This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/mbFRU-NRDgaCZtRwIvozp820XcA.roa File: mbFRU-NRDgaCZtRwIvozp820XcA.roa (raw, json) Hash identifier: yp+s4wVuvdmccl+6zp8+zefq82PCIcoFDZltbTTtQqQ= Subject key identifier: 99:B1:51:53:E3:51:0E:06:82:66:D4:70:22:FA:33:A7:CD:B4:5D:C0 Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a Certificate serial: 019A9209F5B88430A1D2E4A9D172F512F70A Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/mbFRU-NRDgaCZtRwIvozp820XcA.roa Signing time: Mon 17 Nov 2025 13:38:37 +0000 ROA not before: Mon 17 Nov 2025 13:38:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 44056 IP address blocks: 31.135.224.0/20 maxlen: 24 31.135.226.0/23 maxlen: 23 31.135.227.0/24 maxlen: 24 31.135.228.0/22 maxlen: 22 31.135.232.0/22 maxlen: 22 31.135.236.0/23 maxlen: 23 46.148.128.0/20 maxlen: 20 46.148.128.0/22 maxlen: 22 46.148.132.0/22 maxlen: 22 46.148.143.0/24 maxlen: 24 83.97.104.0/21 maxlen: 21 91.195.130.0/23 maxlen: 23 91.230.146.0/24 maxlen: 24 91.237.186.0/23 maxlen: 23 91.237.186.0/24 maxlen: 24 91.237.187.0/24 maxlen: 24 109.196.64.0/20 maxlen: 24 109.196.64.0/22 maxlen: 22 109.196.64.0/24 maxlen: 24 109.196.68.0/22 maxlen: 22 109.196.72.0/22 maxlen: 22 109.196.72.0/24 maxlen: 24 109.196.73.0/24 maxlen: 24 109.196.74.0/24 maxlen: 24 109.196.75.0/24 maxlen: 24 109.196.76.0/22 maxlen: 22 176.125.192.0/19 maxlen: 19 195.2.238.0/23 maxlen: 23 2a13:2940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.mft rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:92:09:f5:b8:84:30:a1:d2:e4:a9:d1:72:f5:12:f7:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a Validity Not Before: Nov 17 13:38:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=99b15153e3510e068266d47022fa33a7cdb45dc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:10:ce:3a:6e:99:18:26:ff:1c:40:8a:63:f9: 4c:36:ba:7b:40:f1:e0:6d:7f:9b:c7:bc:5f:86:03: 04:9a:05:1a:36:c1:5a:4c:32:4d:b2:d1:6c:60:45: 29:67:76:60:5a:b7:f1:ab:07:e3:45:58:12:67:af: e4:96:76:59:e3:6d:a3:4d:24:dd:54:c8:76:59:75: cb:73:3b:cd:79:9c:3d:32:7e:bf:f0:ee:a0:db:cd: 5a:bf:ec:3a:3e:ab:fa:42:84:95:44:59:2f:03:82: cf:87:0a:73:62:0d:3a:d7:eb:2f:17:03:61:2f:02: 1b:79:cd:22:24:b9:76:03:7b:b7:49:8d:0a:7d:a6: 53:32:4f:e6:ce:b1:8e:fe:ed:f1:6b:a1:ef:d6:2e: ae:b3:99:10:13:90:45:29:66:8b:ed:76:78:cc:63: ce:52:1c:87:aa:16:dc:93:27:67:f6:87:03:76:d0: 22:31:0c:26:60:f5:cb:e9:ce:40:1e:e2:cc:cd:f0: 66:81:bb:65:15:d7:13:c0:05:49:6c:9b:26:ce:09: 95:ff:c5:70:09:63:ba:61:f1:e5:69:1a:d1:ef:a5: 32:25:28:c7:43:cb:c5:1a:7e:56:87:17:3a:1d:60: 1d:85:ed:67:19:23:2c:33:e7:4b:f3:a6:1f:52:0a: 88:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:B1:51:53:E3:51:0E:06:82:66:D4:70:22:FA:33:A7:CD:B4:5D:C0 