This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/W8Ti_dXcYalIUeRHiuN7_Pq4Q6k.roa File: W8Ti_dXcYalIUeRHiuN7_Pq4Q6k.roa (raw, json) Hash identifier: 4QiUW7JIueqmFCn96lHxs3k9V/e0E2VEpe0b6/Dk6p8= Subject key identifier: 5B:C4:E2:FD:D5:DC:61:A9:48:51:E4:47:8A:E3:7B:FC:FA:B8:43:A9 Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019A7392952ACD889EB474499DE103FF3039 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/W8Ti_dXcYalIUeRHiuN7_Pq4Q6k.roa Signing time: Tue 11 Nov 2025 15:39:37 +0000 ROA not before: Tue 11 Nov 2025 15:39:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 36454 IP address blocks: 65.181.112.0/24 maxlen: 24 65.181.116.0/24 maxlen: 24 65.181.123.0/24 maxlen: 24 65.181.124.0/24 maxlen: 24 65.181.125.0/24 maxlen: 24 162.208.8.0/24 maxlen: 24 162.208.9.0/24 maxlen: 24 162.208.10.0/24 maxlen: 24 162.208.11.0/24 maxlen: 24 185.181.253.0/24 maxlen: 24 185.181.254.0/24 maxlen: 24 185.181.255.0/24 maxlen: 24 192.243.96.0/24 maxlen: 24 192.243.97.0/24 maxlen: 24 192.243.98.0/24 maxlen: 24 192.243.99.0/24 maxlen: 24 192.243.100.0/24 maxlen: 24 192.243.101.0/24 maxlen: 24 192.243.102.0/24 maxlen: 24 192.243.103.0/24 maxlen: 24 192.243.104.0/24 maxlen: 24 192.243.105.0/24 maxlen: 24 192.243.106.0/24 maxlen: 24 192.243.107.0/24 maxlen: 24 192.243.108.0/24 maxlen: 24 192.243.109.0/24 maxlen: 24 192.243.111.0/24 maxlen: 24 192.250.224.0/20 maxlen: 20 192.250.226.0/24 maxlen: 24 192.250.227.0/24 maxlen: 24 192.250.236.0/24 maxlen: 24 195.250.25.0/24 maxlen: 24 198.38.90.0/24 maxlen: 24 199.175.48.0/24 maxlen: 24 199.175.49.0/24 maxlen: 24 199.175.50.0/24 maxlen: 24 199.175.51.0/24 maxlen: 24 199.175.52.0/24 maxlen: 24 199.175.53.0/24 maxlen: 24 199.175.54.0/24 maxlen: 24 199.175.55.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:73:92:95:2a:cd:88:9e:b4:74:49:9d:e1:03:ff:30:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Nov 11 15:39:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5bc4e2fdd5dc61a94851e4478ae37bfcfab843a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:fb:2c:bf:1e:fb:fb:4e:e7:96:42:ad:87:ba: 63:15:08:77:75:1a:93:d7:ca:ec:b6:6a:b0:a2:92: 47:01:6d:86:08:42:b2:91:13:52:9b:65:c9:c7:8d: 17:1b:1b:73:ad:27:f5:15:9b:a8:9d:2e:15:d0:02: 9a:7e:8c:3b:a7:d0:19:34:44:77:aa:b3:84:00:9d: e4:57:2e:73:7c:b0:9d:ed:72:fe:af:f2:94:e1:c6: 1a:f6:f0:17:08:1e:24:67:d4:77:a2:fc:5e:80:7d: 87:d8:8c:f2:d6:b1:65:75:c5:44:7d:81:f5:20:bb: bf:d2:b7:ad:f8:17:e6:ad:16:c5:d6:27:50:bd:59: 59:e7:73:f6:ed:f4:91:6f:9a:58:b6:01:57:ec:a4: d9:09:51:72:f1:47:8a:c4:1b:ca:96:28:51:b0:36: 36:bf:09:73:bb:54:19:cf:54:8e:ba:96:d5:94:56: 32:b3:dd:7f:75:c9:c5:17:a9:6f:34:e3:a8:2e:7c: 1e:09:76:05:58:fc:e0:90:75:cb:2e:e3:18:13:50: c5:2f:24:a8:7f:75:11:7a:63:85:95:d4:10:bc:e6: 02:35:30:e1:11:16:92:fe:5b:a8:27:0f:40:f6:f1: 