This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/xm9HRb6GbQJaj_mGsfL4x7-T5kE.roa File: xm9HRb6GbQJaj_mGsfL4x7-T5kE.roa (raw, json) Hash identifier: +BK0gURBNbIShdD4kJcCxtWXnXGf7Qb8vWO5cSMHc1Q= Subject key identifier: C6:6F:47:45:BE:86:6D:02:5A:8F:F9:86:B1:F2:F8:C7:BF:93:E6:41 Certificate issuer: /CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2 Certificate serial: 019AEEC6622EA6EB8295A737B44082CA0403 Authority key identifier: CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/xm9HRb6GbQJaj_mGsfL4x7-T5kE.roa Signing time: Fri 05 Dec 2025 13:49:29 +0000 ROA not before: Fri 05 Dec 2025 13:49:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 16509 IP address blocks: 185.112.132.0/24 maxlen: 24 185.112.133.0/24 maxlen: 24 185.112.134.0/24 maxlen: 24 185.112.135.0/24 maxlen: 24 213.156.250.0/24 maxlen: 24 213.156.251.0/24 maxlen: 24 213.156.252.0/24 maxlen: 24 213.156.253.0/24 maxlen: 24 213.156.254.0/24 maxlen: 24 213.156.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.crl rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.mft rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ee:c6:62:2e:a6:eb:82:95:a7:37:b4:40:82:ca:04:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca34b13387fab1dcf8b67f16a0a437608600c4c2 Validity Not Before: Dec 5 13:49:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c66f4745be866d025a8ff986b1f2f8c7bf93e641 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:50:50:e2:f8:70:4d:65:cc:a2:f7:9f:86:d0: 7a:7e:e6:e0:c0:34:9c:5f:5a:10:01:f5:03:28:af: 2e:e5:22:05:7a:c1:1b:1f:45:7e:6c:1c:b7:f3:fc: 6e:23:1d:1a:a5:9b:ec:0c:61:b7:19:53:89:60:54: bd:7f:a6:03:fe:ce:65:26:02:24:45:79:c9:66:8d: 6d:61:bc:c8:e7:1c:bd:b7:64:46:70:23:bb:4a:2d: e0:c5:8c:65:46:29:8a:be:7d:74:ba:f5:8e:de:4b: 08:52:e2:1d:b2:ca:24:a1:c2:15:30:28:4b:05:01: c1:1d:a8:ac:8a:2e:37:9f:3e:16:04:d1:3b:e2:1c: 6b:69:22:af:d2:2f:2b:65:90:ef:58:e7:10:ee:02: fb:4c:eb:39:d1:bb:76:32:4d:7d:f8:e5:b3:ac:ba: 2a:02:f4:5e:1a:17:c9:a1:9c:9e:4e:e4:f5:3a:e5: 3d:72:3f:3d:d3:c3:9d:23:a1:2f:b4:4c:13:db:da: e8:33:66:4d:b9:b4:ff:82:26:0d:4b:ae:4a:a4:e1: a5:45:f2:6a:c1:e5:14:e0:42:ee:11:b5:d8:0a:bb: 15:6f:2a:fe:30:24:c2:4b:c1:6a:23:87:bc:1e:8e: 08:bd:e5:0a:1b:4f:a7:43:e3:c0:8f:6d:e0:c3:e7: 67:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:6F:47:45:BE:86:6D:02:5A:8F:F9:86:B1:F2:F8:C7:BF:93:E6:41 X509v3 Authority Key Identifier: keyid:CA:34:B1:33:87:FA:B1:DC:F8:B6:7F:16:A0:A4:37:60:86:00:C4:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/xm9HRb6GbQJaj_mGsfL4x7-T5kE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/117ca3-b603-4db8-9626-0405234ab3f1/1/yjSxM4f6sdz4tn8WoKQ3YIYAxMI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.112.132.0/22 