This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/h7RdhDIV1C5WSc7VJc13A40szec.roa File: h7RdhDIV1C5WSc7VJc13A40szec.roa (raw, json) Hash identifier: MPtbFLiB5MPxer0WAd9DiLzHkCH52FgnwU1ImY4G22Y= Subject key identifier: 87:B4:5D:84:32:15:D4:2E:56:49:CE:D5:25:CD:77:03:8D:2C:CD:E7 Certificate issuer: /CN=9d1353c80b8835ee9ead37ef7e9f64210a773bfb Certificate serial: 019ADE9527743604FAD5BE9DD926B3C040CA Authority key identifier: 9D:13:53:C8:0B:88:35:EE:9E:AD:37:EF:7E:9F:64:21:0A:77:3B:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nRNTyAuINe6erTfvfp9kIQp3O_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/h7RdhDIV1C5WSc7VJc13A40szec.roa Signing time: Tue 02 Dec 2025 10:21:48 +0000 ROA not before: Tue 02 Dec 2025 10:21:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 203893 IP address blocks: 185.217.217.0/24 maxlen: 24 185.217.218.0/24 maxlen: 24 185.217.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/nRNTyAuINe6erTfvfp9kIQp3O_s.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/nRNTyAuINe6erTfvfp9kIQp3O_s.mft rsync://rpki.ripe.net/repository/DEFAULT/nRNTyAuINe6erTfvfp9kIQp3O_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:de:95:27:74:36:04:fa:d5:be:9d:d9:26:b3:c0:40:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d1353c80b8835ee9ead37ef7e9f64210a773bfb Validity Not Before: Dec 2 10:21:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=87b45d843215d42e5649ced525cd77038d2ccde7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:5c:83:be:82:b2:76:5f:78:49:11:e3:dd:66: e9:c2:28:a1:ad:6d:a7:64:a1:93:fc:55:de:1e:84: f0:c4:95:e4:75:5d:be:cf:e8:fe:65:fe:32:99:9d: ff:f1:a6:a8:7a:bc:91:7a:8c:c6:23:2d:c8:25:78: 3d:9b:8c:6d:02:4a:8f:23:a5:22:b6:c5:d4:ee:9f: 1e:ed:36:15:f1:15:f4:0e:ca:87:87:80:e6:08:1f: 27:e1:79:bf:dc:8d:19:90:24:62:70:ee:8a:14:82: a9:a8:15:2f:3f:1b:b3:79:7b:8b:5d:7f:8f:5c:fa: 0d:d4:ad:ba:bf:d3:93:28:69:0e:c2:08:27:bf:f1: c3:98:18:e9:d5:1e:22:73:01:14:69:93:f7:4d:34: 30:ef:99:ff:ba:32:5e:3d:13:52:a0:de:b9:62:64: 6f:8e:81:b5:48:5c:41:58:70:fa:f0:85:84:6e:ae: 30:47:f5:07:b7:d3:4c:1e:c5:b5:69:f4:5e:a1:5d: 70:b9:f4:59:08:98:b5:f0:f6:5e:d1:81:77:c4:67: c9:31:f2:06:22:71:81:4c:d6:4b:73:84:6c:43:04: 96:f4:d3:db:f1:4a:76:fc:48:6d:ef:93:8b:1d:25: ea:10:86:c0:e1:0f:ed:31:ee:bd:60:ac:b4:f0:27: f6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:B4:5D:84:32:15:D4:2E:56:49:CE:D5:25:CD:77:03:8D:2C:CD:E7 X509v3 Authority Key Identifier: keyid:9D:13:53:C8:0B:88:35:EE:9E:AD:37:EF:7E:9F:64:21:0A:77:3B:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRNTyAuINe6erTfvfp9kIQp3O_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/h7RdhDIV1C5WSc7VJc13A40szec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/25a625-649c-4a11-b7eb-a43d99fe11e1/1/nRNTyAuINe6erTfvfp9kIQp3O_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.217.217.0-185.217.219.255 