This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/0tzBINqIR5UARhUC_SN4dqUsHbs.roa File: 0tzBINqIR5UARhUC_SN4dqUsHbs.roa (raw, json) Hash identifier: dkpQVlm2NilQ3sBxk5jABsHQoOKhZ/gA5zaornlR6rQ= Subject key identifier: D2:DC:C1:20:DA:88:47:95:00:46:15:02:FD:23:78:76:A5:2C:1D:BB Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4 Certificate serial: 019A966B7B89562BE5A94C4FE52AE1A8E41D Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/0tzBINqIR5UARhUC_SN4dqUsHbs.roa Signing time: Tue 18 Nov 2025 10:03:37 +0000 ROA not before: Tue 18 Nov 2025 10:03:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 198156 IP address blocks: 91.106.29.0/24 maxlen: 24 212.7.216.0/24 maxlen: 24 2a01:6e80:fffe::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:96:6b:7b:89:56:2b:e5:a9:4c:4f:e5:2a:e1:a8:e4:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4 Validity Not Before: Nov 18 10:03:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d2dcc120da88479500461502fd237876a52c1dbb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:4b:29:15:b2:d5:78:0f:fc:76:5d:57:5e:90: 71:3e:91:c4:47:6b:f8:20:39:50:c6:d5:e6:2c:9c: 5f:ba:ca:54:21:7d:08:05:d4:81:4f:bd:69:e8:68: f1:b2:07:10:73:db:97:b6:b6:4e:e7:f7:32:e8:0b: 10:68:c2:00:f4:67:26:78:83:c4:d6:7b:dd:b5:c7: 22:4d:8a:05:71:21:13:13:bd:4f:b4:e6:2d:39:8d: 19:63:0d:7d:c5:52:10:4a:c4:30:14:c7:7b:18:9a: 53:a9:1c:f4:12:64:be:cd:52:be:3e:86:c7:0a:9c: ce:3f:b4:5d:a7:96:39:26:57:df:6b:4f:8d:be:fa: bf:dc:6c:6c:6d:1f:e0:04:bd:d2:13:b4:3a:7a:17: 95:cb:66:14:5b:bb:df:6e:0f:ba:8e:c9:1f:16:39: 88:fa:97:9e:72:dc:7f:f2:ae:c5:b4:2b:db:fa:70: 50:83:4a:d2:06:8f:90:c0:8b:a6:67:af:21:92:03: ab:28:ae:4e:8d:03:0a:25:d6:fe:3e:8c:2a:3a:21: 14:13:54:72:be:d0:1a:06:ca:b3:8e:e0:89:a3:2c: 37:ed:96:25:a8:3c:0e:2a:41:d8:13:fd:72:78:64: d2:4c:e0:62:95:32:e1:17:1f:59:f8:a9:8e:26:fe: 4a:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:DC:C1:20:DA:88:47:95:00:46:15:02:FD:23:78:76:A5:2C:1D:BB X509v3 Authority Key Identifier: keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/0tzBINqIR5UARhUC_SN4dqUsHbs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.106.29.0/24 212.7.216.0/24 IPv6: 2a01:6e80:fffe::/48 Signature Algorithm: sha256WithRSAEncryption 89:ca:90:8a:1f:4f:1f:dc:07:f4:96:09:6b:ad:78:86:1f:2a: 9c:fe:63:63:e9:ff:80:48:1b:1b:80:f9:db:dd:71:bf:d1:08: b0:3c:71:bc:d6:c5:c2:65:9a:7d:3c:e3:fc:0b:74:ba:5a:26: bb:71:6f:ee:dc:69:ab:da:a0:08:96:30:20:82:b0:b6:98:36: ab:b7:ef:d1:22:eb:35:33:bd:dc:e7:da:26:d7:bf:c9:86:ff: 51:8e:e1:5a:0b:4c:33:85:ca:c1:7f:ab:7d:8c:36:f5:58:57: 17:fa:39:39:09:8d:ec:5b:14:ec:1e:09:74:51:69:31:47:ab: 08:f8:10:c9:12:20:bd:e3:81:83:f4:18:1d:ad:3b:76:a3:be: ac:f7:74:c3:fb:72:7b:f6:91:9a:69:8b:11:f9:a8:29:75:c8: 6a:0b:2c:03:42:8f:93:f5:4b:99:ac:2d:50:37:78:e8:19:ee: aa:89:89:16:a2:18:7a:4f:62:d5:e7:6d:cf:3a:e1:e5:b5:21: 43:49:3f:62:8f:6d:9b:ee:df:32:9a:54:b1:c8:83:dd:5b:76: 98:a0:33:f8:02:9f:7d:e2:1f:10:b5:31:ea:09:08:ba:63:54: ed:3b:b2:73:81:f2:05:07:d0:54:e0:1b:cd:87:56:58:46:cf: b8:cf:20:c3 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZqWa3uJVivlqUxP5SrhqOQdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl NTQ2YTQwHhcNMjUxMTE4MTAwMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMmRjYzEyMGRhODg0Nzk1MDA0NjE1MDJmZDIzNzg3NmE1MmMxZGJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0spFbLVeA/8dl1XXpBxPpHER2v4 IDlQxtXmLJxfuspUIX0IBdSBT71p6GjxsgcQc9uXtrZO5/cy6AsQaMIA9GcmeIPE 1nvdtcciTYoFcSETE71PtOYtOY0ZYw19xVIQSsQwFMd7GJpTqRz0EmS+zVK+PobH CpzOP7Rdp5Y5Jlffa0+Nvvq/3GxsbR/gBL3SE7Q6eheVy2YUW7vfbg+6jskfFjmI +peectx/8q7FtCvb+nBQg0rSBo+QwIumZ68hkgOrKK5OjQMKJdb+PowqOiEUE1Ry vtAaBsqzjuCJoyw37ZYlqDwOKkHYE/1yeGTSTOBilTLhFx9Z+KmOJv5KoQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFNLcwSDaiEeVAEYVAv0jeHalLB27MB8GA1UdIwQY MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt MjMwNDllNGQyZjEyLzEvMHR6QklOcUlSNVVBUmhVQ19TTjRkcVVzSGJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW2odAwQA 1AfYMA8EAgACMAkDBwAqAW6A//4wDQYJKoZIhvcNAQELBQADggEBAInKkIofTx/c B/SWCWuteIYfKpz+Y2Pp/4BIGxuA+dvdcb/RCLA8cbzWxcJlmn084/wLdLpaJrtx b+7caavaoAiWMCCCsLaYNqu379Ei6zUzvdzn2ibXv8mG/1GO4VoLTDOFysF/q32M NvVYVxf6OTkJjexbFOweCXRRaTFHqwj4EMkSIL3jgYP0GB2tO3ajvqz3dMP7cnv2 kZppixH5qCl1yGoLLANCj5P1S5msLVA3eOgZ7qqJiRaiGHpPYtXnbc864eW1IUNJ P2KPbZvu3zKaVLHIg91bdpigM/gCn33iHxC1MeoJCLpjVO07snOB8gUH0FTgG82H VlhGz7jPIMM= -----END CERTIFICATE-----Generated at Mon Dec 8 09:35:30 2025 by rpki-client