This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/B3DgMLNgriGick6yWN4rRKNdiA4.roa File: B3DgMLNgriGick6yWN4rRKNdiA4.roa (raw, json) Hash identifier: D6GTJY/3MOv3CPxe27eQ4puJTM3KuPA+dlZxYJB1+9M= Subject key identifier: 07:70:E0:30:B3:60:AE:21:A2:72:4E:B2:58:DE:2B:44:A3:5D:88:0E Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e Certificate serial: 019B080B7FFC6DFF318DBA5F936235B158EB Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/B3DgMLNgriGick6yWN4rRKNdiA4.roa Signing time: Wed 10 Dec 2025 11:35:29 +0000 ROA not before: Wed 10 Dec 2025 11:35:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 212271 IP address blocks: 152.89.170.0/24 maxlen: 24 152.89.171.0/24 maxlen: 24 185.57.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:08:0b:7f:fc:6d:ff:31:8d:ba:5f:93:62:35:b1:58:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e Validity Not Before: Dec 10 11:35:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0770e030b360ae21a2724eb258de2b44a35d880e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:76:08:2c:73:b7:8d:d9:aa:40:1c:8b:63:f2: 1c:46:86:ff:87:75:25:45:f4:ad:e0:80:b8:ee:9d: 47:31:9c:26:98:d2:3f:a9:88:0a:4b:53:0d:78:b6: ea:6c:bc:dd:03:e3:71:3d:79:84:1c:dc:4c:ed:ac: 35:02:4e:bf:c2:cc:e4:d9:02:b7:29:a4:be:16:d0: 7d:e2:93:4d:9d:96:df:21:6e:15:c4:dc:f6:1c:2e: 1b:3b:8c:99:6a:cf:b4:13:9f:a6:42:b2:b9:aa:66: 26:3f:02:ce:24:85:8c:de:f7:21:47:ac:c9:8d:4c: 2e:b6:7c:cb:ca:29:12:78:76:aa:ac:47:39:32:c8: 11:18:f2:84:9d:0d:08:f6:dc:73:80:e4:73:14:62: dc:b1:03:e0:b8:56:40:8b:36:dc:01:10:72:66:8c: 50:61:c6:61:3f:6e:60:0d:a3:8b:0a:ec:61:bd:d0: 05:e7:87:40:c3:97:c1:7d:e2:b4:1b:6b:e3:9f:e4: 91:57:17:4c:a3:f7:6d:d8:b8:ae:3b:bf:ff:97:73: ba:de:06:9e:dc:8b:21:25:8d:67:e9:02:af:bb:bb: 82:a1:87:4a:2a:13:f3:e7:e3:ad:95:21:fd:6d:01: 10:1f:8a:4b:e2:4c:e1:28:7f:2b:3b:c1:a9:0e:3c: f0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:70:E0:30:B3:60:AE:21:A2:72:4E:B2:58:DE:2B:44:A3:5D:88:0E X509v3 Authority Key Identifier: keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/B3DgMLNgriGick6yWN4rRKNdiA4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.170.0/23 185.57.231.0/24 Signature Algorithm: sha256WithRSAEncryption 51:9b:4a:45:0b:7b:73:43:f5:c8:24:bd:96:84:23:e5:d2:10: f3:3c:7b:2d:27:c4:7d:31:97:8c:7c:9f:34:fb:da:69:85:bd: 2d:ea:de:f3:07:a7:ed:f5:a5:e4:bb:a1:99:33:82:33:10:dd: 23:c7:2c:ce:49:03:80:6b:40:5b:66:9a:1c:07:e0:83:e9:57: a5:52:99:9e:f4:1f:68:3c:24:2c:91:8e:b0:4a:4c:de:50:e4: 2c:75:ff:98:6a:cb:4a:4f:27:42:f1:01:a4:9d:c3:84:86:e8: 43:d6:ec:f4:89:d9:9d:e8:11:1d:53:31:19:02:0a:9e:83:9a: 43:5a:ad:eb:8d:ec:cc:d2:ea:43:01:0c:4c:26:f8:f9:4b:6a: da:89:61:41:6a:a8:c5:69:19:ad:17:c8:a9:42:58:29:11:8c: 32:19:03:90:10:2a:97:be:97:9f:ea:99:fb:0a:75:0c:d1:6d: ce:cc:30:4e:6c:56:43:3f:1c:b1:7c:f0:e1:f1:0c:a1:99:45: 50:22:82:8d:95:9a:a6:4c:a0:54:de:fc:46:13:43:58:51:eb: a7:69:f5:0b:0e:ef:10:10:7f:9d:2a:0c:b3:f5:05:ae:a5:ed: 09:bd:6e:01:52:ae:33:fc:81:1d:88:e3:5e:a4:cd:cd:df:a1: 1a:9a:65:8a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsIC3/8bf8xjbpfk2I1sVjrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh ODBlOWUwHhcNMjUxMjEwMTEzNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwNzcwZTAzMGIzNjBhZTIxYTI3MjRlYjI1OGRlMmI0NGEzNWQ4ODBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3YILHO3jdmqQByLY/IcRob/h3Ul RfSt4IC47p1HMZwmmNI/qYgKS1MNeLbqbLzdA+NxPXmEHNxM7aw1Ak6/wszk2QK3 KaS+FtB94pNNnZbfIW4VxNz2HC4bO4yZas+0E5+mQrK5qmYmPwLOJIWM3vchR6zJ jUwutnzLyikSeHaqrEc5MsgRGPKEnQ0I9txzgORzFGLcsQPguFZAizbcARByZoxQ YcZhP25gDaOLCuxhvdAF54dAw5fBfeK0G2vjn+SRVxdMo/dt2LiuO7//l3O63gae 3IshJY1n6QKvu7uCoYdKKhPz5+OtlSH9bQEQH4pL4kzhKH8rO8GpDjzw0wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAdw4DCzYK4honJOsljeK0SjXYgOMB8GA1UdIwQY MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt OWU3MWRjMjRhNjgzLzEvQjNEZ01MTmdyaUdpY2s2eVdONHJSS05kaUE0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBmFmqAwQA uTnnMA0GCSqGSIb3DQEBCwUAA4IBAQBRm0pFC3tzQ/XIJL2WhCPl0hDzPHstJ8R9 MZeMfJ80+9pphb0t6t7zB6ft9aXku6GZM4IzEN0jxyzOSQOAa0BbZpocB+CD6Vel Upme9B9oPCQskY6wSkzeUOQsdf+YastKTydC8QGkncOEhuhD1uz0idmd6BEdUzEZ Agqeg5pDWq3rjezM0upDAQxMJvj5S2raiWFBaqjFaRmtF8ipQlgpEYwyGQOQECqX vpef6pn7CnUM0W3OzDBObFZDPxyxfPDh8QyhmUVQIoKNlZqmTKBU3vxGE0NYUeun afULDu8QEH+dKgyz9QWupe0JvW4BUq4z/IEdiONepM3N36EammWK -----END CERTIFICATE-----Generated at Fri Dec 12 00:23:49 2025 by rpki-client