This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/XdV6SY8eOUx_p4Bq7xrcrr0zqOY.roa File: XdV6SY8eOUx_p4Bq7xrcrr0zqOY.roa (raw, json) Hash identifier: 7cspMQngJkatFfDKEQAGiJKWs/aZIdZmZ6eN4nTqmW8= Subject key identifier: 5D:D5:7A:49:8F:1E:39:4C:7F:A7:80:6A:EF:1A:DC:AE:BD:33:A8:E6 Certificate issuer: /CN=a13042d137fbb03beba6421f33a8525b52a88f7a Certificate serial: 019AA5655FE2C4E58136A3605E6F829DFA3D Authority key identifier: A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/XdV6SY8eOUx_p4Bq7xrcrr0zqOY.roa Signing time: Fri 21 Nov 2025 07:51:15 +0000 ROA not before: Fri 21 Nov 2025 07:51:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 198249 IP address blocks: 91.199.98.0/24 maxlen: 24 91.234.160.0/24 maxlen: 24 185.17.68.0/22 maxlen: 24 185.169.84.0/22 maxlen: 24 185.221.40.0/22 maxlen: 24 185.221.40.0/24 maxlen: 24 185.221.41.0/24 maxlen: 24 185.221.42.0/24 maxlen: 24 185.221.43.0/24 maxlen: 24 195.234.43.0/24 maxlen: 24 2001:67c:690::/48 maxlen: 48 2a04:500::/29 maxlen: 29 2a09:f00::/29 maxlen: 29 2a09:f00:a::/48 maxlen: 48 2a09:f00:b::/48 maxlen: 48 2a09:f00:c::/48 maxlen: 48 2a09:f00:ff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.mft rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a5:65:5f:e2:c4:e5:81:36:a3:60:5e:6f:82:9d:fa:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a13042d137fbb03beba6421f33a8525b52a88f7a Validity Not Before: Nov 21 07:51:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5dd57a498f1e394c7fa7806aef1adcaebd33a8e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ed:d7:7f:37:11:7a:b8:99:38:21:a8:62:bc: 04:b1:37:86:db:d7:e8:da:29:8c:e7:36:f9:ac:82: 33:dc:24:e5:bc:4c:4b:56:53:4f:ed:dc:ee:d1:4b: 8e:46:e2:29:41:08:b2:65:4a:2d:b4:0f:0f:80:69: fa:7e:97:08:c6:de:52:70:29:3a:50:7b:f9:99:f6: 5a:6b:58:66:1e:34:c1:d3:0a:3d:ec:f1:9e:ff:7e: 84:12:24:5d:46:09:13:2a:45:b0:31:10:87:62:53: dc:b1:9b:6d:bb:bb:9b:a0:4b:61:d9:e2:93:9e:3d: ae:13:08:fd:83:06:99:d4:a2:31:d4:9f:6d:7a:ef: 8f:10:67:be:a5:d9:5c:27:a5:da:34:c3:a1:8e:10: a8:dc:7a:21:50:74:39:e8:06:c1:31:ee:61:01:25: 81:c1:d1:55:04:43:03:5e:6f:cb:00:a7:aa:0a:55: 23:44:7c:6e:4d:5e:81:3e:31:c4:cd:d0:89:ea:ff: d4:75:c1:83:f0:cc:29:6a:b5:4a:7c:cc:4a:6d:77: 00:b5:14:82:1c:8e:72:33:16:14:f4:fd:62:a5:63: e1:01:d4:0f:76:9b:fc:a6:e5:09:8d:d1:20:36:47: a2:08:3b:2e:28:98:2c:d8:cf:11:73:5c:fb:f3:b9: 31:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:D5:7A:49:8F:1E:39:4C:7F:A7:80:6A:EF:1A:DC:AE:BD:33:A8:E6 X509v3 Authority Key Identifier: keyid:A1:30:42:D1:37:FB:B0:3B:EB:A6:42:1F:33:A8:52:5B:52:A8:8F:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/XdV6SY8eOUx_p4Bq7xrcrr0zqOY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/af4407-f98e-4994-9f9e-f6b6c04916a1/1/oTBC0Tf7sDvrpkIfM6hSW1Koj3o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.199.98.0/24 