This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/biZIWkN3do83nCL4GcgvnTOKqEI.roa File: biZIWkN3do83nCL4GcgvnTOKqEI.roa (raw, json) Hash identifier: C7QSBlbd7LRHpMATyfH1mxp6DG7K5WX31EKCXaPNBU0= Subject key identifier: 6E:26:48:5A:43:77:76:8F:37:9C:22:F8:19:C8:2F:9D:33:8A:A8:42 Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Certificate serial: 019A53D26E0B8AB71CEB7FE6B346F71AFB45 Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/biZIWkN3do83nCL4GcgvnTOKqEI.roa Signing time: Wed 05 Nov 2025 11:41:30 +0000 ROA not before: Wed 05 Nov 2025 11:41:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 3348 IP address blocks: 85.117.244.0/22 maxlen: 24 93.92.224.0/22 maxlen: 24 93.187.132.0/22 maxlen: 24 185.81.132.0/22 maxlen: 24 185.119.236.0/22 maxlen: 24 188.208.20.0/22 maxlen: 24 193.0.146.0/23 maxlen: 24 193.0.164.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:53:d2:6e:0b:8a:b7:1c:eb:7f:e6:b3:46:f7:1a:fb:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Validity Not Before: Nov 5 11:41:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6e26485a4377768f379c22f819c82f9d338aa842 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:2f:14:ad:04:db:e0:00:3a:cc:ce:ec:8b:59: 65:df:1a:9f:7b:73:9b:f6:96:6e:9d:73:5d:e8:7d: 7f:a6:df:07:b5:78:e2:e2:14:43:ce:f8:ab:c1:e5: 5b:6d:80:84:4e:db:78:50:37:73:5e:d4:b4:41:8e: d9:81:29:4b:b3:40:8d:18:c2:5a:f2:d2:4a:22:41: 9a:29:58:5e:4a:78:3a:63:ce:04:e7:7c:79:71:bc: 7f:68:92:e9:a1:9e:7f:db:0e:af:4e:e5:d2:7e:a6: 0a:a5:a4:dd:ff:a1:45:9c:4e:65:23:8b:2a:c6:65: 0c:f5:d3:4c:83:7a:c4:c8:bc:c5:c4:32:b4:5c:43: 13:73:c6:b5:ae:0a:3c:74:81:c1:b8:d6:2d:e6:ad: 8e:47:86:d0:ea:ad:10:78:cb:51:c6:7a:f7:fa:64: 02:ec:32:c5:36:a6:d0:c3:ba:26:85:43:6b:25:eb: 74:c5:78:56:5d:1b:55:46:ad:55:69:81:59:1e:d6: c8:65:b2:ac:af:43:30:de:df:71:a1:27:91:14:d7: 29:38:d9:70:46:f9:3f:d9:f3:75:2a:52:c6:61:37: 9a:3b:2f:ce:54:0a:7c:34:21:97:ae:dd:1e:4e:9b: d2:da:73:f5:c1:53:78:89:f1:a8:8e:e8:5d:99:ba: ed:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:26:48:5A:43:77:76:8F:37:9C:22:F8:19:C8:2F:9D:33:8A:A8:42 X509v3 Authority Key Identifier: keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/biZIWkN3do83nCL4GcgvnTOKqEI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.117.244.0/22 93.92.224.0/22 93.187.132.0/22 185.81.132.0/22 185.119.236.0/22 