This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/1-cOylIgVizIi_NLIvrapQIjCpxI.roa File: 1-cOylIgVizIi_NLIvrapQIjCpxI.roa (raw, json) Hash identifier: r3+z3BEwpcuYowfbZZN8Q536TC/rI+en5bQ7NHsqLag= Subject key identifier: F9:C3:B2:94:88:15:8B:32:22:FC:D2:C8:BE:B6:A9:40:88:C2:A7:12 Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Certificate serial: 019A6D08FB2D87D083E77C53979C97F20E12 Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/1-cOylIgVizIi_NLIvrapQIjCpxI.roa Signing time: Mon 10 Nov 2025 09:11:36 +0000 ROA not before: Mon 10 Nov 2025 09:11:36 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 13287 IP address blocks: 109.234.80.0/24 maxlen: 24 109.234.81.0/24 maxlen: 24 109.234.82.0/23 maxlen: 23 109.234.82.0/24 maxlen: 24 109.234.84.0/24 maxlen: 24 109.234.85.0/24 maxlen: 24 109.234.86.0/24 maxlen: 24 109.234.87.0/24 maxlen: 24 185.19.68.0/22 maxlen: 22 185.33.66.0/24 maxlen: 24 185.33.67.0/24 maxlen: 24 185.111.184.0/22 maxlen: 22 185.111.184.0/24 maxlen: 24 185.111.185.0/24 maxlen: 24 213.162.192.0/24 maxlen: 24 213.162.193.0/24 maxlen: 24 213.162.195.0/24 maxlen: 24 213.162.196.0/22 maxlen: 24 213.162.197.0/24 maxlen: 24 213.162.199.0/24 maxlen: 24 213.162.200.0/22 maxlen: 22 213.162.204.0/24 maxlen: 24 213.162.205.0/24 maxlen: 24 213.162.206.0/24 maxlen: 24 213.162.207.0/24 maxlen: 24 213.162.208.0/23 maxlen: 23 213.162.210.0/24 maxlen: 24 213.162.211.0/24 maxlen: 24 213.162.212.0/24 maxlen: 24 213.162.214.0/24 maxlen: 24 213.162.215.0/24 maxlen: 24 213.162.216.0/22 maxlen: 22 213.162.217.0/24 maxlen: 24 213.162.218.0/24 maxlen: 24 213.162.219.0/24 maxlen: 24 213.162.220.0/24 maxlen: 24 213.162.221.0/24 maxlen: 24 2a02:23a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.mft rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:6d:08:fb:2d:87:d0:83:e7:7c:53:97:9c:97:f2:0e:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Validity Not Before: Nov 10 09:11:36 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f9c3b29488158b3222fcd2c8beb6a94088c2a712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b1:0c:19:d7:3d:f9:4e:09:12:21:03:d8:40: dd:5a:ad:80:c5:b3:fd:eb:84:e2:42:b9:aa:8f:b1: c5:cc:43:78:93:82:71:00:19:68:b4:4a:08:f0:2a: 02:4b:47:61:c6:2f:3c:17:0a:13:5a:33:1b:44:c4: 16:98:7e:18:6e:4f:33:9b:5d:17:e3:f2:5a:7e:b6: f3:8b:01:ff:0e:51:85:9a:74:06:40:8b:2f:12:d7: 22:ad:22:40:87:6c:4f:a7:fe:1c:f2:d7:5c:cd:e7: 6a:8d:a2:ce:dc:0d:e9:b3:94:82:94:75:63:97:20: ae:1e:f8:bc:7e:8a:31:ea:72:80:94:c2:aa:03:8f: 75:d3:e2:e3:88:e3:2c:e7:f1:fb:a7:63:22:ae:ad: 33:bb:8b:2a:b8:79:47:85:32:0c:ab:49:a5:62:32: 88:a4:8e:d4:5a:bb:a3:0e:fb:b1:e6:f5:f7:13:40: ce:29:f0:a9:ba:d8:30:47:e1:71:9c:97:a3:49:20: a6:6b:e1:a7:ae:ac:d7:d3:ac:1d:07:cb:ff:64:61: 27:94:5f:ef:bd:83:f1:7e:5c:c9:b0:9f:56:be:cc: f4:db:ec:b4:34:db:29:e6:ac:81:fc:03:00:c2:99: cf:1d:2b:45:41:34:58:f9:2a:9a:68:a5:05:25:f0: 79:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:C3:B2:94:88:15:8B:32:22:FC:D2:C8:BE:B6:A9:40:88:C2:A7:12 