This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8KsKPwDt_U3esg4Sk9w55TWJGfU.roa File: 8KsKPwDt_U3esg4Sk9w55TWJGfU.roa (raw, json) Hash identifier: Y9H30IXsjTD1LRIZ3m92ilCvbPrY09frr0MiwY79cIY= Subject key identifier: F0:AB:0A:3F:00:ED:FD:4D:DE:B2:0E:12:93:DC:39:E5:35:89:19:F5 Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 0189259DE2EA03EB159718CCF2D10CFDBC99 Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8KsKPwDt_U3esg4Sk9w55TWJGfU.roa Signing time: Wed 05 Jul 2023 10:34:11 +0000 ROA not before: Wed 05 Jul 2023 10:34:11 +0000 ROA not after: Mon 01 Jul 2024 00:00:00 +0000 asID: 200385 IP address blocks: 62.76.235.0/24 maxlen: 24 194.135.23.0/24 maxlen: 24 194.87.243.0/24 maxlen: 24 193.124.49.0/24 maxlen: 24 194.135.46.0/24 maxlen: 24 194.87.53.0/24 maxlen: 24 195.133.37.0/24 maxlen: 24 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 01:89:25:9d:e2:ea:03:eb:15:97:18:cc:f2:d1:0c:fd:bc:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Jul 5 10:34:11 2023 GMT Not After : Jul 1 00:00:00 2024 GMT Subject: CN=f0ab0a3f00edfd4ddeb20e1293dc39e5358919f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e8:4d:5d:25:61:00:e8:42:a1:1a:4a:4e:84: 27:95:14:f4:1d:74:ad:87:2e:f4:f8:83:da:33:68: c4:78:29:f3:41:af:3f:6f:26:e3:28:1c:be:5e:e3: c2:d3:69:54:b8:84:43:ec:c1:fe:15:c5:8d:0e:28: ad:90:88:96:e7:5f:37:27:72:3e:d4:cf:15:62:76: c1:35:96:75:75:ea:74:10:80:26:79:ef:bc:d7:70: 23:82:d4:d2:87:8e:e6:bb:48:b5:ae:52:dd:6f:fe: 05:2c:79:89:e8:f5:ec:a0:bf:2b:28:e3:b7:e4:62: aa:1f:10:08:41:2e:78:0f:4c:1d:d3:af:fc:8b:a7: 4e:3e:11:46:cd:43:ac:e4:71:97:1a:76:13:90:53: 2f:80:7b:66:87:18:73:19:51:8c:18:f8:d8:c5:00: da:19:90:a4:a2:f8:eb:0b:a0:d5:81:4d:fe:50:c6: 92:27:81:31:13:89:92:2e:00:65:42:8b:99:94:88: 37:22:b6:2c:dd:ca:19:06:b1:eb:29:89:86:65:89: b0:11:6c:ac:67:01:8c:d8:20:ff:38:81:47:e5:f5: 31:64:3a:cc:98:bd:bb:13:ba:d5:a6:8f:e1:34:93: 20:c2:81:97:52:a2:ea:1e:6e:41:a7:9b:be:0a:fb: f5:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:AB:0A:3F:00:ED:FD:4D:DE:B2:0E:12:93:DC:39:E5:35:89:19:F5 X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/8KsKPwDt_U3esg4Sk9w55TWJGfU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.76.235.0/24 193.124.49.0/24 194.87.53.0/24 194.87.243.0/24 194.135.23.0/24 194.135.46.0/24 195.133.37.0/24 Signature Algorithm: sha256WithRSAEncryption 35:5c:c2:c1:97:32:0b:de:69:33:0b:f7:65:2d:df:e1:a2:bb: 28:71:9b:5c:84:5b:73:1b:6a:36:d1:91:01:75:42:ae:86:f4: c9:ac:83:5e:8b:18:d4:1a:c8:90:91:b6:a7:3c:7e:bc:66:4b: 96:7b:2d:93:d3:d3:78:b6:f9:d2:0c:d7:f8:94:f5:4a:07:be: 62:c7:61:72:4f:05:1d:de:65:7b:6c:5f:5d:8e:8d:46:7b:0a: f9:88:7b:15:39:50:5d:cf:cf:b9:b3:e2:30:06:d8:ca:00:e2: 5f:5c:a6:fe:23:19:c9:fc:08:cb:f4:21:7d:10:b1:4f:1c:64: ef:55:60:5d:14:0b:e5:84:81:d2:46:09:51:91:4c:f2:8e:a1: cd:65:6f:92:fc:b4:73:60:b9:ac:f5:4c:af:85:21:27:33:ca: 9b:ae:7f:c6:3d:f8:c9:b7:ba:be:9f:ce:e0:d3:5e:e2:b0:02: e1:2d:d0:04:56:93:93:78:39:af:f9:ec:07:da:2f:0e:21:02: 06:0b:9d:36:be:4a:ee:6f:c2:6f:18:83:ba:75:b9:37:71:50: ec:af:d1:f4:74:1a:40:f1:20:f4:04:bb:6c:36:3b:95:49:1d: cc:ab:0a:f2:ee:b5:53:28:a1:58:b3:ec:bc:a9:ca:d6:42:44: d2:b1:f7:e7 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAYklneLqA+sVlxjM8tEM/byZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjMwNzA1MTAzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMGFiMGEzZjAwZWRmZDRkZGViMjBlMTI5M2RjMzllNTM1ODkxOWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+hNXSVhAOhCoRpKToQnlRT0HXSt hy70+IPaM2jEeCnzQa8/bybjKBy+XuPC02lUuIRD7MH+FcWNDiitkIiW5183J3I+ 1M8VYnbBNZZ1dep0EIAmee+813AjgtTSh47mu0i1rlLdb/4FLHmJ6PXsoL8rKOO3 5GKqHxAIQS54D0wd06/8i6dOPhFGzUOs5HGXGnYTkFMvgHtmhxhzGVGMGPjYxQDa GZCkovjrC6DVgU3+UMaSJ4ExE4mSLgBlQouZlIg3IrYs3coZBrHrKYmGZYmwEWys ZwGM2CD/OIFH5fUxZDrMmL27E7rVpo/hNJMgwoGXUqLqHm5Bp5u+Cvv1RQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFPCrCj8A7f1N3rIOEpPcOeU1iRn1MB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvOEtzS1B3RHRfVTNlc2c0U2s5dzU1VFdKR2ZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkzrAwQA wXwxAwQAwlc1AwQAwlfzAwQAwocXAwQAwocuAwQAw4UlMA0GCSqGSIb3DQEBCwUA A4IBAQA1XMLBlzIL3mkzC/dlLd/horsocZtchFtzG2o20ZEBdUKuhvTJrINeixjU GsiQkbanPH68ZkuWey2T09N4tvnSDNf4lPVKB75ix2FyTwUd3mV7bF9djo1Gewr5 iHsVOVBdz8+5s+IwBtjKAOJfXKb+IxnJ/AjL9CF9ELFPHGTvVWBdFAvlhIHSRglR kUzyjqHNZW+S/LRzYLms9UyvhSEnM8qbrn/GPfjJt7q+n87g017isALhLdAEVpOT eDmv+ewH2i8OIQIGC502vkrub8JvGIO6dbk3cVDsr9H0dBpA8SD0BLtsNjuVSR3M qwry7rVTKKFYs+y8qcrWQkTSsffn -----END CERTIFICATE-----Generated at Fri Dec 19 22:53:21 2025 by rpki-client