This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/unFfRVZsvRvkohGxQoSgq95x_UY.roa File: unFfRVZsvRvkohGxQoSgq95x_UY.roa (raw, json) Hash identifier: tSXKguvWUmVfGHfR9KLHr2lCBC0TGZziW3nPkjH31gQ= Subject key identifier: BA:71:5F:45:56:6C:BD:1B:E4:A2:11:B1:42:84:A0:AB:DE:71:FD:46 Certificate issuer: /CN=1d04af28f8f7aa858e27d8e2c76114c6ff49bace Certificate serial: 019ACA86E177D42EA8204888D2A0DEBE1A2A Authority key identifier: 1D:04:AF:28:F8:F7:AA:85:8E:27:D8:E2:C7:61:14:C6:FF:49:BA:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQSvKPj3qoWOJ9jix2EUxv9Jus4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/unFfRVZsvRvkohGxQoSgq95x_UY.roa Signing time: Fri 28 Nov 2025 12:53:48 +0000 ROA not before: Fri 28 Nov 2025 12:53:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 212223 IP address blocks: 37.72.110.0/24 maxlen: 24 185.217.63.0/24 maxlen: 24 2a05:7040::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/HQSvKPj3qoWOJ9jix2EUxv9Jus4.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/HQSvKPj3qoWOJ9jix2EUxv9Jus4.mft rsync://rpki.ripe.net/repository/DEFAULT/HQSvKPj3qoWOJ9jix2EUxv9Jus4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:86:e1:77:d4:2e:a8:20:48:88:d2:a0:de:be:1a:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d04af28f8f7aa858e27d8e2c76114c6ff49bace Validity Not Before: Nov 28 12:53:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ba715f45566cbd1be4a211b14284a0abde71fd46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f3:d4:75:fc:64:e9:d0:28:d0:71:5a:10:c3: b4:cd:8a:42:8c:24:d4:3d:38:72:b9:e7:6a:9c:51: 57:34:00:4b:9c:15:a0:42:df:37:53:a4:02:dd:fc: 23:49:42:2c:1c:93:67:d0:0b:79:46:21:41:3d:99: 0e:62:c6:39:b3:2a:f4:29:ad:e4:b7:70:60:38:ea: 6d:ad:d7:e8:e0:d1:65:47:a5:ef:a6:58:f5:ad:ff: 6d:06:03:c1:c3:c9:02:b8:a4:8b:19:43:2c:b2:10: e1:87:57:b5:76:c4:84:0a:06:19:c3:14:ef:77:a6: 46:24:02:74:52:46:79:9f:7f:47:6c:12:bf:ec:b3: 33:34:da:93:63:5a:40:9d:70:36:b6:39:af:3b:78: 4b:45:fc:0e:06:d1:8d:d6:45:45:1a:d6:c4:fe:f4: d1:05:9e:20:9a:27:da:8e:67:1c:9a:8d:53:1f:06: c3:9b:3f:83:23:50:fe:89:10:31:53:da:ac:bc:e0: c7:b1:aa:48:31:5f:58:1e:72:d3:29:9a:7e:d7:2d: 09:ae:82:b0:62:85:3d:cf:72:ae:7c:49:b8:09:bb: 73:26:9d:61:5c:e8:59:89:86:46:61:ae:ee:f2:80: e9:8b:28:45:f1:12:f1:9a:e5:65:73:12:ef:2b:9a: 4f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:71:5F:45:56:6C:BD:1B:E4:A2:11:B1:42:84:A0:AB:DE:71:FD:46 X509v3 Authority Key Identifier: keyid:1D:04:AF:28:F8:F7:AA:85:8E:27:D8:E2:C7:61:14:C6:FF:49:BA:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQSvKPj3qoWOJ9jix2EUxv9Jus4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/unFfRVZsvRvkohGxQoSgq95x_UY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/HQSvKPj3qoWOJ9jix2EUxv9Jus4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.72.110.0/24 