X509v3 Authority Key Identifier: keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/1-cOylIgVizIi_NLIvrapQIjCpxI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.234.80.0/21 185.19.68.0/22 185.33.66.0/23 185.111.184.0/22 213.162.192.0/23 213.162.195.0-213.162.212.255 213.162.214.0-213.162.221.255 IPv6: 2a02:23a0::/32 Signature Algorithm: sha256WithRSAEncryption 8f:9d:40:15:37:9f:33:db:7c:d5:6d:98:9c:50:66:d6:a1:6f: 67:8d:7e:24:45:e9:9b:f7:60:23:38:1e:d5:ab:57:ec:2e:b3: 4a:04:36:5e:5b:54:09:c8:b1:fb:d0:56:ef:fa:8b:5e:7f:b9: 30:cd:e4:72:f1:5c:44:86:ad:76:f5:cc:42:85:e4:2b:62:3c: fc:3c:64:e8:ba:44:11:ae:fc:bf:2b:e4:4f:b7:0e:27:57:77: ca:f5:91:5c:76:3c:83:15:68:ac:0c:70:69:b1:48:ea:95:f4: 2d:72:1c:5e:df:ce:c9:c2:cc:ca:e3:dd:eb:49:03:a4:9c:56: 8e:fc:c8:ec:07:f7:f4:f2:44:f0:0b:48:3d:de:2a:6e:a3:6a: d7:34:4f:33:1a:56:22:a8:21:7a:bd:ae:63:7a:bb:d3:31:5c: 6d:05:d9:82:59:f2:6c:5a:83:04:7a:3f:be:db:3b:4f:c3:64: 82:66:7b:79:e0:04:2a:a1:c7:f9:89:f9:2c:ea:66:53:d2:96: 2c:39:6c:ec:a5:aa:85:79:d4:c5:bd:a2:94:7b:6f:5b:65:1f: 58:2c:7f:35:b1:dc:4d:fd:6a:0f:61:83:d2:ec:31:5e:b4:97: 70:3d:33:50:c9:a4:23:6c:cc:49:d2:f4:4b:d3:00:2a:6a:1f: dc:f5:dd:14 -----BEGIN CERTIFICATE----- MIIFQTCCBCmgAwIBAgISAZptCPsth9CD53xTl5yX8g4SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNTRmZTgzMWI2YTcxOWY0MmU2Yzg0ODZmZDAzYjU1MGJl NzYxZmIwHhcNMjUxMTEwMDkxMTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOWMzYjI5NDg4MTU4YjMyMjJmY2QyYzhiZWI2YTk0MDg4YzJhNzEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrEMGdc9+U4JEiED2EDdWq2AxbP9 64TiQrmqj7HFzEN4k4JxABlotEoI8CoCS0dhxi88FwoTWjMbRMQWmH4Ybk8zm10X 4/JafrbziwH/DlGFmnQGQIsvEtcirSJAh2xPp/4c8tdczedqjaLO3A3ps5SClHVj lyCuHvi8foox6nKAlMKqA4910+LjiOMs5/H7p2Mirq0zu4squHlHhTIMq0mlYjKI pI7UWrujDvux5vX3E0DOKfCputgwR+FxnJejSSCma+GnrqzX06wdB8v/ZGEnlF/v vYPxflzJsJ9Wvsz02+y0NNsp5qyB/AMAwpnPHStFQTRY+SqaaKUFJfB5TQIDAQAB o4ICTTCCAkkwHQYDVR0OBBYEFPnDspSIFYsyIvzSyL62qUCIwqcSMB8GA1UdIwQY MBaAFKtU/oMbanGfQubISG/QO1UL52H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYt NmZkOTc4OTIwNWJhLzEvMS1jT3lsSWdWaXpJaV9OTEl2cmFwUUlqQ3B4SS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvOGEvNWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDVi YS8xL3ExVC1neHRxY1o5QzVzaEliOUE3VlF2bllmcy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjBiBggrBgEFBQcBBwEB/wRTMFEwQAQCAAEwOgMEA23qUAME ArkTRAMEAbkhQgMEArlvuAMEAdWiwDAMAwQA1aLDAwQA1aLUMAwDBAHVotYDBAHV otwwDQQCAAIwBwMFACoCI6AwDQYJKoZIhvcNAQELBQADggEBAI+dQBU3nzPbfNVt mJxQZtahb2eNfiRF6Zv3YCM4HtWrV+wus0oENl5bVAnIsfvQVu/6i15/uTDN5HLx XESGrXb1zEKF5CtiPPw8ZOi6RBGu/L8r5E+3DidXd8r1kVx2PIMVaKwMcGmxSOqV 9C1yHF7fzsnCzMrj3etJA6ScVo78yOwH9/TyRPALSD3eKm6jatc0TzMaViKoIXq9 rmN6u9MxXG0F2YJZ8mxagwR6P77bO0/DZIJme3ngBCqhx/mJ+SzqZlPSliw5bOyl qoV51MW9opR7b1tlH1gsfzWx3E39ag9hg9LsMV60l3A9M1DJpCNszEnS9EvTACpq H9z13RQ= -----END CERTIFICATE-----Generated at Sat Dec 6 11:04:01 2025 by rpki-client