This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/I0FL7Dchm9rnaWDDI9OKxv66R2c.roa File: I0FL7Dchm9rnaWDDI9OKxv66R2c.roa (raw, json) Hash identifier: cq/fzJDEl5efuviSrzcYQ/eMdyrzXj2HULveLhWUz0M= Subject key identifier: 23:41:4B:EC:37:21:9B:DA:E7:69:60:C3:23:D3:8A:C6:FE:BA:47:67 Certificate issuer: /CN=3d8a553e05f0319bf452fa206c14ccda87304654 Certificate serial: 019AEEB412FD1004B5548D4FC6773C8E537D Authority key identifier: 3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/I0FL7Dchm9rnaWDDI9OKxv66R2c.roa Signing time: Fri 05 Dec 2025 13:29:29 +0000 ROA not before: Fri 05 Dec 2025 13:29:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 43324 IP address blocks: 94.158.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ee:b4:12:fd:10:04:b5:54:8d:4f:c6:77:3c:8e:53:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d8a553e05f0319bf452fa206c14ccda87304654 Validity Not Before: Dec 5 13:29:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=23414bec37219bdae76960c323d38ac6feba4767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2e:fb:e6:07:06:8b:03:a2:5b:2a:28:e1:b4: d2:db:57:2f:4d:30:cb:c9:6d:d9:c6:5b:2d:87:cd: 1b:b9:45:12:20:cd:e9:70:bd:f2:27:20:a3:de:87: 42:55:ce:c4:03:bc:c6:6f:4a:85:ed:79:8f:e2:29: 7e:41:a1:3a:47:b1:8a:74:77:01:78:0b:ba:a6:5e: 8b:1b:be:98:11:26:3f:5a:35:aa:91:fd:38:5d:0d: f0:1d:d1:73:29:82:dd:45:91:42:66:d0:c5:db:a3: a1:ca:f3:de:c2:24:9f:fb:f3:8c:96:6a:7f:ef:c7: bd:1b:f5:d5:88:3a:eb:91:b6:ee:15:43:61:33:45: d1:dd:db:fd:83:60:b1:29:c7:b4:66:96:e7:18:52: 2f:67:d0:40:21:d1:17:b8:1a:34:bc:13:61:e9:41: c8:9a:9b:de:3d:99:e1:d3:14:a4:82:5f:be:88:d6: 06:d8:47:58:d7:bb:7f:da:e2:82:bb:80:4c:a6:13: 08:84:5f:48:9c:bd:4b:ca:ba:a5:a1:6a:b8:76:80: 5a:67:60:3f:da:9c:44:9b:f8:74:47:66:35:43:eb: ef:d9:50:14:14:cf:f7:9c:40:8b:ae:0c:28:2b:20: 13:28:2b:db:99:8c:5f:fc:6e:0c:1e:d1:c3:6b:f0: 72:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:41:4B:EC:37:21:9B:DA:E7:69:60:C3:23:D3:8A:C6:FE:BA:47:67 X509v3 Authority Key Identifier: keyid:3D:8A:55:3E:05:F0:31:9B:F4:52:FA:20:6C:14:CC:DA:87:30:46:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYpVPgXwMZv0UvogbBTM2ocwRlQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/I0FL7Dchm9rnaWDDI9OKxv66R2c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/52ce54-e49c-411c-8527-0fb4823f5b87/1/PYpVPgXwMZv0UvogbBTM2ocwRlQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.158.249.0/24 Signature