This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/Y4gwOh1dy9ru89frBgyR0UP929Y.roa File: Y4gwOh1dy9ru89frBgyR0UP929Y.roa (raw, json) Hash identifier: pZTR407dAAaj2WcTPtyQjoDBY8vVKouXvzxyTxJMQdE= Subject key identifier: 63:88:30:3A:1D:5D:CB:DA:EE:F3:D7:EB:06:0C:91:D1:43:FD:DB:D6 Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Certificate serial: 019A737AC7EE653C999F404D253E773B109D Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/Y4gwOh1dy9ru89frBgyR0UP929Y.roa Signing time: Tue 11 Nov 2025 15:13:37 +0000 ROA not before: Tue 11 Nov 2025 15:13:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 200185 IP address blocks: 86.105.48.0/21 maxlen: 24 89.36.216.0/22 maxlen: 24 89.40.116.0/22 maxlen: 24 89.40.124.0/22 maxlen: 24 94.177.224.0/21 maxlen: 24 94.177.244.0/22 maxlen: 24 185.12.176.0/22 maxlen: 24 194.182.104.0/22 maxlen: 24 217.61.0.0/21 maxlen: 24 2a03:a140::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:73:7a:c7:ee:65:3c:99:9f:40:4d:25:3e:77:3b:10:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Validity Not Before: Nov 11 15:13:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6388303a1d5dcbdaeef3d7eb060c91d143fddbd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:16:c3:c3:dc:09:4b:26:16:94:98:ee:b1:1e: e7:c7:a2:7f:1f:4a:33:8b:02:b1:24:21:0b:51:9f: f7:42:8c:d0:cb:ff:c5:57:91:ac:ca:60:16:94:dc: 05:51:6a:21:bb:a3:2b:ab:41:29:c7:63:f8:3b:f3: ea:f3:86:99:75:27:4c:75:d0:d4:14:63:83:71:28: 74:f8:89:d1:f0:22:e5:ef:ea:2e:b4:ba:e2:e8:03: 89:82:7a:2e:30:1d:50:9c:1b:ee:cd:57:40:26:1f: 79:e7:1d:85:fe:a4:5a:aa:f8:33:aa:f5:7a:d2:b9: 7c:52:77:56:f9:34:d2:21:6f:47:ab:1d:7e:d3:a0: 06:2e:4c:40:20:db:72:d8:9d:ff:8c:d2:43:d3:73: b2:b8:25:db:95:84:65:11:f5:59:9a:f1:1a:f1:0f: c4:28:21:e0:15:27:19:de:e8:0b:e7:05:d3:f2:ab: eb:fa:5b:46:5f:f0:4c:a4:1a:ac:c3:73:a4:2a:58: e7:f9:71:43:21:a7:b2:8b:0f:9d:81:b0:b1:b7:ea: f3:11:5f:75:0e:dc:ef:03:80:81:b7:72:8a:ef:44: d5:a0:0b:16:bc:50:41:e0:3a:45:f0:22:a0:04:12: bc:2b:89:b5:cf:ff:43:90:af:f5:f7:9b:9e:be:69: 29:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:88:30:3A:1D:5D:CB:DA:EE:F3:D7:EB:06:0C:91:D1:43:FD:DB:D6 X509v3 Authority Key Identifier: keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/Y4gwOh1dy9ru89frBgyR0UP929Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.105.48.0/21 89.36.216.0/22 89.40.116.0/22 89.40.124.0/22 94.177.224.0/21 