This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/UJ9wNu4dLXvqKoUnbBe2xQx_31k.roa File: UJ9wNu4dLXvqKoUnbBe2xQx_31k.roa (raw, json) Hash identifier: j4PamiWHKROafLFoI92zeGHphQE1Y+azapQ4RzxfK2A= Subject key identifier: 50:9F:70:36:EE:1D:2D:7B:EA:2A:85:27:6C:17:B6:C5:0C:7F:DF:59 Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Certificate serial: 019A53D26F2D1D446B342B22730F55B25B05 Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/UJ9wNu4dLXvqKoUnbBe2xQx_31k.roa Signing time: Wed 05 Nov 2025 11:41:31 +0000 ROA not before: Wed 05 Nov 2025 11:41:31 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205512 IP address blocks: 185.93.120.0/22 maxlen: 24 185.120.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:53:d2:6f:2d:1d:44:6b:34:2b:22:73:0f:55:b2:5b:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Validity Not Before: Nov 5 11:41:31 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=509f7036ee1d2d7bea2a85276c17b6c50c7fdf59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:b3:45:4b:c3:07:3c:01:e0:de:bf:af:e4:85: 13:a5:5f:95:32:78:91:9d:5e:b9:f8:e5:2c:2b:5d: ee:b0:28:06:a3:70:fa:58:2e:80:2c:8f:48:c7:e7: 94:c5:f9:9c:df:cd:d0:86:5a:b4:22:e4:39:be:9c: 29:91:f0:bb:26:09:44:82:c8:18:94:19:fe:f9:66: 86:ad:00:ee:3b:61:95:0b:33:b0:bb:d3:56:d9:60: 40:03:c3:95:d6:6f:b0:ec:00:76:34:9a:76:33:ae: cf:27:5a:63:c8:1e:7e:6c:dd:db:89:8f:7f:cc:7a: c2:a8:2f:3e:f9:09:0e:96:e3:09:68:bc:e9:46:79: 0f:2b:d3:e9:46:9b:72:79:6d:ab:d8:49:de:0c:94: 83:70:7b:77:7c:35:d6:e7:42:59:c1:df:f0:f3:de: e2:df:9e:fd:fb:31:57:a4:46:4d:9d:89:a2:ae:56: 85:53:55:80:f3:82:1f:d7:b3:08:93:24:14:b4:35: e2:b9:33:d0:45:3d:a3:01:f4:91:64:b7:6c:51:b2: df:10:67:62:8c:36:54:74:01:69:78:6e:3c:b4:5b: 50:c0:63:da:5c:3e:53:c8:d8:88:f8:15:42:d1:ab: cb:6f:3c:38:f3:e8:0f:b0:f3:54:85:90:0f:09:34: 2d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:9F:70:36:EE:1D:2D:7B:EA:2A:85:27:6C:17:B6:C5:0C:7F:DF:59 X509v3 Authority Key Identifier: keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/UJ9wNu4dLXvqKoUnbBe2xQx_31k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.93.120.0/22 185.120.44.0/22 Signature Algorithm: sha256WithRSAEncryption a2:fc:8a:53:fd:7a:a9:ad:1d:4a:dc:37:7c:9a:d1:5c:0e:b0: f9:7a:6e:ee:13:a8:a8:df:31:ad:ec:b1:77:64:6f:77:9f:22: a5:d0:d1:fb:63:f9:ed:69:96:30:45:73:5c:c4:91:24:5f:e9: e8:91:e0:0b:ac:ad:8c:07:12:ec:f2:b9:df:85:7c:db:b5:f4: ed:00:f1:65:0a:0d:a4:1c:a0:a9:49:a7:91:13:00:88:27:cf: ec:b2:a2:10:d4:0e:5d:48:55:26:1d:26:8c:05:95:02:af:45: 0c:c0:8a:ab:19:c2:d3:47:3d:6b:f5:37:b1:8b:21:95:be:db: b7:3c:07:bc:9b:fb:04:e8:74:33:14:69:66:3b:a4:d4:5d:95: 46:25:18:6a:d9:f1:19:f3:e3:f8:22:67:99:3b:0f:0c:1c:94: 2a:43:e6:d1:fe:47:82:31:10:bb:b2:ba:26:0d:0b:8b:0e:e1: b6:3d:4d:ac:cd:27:3c:e1:d3:b6:2c:1c:85:61:17:fd:c3:c9: 14:2b:22:60:0c:83:83:db:0b:ff:c5:ce:75:1b:15:1d:3e:6f: 3c:d4:4a:b8:2e:b2:8c:92:ce:35:4b:de:d7:70:79:20:39:3f: 04:b5:b6:c4:a0:76:17:bf:c9:49:40:d2:ee:4c:67:31:97:e1: 00:1d:fd:95 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZpT0m8tHURrNCsicw9VslsFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4 YjZiNzUwHhcNMjUxMTA1MTE0MTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MDlmNzAzNmVlMWQyZDdiZWEyYTg1Mjc2YzE3YjZjNTBjN2ZkZjU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7NFS8MHPAHg3r+v5IUTpV+VMniR nV65+OUsK13usCgGo3D6WC6ALI9Ix+eUxfmc383Qhlq0IuQ5vpwpkfC7JglEgsgY lBn++WaGrQDuO2GVCzOwu9NW2WBAA8OV1m+w7AB2NJp2M67PJ1pjyB5+bN3biY9/ zHrCqC8++QkOluMJaLzpRnkPK9PpRptyeW2r2EneDJSDcHt3fDXW50JZwd/w897i 3579+zFXpEZNnYmirlaFU1WA84If17MIkyQUtDXiuTPQRT2jAfSRZLdsUbLfEGdi jDZUdAFpeG48tFtQwGPaXD5TyNiI+BVC0avLbzw48+gPsPNUhZAPCTQtPQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFCfcDbuHS176iqFJ2wXtsUMf99ZMB8GA1UdIwQY MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt Yzc5MTRhYjY0MjczLzEvVUo5d051NGRMWHZxS29VbmJCZTJ4UXhfMzFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuV14AwQC uXgsMA0GCSqGSIb3DQEBCwUAA4IBAQCi/IpT/XqprR1K3Dd8mtFcDrD5em7uE6io 3zGt7LF3ZG93nyKl0NH7Y/ntaZYwRXNcxJEkX+nokeALrK2MBxLs8rnfhXzbtfTt APFlCg2kHKCpSaeREwCIJ8/ssqIQ1A5dSFUmHSaMBZUCr0UMwIqrGcLTRz1r9Tex iyGVvtu3PAe8m/sE6HQzFGlmO6TUXZVGJRhq2fEZ8+P4ImeZOw8MHJQqQ+bR/keC MRC7sromDQuLDuG2PU2szSc84dO2LByFYRf9w8kUKyJgDIOD2wv/xc51GxUdPm88 1Eq4LrKMks41S97XcHkgOT8EtbbEoHYXv8lJQNLuTGcxl+EAHf2V -----END CERTIFICATE-----Generated at Sat Dec 6 23:18:10 2025 by rpki-client