This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9Kpr9K1dNcG3coJ6GuPM7NSXQYQ.roa File: 9Kpr9K1dNcG3coJ6GuPM7NSXQYQ.roa (raw, json) Hash identifier: OmQXPvuyetn62XgKniZj0tk7n4zXdaMu2oKdhHg3H+U= Subject key identifier: F4:AA:6B:F4:AD:5D:35:C1:B7:72:82:7A:1A:E3:CC:EC:D4:97:41:84 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019AEF7BA931EB1E334CE70D42B381D79046 Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9Kpr9K1dNcG3coJ6GuPM7NSXQYQ.roa Signing time: Fri 05 Dec 2025 17:07:30 +0000 ROA not before: Fri 05 Dec 2025 17:07:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9318 IP address blocks: 158.173.193.0/24 maxlen: 24 158.173.197.0/24 maxlen: 24 158.173.205.0/24 maxlen: 24 158.173.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ef:7b:a9:31:eb:1e:33:4c:e7:0d:42:b3:81:d7:90:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Dec 5 17:07:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f4aa6bf4ad5d35c1b772827a1ae3ccecd4974184 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:d1:7c:b2:bd:10:38:73:0d:f3:48:75:0e:1f: 39:bc:55:dc:e6:86:22:85:01:db:ef:69:6e:12:d0: d2:24:7a:17:a6:66:cc:7e:89:66:46:01:12:11:ab: 62:c6:fd:89:64:18:27:07:27:e8:b0:cd:06:4d:9b: c2:43:b7:19:15:35:fe:12:92:f8:88:40:fb:27:4d: f1:f3:4d:b0:f8:43:2d:f6:31:85:e2:2d:75:31:23: 51:8a:f5:0e:57:ff:3b:33:95:8b:82:ac:b6:cb:ac: 9e:4f:a5:72:ec:eb:2d:59:c7:95:97:cf:d6:4c:49: 25:f3:11:09:74:e9:85:b0:5a:27:2c:57:75:cc:c5: b1:6b:09:6f:61:14:45:e4:85:3c:e9:01:5f:88:8d: 0f:5b:2d:c3:d3:62:3d:0e:a1:63:8d:60:bd:fc:41: 41:36:a3:73:2f:02:77:30:65:0c:58:a1:53:c1:79: a5:7f:61:6a:c5:9f:e5:29:76:e2:f2:f1:fc:4d:df: dd:aa:1a:a2:ab:1a:b6:46:c1:a9:ce:b7:ab:53:6b: cf:e2:53:d7:96:27:7a:85:9e:fd:55:85:e5:51:3b: eb:64:c4:cf:91:56:0e:ff:23:0d:a9:6d:6b:83:54: e3:9c:2d:1a:13:a9:50:78:70:ec:ff:20:6d:27:32: 76:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:AA:6B:F4:AD:5D:35:C1:B7:72:82:7A:1A:E3:CC:EC:D4:97:41:84 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9Kpr9K1dNcG3coJ6GuPM7NSXQYQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.193.0/24 158.173.197.0/24 158.173.205.0/24 158.173.208.0/24 Signature Algorithm: sha256WithRSAEncryption 98:ce:63:50:d8:85:7e:df:be:ae:ed:75:ec:3f:16:16:7a:03: 9e:25:36:75:6d:0c:3a:fb:21:25:3c:72:e0:81:00:7f:d3:4f: b3:79:6c:22:7f:ea:80:a8:6b:dd:f7:83:3d:3f:f6:7e:69:bc: 49:7e:d4:e7:55:d6:54:83:e1:05:fc:ec:c6:74:ea:3f:0a:48: 92:18:1d:a1:52:e0:f8:d9:e2:74:d9:ba:1b:ec:af:7c:17:9f: fd:8f:f3:26:17:5f:a2:5c:39:d5:a1:87:a4:d2:c0:54:2a:00: 72:72:b8:ea:08:11:8f:11:79:d3:91:98:bc:87:95:01:2a:d2: 20:e2:bf:1b:74:28:44:27:57:c8:8c:59:80:67:5e:d7:6c:74: a2:e0:04:d4:5a:49:a3:34:e5:0b:ac:71:31:27:d0:1a:c7:30: ad:d7:ad:a4:38:f3:7f:e5:6b:cf:5a:04:7f:b5:ac:95:d3:92: 41:0b:d2:96:6f:67:75:ca:7d:62:51:bb:01:ac:96:b8:3a:95: ca:11:e7:7e:ab:48:a5:9f:d1:60:7c:c5:6b:94:f6:90:b5:db: 37:d8:d0:1d:0e:4f:15:96:25:f1:be:dd:af:ba:66:d6:5e:26: 7a:bf:65:3b:87:a1:ca:81:01:cf:5b:59:42:1d:61:c3:99:97: 7f:d8:84:80 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZrve6kx6x4zTOcNQrOB15BGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjUxMjA1MTcwNzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNGFhNmJmNGFkNWQzNWMxYjc3MjgyN2ExYWUzY2NlY2Q0OTc0MTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdF8sr0QOHMN80h1Dh85vFXc5oYi hQHb72luEtDSJHoXpmbMfolmRgESEatixv2JZBgnByfosM0GTZvCQ7cZFTX+EpL4 iED7J03x802w+EMt9jGF4i11MSNRivUOV/87M5WLgqy2y6yeT6Vy7OstWceVl8/W TEkl8xEJdOmFsFonLFd1zMWxawlvYRRF5IU86QFfiI0PWy3D02I9DqFjjWC9/EFB NqNzLwJ3MGUMWKFTwXmlf2FqxZ/lKXbi8vH8Td/dqhqiqxq2RsGpzrerU2vP4lPX lid6hZ79VYXlUTvrZMTPkVYO/yMNqW1rg1TjnC0aE6lQeHDs/yBtJzJ2RQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFPSqa/StXTXBt3KCehrjzOzUl0GEMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvOUtwcjlLMWROY0czY29KNkd1UE03TlNYUVlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnq3BAwQA nq3FAwQAnq3NAwQAnq3QMA0GCSqGSIb3DQEBCwUAA4IBAQCYzmNQ2IV+376u7XXs PxYWegOeJTZ1bQw6+yElPHLggQB/00+zeWwif+qAqGvd94M9P/Z+abxJftTnVdZU g+EF/OzGdOo/CkiSGB2hUuD42eJ02bob7K98F5/9j/MmF1+iXDnVoYek0sBUKgBy crjqCBGPEXnTkZi8h5UBKtIg4r8bdChEJ1fIjFmAZ17XbHSi4ATUWkmjNOULrHEx J9AaxzCt162kOPN/5WvPWgR/tayV05JBC9KWb2d1yn1iUbsBrJa4OpXKEed+q0il n9FgfMVrlPaQtds32NAdDk8VliXxvt2vumbWXiZ6v2U7h6HKgQHPW1lCHWHDmZd/ 2ISA -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:39 2025 by rpki-client