This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/3dGM-wQKII9QeK_7Fe3FfELOZgc.roa File: 3dGM-wQKII9QeK_7Fe3FfELOZgc.roa (raw, json) Hash identifier: ZqYWBXwJg6Pmbs53k1bB769aOyXhHyzc4iZkjU1cBrE= Subject key identifier: DD:D1:8C:FB:04:0A:20:8F:50:78:AF:FB:15:ED:C5:7C:42:CE:66:07 Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b Certificate serial: 019AB98C5EA46584403B45AAF37CC6889E03 Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/3dGM-wQKII9QeK_7Fe3FfELOZgc.roa Signing time: Tue 25 Nov 2025 05:46:15 +0000 ROA not before: Tue 25 Nov 2025 05:46:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 14576 IP address blocks: 5.183.252.0/24 maxlen: 24 45.10.167.0/24 maxlen: 24 77.220.192.0/24 maxlen: 24 77.220.195.0/24 maxlen: 24 185.77.220.0/22 maxlen: 24 194.104.8.0/24 maxlen: 24 213.108.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b9:8c:5e:a4:65:84:40:3b:45:aa:f3:7c:c6:88:9e:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b Validity Not Before: Nov 25 05:46:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ddd18cfb040a208f5078affb15edc57c42ce6607 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:35:49:80:08:bf:0f:48:ed:59:e6:f4:8f:ef: 73:3f:db:4b:91:41:2b:67:ea:dd:b2:b0:9d:01:09: bf:1b:64:84:39:5a:37:40:df:fd:77:9e:57:c1:2a: 87:bf:ef:01:cf:e3:9e:01:b4:a2:b8:0b:a8:69:51: 1c:7f:5f:4e:23:62:23:99:46:09:39:f4:a3:b1:7a: c9:4d:de:c5:01:1a:0b:0d:33:ad:c1:3e:8b:c0:ac: 23:d1:9b:fe:e2:4c:16:19:a5:17:b1:92:f7:78:2e: 06:86:b6:38:25:2b:94:2a:da:d8:b9:f4:1b:55:c1: d7:fd:7a:f4:10:e4:14:18:3a:30:20:24:81:39:2f: 4c:d9:d8:3d:4b:f7:19:a3:4c:3d:76:d5:be:87:64: bb:6b:34:7e:e5:6d:22:12:11:5e:4c:6c:f7:72:d0: 70:d8:84:27:0e:84:6f:36:16:e1:d9:be:db:1e:13: e4:d3:84:e7:39:7b:0b:a7:f1:f2:33:f6:5f:57:45: 21:3b:6b:3c:7b:d9:89:bb:42:2e:fc:ef:c4:39:36: 13:3d:64:22:5b:12:23:46:a7:dc:e5:ff:9e:fe:f9: 3b:8c:7b:da:5f:df:ec:52:46:12:df:52:c5:20:01: 9c:6e:c7:bc:5f:95:32:43:4d:26:4f:d0:e0:8b:a4: ba:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D1:8C:FB:04:0A:20:8F:50:78:AF:FB:15:ED:C5:7C:42:CE:66:07 X509v3 Authority Key Identifier: keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/3dGM-wQKII9QeK_7Fe3FfELOZgc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.183.252.0/24 45.10.167.0/24 77.220.192.0/24 77.220.195.0/24 185.77.220.0/22 194.104.8.0/24 213.108.0.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:e0:15:a8:e5:33:b6:8e:25:45:91:97:b0:a9:46:2f:a4:97: dc:5e:3b:0f:62:a2:75:14:63:65:9b:01:26:bf:99:d0:33:3e: ce:4d:23:47:7a:5b:56:46:d4:39:ab:ea:12:a4:5c:f6:16:78: 9f:06:5f:ed:e9:d6:b6:b0:ca:65:03:34:51:c2:48:e1:ca:3d: be:d9:18:1f:3a:59:31:62:f9:7e:b3:36:c1:54:10:67:37:60: 0b:cb:67:27:13:6a:1c:63:44:7d:2a:1f:fe:dc:5c:6b:ff:0c: a0:8b:58:74:27:a0:46:d8:83:e3:89:3d:75:d6:39:eb:20:30: aa:5d:8d:3b:7e:f6:53:51:36:73:7e:c7:9c:b8:ce:cf:05:dd: d3:b0:b9:19:10:93:d3:38:2f:f5:fa:3a:91:45:fd:be:36:89: 1d:b7:2a:e0:38:60:05:e6:4b:6c:2f:5f:e6:d6:5c:b7:ed:a1: bc:24:fc:9e:c5:db:30:c3:34:ef:00:fd:76:6b:aa:27:3d:45: 0f:03:7d:0a:3d:0d:d5:09:88:bd:2c:8f:53:0b:07:08:5b:58: 46:c6:27:a2:02:5c:f2:cf:99:d4:1c:88:a1:b4:10:1e:81:6c: 53:21:7a:e8:bf:d6:df:30:ef:27:aa:d1:e9:00:4e:45:72:c8: 47:62:84:1d -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZq5jF6kZYRAO0Wq83zGiJ4DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4 OWU4NWIwHhcNMjUxMTI1MDU0NjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGQxOGNmYjA0MGEyMDhmNTA3OGFmZmIxNWVkYzU3YzQyY2U2NjA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojVJgAi/D0jtWeb0j+9zP9tLkUEr Z+rdsrCdAQm/G2SEOVo3QN/9d55XwSqHv+8Bz+OeAbSiuAuoaVEcf19OI2IjmUYJ OfSjsXrJTd7FARoLDTOtwT6LwKwj0Zv+4kwWGaUXsZL3eC4GhrY4JSuUKtrYufQb VcHX/Xr0EOQUGDowICSBOS9M2dg9S/cZo0w9dtW+h2S7azR+5W0iEhFeTGz3ctBw 2IQnDoRvNhbh2b7bHhPk04TnOXsLp/HyM/ZfV0UhO2s8e9mJu0Iu/O/EOTYTPWQi WxIjRqfc5f+e/vk7jHvaX9/sUkYS31LFIAGcbse8X5UyQ00mT9Dgi6S6rQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFN3RjPsECiCPUHiv+xXtxXxCzmYHMB8GA1UdIwQY MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt NmVlNTM0ZDkyZTUyLzEvM2RHTS13UUtJSTlRZUtfN0ZlM0ZmRUxPWmdjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABbf8AwQA LQqnAwQATdzAAwQATdzDAwQCuU3cAwQAwmgIAwQA1WwAMA0GCSqGSIb3DQEBCwUA A4IBAQA/4BWo5TO2jiVFkZewqUYvpJfcXjsPYqJ1FGNlmwEmv5nQMz7OTSNHeltW RtQ5q+oSpFz2FnifBl/t6da2sMplAzRRwkjhyj2+2RgfOlkxYvl+szbBVBBnN2AL y2cnE2ocY0R9Kh/+3Fxr/wygi1h0J6BG2IPjiT111jnrIDCqXY07fvZTUTZzfsec uM7PBd3TsLkZEJPTOC/1+jqRRf2+NokdtyrgOGAF5ktsL1/m1ly37aG8JPyexdsw wzTvAP12a6onPUUPA30KPQ3VCYi9LI9TCwcIW1hGxieiAlzyz5nUHIihtBAegWxT IXrov9bfMO8nqtHpAE5FcshHYoQd -----END CERTIFICATE-----Generated at Sun Dec 7 00:10:27 2025 by rpki-client