94.177.244.0/22 185.12.176.0/22 194.182.104.0/22 217.61.0.0/21 IPv6: 2a03:a140::/32 Signature Algorithm: sha256WithRSAEncryption 89:89:8e:c1:2c:49:65:1a:c3:f0:98:5a:50:b8:4c:0b:4d:62: 18:26:f1:a6:f9:10:05:af:b4:cb:eb:1d:c0:f5:ad:0d:c7:ca: 69:4c:08:3b:c8:de:24:2c:85:70:74:7b:c4:40:01:cf:79:ab: bf:e1:a8:c8:49:68:1f:f0:40:2a:63:9a:87:de:d0:f2:75:c9: b1:95:c9:f9:d1:a8:1f:f3:6e:a2:a3:fb:10:70:d1:f4:bf:a8: 5d:ca:40:d4:0c:cb:d1:7b:65:f6:19:46:7a:c7:20:e2:87:ab: 0e:65:fd:db:52:9a:a5:56:3e:9e:cd:53:75:83:bc:97:a9:c1: 60:50:33:3f:92:99:1e:26:b8:b8:60:16:e9:65:6b:76:d0:e9: 7b:fb:a0:fb:a3:30:2d:83:02:21:ad:ce:19:42:a9:c1:b0:b4: c0:90:c8:8a:91:cf:cd:ec:f5:e9:95:e7:b0:39:6e:8d:3f:7d: 63:e4:85:8c:88:99:01:90:4b:07:89:fa:ac:22:40:e4:ed:df: 1c:16:65:c6:6e:52:35:bd:9f:6d:f2:03:b7:d2:f0:61:30:b0: 4a:2c:0e:09:1d:51:da:a4:ce:c7:7e:be:9e:b4:08:62:23:44: 2e:49:26:9f:6d:0f:aa:df:7b:ad:08:0a:fb:eb:0b:39:f9:be: c2:7b:13:30 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZpzesfuZTyZn0BNJT53OxCdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5 Mzg2MWMwHhcNMjUxMTExMTUxMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Mzg4MzAzYTFkNWRjYmRhZWVmM2Q3ZWIwNjBjOTFkMTQzZmRkYmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhbDw9wJSyYWlJjusR7nx6J/H0oz iwKxJCELUZ/3QozQy//FV5GsymAWlNwFUWohu6Mrq0Epx2P4O/Pq84aZdSdMddDU FGODcSh0+InR8CLl7+outLri6AOJgnouMB1QnBvuzVdAJh955x2F/qRaqvgzqvV6 0rl8UndW+TTSIW9Hqx1+06AGLkxAINty2J3/jNJD03OyuCXblYRlEfVZmvEa8Q/E KCHgFScZ3ugL5wXT8qvr+ltGX/BMpBqsw3OkKljn+XFDIaeyiw+dgbCxt+rzEV91 DtzvA4CBt3KK70TVoAsWvFBB4DpF8CKgBBK8K4m1z/9DkK/195uevmkpDQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGOIMDodXcva7vPX6wYMkdFD/dvWMB8GA1UdIwQY MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt ODQyNjk0MTJkNTYxLzEvWTRnd09oMWR5OXJ1ODlmckJneVIwVVA5MjlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDVmkwAwQC WSTYAwQCWSh0AwQCWSh8AwQDXrHgAwQCXrH0AwQCuQywAwQCwrZoAwQD2T0AMA0E AgACMAcDBQAqA6FAMA0GCSqGSIb3DQEBCwUAA4IBAQCJiY7BLEllGsPwmFpQuEwL TWIYJvGm+RAFr7TL6x3A9a0Nx8ppTAg7yN4kLIVwdHvEQAHPeau/4ajISWgf8EAq Y5qH3tDydcmxlcn50agf826io/sQcNH0v6hdykDUDMvRe2X2GUZ6xyDih6sOZf3b UpqlVj6ezVN1g7yXqcFgUDM/kpkeJri4YBbpZWt20Ol7+6D7ozAtgwIhrc4ZQqnB sLTAkMiKkc/N7PXpleewOW6NP31j5IWMiJkBkEsHifqsIkDk7d8cFmXGblI1vZ9t 8gO30vBhMLBKLA4JHVHapM7Hfr6etAhiI0QuSSafbQ+q33utCAr76ws5+b7CexMw -----END CERTIFICATE-----Generated at Sat Dec 6 22:14:15 2025 by rpki-client