This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/ricPpWAnLEhcQ6y8xVS0_P4HhH8.roa File: ricPpWAnLEhcQ6y8xVS0_P4HhH8.roa (raw, json) Hash identifier: /sVbWYrwu7D63WIihFgBdG0dXYuAXFCsVaCYpjsYUuk= Subject key identifier: AE:27:0F:A5:60:27:2C:48:5C:43:AC:BC:C5:54:B4:FC:FE:07:84:7F Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b Certificate serial: 019A9BE9BB49DE775BE33265D9A7D898E532 Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/ricPpWAnLEhcQ6y8xVS0_P4HhH8.roa Signing time: Wed 19 Nov 2025 11:39:37 +0000 ROA not before: Wed 19 Nov 2025 11:39:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 398373 IP address blocks: 85.153.32.0/24 maxlen: 24 85.153.68.0/22 maxlen: 22 85.153.84.0/22 maxlen: 22 85.153.92.0/24 maxlen: 24 85.153.108.0/22 maxlen: 22 85.153.113.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:e9:bb:49:de:77:5b:e3:32:65:d9:a7:d8:98:e5:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b Validity Not Before: Nov 19 11:39:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ae270fa560272c485c43acbcc554b4fcfe07847f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:bf:34:16:eb:3d:d3:89:e7:b0:d4:ac:00:f9: af:54:24:4f:a4:e8:65:fd:5b:89:f9:e2:9f:6d:b3: ff:df:a7:1e:fb:34:ca:d6:21:2f:c5:1b:85:ae:64: 31:48:07:fa:12:e3:7b:b8:a9:5a:b1:ec:a5:40:65: d2:00:c1:9c:46:8f:7e:1e:aa:41:11:e5:6b:4e:75: 9c:bc:0f:58:0b:21:74:c4:ee:79:1d:48:8a:6d:cb: 8b:7b:af:6b:ce:a3:60:af:da:55:e4:89:8e:59:18: c8:8c:2f:58:c1:a4:e3:dc:85:e1:b9:e3:5c:b6:3b: 5a:0b:a1:ca:48:40:b0:57:09:cc:7c:ed:47:04:13: 5d:33:08:88:17:cd:01:b2:83:28:a9:32:44:08:cb: 50:55:af:cd:13:f6:d6:de:1c:01:b6:5b:9f:fa:74: d5:0c:d8:c2:db:72:ac:0a:e1:b3:50:01:97:9d:3a: fb:14:ad:60:ef:37:c3:71:03:e2:b8:11:1e:11:15: 44:bc:f5:37:a8:7f:84:6d:b5:65:a0:56:8f:2b:90: 61:e2:3a:22:f8:b1:c1:b5:49:7a:f6:55:15:23:a2: 53:10:cf:bd:c6:9e:a7:d6:b2:9c:33:31:7f:52:10: a6:26:29:1d:71:5c:82:d0:7f:2e:a1:6e:52:88:f4: 8c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:27:0F:A5:60:27:2C:48:5C:43:AC:BC:C5:54:B4:FC:FE:07:84:7F X509v3 Authority Key Identifier: keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/ricPpWAnLEhcQ6y8xVS0_P4HhH8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.153.32.0/24 85.153.68.0/22 85.153.84.0/22 85.153.92.0/24 85.153.108.0/22 85.153.113.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:20:40:51:d7:78:d7:07:54:49:5b:fc:4c:27:ea:12:69:40: bf:f1:5c:55:05:23:cd:89:05:cd:4e:4e:5f:e9:e4:2f:af:a2: 0a:41:4a:61:42:2f:02:6d:b2:10:b0:5a:91:25:45:8d:4f:a6: 25:1c:40:6f:f1:7e:4f:2d:3f:81:0c:3d:00:00:6c:63:8f:96: 0e:ec:2a:b4:35:15:d0:8e:3b:a4:37:1b:32:21:6e:fa:be:a4: 37:f1:4e:2c:7d:72:19:7b:09:21:ae:97:14:6e:a9:f3:ca:8b: 90:6a:b6:8b:ee:cd:dc:63:62:5f:17:f0:53:d1:30:86:29:35: cb:10:bd:a2:69:6b:e5:53:38:e4:4d:70:f8:4d:a7:50:54:32: 77:4f:26:9d:22:3e:7a:63:8d:d7:70:54:d9:73:d2:f6:46:30: 07:d5:a3:6e:68:b9:f0:7c:97:7f:58:dc:d9:60:30:94:8c:1a: 2a:e6:36:b3:ac:37:68:21:b4:ad:ed:c7:bd:ff:c8:43:20:29: 9a:2f:50:d1:e4:27:56:07:7f:7b:55:99:18:23:b1:58:57:86: f1:87:cc:c6:80:b3:00:d9:0f:11:a6:bc:55:cf:05:04:1f:9d: 5a:35:92:98:d3:a7:29:4f:5e:1e:44:b4:cc:39:09:71:fb:8c: d5:89:7c:1b -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZqb6btJ3ndb4zJl2afYmOUyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm ZWI2MWIwHhcNMjUxMTE5MTEzOTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZTI3MGZhNTYwMjcyYzQ4NWM0M2FjYmNjNTU0YjRmY2ZlMDc4NDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0780Fus904nnsNSsAPmvVCRPpOhl /VuJ+eKfbbP/36ce+zTK1iEvxRuFrmQxSAf6EuN7uKlaseylQGXSAMGcRo9+HqpB EeVrTnWcvA9YCyF0xO55HUiKbcuLe69rzqNgr9pV5ImOWRjIjC9YwaTj3IXhueNc tjtaC6HKSECwVwnMfO1HBBNdMwiIF80BsoMoqTJECMtQVa/NE/bW3hwBtluf+nTV DNjC23KsCuGzUAGXnTr7FK1g7zfDcQPiuBEeERVEvPU3qH+EbbVloFaPK5Bh4joi +LHBtUl69lUVI6JTEM+9xp6n1rKcMzF/UhCmJikdcVyC0H8uoW5SiPSMKwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFK4nD6VgJyxIXEOsvMVUtPz+B4R/MB8GA1UdIwQY MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt MWRjYzg2YzExZTc0LzEvcmljUHBXQW5MRWhjUTZ5OHhWUzBfUDRIaEg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0 LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVZkgAwQC VZlEAwQCVZlUAwQAVZlcAwQCVZlsAwQAVZlxMA0GCSqGSIb3DQEBCwUAA4IBAQA6 IEBR13jXB1RJW/xMJ+oSaUC/8VxVBSPNiQXNTk5f6eQvr6IKQUphQi8CbbIQsFqR JUWNT6YlHEBv8X5PLT+BDD0AAGxjj5YO7Cq0NRXQjjukNxsyIW76vqQ38U4sfXIZ ewkhrpcUbqnzyouQaraL7s3cY2JfF/BT0TCGKTXLEL2iaWvlUzjkTXD4TadQVDJ3 TyadIj56Y43XcFTZc9L2RjAH1aNuaLnwfJd/WNzZYDCUjBoq5jazrDdoIbSt7ce9 /8hDICmaL1DR5CdWB397VZkYI7FYV4bxh8zGgLMA2Q8RprxVzwUEH51aNZKY06cp T14eRLTMOQlx+4zViXwb -----END CERTIFICATE-----Generated at Sat Dec 6 18:24:00 2025 by rpki-client