This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/cYKZnIvI1ahMsBXfvhEXhKIkQZ4.roa File: cYKZnIvI1ahMsBXfvhEXhKIkQZ4.roa (raw, json) Hash identifier: mpa74AxdpAfIObXm7sXQn/VwhVqFNz+oygo29Hbz7ns= Subject key identifier: 71:82:99:9C:8B:C8:D5:A8:4C:B0:15:DF:BE:11:17:84:A2:24:41:9E Certificate issuer: /CN=b8b3d4ace735613ecbc591dffc2985f3417667d3 Certificate serial: 019ACF80605666D4ACF44E6A808FFE4C05B1 Authority key identifier: B8:B3:D4:AC:E7:35:61:3E:CB:C5:91:DF:FC:29:85:F3:41:76:67:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uLPUrOc1YT7LxZHf_CmF80F2Z9M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/cYKZnIvI1ahMsBXfvhEXhKIkQZ4.roa Signing time: Sat 29 Nov 2025 12:04:48 +0000 ROA not before: Sat 29 Nov 2025 12:04:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215960 IP address blocks: 195.72.60.0/24 maxlen: 24 195.72.61.0/24 maxlen: 24 2a07:e043::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/uLPUrOc1YT7LxZHf_CmF80F2Z9M.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/uLPUrOc1YT7LxZHf_CmF80F2Z9M.mft rsync://rpki.ripe.net/repository/DEFAULT/uLPUrOc1YT7LxZHf_CmF80F2Z9M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cf:80:60:56:66:d4:ac:f4:4e:6a:80:8f:fe:4c:05:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b8b3d4ace735613ecbc591dffc2985f3417667d3 Validity Not Before: Nov 29 12:04:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7182999c8bc8d5a84cb015dfbe111784a224419e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:99:f3:1a:1f:5d:75:d5:0a:71:7e:0f:a0:da: c7:02:68:d2:f1:bd:3e:f3:7f:10:8d:4d:84:5a:7a: 18:12:7f:b4:fb:bc:f6:6e:3b:b5:d1:a6:be:83:8a: e9:d0:59:b4:b0:63:44:f4:40:ac:e7:d2:13:85:cf: 26:59:9b:38:61:70:3e:94:a6:e5:b8:55:7c:8f:4b: bd:cd:53:02:c8:0b:56:fd:0a:38:00:ff:66:0d:90: b3:ab:d8:1a:ba:cc:f7:15:d4:e4:d6:63:12:d8:37: ec:2e:ce:ce:29:7c:7b:ce:f1:a7:66:7a:09:d3:49: ea:70:d3:4d:b7:1f:e3:88:c5:b0:dd:62:c2:36:cf: c8:e8:b3:14:8b:5e:d2:ce:e4:73:94:35:ee:16:5e: 62:de:32:a5:40:c7:39:35:24:cd:2a:45:04:ce:db: 38:2a:6c:47:74:dc:1c:8a:90:52:bb:9e:17:25:9b: e2:1c:d1:88:cc:bc:74:06:37:ce:8a:6c:a6:72:72: ee:78:85:37:06:cf:c9:81:1f:0b:5a:1b:75:75:44: fc:61:c0:fe:35:73:ce:03:9c:33:2e:ab:c0:40:2c: 06:02:b9:a3:1d:73:85:c1:98:de:02:45:0c:e0:45: 10:96:21:9c:c6:7f:9f:16:ff:0c:1c:0a:51:ea:2a: 12:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:82:99:9C:8B:C8:D5:A8:4C:B0:15:DF:BE:11:17:84:A2:24:41:9E X509v3 Authority Key Identifier: keyid:B8:B3:D4:AC:E7:35:61:3E:CB:C5:91:DF:FC:29:85:F3:41:76:67:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uLPUrOc1YT7LxZHf_CmF80F2Z9M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/cYKZnIvI1ahMsBXfvhEXhKIkQZ4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/uLPUrOc1YT7LxZHf_CmF80F2Z9M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.72.60.0/23 