188.208.20.0/22 193.0.146.0/23 193.0.164.0/23 Signature Algorithm: sha256WithRSAEncryption a4:2b:0a:22:73:c0:e8:bc:b4:5a:0e:b0:56:e2:7d:53:b5:a8: d1:a0:29:d6:49:6f:d9:9a:15:22:10:17:2d:46:82:fa:0c:36: 57:d4:07:0c:1a:b1:49:95:d9:7c:95:ff:16:26:db:13:69:20: b3:7f:bc:5d:f3:bb:29:af:3c:68:6f:ae:cd:fe:1c:6f:d5:77: 2d:5d:6e:d1:2f:fb:dc:a0:84:c2:b6:4d:cb:39:d7:81:84:f6: dd:0f:98:3f:97:16:f1:24:27:27:3d:94:d1:f5:27:c2:89:4d: ea:9c:1d:35:8a:27:1a:69:e2:7f:9e:97:4f:7e:8e:54:bc:49: 58:ec:d4:1c:90:ab:f8:46:94:ef:a4:91:4e:b3:1f:0b:f0:2a: 9e:9e:15:ca:7d:37:76:d7:0c:41:bd:6b:0c:1d:8b:fd:f6:84: 66:de:ec:61:fd:60:23:b8:cf:89:b3:f9:ef:2b:91:30:cc:f9: 27:f1:28:0a:75:88:13:36:ad:0f:da:4c:06:6b:64:31:17:35: d8:d5:eb:d7:8d:81:74:97:ea:a8:a8:7a:dc:6b:4d:ee:78:94: 72:f5:d5:c5:30:9c:66:26:a0:59:ba:25:22:b0:8a:fb:9d:3a: 1c:d4:0c:f7:ef:76:7f:e9:67:e0:ec:d3:27:55:44:a9:e4:6d: 1d:7d:74:f5 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZpT0m4Lircc63/ms0b3GvtFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4 YjZiNzUwHhcNMjUxMTA1MTE0MTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZTI2NDg1YTQzNzc3NjhmMzc5YzIyZjgxOWM4MmY5ZDMzOGFhODQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS8UrQTb4AA6zM7si1ll3xqfe3Ob 9pZunXNd6H1/pt8HtXji4hRDzvirweVbbYCETtt4UDdzXtS0QY7ZgSlLs0CNGMJa 8tJKIkGaKVheSng6Y84E53x5cbx/aJLpoZ5/2w6vTuXSfqYKpaTd/6FFnE5lI4sq xmUM9dNMg3rEyLzFxDK0XEMTc8a1rgo8dIHBuNYt5q2OR4bQ6q0QeMtRxnr3+mQC 7DLFNqbQw7omhUNrJet0xXhWXRtVRq1VaYFZHtbIZbKsr0Mw3t9xoSeRFNcpONlw Rvk/2fN1KlLGYTeaOy/OVAp8NCGXrt0eTpvS2nP1wVN4ifGojuhdmbrt0QIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFG4mSFpDd3aPN5wi+BnIL50ziqhCMB8GA1UdIwQY MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt Yzc5MTRhYjY0MjczLzEvYmlaSVdrTjNkbzgzbkNMNEdjZ3ZuVE9LcUVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVXX0AwQC XVzgAwQCXbuEAwQCuVGEAwQCuXfsAwQCvNAUAwQBwQCSAwQBwQCkMA0GCSqGSIb3 DQEBCwUAA4IBAQCkKwoic8DovLRaDrBW4n1TtajRoCnWSW/ZmhUiEBctRoL6DDZX 1AcMGrFJldl8lf8WJtsTaSCzf7xd87sprzxob67N/hxv1XctXW7RL/vcoITCtk3L OdeBhPbdD5g/lxbxJCcnPZTR9SfCiU3qnB01iicaaeJ/npdPfo5UvElY7NQckKv4 RpTvpJFOsx8L8CqenhXKfTd21wxBvWsMHYv99oRm3uxh/WAjuM+Js/nvK5EwzPkn 8SgKdYgTNq0P2kwGa2QxFzXY1evXjYF0l+qoqHrca03ueJRy9dXFMJxmJqBZuiUi sIr7nToc1Az373Z/6Wfg7NMnVUSp5G0dfXT1 -----END CERTIFICATE-----Generated at Sat Dec 6 17:17:59 2025 by rpki-client