This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/cHpfX0_t1J4Sr6t7l47Me39APq8.roa File: cHpfX0_t1J4Sr6t7l47Me39APq8.roa (raw, json) Hash identifier: 3q7Dq5MsTjXzsun+uYmj2RIabdMqLzzUDrI1AmlzX50= Subject key identifier: 70:7A:5F:5F:4F:ED:D4:9E:12:AF:AB:7B:97:8E:CC:7B:7F:40:3E:AF Certificate issuer: /CN=8f51aad0e4148abe3f2a8b8d4318f34b456b65f1 Certificate serial: 019AB60114E04F2EE835DA55374AB2B6F6E0 Authority key identifier: 8F:51:AA:D0:E4:14:8A:BE:3F:2A:8B:8D:43:18:F3:4B:45:6B:65:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j1Gq0OQUir4_KouNQxjzS0VrZfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/cHpfX0_t1J4Sr6t7l47Me39APq8.roa Signing time: Mon 24 Nov 2025 13:15:15 +0000 ROA not before: Mon 24 Nov 2025 13:15:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 14618 IP address blocks: 85.115.38.0/24 maxlen: 24 157.167.184.0/21 maxlen: 21 157.167.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/j1Gq0OQUir4_KouNQxjzS0VrZfE.crl rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/j1Gq0OQUir4_KouNQxjzS0VrZfE.mft rsync://rpki.ripe.net/repository/DEFAULT/j1Gq0OQUir4_KouNQxjzS0VrZfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:01:14:e0:4f:2e:e8:35:da:55:37:4a:b2:b6:f6:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8f51aad0e4148abe3f2a8b8d4318f34b456b65f1 Validity Not Before: Nov 24 13:15:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=707a5f5f4fedd49e12afab7b978ecc7b7f403eaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:14:ff:da:4c:27:f5:c7:dc:82:f7:cb:d6:f0: fa:fe:91:05:ef:8f:e6:84:9a:82:e1:fe:b6:64:9e: 7d:5d:51:ad:55:f4:56:61:9e:30:27:fe:d2:54:00: 08:fd:f6:dc:59:e3:cd:64:ed:3e:88:f0:9b:1d:8d: e1:a2:6f:ef:18:70:1e:4a:b8:33:4b:43:4f:b3:46: dc:b9:be:27:78:78:20:b1:a8:d6:72:0c:00:61:67: 22:71:75:1e:14:42:7b:c4:5c:31:70:6f:70:59:77: 39:d7:ed:14:4b:a9:85:78:67:1d:65:d5:fe:3f:75: e8:2e:3d:50:59:80:69:11:05:5b:ac:fd:0f:eb:7f: 4e:d1:0d:91:90:3e:72:f8:03:fa:92:cc:80:03:82: bf:65:1d:33:eb:42:1d:ec:4e:0b:5d:25:99:fa:cc: 6d:03:38:3b:24:58:11:61:d9:79:66:17:bd:3d:aa: 00:e4:08:35:e4:6e:1d:c6:b9:3e:5b:45:8d:84:52: 13:5a:84:e2:05:28:21:87:f3:ac:cf:d0:ec:f3:4a: ce:6b:1d:01:71:f4:88:d1:d1:76:dc:ee:f3:59:a8: 88:25:cc:09:2e:74:a8:e5:47:52:0a:6d:66:4e:16: 51:60:74:cb:a9:d6:08:2b:0f:c4:8e:c5:20:4e:07: 65:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:7A:5F:5F:4F:ED:D4:9E:12:AF:AB:7B:97:8E:CC:7B:7F:40:3E:AF X509v3 Authority Key Identifier: keyid:8F:51:AA:D0:E4:14:8A:BE:3F:2A:8B:8D:43:18:F3:4B:45:6B:65:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j1Gq0OQUir4_KouNQxjzS0VrZfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/cHpfX0_t1J4Sr6t7l47Me39APq8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/3e61d0-f6ce-4aad-9764-762d27277591/1/j1Gq0OQUir4_KouNQxjzS0VrZfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.115.38.0/24 