IPv6: 2a07:e043::/32 Signature Algorithm: sha256WithRSAEncryption a8:59:ce:1f:f2:d4:a7:d5:6b:5f:65:1e:3d:67:60:8d:2a:a7: e2:72:89:72:f0:4f:7b:b4:7c:de:16:63:48:12:2f:18:0d:c3: 58:67:a9:10:6e:51:a2:49:41:26:b6:54:38:af:c8:ca:f6:34: a7:71:a2:a9:39:6b:4f:3b:c4:84:8e:77:7e:51:78:47:67:4a: e2:65:ac:da:c0:b4:a5:dc:41:1a:42:f9:a4:63:f1:c2:7a:6b: 4b:59:78:7e:c5:64:14:0d:37:ef:03:cf:90:af:9d:45:9d:70: fd:03:f0:b1:3f:68:43:a6:d6:6a:15:b5:4b:e2:2a:fc:66:1e: d8:72:88:9c:2a:b6:9e:9e:41:ef:44:25:fb:95:6c:96:e3:d1: 65:61:d7:4a:d6:54:09:5a:f6:f2:f8:4b:7c:62:e8:a9:b5:81: 3e:70:22:e0:b9:3c:c0:a8:72:10:08:90:87:80:72:d8:ab:87: a8:40:61:da:44:ce:d9:8e:2f:d8:c3:48:75:7b:eb:9f:c7:f0: dc:df:a6:85:fb:c0:1a:46:66:2d:9d:08:3c:ae:38:1a:49:33: a2:f4:9e:92:95:52:59:5e:3b:ab:b6:01:ad:90:c4:ba:05:0a: 5b:66:44:6e:47:7e:d4:ff:7a:52:ab:4c:1a:ff:0c:d8:6d:9b: 6e:14:38:36 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZrPgGBWZtSs9E5qgI/+TAWxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI4YjNkNGFjZTczNTYxM2VjYmM1OTFkZmZjMjk4NWYzNDE3 NjY3ZDMwHhcNMjUxMTI5MTIwNDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTgyOTk5YzhiYzhkNWE4NGNiMDE1ZGZiZTExMTc4NGEyMjQ0MTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJnzGh9dddUKcX4PoNrHAmjS8b0+ 838QjU2EWnoYEn+0+7z2bju10aa+g4rp0Fm0sGNE9ECs59IThc8mWZs4YXA+lKbl uFV8j0u9zVMCyAtW/Qo4AP9mDZCzq9gausz3FdTk1mMS2DfsLs7OKXx7zvGnZnoJ 00nqcNNNtx/jiMWw3WLCNs/I6LMUi17SzuRzlDXuFl5i3jKlQMc5NSTNKkUEzts4 KmxHdNwcipBSu54XJZviHNGIzLx0BjfOimymcnLueIU3Bs/JgR8LWht1dUT8YcD+ NXPOA5wzLqvAQCwGArmjHXOFwZjeAkUM4EUQliGcxn+fFv8MHApR6ioSzQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHGCmZyLyNWoTLAV374RF4SiJEGeMB8GA1UdIwQY MBaAFLiz1KznNWE+y8WR3/wphfNBdmfTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdUxQVXJPYzFZVDdMeFpIZl9DbUY4MEYyWjlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85NzdmZjQtZDNkYS00M2Y3LWE5M2Et NDQyY2MzNjQ5YmFjLzEvY1lLWm5JdkkxYWhNc0JYZnZoRVhoS0lrUVo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi85NzdmZjQtZDNkYS00M2Y3LWE5M2EtNDQyY2MzNjQ5YmFj LzEvdUxQVXJPYzFZVDdMeFpIZl9DbUY4MEYyWjlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw0g8MA0E AgACMAcDBQAqB+BDMA0GCSqGSIb3DQEBCwUAA4IBAQCoWc4f8tSn1WtfZR49Z2CN Kqficoly8E97tHzeFmNIEi8YDcNYZ6kQblGiSUEmtlQ4r8jK9jSncaKpOWtPO8SE jnd+UXhHZ0riZazawLSl3EEaQvmkY/HCemtLWXh+xWQUDTfvA8+Qr51FnXD9A/Cx P2hDptZqFbVL4ir8Zh7YcoicKraenkHvRCX7lWyW49FlYddK1lQJWvby+Et8Yuip tYE+cCLguTzAqHIQCJCHgHLYq4eoQGHaRM7Zji/Yw0h1e+ufx/Dc36aF+8AaRmYt nQg8rjgaSTOi9J6SlVJZXjurtgGtkMS6BQpbZkRuR37U/3pSq0wa/wzYbZtuFDg2 -----END CERTIFICATE-----Generated at Sat Dec 6 23:19:41 2025 by rpki-client