This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/8Zj24jfn9S8WI4ttBUHVoIAXMMo.roa File: 8Zj24jfn9S8WI4ttBUHVoIAXMMo.roa (raw, json) Hash identifier: cTf4aMsPBbGTihgOeG5/giseUSW7pXyGx7wJeH1Zs1U= Subject key identifier: F1:98:F6:E2:37:E7:F5:2F:16:23:8B:6D:05:41:D5:A0:80:17:30:CA Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Certificate serial: 019ABB210793A42CA5E5A9CD1BD03D03E49C Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/8Zj24jfn9S8WI4ttBUHVoIAXMMo.roa Signing time: Tue 25 Nov 2025 13:08:15 +0000 ROA not before: Tue 25 Nov 2025 13:08:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 201512 IP address blocks: 176.101.88.0/24 maxlen: 24 176.101.89.0/24 maxlen: 24 176.101.90.0/24 maxlen: 24 176.101.91.0/24 maxlen: 24 176.101.92.0/24 maxlen: 24 176.101.93.0/24 maxlen: 24 176.101.94.0/24 maxlen: 24 176.101.95.0/24 maxlen: 24 2a03:720:40::/48 maxlen: 48 2a03:720:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:bb:21:07:93:a4:2c:a5:e5:a9:cd:1b:d0:3d:03:e4:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Validity Not Before: Nov 25 13:08:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f198f6e237e7f52f16238b6d0541d5a0801730ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f8:a5:e2:88:44:17:52:14:f4:3b:4d:e6:d9: e2:59:53:28:33:5b:1a:9e:2d:4c:1b:d4:e1:76:b0: 6f:77:f6:00:95:04:d3:1e:48:4f:fb:ba:5c:6e:55: 08:01:e8:55:8c:86:bb:15:38:61:0e:f0:89:89:8f: 52:34:05:7f:27:73:cf:9c:3d:f2:5b:9c:38:48:e7: 2f:03:f0:b0:64:91:05:10:55:a2:f3:65:a9:fd:92: 62:47:13:ba:78:25:a6:27:e7:f2:ed:7d:2e:9d:2f: d2:00:15:94:66:3b:fb:df:c1:db:88:8c:10:4b:00: bb:2d:27:fa:87:59:f1:02:26:22:1f:c5:99:c4:3f: 5b:7a:96:c4:0e:0a:6b:30:4d:91:3a:be:c3:c5:1c: 1f:10:a3:cf:78:0f:05:9d:05:55:c1:62:4e:56:6d: 2e:12:5d:61:80:2c:1e:c9:e4:3d:e8:db:29:53:c3: 41:47:1e:cc:89:6e:2b:1c:ec:06:4d:80:df:12:c6: 40:c3:2a:0d:1c:1c:c0:23:69:8d:36:0e:38:15:1c: 18:0f:e5:61:f0:70:be:e3:45:c3:1b:34:41:3a:0e: f1:5a:f1:86:69:08:03:49:cd:c4:dd:64:f9:4c:53: 60:d7:f3:1e:73:75:78:26:43:2e:7b:b5:76:ba:72: 48:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:98:F6:E2:37:E7:F5:2F:16:23:8B:6D:05:41:D5:A0:80:17:30:CA X509v3 Authority Key Identifier: keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/8Zj24jfn9S8WI4ttBUHVoIAXMMo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.101.88.0/21 IPv6: 2a03:720:40::/48 2a03:720:1040::/48 Signature Algorithm: sha256WithRSAEncryption 67:e2:e4:60:2f:1b:d3:1a:52:00:fa:68:0b:87:ea:69:a9:72: 30:c7:f9:9e:69:6e:4d:43:f6:d2:63:43:30:dc:d1:cd:7e:17: 72:f0:ae:62:98:3c:3b:74:37:fa:85:99:5c:2a:1f:8f:14:12: a1:d0:6e:69:17:96:ad:b6:88:91:34:fd:9c:f8:66:1f:df:eb: a7:f9:cc:e8:e1:c4:de:14:d0:fa:47:19:02:c5:a5:e3:cc:1e: 35:b4:e8:27:4e:0e:3b:c0:70:e2:ca:65:a9:83:3e:d1:11:4b: d8:5f:90:93:fb:87:96:08:1e:b1:24:75:59:62:d1:7a:c9:64: cd:9a:6d:0b:b9:bb:b1:11:b3:28:33:1f:12:1a:60:cc:3c:97: 5f:fb:1d:5b:f3:91:1b:34:70:89:6a:c8:ae:4b:25:70:be:da: 1c:58:78:ab:b4:26:21:4b:ee:12:68:7e:ea:f5:2b:8a:6f:96: 3f:22:6b:68:7b:0e:9f:4d:25:6a:8f:ed:04:9b:e1:62:04:ab: bc:11:d4:04:b9:be:18:8b:6a:0f:b3:75:d4:e8:6c:75:b9:e4: 58:cd:c1:e5:ac:13:36:b7:d4:44:00:73:60:2f:92:c5:7e:5a: 3e:5e:d5:26:74:fe:24:17:9f:0c:18:b1:2d:7b:06:1d:a9:a1: c8:25:47:71 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZq7IQeTpCyl5anNG9A9A+ScMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5 MDBhNzYwHhcNMjUxMTI1MTMwODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTk4ZjZlMjM3ZTdmNTJmMTYyMzhiNmQwNTQxZDVhMDgwMTczMGNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/il4ohEF1IU9DtN5tniWVMoM1sa ni1MG9ThdrBvd/YAlQTTHkhP+7pcblUIAehVjIa7FThhDvCJiY9SNAV/J3PPnD3y W5w4SOcvA/CwZJEFEFWi82Wp/ZJiRxO6eCWmJ+fy7X0unS/SABWUZjv738HbiIwQ SwC7LSf6h1nxAiYiH8WZxD9bepbEDgprME2ROr7DxRwfEKPPeA8FnQVVwWJOVm0u El1hgCweyeQ96NspU8NBRx7MiW4rHOwGTYDfEsZAwyoNHBzAI2mNNg44FRwYD+Vh 8HC+40XDGzRBOg7xWvGGaQgDSc3E3WT5TFNg1/Mec3V4JkMue7V2unJIXwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFPGY9uI35/UvFiOLbQVB1aCAFzDKMB8GA1UdIwQY MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt ODlhY2UzODIyMGZiLzEvOFpqMjRqZm45UzhXSTR0dEJVSFZvSUFYTU1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDsGVYMBgE AgACMBIDBwAqAwcgAEADBwAqAwcgEEAwDQYJKoZIhvcNAQELBQADggEBAGfi5GAv G9MaUgD6aAuH6mmpcjDH+Z5pbk1D9tJjQzDc0c1+F3LwrmKYPDt0N/qFmVwqH48U EqHQbmkXlq22iJE0/Zz4Zh/f66f5zOjhxN4U0PpHGQLFpePMHjW06CdODjvAcOLK ZamDPtERS9hfkJP7h5YIHrEkdVli0XrJZM2abQu5u7ERsygzHxIaYMw8l1/7HVvz kRs0cIlqyK5LJXC+2hxYeKu0JiFL7hJofur1K4pvlj8ia2h7Dp9NJWqP7QSb4WIE q7wR1AS5vhiLag+zddTobHW55FjNweWsEza31EQAc2AvksV+Wj5e1SZ0/iQXnwwY sS17Bh2pocglR3E= -----END CERTIFICATE-----Generated at Sun Dec 7 02:10:04 2025 by rpki-client