This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/2khmlmeoDFv-IkGAU0fd4l5TW0o.roa File: 2khmlmeoDFv-IkGAU0fd4l5TW0o.roa (raw, json) Hash identifier: //AXHj3BbLc0Rt/YZOfWjdKHckn7lMqZx1vw7h/B5lI= Subject key identifier: DA:48:66:96:67:A8:0C:5B:FE:22:41:80:53:47:DD:E2:5E:53:5B:4A Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d Certificate serial: 019ABFDD34BE32B218D5365284062847D75F Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/2khmlmeoDFv-IkGAU0fd4l5TW0o.roa Signing time: Wed 26 Nov 2025 11:12:16 +0000 ROA not before: Wed 26 Nov 2025 11:12:16 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 199614 IP address blocks: 213.18.244.0/24 maxlen: 24 213.18.246.0/24 maxlen: 24 213.18.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:bf:dd:34:be:32:b2:18:d5:36:52:84:06:28:47:d7:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d Validity Not Before: Nov 26 11:12:16 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=da48669667a80c5bfe2241805347dde25e535b4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:43:25:71:33:7e:48:9a:eb:7c:7e:54:c0:0c: 20:20:17:cc:9c:00:d0:de:fb:54:35:4c:39:b3:90: b7:c3:4d:7d:88:dd:ad:c8:74:22:bb:65:69:b5:d5: 5d:2f:5a:21:8c:2d:35:21:4c:fa:82:e9:00:df:d1: 23:55:18:a0:1a:2e:44:38:2f:16:98:56:9c:15:92: 83:13:f3:55:78:d4:82:a2:59:f0:c3:78:db:eb:3b: f8:e7:b7:3a:97:dd:96:67:af:cd:0c:f4:ed:f1:bf: 4d:e6:d5:7a:97:5c:ec:c3:c3:f4:03:ea:8f:1e:46: e9:db:98:ed:6c:d1:8c:e2:c6:0f:a3:32:1a:d8:48: e7:ba:44:43:dc:e6:fa:16:c7:57:fb:f4:04:3d:0f: f0:49:a1:b8:58:36:21:a2:b6:0e:eb:e2:14:3b:7c: 46:7d:27:f4:8f:b1:66:a3:6d:ca:25:3f:56:ea:76: 88:76:ff:69:9d:a2:0a:14:10:cd:51:34:1d:e0:8d: b2:33:41:bd:4f:55:3a:da:ae:f3:dc:4a:2b:c2:01: 12:61:0a:f4:8a:f9:bb:e1:f0:f4:b2:18:3a:63:71: a4:77:bd:8c:04:ce:7d:33:6c:d0:e6:16:28:e1:14: 8d:86:91:78:12:a4:17:d0:b4:eb:db:fc:1d:f0:b6: 93:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:48:66:96:67:A8:0C:5B:FE:22:41:80:53:47:DD:E2:5E:53:5B:4A X509v3 Authority Key Identifier: keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/2khmlmeoDFv-IkGAU0fd4l5TW0o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.18.244.0/24 213.18.246.0/23 Signature Algorithm: sha256WithRSAEncryption 8e:ec:76:26:dc:6f:93:f2:54:b5:ce:bc:42:d5:58:78:fd:65: 83:52:64:b8:2b:47:d5:82:93:02:b1:2c:c7:5c:69:4f:0a:86: 73:9e:e4:a6:32:2b:a1:fe:0d:f9:c1:4d:1f:2a:0d:82:1f:a9: 2e:57:0f:e4:3c:a0:ab:94:0d:1a:6e:e1:e1:af:e6:ba:3c:46: fd:ff:66:8d:e6:04:0f:9d:6f:dd:09:d1:d7:a5:ce:29:f1:a0: 87:19:55:ff:f9:0c:22:17:dc:60:4f:fa:f6:75:7e:82:f7:03: 02:c8:e3:ee:9b:ff:bc:85:89:8d:59:6e:d7:ac:78:9c:c2:1a: 04:09:62:08:35:92:b6:51:aa:f4:67:b2:1b:db:0d:8e:f4:7f: 15:ce:79:22:9f:0a:22:b0:09:70:85:cd:2e:80:8e:7f:c8:dc: 73:48:9e:3e:f0:b2:79:41:ff:ad:4f:a2:ef:a8:71:f5:be:9e: 55:50:67:8c:21:b0:6c:e8:44:d0:98:74:d2:cc:0e:43:e2:cf: a6:f9:44:ab:05:ac:7f:83:70:e1:31:95:59:3f:31:61:9d:2a: bb:15:58:49:40:fb:30:9a:5b:d3:ce:a6:86:be:f0:89:7d:98: 4e:8c:9d:5c:50:6f:62:f6:10:df:5c:f0:b8:aa:6f:1e:92:7c: c0:a5:6b:27 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZq/3TS+MrIY1TZShAYoR9dfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy ZGE3NGQwHhcNMjUxMTI2MTExMjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTQ4NjY5NjY3YTgwYzViZmUyMjQxODA1MzQ3ZGRlMjVlNTM1YjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUMlcTN+SJrrfH5UwAwgIBfMnADQ 3vtUNUw5s5C3w019iN2tyHQiu2VptdVdL1ohjC01IUz6gukA39EjVRigGi5EOC8W mFacFZKDE/NVeNSColnww3jb6zv457c6l92WZ6/NDPTt8b9N5tV6l1zsw8P0A+qP Hkbp25jtbNGM4sYPozIa2EjnukRD3Ob6FsdX+/QEPQ/wSaG4WDYhorYO6+IUO3xG fSf0j7Fmo23KJT9W6naIdv9pnaIKFBDNUTQd4I2yM0G9T1U62q7z3EorwgESYQr0 ivm74fD0shg6Y3Gkd72MBM59M2zQ5hYo4RSNhpF4EqQX0LTr2/wd8LaTnwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNpIZpZnqAxb/iJBgFNH3eJeU1tKMB8GA1UdIwQY MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt YzE5OTQyNzM3ZTZkLzEvMmtobWxtZW9ERnYtSWtHQVUwZmQ0bDVUVzBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1RL0AwQB 1RL2MA0GCSqGSIb3DQEBCwUAA4IBAQCO7HYm3G+T8lS1zrxC1Vh4/WWDUmS4K0fV gpMCsSzHXGlPCoZznuSmMiuh/g35wU0fKg2CH6kuVw/kPKCrlA0abuHhr+a6PEb9 /2aN5gQPnW/dCdHXpc4p8aCHGVX/+QwiF9xgT/r2dX6C9wMCyOPum/+8hYmNWW7X rHicwhoECWIINZK2Uar0Z7Ib2w2O9H8VznkinwoisAlwhc0ugI5/yNxzSJ4+8LJ5 Qf+tT6LvqHH1vp5VUGeMIbBs6ETQmHTSzA5D4s+m+USrBax/g3DhMZVZPzFhnSq7 FVhJQPswmlvTzqaGvvCJfZhOjJ1cUG9i9hDfXPC4qm8eknzApWsn -----END CERTIFICATE-----Generated at Sat Dec 6 21:30:45 2025 by rpki-client