17:43:0d:a4:d2:2b:b3:ce:e4:4b:c9:f8:a8:25:27: fb:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:C4:E2:FD:D5:DC:61:A9:48:51:E4:47:8A:E3:7B:FC:FA:B8:43:A9 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/W8Ti_dXcYalIUeRHiuN7_Pq4Q6k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 65.181.112.0/24 65.181.116.0/24 65.181.123.0-65.181.125.255 162.208.8.0/22 185.181.253.0-185.181.255.255 192.243.96.0-192.243.109.255 192.243.111.0/24 192.250.224.0/20 195.250.25.0/24 198.38.90.0/24 199.175.48.0/21 Signature Algorithm: sha256WithRSAEncryption 02:5e:b0:be:07:94:ab:f1:b8:3e:2b:55:b1:08:b7:e5:f4:27: 35:3b:02:32:77:6d:85:52:8a:69:ef:cc:9d:c4:28:a7:53:f6: ee:40:f9:bd:0b:de:79:3c:84:9c:c4:0c:ea:d2:5a:40:fc:75: 66:d9:fa:70:22:82:a5:3c:dc:aa:cb:85:fe:81:fd:89:c0:df: 7c:35:7a:53:a2:66:72:2f:01:ba:5c:3a:68:c3:22:61:dd:a0: c3:41:5a:e5:11:f3:6f:9f:a1:c0:25:d7:86:43:f7:47:63:81: 27:f5:c7:41:44:79:c2:96:4e:81:e1:6c:62:97:ad:66:96:ac: 51:ea:a6:56:d6:09:3d:24:a7:de:6d:29:e1:dc:73:79:b0:76: 2c:39:f1:16:ee:ec:d0:4d:fc:7f:d7:41:ff:9d:2c:18:4f:7f: 51:c2:79:44:4f:1f:49:3e:b2:d3:8c:5a:59:9b:47:37:ff:67: 3e:c2:1b:0a:83:1c:f5:34:23:ca:64:b0:eb:5a:a1:9f:cd:cf: 55:c3:a7:32:1a:9d:e0:27:00:ff:ee:95:0f:2a:ce:db:8c:b1: 91:9a:a9:0c:bd:12:73:db:2d:34:e8:5f:51:da:0b:a7:bc:3c: cd:28:b2:4f:f2:6f:46:7a:f8:77:64:e3:dc:32:49:18:95:41: 6a:8e:60:01 -----BEGIN CERTIFICATE----- MIIFUDCCBDigAwIBAgISAZpzkpUqzYietHRJneED/zA5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjUxMTExMTUzOTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YmM0ZTJmZGQ1ZGM2MWE5NDg1MWU0NDc4YWUzN2JmY2ZhYjg0M2E5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvssvx77+07nlkKth7pjFQh3dRqT 18rstmqwopJHAW2GCEKykRNSm2XJx40XGxtzrSf1FZuonS4V0AKafow7p9AZNER3 qrOEAJ3kVy5zfLCd7XL+r/KU4cYa9vAXCB4kZ9R3ovxegH2H2Izy1rFldcVEfYH1 ILu/0ret+BfmrRbF1idQvVlZ53P27fSRb5pYtgFX7KTZCVFy8UeKxBvKlihRsDY2 vwlzu1QZz1SOupbVlFYys91/dcnFF6lvNOOoLnweCXYFWPzgkHXLLuMYE1DFLySo f3URemOFldQQvOYCNTDhERaS/luoJw9A9vEXQw2k0iuzzuRLyfioJSf7XwIDAQAB o4ICXDCCAlgwHQYDVR0OBBYEFFvE4v3V3GGpSFHkR4rje/z6uEOpMB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvVzhUaV9kWGNZYWxJVWVSSGl1TjdfUHE0UTZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBfBAIAATBZAwQAQbVwAwQA QbV0MAwDBABBtXsDBAFBtXwDBAKi0AgwCwMEALm1/QMDAbm0MAwDBAXA82ADBAHA 82wDBADA828DBATA+uADBADD+hkDBADGJloDBAPHrzAwDQYJKoZIhvcNAQELBQAD ggEBAAJesL4HlKvxuD4rVbEIt+X0JzU7AjJ3bYVSimnvzJ3EKKdT9u5A+b0L3nk8 hJzEDOrSWkD8dWbZ+nAigqU83KrLhf6B/YnA33w1elOiZnIvAbpcOmjDImHdoMNB WuUR82+focAl14ZD90djgSf1x0FEecKWToHhbGKXrWaWrFHqplbWCT0kp95tKeHc c3mwdiw58Rbu7NBN/H/XQf+dLBhPf1HCeURPH0k+stOMWlmbRzf/Zz7CGwqDHPU0 I8pksOtaoZ/Nz1XDpzIaneAnAP/ulQ8qztuMsZGaqQy9EnPbLTToX1HaC6e8PM0o sk/yb0Z6+Hdk49wySRiVQWqOYAE= -----END CERTIFICATE-----Generated at Sat Dec 6 17:58:23 2025 by rpki-client