Algorithm: sha256WithRSAEncryption 08:3d:94:6f:9e:ce:9e:f2:0d:b8:fa:1d:4d:a9:8d:91:d0:b6: 68:29:62:8e:21:61:ce:1b:7c:f1:de:11:2c:c4:15:83:9f:38: 59:c7:8e:04:48:fe:92:d7:0c:c2:79:22:ad:ce:32:69:1e:24: e1:e6:3f:ec:b3:f1:31:f7:a1:98:5c:98:34:d7:be:2b:7e:6a: c6:3c:7f:4e:6c:e1:cd:22:92:25:3f:a2:c2:27:71:01:ed:c0: 41:9b:d9:3e:9e:f9:2c:c5:7c:2f:8b:08:ed:39:f7:21:ed:5f: 99:a6:73:4a:b6:7d:c5:84:f8:6d:59:13:4b:18:18:db:b1:0f: 67:1f:b4:d8:83:51:1f:42:31:86:c2:25:ef:91:b9:a7:53:56: d4:94:f1:4b:4c:cf:a6:81:bd:29:01:ef:20:38:27:11:d1:50: 43:88:49:95:77:e8:53:d1:ab:ae:68:39:1d:6a:be:2b:26:1b: 99:6e:82:3a:58:30:f5:7b:fd:02:00:a8:51:35:c1:db:9f:fa: 5c:0a:0f:09:66:9e:90:47:78:0e:7f:46:13:24:cc:94:9f:dc: 56:4f:ef:19:5b:b8:ec:76:a3:ab:a4:3b:4a:0b:e1:80:28:72: 88:6a:74:87:b2:2d:34:e7:3c:c2:61:9d:ca:be:15:5c:f1:29: 7d:5f:c9:20 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZrutBL9EAS1VI1Pxnc8jlN9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOGE1NTNlMDVmMDMxOWJmNDUyZmEyMDZjMTRjY2RhODcz MDQ2NTQwHhcNMjUxMjA1MTMyOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzQxNGJlYzM3MjE5YmRhZTc2OTYwYzMyM2QzOGFjNmZlYmE0NzY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi775gcGiwOiWyoo4bTS21cvTTDL yW3Zxlsth80buUUSIM3pcL3yJyCj3odCVc7EA7zGb0qF7XmP4il+QaE6R7GKdHcB eAu6pl6LG76YESY/WjWqkf04XQ3wHdFzKYLdRZFCZtDF26OhyvPewiSf+/OMlmp/ 78e9G/XViDrrkbbuFUNhM0XR3dv9g2CxKce0ZpbnGFIvZ9BAIdEXuBo0vBNh6UHI mpvePZnh0xSkgl++iNYG2EdY17t/2uKCu4BMphMIhF9InL1LyrqloWq4doBaZ2A/ 2pxEm/h0R2Y1Q+vv2VAUFM/3nECLrgwoKyATKCvbmYxf/G4MHtHDa/BymwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCNBS+w3IZva52lgwyPTisb+ukdnMB8GA1UdIwQY MBaAFD2KVT4F8DGb9FL6IGwUzNqHMEZUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1Mjct MGZiNDgyM2Y1Yjg3LzEvSTBGTDdEY2htOXJuYVdEREk5T0t4djY2UjJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNy81MmNlNTQtZTQ5Yy00MTFjLTg1MjctMGZiNDgyM2Y1Yjg3 LzEvUFlwVlBnWHdNWnYwVXZvZ2JCVE0yb2N3UmxRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXp75MA0G CSqGSIb3DQEBCwUAA4IBAQAIPZRvns6e8g24+h1NqY2R0LZoKWKOIWHOG3zx3hEs xBWDnzhZx44ESP6S1wzCeSKtzjJpHiTh5j/ss/Ex96GYXJg0174rfmrGPH9ObOHN IpIlP6LCJ3EB7cBBm9k+nvksxXwviwjtOfch7V+ZpnNKtn3FhPhtWRNLGBjbsQ9n H7TYg1EfQjGGwiXvkbmnU1bUlPFLTM+mgb0pAe8gOCcR0VBDiEmVd+hT0auuaDkd ar4rJhuZboI6WDD1e/0CAKhRNcHbn/pcCg8JZp6QR3gOf0YTJMyUn9xWT+8ZW7js dqOrpDtKC+GAKHKIanSHsi005zzCYZ3KvhVc8Sl9X8kg -----END CERTIFICATE-----Generated at Sat Dec 6 11:46:22 2025 by rpki-client