This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/mWVKLu7JIbWDRf6UwKQVpc3TeHk.roa File: mWVKLu7JIbWDRf6UwKQVpc3TeHk.roa (raw, json) Hash identifier: /ILKWnYvC10gU3wVh36K0lsRGNP01gsP1Ff/pKP4YGQ= Subject key identifier: 99:65:4A:2E:EE:C9:21:B5:83:45:FE:94:C0:A4:15:A5:CD:D3:78:79 Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e Certificate serial: 019AD8FE2F96B8AF11A728277C3121E03A84 Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/mWVKLu7JIbWDRf6UwKQVpc3TeHk.roa Signing time: Mon 01 Dec 2025 08:18:48 +0000 ROA not before: Mon 01 Dec 2025 08:18:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48040 IP address blocks: 31.172.65.0/24 maxlen: 24 199.68.198.0/24 maxlen: 24 199.68.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d8:fe:2f:96:b8:af:11:a7:28:27:7c:31:21:e0:3a:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e Validity Not Before: Dec 1 08:18:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=99654a2eeec921b58345fe94c0a415a5cdd37879 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f2:79:23:7b:14:b0:21:82:42:97:9e:c8:22: 44:ea:6b:1f:8d:32:84:a2:7f:b4:2a:1b:7a:ca:71: db:29:a9:63:7b:e3:e6:8a:fe:0d:b6:97:2e:51:eb: ac:cd:6f:06:88:cf:50:b2:42:34:25:a4:3a:f7:6d: 79:ad:01:f8:6e:8b:36:46:be:7e:cf:fe:69:11:c9: 17:4c:07:84:2e:d0:aa:45:db:03:e8:52:08:e6:7f: 7e:46:5b:27:d8:a7:44:4e:63:b1:ee:b4:13:8c:83: b1:f6:10:da:1b:16:74:0e:c2:db:bd:0a:36:7a:d0: f4:31:28:b2:bb:22:0b:30:4f:c8:b6:a6:87:70:bb: 3f:1b:f4:c6:87:b6:fb:3c:b1:77:3c:aa:ef:23:20: f7:96:14:e1:f3:c3:43:3f:71:62:5c:cf:7e:bd:95: 0e:9c:7d:24:84:d9:a9:64:13:e5:be:df:55:e3:35: 64:92:7f:2d:dd:d9:86:ff:63:f2:88:cb:f1:43:79: 03:8f:c3:96:22:7d:a0:f8:c7:79:cb:67:6e:6d:69: 2c:db:f1:28:80:1c:85:6e:ef:c1:90:53:f5:c4:7c: c9:a1:29:a1:0d:47:16:9e:6f:ee:98:82:cd:76:c0: ee:ac:b4:f5:7f:99:63:f1:fd:76:a0:4e:98:f4:a5: e3:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:65:4A:2E:EE:C9:21:B5:83:45:FE:94:C0:A4:15:A5:CD:D3:78:79 X509v3 Authority Key Identifier: keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/mWVKLu7JIbWDRf6UwKQVpc3TeHk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.172.65.0/24 199.68.198.0/23 Signature Algorithm: sha256WithRSAEncryption 86:0d:cc:43:8c:5c:96:27:1a:92:d8:a9:e6:93:6b:d1:10:ac: 86:10:95:ac:2f:95:cb:50:4b:cc:3a:cf:c1:18:15:ec:eb:ff: 0f:99:3d:e2:23:22:fe:47:79:e2:4b:0c:9e:7b:83:dc:44:bb: a6:06:cd:bc:39:ef:35:01:ad:ed:c6:52:fd:92:9c:33:ce:ef: 87:ff:d6:20:97:ef:4c:db:94:6a:ef:70:5e:9d:fa:e0:02:bc: d3:75:24:67:75:39:9f:6f:1c:f9:69:9a:9b:93:34:18:47:99: 80:b6:1e:d2:d7:31:bc:ee:a6:d6:8f:cc:b8:cf:83:7d:81:65: 40:2f:f5:72:75:fd:e0:f7:e2:e2:79:6c:43:d4:29:f1:46:ed: 23:5f:21:1e:20:f2:e8:fb:af:8d:95:fd:79:ed:46:15:53:73: 3b:25:bf:fe:5d:cc:e0:ab:0b:a1:24:c3:12:f4:90:c7:d6:9b: 17:75:b8:0d:b1:c3:f3:26:79:b0:cb:13:53:6f:bd:9d:03:2b: b7:94:4a:75:61:ed:0b:39:66:45:d7:57:03:0f:31:8b:c6:c2: b3:a0:c8:3a:04:be:b3:7d:aa:12:f9:59:89:a9:6f:f0:1a:96: 6d:f4:e6:52:7d:04:33:e2:f1:2d:6d:20:54:00:b4:eb:dc:60: a5:3d:d6:05 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZrY/i+WuK8RpygnfDEh4DqEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1 ZDAwN2UwHhcNMjUxMjAxMDgxODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTY1NGEyZWVlYzkyMWI1ODM0NWZlOTRjMGE0MTVhNWNkZDM3ODc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvJ5I3sUsCGCQpeeyCJE6msfjTKE on+0Kht6ynHbKalje+Pmiv4NtpcuUeuszW8GiM9QskI0JaQ69215rQH4bos2Rr5+ z/5pEckXTAeELtCqRdsD6FII5n9+Rlsn2KdETmOx7rQTjIOx9hDaGxZ0DsLbvQo2 etD0MSiyuyILME/ItqaHcLs/G/TGh7b7PLF3PKrvIyD3lhTh88NDP3FiXM9+vZUO nH0khNmpZBPlvt9V4zVkkn8t3dmG/2PyiMvxQ3kDj8OWIn2g+Md5y2dubWks2/Eo gByFbu/BkFP1xHzJoSmhDUcWnm/umILNdsDurLT1f5lj8f12oE6Y9KXjsQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJllSi7uySG1g0X+lMCkFaXN03h5MB8GA1UdIwQY MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt MWZiYzY0MWI1MGIxLzEvbVdWS0x1N0pJYldEUmY2VXdLUVZwYzNUZUhrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH6xBAwQB x0TGMA0GCSqGSIb3DQEBCwUAA4IBAQCGDcxDjFyWJxqS2Knmk2vREKyGEJWsL5XL UEvMOs/BGBXs6/8PmT3iIyL+R3niSwyee4PcRLumBs28Oe81Aa3txlL9kpwzzu+H /9Ygl+9M25Rq73BenfrgArzTdSRndTmfbxz5aZqbkzQYR5mAth7S1zG87qbWj8y4 z4N9gWVAL/Vydf3g9+LieWxD1CnxRu0jXyEeIPLo+6+Nlf157UYVU3M7Jb/+Xczg qwuhJMMS9JDH1psXdbgNscPzJnmwyxNTb72dAyu3lEp1Ye0LOWZF11cDDzGLxsKz oMg6BL6zfaoS+VmJqW/wGpZt9OZSfQQz4vEtbSBUALTr3GClPdYF -----END CERTIFICATE-----Generated at Sat Dec 6 15:15:14 2025 by rpki-client