157.167.184.0/21 157.167.224.0/24 Signature Algorithm: sha256WithRSAEncryption 21:0e:95:77:12:32:92:e2:1e:06:1f:23:6f:d9:f5:b0:e5:e7: c5:a8:59:bd:a7:0a:d2:49:32:82:14:90:5c:6e:22:8d:81:23: 6a:b2:aa:28:06:27:70:09:34:8e:23:ec:52:41:5c:c5:04:f9: b9:a5:b8:c9:df:bb:e1:c4:52:32:80:bd:04:0d:79:2c:e1:eb: fb:1a:35:c2:49:1f:74:2f:32:5b:7e:4a:9a:bf:eb:b5:3e:0f: 6f:56:ad:d3:87:af:38:f9:a6:50:10:3e:93:38:84:28:01:91: 66:c7:8c:c7:00:20:23:53:2e:4a:4a:24:f5:e4:e6:d1:e3:89: 44:fe:3a:11:25:44:3c:c8:b3:b6:12:dd:cd:87:c3:c2:46:f0: ee:17:89:5f:f9:7f:2e:75:95:b7:d9:a7:d1:15:6a:0d:94:4a: 59:11:44:29:0a:b5:5c:11:db:c4:6e:eb:5d:b6:8b:96:6c:e8: 07:41:d3:5c:6f:ca:b4:e7:b1:07:01:d1:99:6e:51:ad:35:dc: 36:ef:ce:b7:d7:a2:cb:f3:81:fa:2a:98:44:1e:64:c0:a0:6a: 1b:cf:80:4e:ae:79:ac:5e:22:61:e1:d7:35:9d:be:5f:aa:02: 75:bf:dd:88:f2:08:04:36:95:b8:6f:c0:00:ed:62:3f:3b:8e: 25:f1:9c:89 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZq2ARTgTy7oNdpVN0qytvbgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmNTFhYWQwZTQxNDhhYmUzZjJhOGI4ZDQzMThmMzRiNDU2 YjY1ZjEwHhcNMjUxMTI0MTMxNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDdhNWY1ZjRmZWRkNDllMTJhZmFiN2I5NzhlY2M3YjdmNDAzZWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BT/2kwn9cfcgvfL1vD6/pEF74/m hJqC4f62ZJ59XVGtVfRWYZ4wJ/7SVAAI/fbcWePNZO0+iPCbHY3hom/vGHAeSrgz S0NPs0bcub4neHggsajWcgwAYWcicXUeFEJ7xFwxcG9wWXc51+0US6mFeGcdZdX+ P3XoLj1QWYBpEQVbrP0P639O0Q2RkD5y+AP6ksyAA4K/ZR0z60Id7E4LXSWZ+sxt Azg7JFgRYdl5Zhe9PaoA5Ag15G4dxrk+W0WNhFITWoTiBSghh/Osz9Ds80rOax0B cfSI0dF23O7zWaiIJcwJLnSo5UdSCm1mThZRYHTLqdYIKw/EjsUgTgdljQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFHB6X19P7dSeEq+re5eOzHt/QD6vMB8GA1UdIwQY MBaAFI9RqtDkFIq+PyqLjUMY80tFa2XxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvajFHcTBPUVVpcjRfS291TlF4anpTMFZyWmZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8zZTYxZDAtZjZjZS00YWFkLTk3NjQt NzYyZDI3Mjc3NTkxLzEvY0hwZlgwX3QxSjRTcjZ0N2w0N01lMzlBUHE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni8zZTYxZDAtZjZjZS00YWFkLTk3NjQtNzYyZDI3Mjc3NTkx LzEvajFHcTBPUVVpcjRfS291TlF4anpTMFZyWmZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXMmAwQD nae4AwQAnafgMA0GCSqGSIb3DQEBCwUAA4IBAQAhDpV3EjKS4h4GHyNv2fWw5efF qFm9pwrSSTKCFJBcbiKNgSNqsqooBidwCTSOI+xSQVzFBPm5pbjJ37vhxFIygL0E DXks4ev7GjXCSR90LzJbfkqav+u1Pg9vVq3Th684+aZQED6TOIQoAZFmx4zHACAj Uy5KSiT15ObR44lE/joRJUQ8yLO2Et3Nh8PCRvDuF4lf+X8udZW32afRFWoNlEpZ EUQpCrVcEdvEbutdtouWbOgHQdNcb8q057EHAdGZblGtNdw2786316LL84H6KphE HmTAoGobz4BOrnmsXiJh4dc1nb5fqgJ1v92I8ggENpW4b8AA7WI/O44l8ZyJ -----END CERTIFICATE-----Generated at Sat Dec 6 17:47:42 2025 by rpki-client