This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/mSAOwTsVaHd8118WnS4cvGYvNUE.roa File: mSAOwTsVaHd8118WnS4cvGYvNUE.roa (raw, json) Hash identifier: M5exegiwCD9wq+6OVWAn+L9v8TUuNlEDvaTanUNJsnw= Subject key identifier: 99:20:0E:C1:3B:15:68:77:7C:D7:5F:16:9D:2E:1C:BC:66:2F:35:41 Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Certificate serial: 019ABB21087CFAAF4BBF08E1742B05B22B74 Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/mSAOwTsVaHd8118WnS4cvGYvNUE.roa Signing time: Tue 25 Nov 2025 13:08:15 +0000 ROA not before: Tue 25 Nov 2025 13:08:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211517 IP address blocks: 90.156.245.0/24 maxlen: 24 2a03:720:70::/48 maxlen: 48 2a03:720:1070::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:bb:21:08:7c:fa:af:4b:bf:08:e1:74:2b:05:b2:2b:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76 Validity Not Before: Nov 25 13:08:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=99200ec13b1568777cd75f169d2e1cbc662f3541 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:96:1d:1e:ef:67:1f:37:46:fd:e1:b7:56:de: 04:cd:c3:7b:42:04:48:32:63:85:e5:2c:4c:b1:09: 41:9b:8d:a6:ae:d6:e8:81:d6:b5:33:17:5e:48:14: c5:be:92:92:ce:c8:d5:2a:23:69:0f:1c:cb:28:f9: 79:6e:dd:40:c3:5a:e5:4d:e6:7c:ec:cf:f4:46:d5: 62:9d:00:02:f1:18:ca:5b:55:2f:62:bc:96:0f:69: 5b:a1:36:31:55:b4:80:3b:de:fd:31:2a:71:1f:e1: 76:25:5a:6c:e0:fa:ff:0d:14:70:cd:e4:05:7e:3a: 1a:26:9d:59:84:c7:f4:f5:4b:d6:d4:1b:66:21:df: 25:a7:3d:c2:b0:53:4d:91:ca:4f:64:33:64:d3:41: f0:24:c9:0c:96:60:85:d3:ca:05:81:1c:c2:22:79: 0d:84:b4:be:a8:3f:11:40:41:55:2d:3f:43:b2:4c: d9:8b:9f:d3:2c:2b:4b:df:63:fe:d8:ca:89:5e:42: e8:6a:c5:6f:a2:c5:71:d3:76:5f:58:dd:2e:00:f0: fb:d9:22:0d:7f:e8:27:ec:30:91:f4:20:e9:09:e3: 5c:2a:b0:4d:44:f2:cb:ea:1c:aa:5e:72:e3:b7:9e: aa:d1:71:e4:3e:ca:01:93:76:42:07:46:1c:91:4b: 7b:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:20:0E:C1:3B:15:68:77:7C:D7:5F:16:9D:2E:1C:BC:66:2F:35:41 X509v3 Authority Key Identifier: keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/mSAOwTsVaHd8118WnS4cvGYvNUE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 90.156.245.0/24 IPv6: 2a03:720:70::/48 2a03:720:1070::/48 Signature Algorithm: sha256WithRSAEncryption 9b:b1:a3:04:31:2c:bf:8a:fe:49:80:74:6e:00:7f:47:e8:5b: 4e:c1:98:bb:ee:ea:1a:af:2d:8f:91:91:c1:2b:49:9b:13:e2: 01:50:ed:c3:0b:45:d3:f0:2d:fb:5a:d2:a8:e5:0a:8d:e8:ce: 36:04:96:ff:18:37:de:9b:5e:4f:33:58:26:2e:e2:30:dd:5b: 08:72:47:f0:66:db:02:88:c6:1d:7e:fc:7f:c5:b7:a2:3e:de: f7:89:ea:b4:b6:5c:d9:35:c6:86:75:ec:09:40:4c:f3:cb:71: 4c:d6:59:c9:aa:23:dc:e3:1e:a5:88:e7:c6:e3:a4:bb:de:52: 43:a1:8d:46:6f:a6:5c:65:12:86:65:6c:de:32:d8:85:af:4c: 50:2d:9e:79:7c:f4:b2:25:83:1a:b4:8c:82:35:87:3e:59:46: a7:9a:89:1c:3f:bb:89:e2:fd:41:97:cd:8b:14:2e:05:e9:2c: 0b:66:59:5c:bd:f1:b4:d5:61:ba:00:aa:c0:d9:be:ee:92:4b: fc:ec:e5:52:cc:39:0d:3e:2a:f3:5c:39:00:49:84:ae:0e:7c: ad:40:bf:76:df:95:37:a1:9a:1f:d2:bd:89:9d:47:fd:1a:23: b7:78:0d:2e:9b:1b:6b:61:4d:4b:3f:3c:6e:9b:fc:10:b5:59: 9d:24:14:6b -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZq7IQh8+q9LvwjhdCsFsit0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5 MDBhNzYwHhcNMjUxMTI1MTMwODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTIwMGVjMTNiMTU2ODc3N2NkNzVmMTY5ZDJlMWNiYzY2MmYzNTQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZYdHu9nHzdG/eG3Vt4EzcN7QgRI MmOF5SxMsQlBm42mrtbogda1MxdeSBTFvpKSzsjVKiNpDxzLKPl5bt1Aw1rlTeZ8 7M/0RtVinQAC8RjKW1UvYryWD2lboTYxVbSAO979MSpxH+F2JVps4Pr/DRRwzeQF fjoaJp1ZhMf09UvW1BtmId8lpz3CsFNNkcpPZDNk00HwJMkMlmCF08oFgRzCInkN hLS+qD8RQEFVLT9DskzZi5/TLCtL32P+2MqJXkLoasVvosVx03ZfWN0uAPD72SIN f+gn7DCR9CDpCeNcKrBNRPLL6hyqXnLjt56q0XHkPsoBk3ZCB0YckUt7MQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFJkgDsE7FWh3fNdfFp0uHLxmLzVBMB8GA1UdIwQY MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt ODlhY2UzODIyMGZiLzEvbVNBT3dUc1ZhSGQ4MTE4V25TNGN2R1l2TlVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAWpz1MBgE AgACMBIDBwAqAwcgAHADBwAqAwcgEHAwDQYJKoZIhvcNAQELBQADggEBAJuxowQx LL+K/kmAdG4Af0foW07BmLvu6hqvLY+RkcErSZsT4gFQ7cMLRdPwLfta0qjlCo3o zjYElv8YN96bXk8zWCYu4jDdWwhyR/Bm2wKIxh1+/H/Ft6I+3veJ6rS2XNk1xoZ1 7AlATPPLcUzWWcmqI9zjHqWI58bjpLveUkOhjUZvplxlEoZlbN4y2IWvTFAtnnl8 9LIlgxq0jII1hz5ZRqeaiRw/u4ni/UGXzYsULgXpLAtmWVy98bTVYboAqsDZvu6S S/zs5VLMOQ0+KvNcOQBJhK4OfK1Av3bflTehmh/SvYmdR/0aI7d4DS6bG2thTUs/ PG6b/BC1WZ0kFGs= -----END CERTIFICATE-----Generated at Sun Dec 7 02:10:04 2025 by rpki-client