This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/f14c46wXtEDiWrdIj9E6eFCBOHs.roa File: f14c46wXtEDiWrdIj9E6eFCBOHs.roa (raw, json) Hash identifier: +KzRlYvE/I0YLwICFFaqZgIiXrLM5mAZA623n1jbgrc= Subject key identifier: 7F:5E:1C:E3:AC:17:B4:40:E2:5A:B7:48:8F:D1:3A:78:50:81:38:7B Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B1F573E725CC4D4AAFBEAB8721AE21827 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/f14c46wXtEDiWrdIj9E6eFCBOHs.roa Signing time: Mon 15 Dec 2025 00:09:29 +0000 ROA not before: Mon 15 Dec 2025 00:09:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 89.42.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 09:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:57:3e:72:5c:c4:d4:aa:fb:ea:b8:72:1a:e2:18:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Dec 15 00:09:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=7f5e1ce3ac17b440e25ab7488fd13a785081387b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:85:9c:e3:d2:c1:17:2b:ac:a3:db:f2:6f:3f: f3:49:2c:4e:48:4f:02:97:8e:74:f1:6a:32:d6:38: f8:c5:95:8b:f2:59:c6:bd:30:29:d1:c1:e8:20:1e: 26:59:88:c4:d9:c8:a8:22:8d:ba:33:9b:28:c6:1c: ea:0e:e1:fa:42:a7:58:4f:24:1e:3b:0f:9d:c7:b0: a4:e9:35:f6:74:5c:48:e5:40:42:5a:ed:54:6b:f6: 64:3b:6f:db:06:71:e7:c9:ce:da:bd:b7:cc:53:65: 13:04:71:f2:a5:ed:e5:75:34:d2:b2:52:23:0e:66: 54:8e:c8:33:fb:1c:54:5e:6b:60:b2:77:dd:bc:af: 14:01:b9:98:ed:e0:12:9b:6f:80:e6:23:a2:59:71: d6:c6:66:6f:6b:59:64:d2:61:eb:47:e6:53:e9:17: 1a:c1:6c:0a:30:6c:d2:39:59:0c:b8:75:8b:2f:a3: dd:22:55:c5:57:97:18:50:b6:52:14:11:9b:7e:16: 16:65:cd:f5:0c:17:ad:53:69:bf:d0:d1:5d:b6:b8: b8:3d:f0:ee:e4:e1:a4:19:7b:cf:38:b2:fb:de:a7: be:47:87:e7:03:bf:5c:08:fb:ce:64:a6:be:14:86: 2b:1b:05:e2:4e:7c:f2:84:90:df:b4:a0:9a:69:69: db:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:5E:1C:E3:AC:17:B4:40:E2:5A:B7:48:8F:D1:3A:78:50:81:38:7B X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/f14c46wXtEDiWrdIj9E6eFCBOHs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.42.213.0/24 Signature Algorithm: sha256WithRSAEncryption 87:af:f1:7a:be:0a:bc:95:21:48:d7:0c:4a:92:cf:64:4c:f0: 2c:14:09:5f:d6:81:2c:d5:a0:ee:f0:4e:6f:c4:8e:53:4a:87: 9a:6c:d4:51:19:f4:4d:2b:df:ce:a8:f4:34:60:f0:12:ec:80: ee:d4:8d:a0:ad:37:5e:2c:0c:da:f1:4b:b9:c7:05:a3:67:a9: b5:c9:b7:fc:1a:4e:14:e3:8b:0a:81:bf:69:0b:25:74:90:94: 04:36:93:91:57:87:b6:a3:67:3c:39:3b:5b:f8:1e:71:94:a3: bb:8f:3c:8d:69:04:9b:3d:e9:fa:97:e2:1f:1e:dd:c7:15:23: a1:2e:5c:5f:cf:32:99:fa:92:64:e6:aa:86:51:b0:7c:6b:15: 34:7e:21:a3:db:ef:52:92:82:c0:38:76:35:a4:29:43:03:65: 31:d4:1a:4b:5c:ae:1f:98:98:ee:b0:11:8d:12:2e:d5:b8:18: 0d:c3:7e:8d:ce:1f:9d:b4:ab:76:79:1b:95:be:ad:f5:5a:20: be:7e:69:b4:14:0c:f7:65:59:f0:75:9b:6c:75:87:a2:83:75: 6e:8c:f2:84:a1:8b:10:6c:c0:f5:9c:cf:81:48:88:4c:5d:1f: bc:26:bc:c2:91:c0:fc:32:8e:ab:d8:21:89:bc:d6:2e:e2:9d: f0:ef:8f:0a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZsfVz5yXMTUqvvquHIa4hgnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjUxMjE1MDAwOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZjVlMWNlM2FjMTdiNDQwZTI1YWI3NDg4ZmQxM2E3ODUwODEzODdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIWc49LBFyuso9vybz/zSSxOSE8C l4508Woy1jj4xZWL8lnGvTAp0cHoIB4mWYjE2cioIo26M5soxhzqDuH6QqdYTyQe Ow+dx7Ck6TX2dFxI5UBCWu1Ua/ZkO2/bBnHnyc7avbfMU2UTBHHype3ldTTSslIj DmZUjsgz+xxUXmtgsnfdvK8UAbmY7eASm2+A5iOiWXHWxmZva1lk0mHrR+ZT6Rca wWwKMGzSOVkMuHWLL6PdIlXFV5cYULZSFBGbfhYWZc31DBetU2m/0NFdtri4PfDu 5OGkGXvPOLL73qe+R4fnA79cCPvOZKa+FIYrGwXiTnzyhJDftKCaaWnbGQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFH9eHOOsF7RA4lq3SI/ROnhQgTh7MB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvZjE0YzQ2d1h0RURpV3JkSWo5RTZlRkNCT0hzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSrVMA0G CSqGSIb3DQEBCwUAA4IBAQCHr/F6vgq8lSFI1wxKks9kTPAsFAlf1oEs1aDu8E5v xI5TSoeabNRRGfRNK9/OqPQ0YPAS7IDu1I2grTdeLAza8Uu5xwWjZ6m1ybf8Gk4U 44sKgb9pCyV0kJQENpORV4e2o2c8OTtb+B5xlKO7jzyNaQSbPen6l+IfHt3HFSOh LlxfzzKZ+pJk5qqGUbB8axU0fiGj2+9SkoLAOHY1pClDA2Ux1BpLXK4fmJjusBGN Ei7VuBgNw36Nzh+dtKt2eRuVvq31WiC+fmm0FAz3ZVnwdZtsdYeig3VujPKEoYsQ bMD1nM+BSIhMXR+8JrzCkcD8Mo6r2CGJvNYu4p3w748K -----END CERTIFICATE-----Generated at Mon Dec 15 17:21:40 2025 by rpki-client