X509v3 Authority Key Identifier: keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/mbFRU-NRDgaCZtRwIvozp820XcA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.135.224.0/20 46.148.128.0/20 83.97.104.0/21 91.195.130.0/23 91.230.146.0/24 91.237.186.0/23 109.196.64.0/20 176.125.192.0/19 195.2.238.0/23 IPv6: 2a13:2940::/32 Signature Algorithm: sha256WithRSAEncryption 35:8d:41:6a:97:aa:6f:97:32:5b:80:33:3f:f4:e5:48:42:c6: 76:af:55:48:cd:17:7f:28:94:bb:02:dd:f2:0b:5c:f9:42:de: f6:79:ba:eb:43:76:ff:50:42:8e:12:e6:77:d0:25:8a:62:66: dd:9c:e7:88:56:1d:03:10:b6:2b:d0:74:a6:0d:00:68:56:31: 4a:f4:9d:98:31:b0:00:07:c2:b0:b5:af:29:c8:2c:52:94:54: f2:b2:e7:d9:d6:a2:87:ea:03:9c:91:68:4a:dd:e0:89:b7:4d: f3:a6:b8:f6:aa:bc:5f:8d:f5:57:54:61:55:a0:4e:15:83:32: 55:e4:e0:34:91:c5:d0:a4:78:da:e8:ed:b8:7f:33:a8:10:32: 77:cb:29:66:5c:e5:60:ac:74:ba:de:a7:22:94:46:27:ba:bf: f6:db:91:4f:62:53:9e:9a:e8:84:90:e9:6b:ba:93:e0:fb:ce: 88:78:4d:1b:9e:be:85:99:5f:64:28:56:b2:6d:0b:dd:ac:ae: 32:fd:8f:78:da:56:5e:5c:62:84:0f:82:52:28:b7:1e:54:af: 54:77:88:8e:6f:14:e6:cb:fa:66:db:5e:72:75:87:d9:89:78: 96:77:df:a5:1f:82:33:21:06:82:df:66:52:f7:01:2f:8f:32: 90:09:3f:d5 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZqSCfW4hDCh0uSp0XL1EvcKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz NzA3MWEwHhcNMjUxMTE3MTMzODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OWIxNTE1M2UzNTEwZTA2ODI2NmQ0NzAyMmZhMzNhN2NkYjQ1ZGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhDOOm6ZGCb/HECKY/lMNrp7QPHg bX+bx7xfhgMEmgUaNsFaTDJNstFsYEUpZ3ZgWrfxqwfjRVgSZ6/klnZZ422jTSTd VMh2WXXLczvNeZw9Mn6/8O6g281av+w6Pqv6QoSVRFkvA4LPhwpzYg061+svFwNh LwIbec0iJLl2A3u3SY0KfaZTMk/mzrGO/u3xa6Hv1i6us5kQE5BFKWaL7XZ4zGPO UhyHqhbckydn9ocDdtAiMQwmYPXL6c5AHuLMzfBmgbtlFdcTwAVJbJsmzgmV/8Vw CWO6YfHlaRrR76UyJSjHQ8vFGn5Whxc6HWAdhe1nGSMsM+dL86YfUgqI5wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJmxUVPjUQ4GgmbUcCL6M6fNtF3AMB8GA1UdIwQY MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt NGMwOGZmZTEwMDc2LzEvbWJGUlUtTlJEZ2FDWnRSd0l2b3pwODIwWGNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2 LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEH4fgAwQE LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQBW+26AwQEbcRAAwQFsH3AAwQBwwLuMA0E AgACMAcDBQAqEylAMA0GCSqGSIb3DQEBCwUAA4IBAQA1jUFql6pvlzJbgDM/9OVI QsZ2r1VIzRd/KJS7At3yC1z5Qt72ebrrQ3b/UEKOEuZ30CWKYmbdnOeIVh0DELYr 0HSmDQBoVjFK9J2YMbAAB8Kwta8pyCxSlFTysufZ1qKH6gOckWhK3eCJt03zprj2 qrxfjfVXVGFVoE4VgzJV5OA0kcXQpHja6O24fzOoEDJ3yylmXOVgrHS63qcilEYn ur/225FPYlOemuiEkOlrupPg+86IeE0bnr6FmV9kKFaybQvdrK4y/Y942lZeXGKE D4JSKLceVK9Ud4iObxTmy/pm215ydYfZiXiWd9+lH4IzIQaC32ZS9wEvjzKQCT/V -----END CERTIFICATE-----Generated at Sat Dec 6 23:29:35 2025 by rpki-client