This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/SqIYQtH-MyTecrJ8-T-TD9dilA8.roa File: SqIYQtH-MyTecrJ8-T-TD9dilA8.roa (raw, json) Hash identifier: p2IOkyfQBQfAepmjkkBl9kWUTrpqgo3iCz4cUJ7c12w= Subject key identifier: 4A:A2:18:42:D1:FE:33:24:DE:72:B2:7C:F9:3F:93:0F:D7:62:94:0F Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055 Certificate serial: 019A8F0457F222CA5809209EF89A68A60BE8 Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/SqIYQtH-MyTecrJ8-T-TD9dilA8.roa Signing time: Sun 16 Nov 2025 23:33:37 +0000 ROA not before: Sun 16 Nov 2025 23:33:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 34927 IP address blocks: 89.187.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.mft rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:8f:04:57:f2:22:ca:58:09:20:9e:f8:9a:68:a6:0b:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055 Validity Not Before: Nov 16 23:33:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4aa21842d1fe3324de72b27cf93f930fd762940f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:87:c9:19:fd:95:86:ef:2f:83:bd:e3:24:6a: 91:cb:c9:3d:aa:3d:73:cc:5c:8a:fb:d1:f8:16:94: b9:79:22:fe:c6:5d:83:a7:6c:92:6c:29:bb:f9:84: 0c:99:dc:fa:a2:9f:37:26:41:aa:81:98:8a:b8:eb: be:b8:62:2e:36:38:fb:f1:03:cc:d6:f7:0c:51:ae: 74:64:a1:f8:7a:31:3a:8e:4e:6d:fd:0b:01:be:a9: 4c:4e:c7:0c:db:9e:f6:a8:37:9a:b7:a5:7b:7a:e2: 52:32:cf:87:be:4d:24:7e:ae:55:bd:90:ad:31:9a: b7:0c:48:d1:29:65:4f:bc:c3:ff:94:50:a6:4f:27: 2f:b0:a8:12:ed:51:79:58:e3:a6:0c:e1:13:0e:5e: 98:86:eb:02:54:d7:43:4a:52:47:fd:10:56:c2:d2: 41:07:09:a7:65:eb:fb:0a:a7:86:ba:dd:52:f7:4a: b8:4d:0a:3d:98:46:9e:94:5c:87:fc:96:06:53:23: 9c:5b:d5:b3:38:1a:76:78:21:20:ba:7c:68:ac:dd: d3:17:f4:e4:db:2e:6c:88:4f:d2:3f:c8:ef:a5:b3: 7a:c9:5e:c2:0d:d9:db:6f:a9:a4:f9:12:de:5f:b2: 48:04:c9:85:c6:1d:a9:85:32:f8:f3:60:2b:c4:e1: 47:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:A2:18:42:D1:FE:33:24:DE:72:B2:7C:F9:3F:93:0F:D7:62:94:0F X509v3 Authority Key Identifier: keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/SqIYQtH-MyTecrJ8-T-TD9dilA8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.187.21.0/24 Signature Algorithm: sha256WithRSAEncryption c7:08:d3:df:98:8e:39:2f:2b:8c:4a:a5:f8:16:c4:e7:31:20: 0a:c0:8e:4d:21:80:b2:48:f7:cc:bc:33:00:07:df:46:16:f7: b0:02:76:18:71:2c:7b:53:10:2c:ca:77:81:25:36:a3:9d:fc: fc:66:51:cb:03:6b:94:78:47:6a:fa:f4:77:4c:8e:20:0c:19: 32:5d:6d:d1:aa:25:66:79:8a:c9:37:4e:8e:c5:4f:4f:5c:85: 6b:88:85:c9:7f:be:71:0e:38:57:7c:b3:41:90:16:c6:68:cc: 33:e5:5e:f6:d0:23:62:a8:f6:56:47:a6:c6:61:68:7e:7b:c9: b1:78:be:1e:09:52:a4:86:69:44:b9:0e:8d:72:b1:39:78:c2: 9d:ed:dd:ac:10:df:b4:d0:25:60:aa:12:40:85:94:49:eb:68: 0d:b7:83:bf:84:97:64:ee:bb:f8:d4:5b:66:8f:57:12:3c:53: 0f:48:56:8b:ab:d0:67:49:78:da:c8:4e:05:04:8e:60:ac:0e: 9b:2a:4e:82:1a:d3:ce:c5:a6:df:81:35:90:fb:bf:15:c8:af: 79:22:e3:ca:2b:9e:b8:15:f1:41:05:9e:40:77:79:a8:d2:4f: 8d:89:35:a9:d1:08:12:f6:61:ce:c7:68:a9:0c:51:eb:96:32: 0e:6b:e9:77 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZqPBFfyIspYCSCe+JpopgvoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw YmYwNTUwHhcNMjUxMTE2MjMzMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YWEyMTg0MmQxZmUzMzI0ZGU3MmIyN2NmOTNmOTMwZmQ3NjI5NDBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYfJGf2Vhu8vg73jJGqRy8k9qj1z zFyK+9H4FpS5eSL+xl2Dp2ySbCm7+YQMmdz6op83JkGqgZiKuOu+uGIuNjj78QPM 1vcMUa50ZKH4ejE6jk5t/QsBvqlMTscM2572qDeat6V7euJSMs+Hvk0kfq5VvZCt MZq3DEjRKWVPvMP/lFCmTycvsKgS7VF5WOOmDOETDl6YhusCVNdDSlJH/RBWwtJB BwmnZev7CqeGut1S90q4TQo9mEaelFyH/JYGUyOcW9WzOBp2eCEgunxorN3TF/Tk 2y5siE/SP8jvpbN6yV7CDdnbb6mk+RLeX7JIBMmFxh2phTL482ArxOFHdwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEqiGELR/jMk3nKyfPk/kw/XYpQPMB8GA1UdIwQY MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt NDVjZmM4NTdkZGRkLzEvU3FJWVF0SC1NeVRlY3JKOC1ULVREOWRpbEE4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsVMA0G CSqGSIb3DQEBCwUAA4IBAQDHCNPfmI45LyuMSqX4FsTnMSAKwI5NIYCySPfMvDMA B99GFvewAnYYcSx7UxAsyneBJTajnfz8ZlHLA2uUeEdq+vR3TI4gDBkyXW3RqiVm eYrJN06OxU9PXIVriIXJf75xDjhXfLNBkBbGaMwz5V720CNiqPZWR6bGYWh+e8mx eL4eCVKkhmlEuQ6NcrE5eMKd7d2sEN+00CVgqhJAhZRJ62gNt4O/hJdk7rv41Ftm j1cSPFMPSFaLq9BnSXjayE4FBI5grA6bKk6CGtPOxabfgTWQ+78VyK95IuPKK564 FfFBBZ5Ad3mo0k+NiTWp0QgS9mHOx2ipDFHrljIOa+l3 -----END CERTIFICATE-----Generated at Sat Dec 6 13:42:52 2025 by rpki-client