This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/43JqboFO0Cs750g8qfAST-YyOWY.roa File: 43JqboFO0Cs750g8qfAST-YyOWY.roa (raw, json) Hash identifier: /5Ia2N+pc+3dirIQvkj/JNNMu8fSix7mqMNnniIFEu8= Subject key identifier: E3:72:6A:6E:81:4E:D0:2B:3B:E7:48:3C:A9:F0:12:4F:E6:32:39:66 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019ADA45F4DCA835226F072D4A0A34F8499E Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/43JqboFO0Cs750g8qfAST-YyOWY.roa Signing time: Mon 01 Dec 2025 14:16:48 +0000 ROA not before: Mon 01 Dec 2025 14:16:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 262725 IP address blocks: 89.213.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:da:45:f4:dc:a8:35:22:6f:07:2d:4a:0a:34:f8:49:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 1 14:16:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e3726a6e814ed02b3be7483ca9f0124fe6323966 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:71:0e:b0:75:c0:4b:e6:05:d4:a0:00:c1:c9: c2:9f:c2:03:bc:b1:2c:11:27:83:ba:ca:12:7e:c5: 45:7a:41:d8:fc:ba:5e:86:63:b7:d2:e4:b1:66:b2: 4b:53:d6:55:2a:d5:12:0c:05:ac:3f:5b:1e:d5:03: e8:77:5f:a2:fc:7d:95:5e:86:8e:32:aa:f8:94:12: dd:c7:62:93:5c:22:bb:f2:1f:19:44:c4:03:ae:36: ce:f9:49:32:2a:1c:d3:7d:ff:bb:b0:5c:9b:ce:04: 1a:60:c8:fa:aa:23:3f:e7:bc:84:28:2b:8a:80:cf: bf:d6:fe:b6:b3:3b:2a:1a:9c:e9:10:c0:ef:21:7c: 53:96:70:86:dc:d6:68:d2:23:0b:01:79:3b:0a:78: d2:db:01:4f:fb:40:27:f4:f8:ee:33:d0:ab:f2:df: 46:af:0b:30:1c:d7:31:52:60:5d:ca:a0:c9:92:96: eb:5d:5e:9a:ae:0d:40:b8:36:f3:7a:37:e5:75:e0: 21:a2:c2:4e:46:ca:33:2d:1c:cc:37:93:ee:eb:2b: 4c:09:d9:d8:db:3f:25:e1:60:ac:31:57:68:8b:32: 0a:86:e7:12:cf:e7:ca:29:5b:82:3a:38:0a:c5:f9: a8:c8:d8:ed:8e:23:26:aa:44:d8:0d:cc:fa:98:41: 6a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:72:6A:6E:81:4E:D0:2B:3B:E7:48:3C:A9:F0:12:4F:E6:32:39:66 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/43JqboFO0Cs750g8qfAST-YyOWY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.213.41.0/24 Signature Algorithm: sha256WithRSAEncryption 42:a9:af:78:40:d9:d2:45:c9:8f:5f:72:b4:61:0a:4d:a4:65: 49:3d:bb:41:13:a5:b0:1d:f2:9b:16:21:5e:b9:f3:a8:73:3c: ce:8e:d5:0d:01:63:f1:84:0d:ed:25:74:a9:b7:02:1b:71:96: 8d:b9:a0:03:25:b5:9d:8c:cb:64:fc:33:77:fc:de:07:9a:77: 8c:38:39:3e:de:a4:a8:73:35:0a:61:3a:9a:bf:c9:4b:d1:2c: e0:62:76:ac:f7:c2:08:51:a9:47:2c:1f:ba:31:f7:6e:55:95: a0:83:6a:36:87:83:2b:eb:37:a4:e1:b2:a8:2c:29:75:5a:8f: 0c:f6:bc:dd:62:2f:e5:c3:d0:e9:d1:04:ef:81:0b:55:67:4d: de:5b:d9:19:f3:2d:47:8d:58:ef:66:0c:a5:90:f2:92:b7:59: 45:d5:4b:7c:1b:bf:0e:ef:02:e2:95:08:23:0e:72:3e:7a:c9: eb:ef:64:ce:c8:36:6b:7b:44:4b:97:8d:d3:5c:09:57:57:e7: 8c:13:70:00:10:63:b3:89:e7:97:cb:b6:a1:ce:4d:62:56:3c: 51:0b:34:ca:96:20:8b:3c:53:9b:98:ca:2b:7a:c4:b8:bc:b2: 43:73:87:8b:94:07:49:74:1d:d4:cf:78:3e:0d:de:55:34:12: 63:e7:71:a5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZraRfTcqDUibwctSgo0+EmeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjAxMTQxNjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzcyNmE2ZTgxNGVkMDJiM2JlNzQ4M2NhOWYwMTI0ZmU2MzIzOTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXEOsHXAS+YF1KAAwcnCn8IDvLEs ESeDusoSfsVFekHY/LpehmO30uSxZrJLU9ZVKtUSDAWsP1se1QPod1+i/H2VXoaO Mqr4lBLdx2KTXCK78h8ZRMQDrjbO+UkyKhzTff+7sFybzgQaYMj6qiM/57yEKCuK gM+/1v62szsqGpzpEMDvIXxTlnCG3NZo0iMLAXk7CnjS2wFP+0An9PjuM9Cr8t9G rwswHNcxUmBdyqDJkpbrXV6arg1AuDbzejfldeAhosJORsozLRzMN5Pu6ytMCdnY 2z8l4WCsMVdoizIKhucSz+fKKVuCOjgKxfmoyNjtjiMmqkTYDcz6mEFqwQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFONyam6BTtArO+dIPKnwEk/mMjlmMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvNDNKcWJvRk8wQ3M3NTBnOHFmQVNULVl5T1dZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUpMA0G CSqGSIb3DQEBCwUAA4IBAQBCqa94QNnSRcmPX3K0YQpNpGVJPbtBE6WwHfKbFiFe ufOoczzOjtUNAWPxhA3tJXSptwIbcZaNuaADJbWdjMtk/DN3/N4HmneMODk+3qSo czUKYTqav8lL0SzgYnas98IIUalHLB+6MfduVZWgg2o2h4Mr6zek4bKoLCl1Wo8M 9rzdYi/lw9Dp0QTvgQtVZ03eW9kZ8y1HjVjvZgylkPKSt1lF1Ut8G78O7wLilQgj DnI+esnr72TOyDZre0RLl43TXAlXV+eME3AAEGOzieeXy7ahzk1iVjxRCzTKliCL PFObmMoresS4vLJDc4eLlAdJdB3Uz3g+Dd5VNBJj53Gl -----END CERTIFICATE-----Generated at Sat Dec 6 12:39:15 2025 by rpki-client