Signature Algorithm: sha256WithRSAEncryption 3f:e0:71:4e:2e:50:48:db:e4:a9:7c:67:90:86:3c:91:92:6e: b7:51:31:80:87:17:83:38:0b:2b:ac:df:08:ea:c2:28:b2:40: 56:e7:76:d2:ad:40:7c:2c:82:73:13:26:25:1c:0b:ce:fb:82: e7:cd:08:df:ae:32:9a:62:8f:93:ad:7a:a5:b7:4e:98:c9:a0: 3f:dc:9e:0b:96:fb:af:cc:7f:23:0d:b2:4b:b7:fa:b4:36:ca: 9d:fb:73:11:4d:0f:91:48:72:73:72:7d:66:8e:45:41:a1:ff: 66:c9:f1:9c:ed:61:49:84:89:d3:80:b8:9a:d5:39:8a:5e:b0: b4:d1:da:ff:dc:9e:42:86:b9:7f:88:ea:5a:af:25:c0:f5:63: 63:ae:64:65:07:56:5a:96:82:12:a4:3a:da:e7:c6:1e:7a:a4: c7:d4:4e:5c:0a:55:6b:ad:06:46:77:d7:a4:44:13:95:97:af: 91:93:20:ea:1d:fa:4e:ac:6c:7d:a9:13:08:e3:84:39:c5:ee: ef:ea:40:db:60:82:a1:35:4b:29:8c:07:db:78:de:8f:bf:9c: b9:58:96:37:04:69:6c:c3:11:90:3f:51:2d:fc:06:f2:01:46: 28:12:82:95:10:34:90:56:ad:95:ca:7d:59:d4:4c:e4:5d:df: 61:97:c1:50 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZrelSd0NgT61b6d2SazwEDKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMTM1M2M4MGI4ODM1ZWU5ZWFkMzdlZjdlOWY2NDIxMGE3 NzNiZmIwHhcNMjUxMjAyMTAyMTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4N2I0NWQ4NDMyMTVkNDJlNTY0OWNlZDUyNWNkNzcwMzhkMmNjZGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1yDvoKydl94SRHj3WbpwiihrW2n ZKGT/FXeHoTwxJXkdV2+z+j+Zf4ymZ3/8aaoeryReozGIy3IJXg9m4xtAkqPI6Ui tsXU7p8e7TYV8RX0DsqHh4DmCB8n4Xm/3I0ZkCRicO6KFIKpqBUvPxuzeXuLXX+P XPoN1K26v9OTKGkOwggnv/HDmBjp1R4icwEUaZP3TTQw75n/ujJePRNSoN65YmRv joG1SFxBWHD68IWEbq4wR/UHt9NMHsW1afReoV1wufRZCJi18PZe0YF3xGfJMfIG InGBTNZLc4RsQwSW9NPb8Up2/Eht75OLHSXqEIbA4Q/tMe69YKy08Cf2awIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFIe0XYQyFdQuVknO1SXNdwONLM3nMB8GA1UdIwQY MBaAFJ0TU8gLiDXunq03736fZCEKdzv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblJOVHlBdUlOZTZlclRmdmZwOWtJUXAzT19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8yNWE2MjUtNjQ5Yy00YTExLWI3ZWIt YTQzZDk5ZmUxMWUxLzEvaDdSZGhESVYxQzVXU2M3VkpjMTNBNDBzemVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS8yNWE2MjUtNjQ5Yy00YTExLWI3ZWItYTQzZDk5ZmUxMWUx LzEvblJOVHlBdUlOZTZlclRmdmZwOWtJUXAzT19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC52dkD BAK52dgwDQYJKoZIhvcNAQELBQADggEBAD/gcU4uUEjb5Kl8Z5CGPJGSbrdRMYCH F4M4Cyus3wjqwiiyQFbndtKtQHwsgnMTJiUcC877gufNCN+uMppij5OteqW3TpjJ oD/cnguW+6/MfyMNsku3+rQ2yp37cxFND5FIcnNyfWaORUGh/2bJ8ZztYUmEidOA uJrVOYpesLTR2v/cnkKGuX+I6lqvJcD1Y2OuZGUHVlqWghKkOtrnxh56pMfUTlwK VWutBkZ316REE5WXr5GTIOod+k6sbH2pEwjjhDnF7u/qQNtggqE1SymMB9t43o+/ nLlYljcEaWzDEZA/US38BvIBRigSgpUQNJBWrZXKfVnUTORd32GXwVA= -----END CERTIFICATE-----Generated at Sat Dec 6 17:08:44 2025 by rpki-client