b3:aa:14:06:0e:32:05: 9c:bc:88:80:c5:3c:1a:f6:ff:07:25:b3:9e:cd:d7: 05:92:0f:4a:db:48:40:bc:ca:df:5c:3a:61:fc:33: 02:26:6e:4d:a2:46:9c:af:6e:39:b1:9e:be:31:4f: 5b:f0:c3:a3:66:89:10:06:03:fb:4b:00:bc:3f:f1: d3:d6:cb:39:01:94:97:ae:43:e0:15:36:e6:73:33: 5b:8d:17:b5:37:ba:a2:a5:d3:d5:c3:f0:a5:b4:d0: bc:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:94:FF:23:D1:7D:36:50:5E:95:D4:2B:D0:6A:EA:14:8F:C3:09:6F X509v3 Authority Key Identifier: keyid:45:61:7D:2E:08:63:58:DD:A7:BD:B0:DC:46:6C:A1:C8:6E:D4:FE:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWF9LghjWN2nvbDcRmyhyG7U_so.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d81b59-c05a-48fe-b5b1-158927337689/1/opT_I9F9NlBeldQr0GrqFI_DCW8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d81b59-c05a-48fe-b5b1-158927337689/1/RWF9LghjWN2nvbDcRmyhyG7U_so.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.2.220.0/23 Signature Algorithm: sha256WithRSAEncryption 53:68:ee:22:cf:89:58:37:39:5c:18:6f:34:82:6d:7c:84:c4: 09:52:ff:6e:e3:60:c5:e9:01:ce:8c:20:c0:6e:64:0b:9c:50: e5:89:06:b8:22:e4:3f:37:7d:25:8e:30:1f:ac:ef:d4:55:5f: cf:68:c4:c6:9a:4e:70:8d:1d:2a:81:35:eb:25:f2:21:e6:41: 0b:be:b7:75:38:23:83:0d:7b:b4:99:9b:2f:94:4c:e5:8b:1e: 4a:71:13:aa:f2:eb:77:48:98:cf:78:18:df:14:79:9d:d1:30: f4:c9:3c:43:60:a5:90:01:a1:21:80:ab:e0:9d:c9:3a:39:df: 64:71:76:96:2c:87:46:7d:95:9d:70:2b:1c:fa:fc:70:39:97: 4f:c7:69:1e:24:54:9f:f3:c5:7b:62:1e:9b:cd:14:8b:d8:18: e0:25:f6:ff:69:e9:7c:f6:17:e4:29:38:dc:8c:47:87:91:69: 59:b3:5a:1a:2a:21:34:a7:ea:d4:62:86:98:31:30:c9:79:e0: d4:1a:b1:08:6c:5e:5a:ab:2f:e9:5c:e9:b3:71:8f:99:13:f3: 99:26:20:8c:18:98:ca:85:c1:fc:9d:0a:36:18:a8:34:06:9d: 7c:19:30:de:ff:0d:ad:d2:d1:cd:3a:a2:b2:9f:5f:a2:7e:6d: 2a:0f:71:fa -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZq72CIGe++4hlIecT5eNaDBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1NjE3ZDJlMDg2MzU4ZGRhN2JkYjBkYzQ2NmNhMWM4NmVk NGZlY2EwHhcNMjUxMTI1MTYyODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMjk0ZmYyM2QxN2QzNjUwNWU5NWQ0MmJkMDZhZWExNDhmYzMwOTZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3E5qwMMbYRW2r5QgvcCp5M1T099D iD2H1vjdNEZk4Q+XLK5+nSrfXoHMm9FKG/gGTsvQ2UH1E6f967+tt6d/PNGJR+dx VHGHeszX45cwBlRndND+TiaYZVlzDK6YuuUIenkW6z0B+zQO0aDXM57EUApG6DVz 2BwylIZUdVPrfZ/k/MiJ27FOcmVVLWdMAHAtgOPchYedp7ukzaGjJ7OqFAYOMgWc vIiAxTwa9v8HJbOezdcFkg9K20hAvMrfXDph/DMCJm5Nokacr245sZ6+MU9b8MOj ZokQBgP7SwC8P/HT1ss5AZSXrkPgFTbmczNbjRe1N7qipdPVw/CltNC8MwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKKU/yPRfTZQXpXUK9Bq6hSPwwlvMB8GA1UdIwQY MBaAFEVhfS4IY1jdp72w3EZsochu1P7KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUldGOUxnaGpXTjJudmJEY1JteWh5RzdVX3NvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kODFiNTktYzA1YS00OGZlLWI1YjEt MTU4OTI3MzM3Njg5LzEvb3BUX0k5RjlObEJlbGRRcjBHcnFGSV9EQ1c4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9kODFiNTktYzA1YS00OGZlLWI1YjEtMTU4OTI3MzM3Njg5 LzEvUldGOUxnaGpXTjJudmJEY1JteWh5RzdVX3NvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwLcMA0G CSqGSIb3DQEBCwUAA4IBAQBTaO4iz4lYNzlcGG80gm18hMQJUv9u42DF6QHOjCDA bmQLnFDliQa4IuQ/N30ljjAfrO/UVV/PaMTGmk5wjR0qgTXrJfIh5kELvrd1OCOD DXu0mZsvlEzlix5KcROq8ut3SJjPeBjfFHmd0TD0yTxDYKWQAaEhgKvgnck6Od9k cXaWLIdGfZWdcCsc+vxwOZdPx2keJFSf88V7Yh6bzRSL2BjgJfb/ael89hfkKTjc jEeHkWlZs1oaKiE0p+rUYoaYMTDJeeDUGrEIbF5aqy/pXOmzcY+ZE/OZJiCMGJjK hcH8nQo2GKg0Bp18GTDe/w2t0tHNOqKyn1+ifm0qD3H6 -----END CERTIFICATE-----Generated at Sat Dec 6 08:50:37 2025 by rpki-client