This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b72eWOVJTXMGaGnEFRYif01sERM.roa File: b72eWOVJTXMGaGnEFRYif01sERM.roa (raw, json) Hash identifier: DfhzsSzOknX+uz3z1sJTKyloBQvIL33YELtIO4NjQbg= Subject key identifier: 6F:BD:9E:58:E5:49:4D:73:06:68:69:C4:15:16:22:7F:4D:6C:11:13 Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c Certificate serial: 019ACC3BFD04CD4942276AA5223FC7CB29B0 Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b72eWOVJTXMGaGnEFRYif01sERM.roa Signing time: Fri 28 Nov 2025 20:51:14 +0000 ROA not before: Fri 28 Nov 2025 20:51:14 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 8342 IP address blocks: 147.45.38.0/24 maxlen: 24 147.45.39.0/24 maxlen: 24 147.45.61.0/24 maxlen: 24 147.45.62.0/24 maxlen: 24 147.45.63.0/24 maxlen: 24 147.45.88.0/21 maxlen: 21 147.45.120.0/22 maxlen: 22 147.45.127.0/24 maxlen: 24 147.45.205.0/24 maxlen: 24 193.233.60.0/24 maxlen: 24 193.233.62.0/24 maxlen: 24 193.233.124.0/22 maxlen: 24 193.233.170.0/24 maxlen: 24 193.233.236.0/24 maxlen: 24 193.233.237.0/24 maxlen: 24 193.233.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 17:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:cc:3b:fd:04:cd:49:42:27:6a:a5:22:3f:c7:cb:29:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c Validity Not Before: Nov 28 20:51:14 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6fbd9e58e5494d73066869c41516227f4d6c1113 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:7d:cb:37:66:e2:88:d3:21:1a:95:0f:f9:32: 42:e6:b9:62:e7:7a:1a:5a:7d:a2:7b:0c:e8:36:b7: 33:8c:1f:e5:61:72:c6:dc:d2:81:f9:61:82:81:0a: c6:ad:4a:d8:c6:81:f3:6b:70:56:33:8d:ce:45:a0: 32:ea:14:08:7c:6d:cf:43:1b:f8:6b:12:ff:81:6e: 98:ae:1b:f0:bb:b3:a5:5d:c7:2f:8b:4d:9a:8c:5c: ce:30:5d:2d:d8:c1:b8:0b:6c:95:c4:92:3e:a4:27: 2f:9f:53:a3:94:af:50:5f:51:91:0e:fc:a3:95:95: da:4d:e1:39:dc:e1:da:e1:87:9e:90:6c:37:73:85: c6:29:04:96:a2:b3:3c:d1:a7:a2:01:1c:0c:65:f0: 37:35:5c:0b:58:81:24:61:7e:c1:a7:fc:bb:da:1e: 48:1f:38:7a:e4:42:0c:cf:99:0c:3c:bd:c9:27:16: 94:c1:0b:04:33:37:c5:1b:b5:e7:6e:21:27:95:6c: 10:48:60:00:8d:eb:3e:75:a2:07:1d:c7:de:9f:aa: b7:29:a0:6a:62:5b:1d:76:c6:a8:0c:af:d1:ed:ad: 6d:01:0d:f7:92:43:e4:0a:e4:96:81:b8:2e:f1:8f: 29:83:47:70:02:77:bb:2d:dd:3a:f5:f5:ea:95:4e: 62:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:BD:9E:58:E5:49:4D:73:06:68:69:C4:15:16:22:7F:4D:6C:11:13 X509v3 Authority Key Identifier: keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b72eWOVJTXMGaGnEFRYif01sERM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.45.38.0/23 147.45.61.0-147.45.63.255 147.45.88.0/21 147.45.120.0/22 147.45.127.0/24 147.45.205.0/24 193.233.60.0/24 193.233.62.0/24 193.233.124.0/22 193.233.170.0/24 193.233.236.0/23 193.233.239.