185.217.63.0/24 IPv6: 2a05:7040::/32 Signature Algorithm: sha256WithRSAEncryption 0c:73:31:bf:4f:7a:4f:e9:97:cc:4d:66:c9:1c:f6:83:02:b6: 3a:d0:25:07:50:e3:4b:71:83:03:f7:99:7e:80:ce:51:fb:f2: 22:bb:d9:55:0a:3b:c1:97:e1:23:8c:13:4b:59:75:37:fc:70: 71:99:40:19:de:a6:e3:b4:ce:fe:39:57:3b:1b:f3:e9:c6:df: e1:5c:bf:da:29:39:24:49:59:4d:d7:ee:54:b8:4b:a3:e4:4a: fa:31:3c:5e:18:f7:cd:86:36:e7:b7:2a:c1:c3:dc:33:bf:f6: b6:4e:aa:75:f9:72:2f:80:f4:d2:25:92:90:4a:49:24:a8:d5: e3:7c:b0:30:b3:74:70:65:77:8a:7f:43:32:07:aa:73:a6:cd: bd:2f:c0:63:e3:94:9a:49:37:df:ca:0b:05:4f:99:ee:b3:a9: 84:00:e1:d5:13:4a:aa:de:73:2e:8e:6b:23:74:c5:b6:e7:b7: 4a:8c:29:a8:5f:03:9b:6a:8b:21:d1:71:97:31:cc:e0:41:de: 12:8d:a6:27:9d:f7:d5:3d:a1:9e:f7:ba:fa:6c:22:c1:9f:c2: 46:0b:c4:4a:28:3e:94:43:98:bc:b2:8b:5f:5f:3c:7b:fa:32: 49:ff:6d:9c:93:fb:06:71:ee:fd:91:c4:8e:ae:08:4b:39:f0: 63:f2:b4:34 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZrKhuF31C6oIEiI0qDevhoqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMDRhZjI4ZjhmN2FhODU4ZTI3ZDhlMmM3NjExNGM2ZmY0 OWJhY2UwHhcNMjUxMTI4MTI1MzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYTcxNWY0NTU2NmNiZDFiZTRhMjExYjE0Mjg0YTBhYmRlNzFmZDQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvPUdfxk6dAo0HFaEMO0zYpCjCTU PThyuedqnFFXNABLnBWgQt83U6QC3fwjSUIsHJNn0At5RiFBPZkOYsY5syr0Ka3k t3BgOOptrdfo4NFlR6Xvplj1rf9tBgPBw8kCuKSLGUMsshDhh1e1dsSECgYZwxTv d6ZGJAJ0UkZ5n39HbBK/7LMzNNqTY1pAnXA2tjmvO3hLRfwOBtGN1kVFGtbE/vTR BZ4gmifajmccmo1THwbDmz+DI1D+iRAxU9qsvODHsapIMV9YHnLTKZp+1y0JroKw YoU9z3KufEm4CbtzJp1hXOhZiYZGYa7u8oDpiyhF8RLxmuVlcxLvK5pPTwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLpxX0VWbL0b5KIRsUKEoKvecf1GMB8GA1UdIwQY MBaAFB0Eryj496qFjifY4sdhFMb/SbrOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFFTdktQajNxb1dPSjlqaXgyRVV4djlKdXM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hNmQ0MDAtOGM0My00NGNjLTkzNTUt NzBiNGUwYjNmYzllLzEvdW5GZlJWWnN2UnZrb2hHeFFvU2dxOTV4X1VZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS9hNmQ0MDAtOGM0My00NGNjLTkzNTUtNzBiNGUwYjNmYzll LzEvSFFTdktQajNxb1dPSjlqaXgyRVV4djlKdXM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAJUhuAwQA udk/MA0EAgACMAcDBQAqBXBAMA0GCSqGSIb3DQEBCwUAA4IBAQAMczG/T3pP6ZfM TWbJHPaDArY60CUHUONLcYMD95l+gM5R+/Iiu9lVCjvBl+EjjBNLWXU3/HBxmUAZ 3qbjtM7+OVc7G/Ppxt/hXL/aKTkkSVlN1+5UuEuj5Er6MTxeGPfNhjbntyrBw9wz v/a2Tqp1+XIvgPTSJZKQSkkkqNXjfLAws3RwZXeKf0MyB6pzps29L8Bj45SaSTff ygsFT5nus6mEAOHVE0qq3nMujmsjdMW257dKjCmoXwObaosh0XGXMczgQd4SjaYn nffVPaGe97r6bCLBn8JGC8RKKD6UQ5i8sotfXzx7+jJJ/22ck/sGce79kcSOrghL OfBj8rQ0 -----END CERTIFICATE-----Generated at Sat Dec 6 05:43:55 2025 by rpki-client