91.234.160.0/24 185.17.68.0/22 185.169.84.0/22 185.221.40.0/22 195.234.43.0/24 IPv6: 2001:67c:690::/48 2a04:500::/29 2a09:f00::/29 Signature Algorithm: sha256WithRSAEncryption 34:9d:b6:6e:ad:64:e4:be:48:51:ce:16:3e:d9:83:02:f0:7b: 59:24:14:b2:3b:da:b5:f0:d7:0c:67:8c:a4:f9:07:fc:53:57: 40:f9:4e:65:d2:a8:00:e5:41:a9:e3:f4:14:1f:d0:93:fe:4b: 8c:85:d8:a4:b4:47:e0:f7:20:90:8b:b6:f1:68:a0:9f:17:a6: fb:a6:1e:36:e8:44:04:37:74:cc:8f:2f:d8:f1:95:1e:db:ef: 23:45:bb:50:7b:c0:9c:7d:4f:32:04:61:3f:8b:1b:4b:5a:12: 61:75:58:ac:df:74:38:11:d3:9e:75:87:84:86:ef:08:f1:08: 57:0c:1b:0e:0e:e1:1c:1c:51:16:8a:ee:dc:e8:a8:1b:a8:42: cf:3d:d3:1f:c3:0a:8b:a5:00:47:eb:b0:78:32:f9:dd:27:28: 35:5e:36:ee:54:fb:ae:21:b6:72:15:9c:bd:7d:db:a7:6f:15: 39:12:00:38:aa:c9:fa:a6:f8:26:58:39:3d:4e:b3:4b:f7:24: 7f:af:3e:f9:ee:5e:2b:d7:1f:d5:76:86:c2:5d:c8:7f:4f:64: ae:7a:98:55:eb:09:6a:5f:06:84:67:bc:d4:7e:60:e8:bf:95: 0e:00:c9:54:4c:a0:8b:b7:f5:a8:23:38:ce:c9:3f:16:4a:82: 77:de:10:f7 -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgISAZqlZV/ixOWBNqNgXm+Cnfo9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExMzA0MmQxMzdmYmIwM2JlYmE2NDIxZjMzYTg1MjViNTJh ODhmN2EwHhcNMjUxMTIxMDc1MTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZGQ1N2E0OThmMWUzOTRjN2ZhNzgwNmFlZjFhZGNhZWJkMzNhOGU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme3XfzcReriZOCGoYrwEsTeG29fo 2imM5zb5rIIz3CTlvExLVlNP7dzu0UuORuIpQQiyZUottA8PgGn6fpcIxt5ScCk6 UHv5mfZaa1hmHjTB0wo97PGe/36EEiRdRgkTKkWwMRCHYlPcsZttu7uboEth2eKT nj2uEwj9gwaZ1KIx1J9teu+PEGe+pdlcJ6XaNMOhjhCo3HohUHQ56AbBMe5hASWB wdFVBEMDXm/LAKeqClUjRHxuTV6BPjHEzdCJ6v/UdcGD8MwparVKfMxKbXcAtRSC HI5yMxYU9P1ipWPhAdQPdpv8puUJjdEgNkeiCDsuKJgs2M8Rc1z787kxuQIDAQAB o4ICRjCCAkIwHQYDVR0OBBYEFF3VekmPHjlMf6eAau8a3K69M6jmMB8GA1UdIwQY MBaAFKEwQtE3+7A766ZCHzOoUltSqI96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUt ZjZiNmMwNDkxNmExLzEvWGRWNlNZOGVPVXhfcDRCcTd4cmNycjB6cU9ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9hZjQ0MDctZjk4ZS00OTk0LTlmOWUtZjZiNmMwNDkxNmEx LzEvb1RCQzBUZjdzRHZycGtJZk02aFNXMUtvajNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAqBAIAATAkAwQAW8diAwQA W+qgAwQCuRFEAwQCualUAwQCud0oAwQAw+orMB0EAgACMBcDBwAgAQZ8BpADBQMq BAUAAwUDKgkPADANBgkqhkiG9w0BAQsFAAOCAQEANJ22bq1k5L5IUc4WPtmDAvB7 WSQUsjvatfDXDGeMpPkH/FNXQPlOZdKoAOVBqeP0FB/Qk/5LjIXYpLRH4PcgkIu2 8Wignxem+6YeNuhEBDd0zI8v2PGVHtvvI0W7UHvAnH1PMgRhP4sbS1oSYXVYrN90 OBHTnnWHhIbvCPEIVwwbDg7hHBxRForu3OioG6hCzz3TH8MKi6UAR+uweDL53Sco NV427lT7riG2chWcvX3bp28VORIAOKrJ+qb4Jlg5PU6zS/ckf68++e5eK9cf1XaG wl3If09krnqYVesJal8GhGe81H5g6L+VDgDJVEygi7f1qCM4zsk/FkqCd94Q9w== -----END CERTIFICATE-----Generated at Sat Dec 6 23:28:56 2025 by rpki-client