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:b2:0d:ec:1a:3f:ad:9e:db:75:65:34:4f:f3:20:4c:d1:8e: 02:a6:57:fe:2c:eb:0a:7d:4e:21:5d:51:5c:16:44:2a:e6:1a: 88:83:18:3f:90:a5:35:38:40:df:3f:db:c9:09:21:5b:f2:63: dc:ba:27:5c:b2:80:59:bd:6e:9b:e3:af:f3:9d:3f:0f:42:e1: 1a:c8:76:dc:0e:1f:f1:8d:6d:85:60:4f:7d:10:44:39:fb:5a: 9c:e5:5d:1d:87:85:2e:cc:f9:67:b0:ce:47:89:0a:f1:ad:2a: fe:fb:f8:9c:20:61:ed:d6:f3:f5:12:2c:70:53:1b:a4:96:8e: 5e:d7:70:e6:e2:5b:11:b3:2e:13:fc:fa:31:7f:59:8b:2b:8b: 17:f1:da:f6:9a:72:87:d9:a0:95:df:b5:4f:47:12:9a:d1:0b: 1d:24:3b:c3:3e:05:aa:4e:b9:3b:e7:cd:33:94:8f:41:07:1a: 4a:2d:18:6f:31:8f:ff:b3:d6:bb:f9:a8:d0:08:8f:bb:a7:ed: 29:72:d0:e8:2c:b8:7b:b6:56:63:d2:27:01:0d:a0:2c:e6:0d: ba:dd:67:a7:42:87:ca:88:38:59:7e:af:79:8e:88:a5:71:d2: ad:1c:6e:97:3b:46:1a:2e:9a:b4:7d:07:ea:b6:f8:68:74:30: 1d:bb:08:cd -----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgISAZrMO/0EzUlCJ2qlIj/HyymwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4 Mjg3M2MwHhcNMjUxMTI4MjA1MTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZmJkOWU1OGU1NDk0ZDczMDY2ODY5YzQxNTE2MjI3ZjRkNmMxMTEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun3LN2biiNMhGpUP+TJC5rli53oa Wn2iewzoNrczjB/lYXLG3NKB+WGCgQrGrUrYxoHza3BWM43ORaAy6hQIfG3PQxv4 axL/gW6Yrhvwu7OlXccvi02ajFzOMF0t2MG4C2yVxJI+pCcvn1OjlK9QX1GRDvyj lZXaTeE53OHa4YeekGw3c4XGKQSWorM80aeiARwMZfA3NVwLWIEkYX7Bp/y72h5I Hzh65EIMz5kMPL3JJxaUwQsEMzfFG7XnbiEnlWwQSGAAjes+daIHHcfen6q3KaBq YlsddsaoDK/R7a1tAQ33kkPkCuSWgbgu8Y8pg0dwAne7Ld069fXqlU5idQIDAQAB o4ICUzCCAk8wHQYDVR0OBBYEFG+9nljlSU1zBmhpxBUWIn9NbBETMB8GA1UdIwQY MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt NGRlYzRkYWZlZTQ5LzEvYjcyZVdPVkpUWE1HYUduRUZSWWlmMDFzRVJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5 LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBky0mMAwD BACTLT0DBAaTLQADBAOTLVgDBAKTLXgDBACTLX8DBACTLc0DBADB6TwDBADB6T4D BALB6XwDBADB6aoDBAHB6ewDBADB6e8wDQYJKoZIhvcNAQELBQADggEBAD+yDewa P62e23VlNE/zIEzRjgKmV/4s6wp9TiFdUVwWRCrmGoiDGD+QpTU4QN8/28kJIVvy Y9y6J1yygFm9bpvjr/OdPw9C4RrIdtwOH/GNbYVgT30QRDn7WpzlXR2HhS7M+Wew zkeJCvGtKv77+JwgYe3W8/USLHBTG6SWjl7XcObiWxGzLhP8+jF/WYsrixfx2vaa cofZoJXftU9HEprRCx0kO8M+BapOuTvnzTOUj0EHGkotGG8xj/+z1rv5qNAIj7un 7Sly0OgsuHu2VmPSJwENoCzmDbrdZ6dCh8qIOFl+r3mOiKVx0q0cbpc7RhoumrR9 B+q2+Gh0MB27CM0= -----END CERTIFICATE-----Generated at Sat Dec 6 01:49:50 2025 by rpki-client