This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/tFKBgVopEDWycM_ICm7jh-VZF3M.roa File: tFKBgVopEDWycM_ICm7jh-VZF3M.roa (raw, json) Hash identifier: LgvsB0E5FX1iC1patAeSP801Ruuw0DUNZ/4X/K37x9c= Subject key identifier: B4:52:81:81:5A:29:10:35:B2:70:CF:C8:0A:6E:E3:87:E5:59:17:73 Certificate issuer: /CN=86170339c2bc664d600fa98b8061269d48e4f2c6 Certificate serial: 019AA31F18848B56763322C18B58E2D74AA9 Authority key identifier: 86:17:03:39:C2:BC:66:4D:60:0F:A9:8B:80:61:26:9D:48:E4:F2:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/tFKBgVopEDWycM_ICm7jh-VZF3M.roa Signing time: Thu 20 Nov 2025 21:15:15 +0000 ROA not before: Thu 20 Nov 2025 21:15:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 203938 IP address blocks: 45.84.89.0/24 maxlen: 24 141.98.1.0/24 maxlen: 24 2a11:3a00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.mft rsync://rpki.ripe.net/repository/DEFAULT/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a3:1f:18:84:8b:56:76:33:22:c1:8b:58:e2:d7:4a:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86170339c2bc664d600fa98b8061269d48e4f2c6 Validity Not Before: Nov 20 21:15:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b45281815a291035b270cfc80a6ee387e5591773 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:27:a4:db:a2:42:4d:0e:a4:d4:5b:f1:90:08: ce:0c:6e:73:e3:70:5c:f7:b7:c5:ca:e3:d3:17:89: f0:74:b4:ab:9a:c3:13:a9:6c:b7:c3:45:7c:a9:8c: ae:38:57:7b:e4:73:aa:2a:70:a3:d2:20:73:8d:58: cc:26:a0:5b:12:6c:dd:96:19:31:c4:ed:35:a1:30: a4:4c:01:8e:0e:23:24:46:75:31:2e:4b:7e:2a:17: 28:c4:19:26:ac:3c:9a:22:1e:d8:6a:7f:53:db:20: 23:4c:7a:7f:12:ec:5a:6a:df:c6:b5:82:d4:74:0b: ac:0b:57:0a:b4:ad:59:2f:60:60:0f:dc:14:67:23: e5:a1:07:42:86:8f:0c:23:74:42:a1:78:b4:36:ef: ef:c2:36:0a:a1:03:63:31:f1:52:d9:9a:56:51:a6: 1c:5d:e9:87:05:92:34:01:78:de:38:a0:a2:95:01: 88:fa:78:53:a9:c7:11:74:7a:b1:4f:70:2d:c3:a4: 5d:bc:76:31:ab:2e:5f:17:0b:fd:27:77:87:ca:f6: d8:98:3e:62:cc:86:43:67:25:57:0d:64:64:3e:ac: 0a:23:3a:d3:18:7c:15:32:49:b8:52:b7:e8:79:b0: 9f:36:8e:8d:25:42:23:7b:50:5b:0d:09:8c:f1:75: 2e:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:52:81:81:5A:29:10:35:B2:70:CF:C8:0A:6E:E3:87:E5:59:17:73 X509v3 Authority Key Identifier: keyid:86:17:03:39:C2:BC:66:4D:60:0F:A9:8B:80:61:26:9D:48:E4:F2:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/tFKBgVopEDWycM_ICm7jh-VZF3M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.84.89.0/24 141.98.1.0/24 IPv6: 2a11:3a00::/29 Signature Algorithm: sha256WithRSAEncryption 