213.156.250.0-213.156.255.255 Signature Algorithm: sha256WithRSAEncryption 85:68:75:de:1f:85:56:81:64:ff:ff:02:b5:66:50:25:c3:08: 63:a4:34:c3:dc:96:77:a9:81:91:f3:7f:77:82:cb:b2:88:42: 2c:3e:4a:a1:31:68:c0:ec:2f:21:26:8f:71:f7:35:a2:1d:19: 78:28:25:09:f4:3a:cf:6d:d2:7d:d3:34:f9:52:71:aa:00:ea: a3:6c:7c:81:64:0c:26:d4:68:87:16:cd:ec:e8:29:bb:1f:bd: c2:73:04:6d:0e:aa:fc:63:97:de:2d:b3:64:2a:49:7d:3a:74: bd:4d:b3:8d:00:6f:d7:bf:90:30:83:14:c7:b9:a9:71:86:cf: c7:7f:18:2c:4d:c2:32:45:2e:42:e6:c0:35:b7:8c:eb:b5:7b: 8b:0e:0d:d2:32:3b:9c:07:db:c1:ef:6c:13:de:54:e1:37:63: 26:25:bb:c8:39:76:02:11:42:51:03:7c:d1:37:cd:41:b6:88: 4a:f4:54:3d:b5:7b:78:58:6d:67:f8:7e:98:8c:b6:8e:50:9c: 92:5f:ce:3a:1f:6d:b2:29:93:60:67:fb:1b:11:5a:9b:de:e3: 6b:06:a8:2e:f8:2a:f2:64:5b:92:4a:19:81:4d:2c:ee:b4:5d: 3a:07:8d:aa:1d:40:8f:e5:0f:1b:27:5f:b1:4a:a4:d5:eb:27: c6:f7:8e:d7 -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgISAZruxmIupuuClac3tECCygQDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMzRiMTMzODdmYWIxZGNmOGI2N2YxNmEwYTQzNzYwODYw MGM0YzIwHhcNMjUxMjA1MTM0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjZmNDc0NWJlODY2ZDAyNWE4ZmY5ODZiMWYyZjhjN2JmOTNlNjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31BQ4vhwTWXMovefhtB6fubgwDSc X1oQAfUDKK8u5SIFesEbH0V+bBy38/xuIx0apZvsDGG3GVOJYFS9f6YD/s5lJgIk RXnJZo1tYbzI5xy9t2RGcCO7Si3gxYxlRimKvn10uvWO3ksIUuIdssokocIVMChL BQHBHaisii43nz4WBNE74hxraSKv0i8rZZDvWOcQ7gL7TOs50bt2Mk19+OWzrLoq AvReGhfJoZyeTuT1OuU9cj8908OdI6EvtEwT29roM2ZNubT/giYNS65KpOGlRfJq weUU4ELuEbXYCrsVbyr+MCTCS8FqI4e8Ho4IveUKG0+nQ+PAj23gw+dnMwIDAQAB o4ICFjCCAhIwHQYDVR0OBBYEFMZvR0W+hm0CWo/5hrHy+Me/k+ZBMB8GA1UdIwQY MBaAFMo0sTOH+rHc+LZ/FqCkN2CGAMTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYt MDQwNTIzNGFiM2YxLzEveG05SFJiNkdiUUphal9tR3NmTDR4Ny1UNWtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8xMTdjYTMtYjYwMy00ZGI4LTk2MjYtMDQwNTIzNGFiM2Yx LzEveWpTeE00ZjZzZHo0dG44V29LUTNZSVlBeE1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQCuXCEMAsD BAHVnPoDAwDVnDANBgkqhkiG9w0BAQsFAAOCAQEAhWh13h+FVoFk//8CtWZQJcMI Y6Q0w9yWd6mBkfN/d4LLsohCLD5KoTFowOwvISaPcfc1oh0ZeCglCfQ6z23SfdM0 +VJxqgDqo2x8gWQMJtRohxbN7Ogpux+9wnMEbQ6q/GOX3i2zZCpJfTp0vU2zjQBv 17+QMIMUx7mpcYbPx38YLE3CMkUuQubANbeM67V7iw4N0jI7nAfbwe9sE95U4Tdj JiW7yDl2AhFCUQN80TfNQbaISvRUPbV7eFhtZ/h+mIy2jlCckl/OOh9tsimTYGf7 GxFam97jawaoLvgq8mRbkkoZgU0s7rRdOgeNqh1Aj+UPGydfsUqk1esnxveO1w== -----END CERTIFICATE-----Generated at Sat Dec 6 10:01:59 2025 by rpki-client