This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a993d-b92f-4ec0-b300-d55f5e0ff43f/1/1tFNa9gPNZNVMrlGcDWrwlLRbUs.roa File: 1tFNa9gPNZNVMrlGcDWrwlLRbUs.roa (raw, json) Hash identifier: aX2NScMgKNwa1w41FjgEr7tmcFXuhM9FnOXMlARjYZI= Subject key identifier: D6:D1:4D:6B:D8:0F:35:93:55:32:B9:46:70:35:AB:C2:52:D1:6D:4B Certificate issuer: /CN=d6d7285e92b7402e95dbda27bfbef71a8e227cd4 Certificate serial: 019AD96862FFE578896752F418B792669F00 Authority key identifier: D6:D7:28:5E:92:B7:40:2E:95:DB:DA:27:BF:BE:F7:1A:8E:22:7C:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tcoXpK3QC6V29onv773Go4ifNQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a993d-b92f-4ec0-b300-d55f5e0ff43f/1/1tFNa9gPNZNVMrlGcDWrwlLRbUs.roa Signing time: Mon 01 Dec 2025 10:14:48 +0000 ROA not before: Mon 01 Dec 2025 10:14:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 35168 IP address blocks: 89.38.164.0/22 maxlen: 22 89.38.164.0/24 maxlen: 24 89.38.165.0/24 maxlen: 24 89.38.166.0/24 maxlen: 24 89.38.167.0/24 maxlen: 24 2a01:68c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a993d-b92f-4ec0-b300-d55f5e0ff43f/1/1tcoXpK3QC6V29onv773Go4ifNQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a993d-b92f-4ec0-b300-d55f5e0ff43f/1/1tcoXpK3QC6V29onv773Go4ifNQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1tcoXpK3QC6V29onv773Go4ifNQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d9:68:62:ff:e5:78:89:67:52:f4:18:b7:92:66:9f:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d6d7285e92b7402e95dbda27bfbef71a8e227cd4 Validity Not Before: Dec 1 10:14:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d6d14d6bd80f35935532b9467035abc252d16d4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:9c:bc:15:f5:e1:f2:75:37:07:c7:01:c7:bc: 72:6e:c5:9c:6b:1a:d7:e1:22:89:56:98:0f:5c:07: ff:7b:6d:38:78:26:b3:b3:0b:6b:fa:a3:17:20:18: ee:61:56:8a:1c:74:b2:a8:ff:6a:cd:3a:51:c8:48: 87:13:3b:18:e0:ed:e3:14:f6:ad:ae:a3:d3:41:a6: 6c:5e:34:ff:51:c4:f2:c9:0f:0a:79:fe:e9:f8:50: 08:ef:29:3e:b8:7c:95:ef:82:d9:d6:9a:9c:48:c3: 9f:a0:a1:6f:15:e3:3f:44:4f:1b:c0:b3:d4:4c:4d: 60:04:a3:d2:a6:f1:f2:6d:b0:93:b0:39:db:bc:ad: 08:39:42:ee:92:fe:5d:1e:b8:2b:8d:a1:b0:2b:c3: 01:57:82:ef:f5:1e:fd:42:4d:be:7e:7e:8d:52:61: 04:5a:0f:0f:9d:04:48:65:eb:aa:cf:77:50:ed:db: d4:d2:dc:83:3e:5d:f3:e4:bd:53:4f:27:32:5c:eb: 74:1c:4f:2e:f4:96:75:bb:a0:64:df:a3:8d:9c:86: 61:d4:3b:7c:64:ea:eb:21:cf:f4:66:f7:d1:d8:43: fd:ed:61:33:d8:b6:1d:e2:9d:a7:01:c5:ac:cf:7c: ac:d6:77:4b:34:90:a8:d5:59:3d:6e:b8:d1:36:c9: 43:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:D1:4D:6B:D8:0F:35:93:55:32:B9:46:70:35:AB:C2:52:D1:6D:4B X509v3 Authority Key Identifier: keyid:D6:D7:28:5E:92:B7:40:2E:95:DB:DA:27:BF:BE:F7:1A:8E:22:7C:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tcoXpK3QC6V29onv773Go4ifNQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a993d-b92f-4ec0-b300-d55f5e0ff43f/1/1tFNa9gPNZNVMrlGcDWrwlLRbUs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a993d-b92f-4ec0-b300-d55f5e0ff43f/1/1tcoXpK3QC6V29onv773Go4ifNQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.38.164.0/22 IPv6: 2a01:68c0::/32 Signature Algorithm: sha256WithRSAEncryption 87:4d:bb:e9:8e:47:53:33:ff:1f:ca:5b:a2:03:49:6f:81:d2: f2:fd:49:24:df:90:6f:c5:54:aa:17:54:6b:94:c3:2a:9d:4b: 66:16:d7:b1:37:6d:a1:9d:2a:3c:0e:99:4c:0d:4d:be:1a:97: 99:64:92:da:df:c7:ba:a7:2b:07:4c:86:01:fb:e8:7b:a2:63: 09:51:41:14:97:47:c6:00:9f:80:fb:f8:66:34:91:d7:70:e4: 64:83:fc:c4:10:14:7e:b8:d2:ac:39:70:23:fd:17:c1:1e:02: b3:0e:8a:ba:32:42:7a:b3:b5:04:0b:b1:be:ff:40:97:54:79: 23:c8:d8:ae:9e:5e:9a:ea:5d:8c:08:97:5b:03:08:a9:5a:c7: 35:11:f5:82:0f:52:ec:b5:e0:b4:28:e9:8c:66:23:74:77:06: 3e:97:1f:ed:32:73:1c:fc:77:cd:20:2c:8e:62:df:16:47:23: 93:50:0b:e1:f5:a3:2b:93:91:52:42:6e:7e:e7:3d:06:43:9a: f2:c1:f7:e2:c8:c3:38:43:0a:94:52:70:4e:e1:9b:b6:30:02: 16:72:ed:12:95:dd:e0:27:0c:23:07:7c:71:f7:78:65:b9:72: 58:83:84:1b:e7:66:a7:ac:0f:07:30:aa:76:0f:8f:76:10:5a: c0:d6:aa:38 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZrZaGL/5XiJZ1L0GLeSZp8AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2ZDcyODVlOTJiNzQwMmU5NWRiZGEyN2JmYmVmNzFhOGUy MjdjZDQwHhcNMjUxMjAxMTAxNDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNmQxNGQ2YmQ4MGYzNTkzNTUzMmI5NDY3MDM1YWJjMjUyZDE2ZDRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJy8FfXh8nU3B8cBx7xybsWcaxrX 4SKJVpgPXAf/e204eCazswtr+qMXIBjuYVaKHHSyqP9qzTpRyEiHEzsY4O3jFPat rqPTQaZsXjT/UcTyyQ8Kef7p+FAI7yk+uHyV74LZ1pqcSMOfoKFvFeM/RE8bwLPU TE1gBKPSpvHybbCTsDnbvK0IOULukv5dHrgrjaGwK8MBV4Lv9R79Qk2+fn6NUmEE Wg8PnQRIZeuqz3dQ7dvU0tyDPl3z5L1TTycyXOt0HE8u9JZ1u6Bk36ONnIZh1Dt8 ZOrrIc/0ZvfR2EP97WEz2LYd4p2nAcWsz3ys1ndLNJCo1Vk9brjRNslDGQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNbRTWvYDzWTVTK5RnA1q8JS0W1LMB8GA1UdIwQY MBaAFNbXKF6St0AuldvaJ7++9xqOInzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXRjb1hwSzNRQzZWMjlvbnY3NzNHbzRpZk5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTk5M2QtYjkyZi00ZWMwLWIzMDAt ZDU1ZjVlMGZmNDNmLzEvMXRGTmE5Z1BOWk5WTXJsR2NEV3J3bExSYlVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTk5M2QtYjkyZi00ZWMwLWIzMDAtZDU1ZjVlMGZmNDNm LzEvMXRjb1hwSzNRQzZWMjlvbnY3NzNHbzRpZk5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWSakMA0E AgACMAcDBQAqAWjAMA0GCSqGSIb3DQEBCwUAA4IBAQCHTbvpjkdTM/8fyluiA0lv gdLy/Ukk35BvxVSqF1RrlMMqnUtmFtexN22hnSo8DplMDU2+GpeZZJLa38e6pysH TIYB++h7omMJUUEUl0fGAJ+A+/hmNJHXcORkg/zEEBR+uNKsOXAj/RfBHgKzDoq6 MkJ6s7UEC7G+/0CXVHkjyNiunl6a6l2MCJdbAwipWsc1EfWCD1LsteC0KOmMZiN0 dwY+lx/tMnMc/HfNICyOYt8WRyOTUAvh9aMrk5FSQm5+5z0GQ5rywffiyMM4QwqU UnBO4Zu2MAIWcu0Sld3gJwwjB3xx93hluXJYg4Qb52anrA8HMKp2D492EFrA1qo4 -----END CERTIFICATE-----Generated at Sat Dec 6 05:42:18 2025 by rpki-client