This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/Kdrz4VO3nTi0cm2t0vxxapIOWxU.roa File: Kdrz4VO3nTi0cm2t0vxxapIOWxU.roa (raw, json) Hash identifier: z1ejcp1y0jcK9WnNDwwax2DZFIIvmwIhOqlOqgSXPHc= Subject key identifier: 29:DA:F3:E1:53:B7:9D:38:B4:72:6D:AD:D2:FC:71:6A:92:0E:5B:15 Certificate issuer: /CN=9e34b186271ccb89c5e58b30e70bd74109cc284a Certificate serial: 018FECA37AA0F626D6A367E7558C874CFFB7 Authority key identifier: 9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/Kdrz4VO3nTi0cm2t0vxxapIOWxU.roa Signing time: Thu 06 Jun 2024 08:21:27 +0000 ROA not before: Thu 06 Jun 2024 08:21:27 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 206406 IP address blocks: 185.72.216.0/22 maxlen: 22 185.187.92.0/24 maxlen: 24 185.187.93.0/24 maxlen: 24 185.187.94.0/24 maxlen: 24 185.187.95.0/24 maxlen: 24 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 01:8f:ec:a3:7a:a0:f6:26:d6:a3:67:e7:55:8c:87:4c:ff:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e34b186271ccb89c5e58b30e70bd74109cc284a Validity Not Before: Jun 6 08:21:27 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=29daf3e153b79d38b4726dadd2fc716a920e5b15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:29:8c:a3:3d:e5:71:5d:33:1b:bd:08:d9:ec: 5d:8e:7e:62:c9:36:81:5e:ad:70:f6:6a:a6:23:11: 91:86:e2:8f:6e:db:5e:30:77:24:c7:24:4e:e3:85: b9:3d:cf:d7:1f:28:48:e1:5d:04:58:1d:44:2c:8c: 04:1a:e4:42:1d:72:94:ea:37:5b:9d:63:a8:c3:ce: ca:45:f6:f6:8b:e4:c4:c5:0d:cb:61:34:a4:5a:ed: 2e:80:9d:c5:13:e7:38:42:64:95:6b:7e:d7:e8:84: ae:5d:89:7a:81:f0:59:e2:61:96:b2:7a:ad:96:36: 94:cf:fd:af:b7:f1:dc:fa:eb:f1:d8:ea:db:7e:f2: ae:a8:48:c4:1b:eb:77:f6:1a:b1:c0:16:5a:7f:da: a9:d2:6c:3d:ab:6f:8c:91:6c:8c:f1:6e:c9:1a:a7: a2:af:70:04:32:e8:f6:dd:59:83:4c:f7:ac:d1:e5: 20:c3:62:ec:0e:8f:b8:a2:6b:c3:74:2f:73:54:90: 62:fa:d7:4f:01:02:d4:30:ec:7d:cb:33:f5:a7:1d: 64:60:bf:9f:2d:85:c8:06:c2:4e:15:9f:af:fb:43: 83:1f:71:cb:b2:51:c1:1c:8a:92:61:51:64:65:b6: 91:f2:3a:96:e5:d7:ef:85:1e:94:ae:02:2a:bd:e7: 07:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:DA:F3:E1:53:B7:9D:38:B4:72:6D:AD:D2:FC:71:6A:92:0E:5B:15 X509v3 Authority Key Identifier: keyid:9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/Kdrz4VO3nTi0cm2t0vxxapIOWxU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.72.216.0/22 185.187.92.0/22 Signature Algorithm: sha256WithRSAEncryption 38:53:86:67:c0:30:c6:3f:a6:a4:76:b9:11:47:db:ab:65:59: bd:b5:5d:cf:81:92:12:da:b0:c2:99:6a:0f:fb:35:ce:15:c6: 3f:a8:b0:2d:32:e0:db:2e:a3:2c:d6:e1:7b:7f:d5:7e:dc:4f: 89:f5:e8:23:77:be:ec:a2:6e:56:ed:b5:e4:dd:30:31:b8:31: 65:c9:8a:b8:8c:12:eb:ef:37:ce:87:f1:59:5f:d2:c4:eb:f4: ed:7d:28:a7:b0:8b:af:33:a1:e5:91:f7:4d:1b:25:b5:b3:33: 80:50:50:fb:15:e3:e8:1a:4e:26:10:79:6e:8b:44:c9:9a:2c: b1:94:a7:c2:ad:78:44:fe:6b:7c:ac:f6:52:44:0a:d8:cd:40: 7a:e0:0d:2c:2d:e1:b9:23:88:e8:7f:84:43:83:f9:0f:92:4c: e8:e1:84:d7:41:c3:6a:31:78:86:23:cb:1f:49:cd:27:b3:34: fa:be:23:2f:fc:1f:f7:d9:c6:ac:70:cd:b3:d9:05:bb:10:07: 6c:5d:fb:e7:c1:c0:2b:46:b3:7d:4d:7a:ae:97:36:20:95:c8: a2:ca:a7:fd:51:25:b7:86:f6:14:b1:e3:d7:e4:54:a3:07:a0: c8:d0:6d:15:81:50:07:66:21:56:0d:df:93:4b:ee:17:4a:e7: 9a:fa:55:41 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAY/so3qg9ibWo2fnVYyHTP+3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllMzRiMTg2MjcxY2NiODljNWU1OGIzMGU3MGJkNzQxMDlj YzI4NGEwHhcNMjQwNjA2MDgyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyOWRhZjNlMTUzYjc5ZDM4YjQ3MjZkYWRkMmZjNzE2YTkyMGU1YjE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ymMoz3lcV0zG70I2exdjn5iyTaB Xq1w9mqmIxGRhuKPbtteMHckxyRO44W5Pc/XHyhI4V0EWB1ELIwEGuRCHXKU6jdb nWOow87KRfb2i+TExQ3LYTSkWu0ugJ3FE+c4QmSVa37X6ISuXYl6gfBZ4mGWsnqt ljaUz/2vt/Hc+uvx2OrbfvKuqEjEG+t39hqxwBZaf9qp0mw9q2+MkWyM8W7JGqei r3AEMuj23VmDTPes0eUgw2LsDo+4omvDdC9zVJBi+tdPAQLUMOx9yzP1px1kYL+f LYXIBsJOFZ+v+0ODH3HLslHBHIqSYVFkZbaR8jqW5dfvhR6UrgIqvecHbwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCna8+FTt504tHJtrdL8cWqSDlsVMB8GA1UdIwQY MBaAFJ40sYYnHMuJxeWLMOcL10EJzChKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTkt ZGQ1ZmZkNTMxNTcxLzEvS2RyejRWTzNuVGkwY20ydDB2eHhhcElPV3hVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTktZGQ1ZmZkNTMxNTcx LzEvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUjYAwQC ubtcMA0GCSqGSIb3DQEBCwUAA4IBAQA4U4ZnwDDGP6akdrkRR9urZVm9tV3PgZIS 2rDCmWoP+zXOFcY/qLAtMuDbLqMs1uF7f9V+3E+J9egjd77som5W7bXk3TAxuDFl yYq4jBLr7zfOh/FZX9LE6/TtfSinsIuvM6HlkfdNGyW1szOAUFD7FePoGk4mEHlu i0TJmiyxlKfCrXhE/mt8rPZSRArYzUB64A0sLeG5I4jof4RDg/kPkkzo4YTXQcNq MXiGI8sfSc0nszT6viMv/B/32cascM2z2QW7EAdsXfvnwcArRrN9TXqulzYglcii yqf9USW3hvYUsePX5FSjB6DI0G0VgVAHZiFWDd+TS+4XSuea+lVB -----END CERTIFICATE-----Generated at Tue Dec 23 12:43:55 2025 by rpki-client