74:19:d2:f1:b1:12:a9:1a:b3:4c:4c:e2:3e:0e:4e:d7:a7:1f: e6:31:6b:0e:ca:f1:fa:08:12:1b:57:ab:03:57:46:39:63:62: 0d:c3:64:31:87:e8:ee:24:3f:86:06:29:82:19:ef:bc:88:ec: ed:ce:27:26:b0:c5:65:75:6f:1c:fc:e2:d5:2c:96:7f:5d:45: 09:d4:fe:25:78:b1:d8:a3:4b:41:64:4e:50:32:66:bc:1d:f9: d7:08:51:31:52:e2:0f:3e:ce:30:43:dd:05:4c:70:d7:f1:a5: ed:df:44:36:9f:8c:ae:7d:e9:84:bc:f2:6d:28:09:cc:96:8b: 38:f2:39:54:bc:10:81:c5:48:c8:4e:5e:2f:53:f1:29:cb:a1: 0d:77:21:25:2c:52:ad:75:2f:80:9d:05:a1:72:93:e5:e7:dc: 82:c2:6e:85:c2:78:9c:e3:c9:b7:4c:7f:be:83:e3:04:18:0b: 0b:8c:96:d2:e1:b0:54:fe:75:96:63:1e:1b:cf:80:3c:af:fd: e5:45:6c:fc:71:d2:68:71:82:44:03:68:4e:68:82:75:f5:5f: db:df:55:02:38:57:c2:5f:de:b4:0a:28:90:ac:37:f7:59:ae: 5f:60:0e:d5:af:82:e7:9e:dc:a3:22:90:8e:41:b7:45:84:05: 85:49:39:01 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZqjHxiEi1Z2MyLBi1ji10qpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MTcwMzM5YzJiYzY2NGQ2MDBmYTk4YjgwNjEyNjlkNDhl NGYyYzYwHhcNMjUxMTIwMjExNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNDUyODE4MTVhMjkxMDM1YjI3MGNmYzgwYTZlZTM4N2U1NTkxNzczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyek26JCTQ6k1FvxkAjODG5z43Bc 97fFyuPTF4nwdLSrmsMTqWy3w0V8qYyuOFd75HOqKnCj0iBzjVjMJqBbEmzdlhkx xO01oTCkTAGODiMkRnUxLkt+KhcoxBkmrDyaIh7Yan9T2yAjTHp/Euxaat/GtYLU dAusC1cKtK1ZL2BgD9wUZyPloQdCho8MI3RCoXi0Nu/vwjYKoQNjMfFS2ZpWUaYc XemHBZI0AXjeOKCilQGI+nhTqccRdHqxT3Atw6RdvHYxqy5fFwv9J3eHyvbYmD5i zIZDZyVXDWRkPqwKIzrTGHwVMkm4UrfoebCfNo6NJUIje1BbDQmM8XUumwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLRSgYFaKRA1snDPyApu44flWRdzMB8GA1UdIwQY MBaAFIYXAznCvGZNYA+pi4BhJp1I5PLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGhjRE9jSzhaazFnRDZtTGdHRW1uVWprOHNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9jOThhYTMtMGUwYy00ZDk3LTliYzMt NzRkOTFjZGJlMTk1LzEvdEZLQmdWb3BFRFd5Y01fSUNtN2poLVZaRjNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9jOThhYTMtMGUwYy00ZDk3LTliYzMtNzRkOTFjZGJlMTk1 LzEvaGhjRE9jSzhaazFnRDZtTGdHRW1uVWprOHNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVRZAwQA jWIBMA0EAgACMAcDBQMqEToAMA0GCSqGSIb3DQEBCwUAA4IBAQB0GdLxsRKpGrNM TOI+Dk7Xpx/mMWsOyvH6CBIbV6sDV0Y5Y2INw2Qxh+juJD+GBimCGe+8iOztzicm sMVldW8c/OLVLJZ/XUUJ1P4leLHYo0tBZE5QMma8HfnXCFExUuIPPs4wQ90FTHDX 8aXt30Q2n4yufemEvPJtKAnMlos48jlUvBCBxUjITl4vU/Epy6ENdyElLFKtdS+A nQWhcpPl59yCwm6Fwnic48m3TH++g+MEGAsLjJbS4bBU/nWWYx4bz4A8r/3lRWz8 cdJocYJEA2hOaIJ19V/b31UCOFfCX960CiiQrDf3Wa5fYA7Vr4LnntyjIpCOQbdF hAWFSTkB -----END CERTIFICATE-----Generated at Sat Dec 6 08:03:22 2025 by rpki-client