This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xGhFdXpj0hbXcfR5OgplTGQHjMo.roa File: xGhFdXpj0hbXcfR5OgplTGQHjMo.roa (raw, json) Hash identifier: 9VHTZOMsHVfdrED5u2/yFOTIx6pHmoqIQam4cSoH4ns= Subject key identifier: C4:68:45:75:7A:63:D2:16:D7:71:F4:79:3A:0A:65:4C:64:07:8C:CA Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019AC64F79AB76811C210C9395942FFE2B1E Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xGhFdXpj0hbXcfR5OgplTGQHjMo.roa Signing time: Thu 27 Nov 2025 17:14:48 +0000 ROA not before: Thu 27 Nov 2025 17:14:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9009 IP address blocks: 89.32.163.0/24 maxlen: 24 89.32.164.0/24 maxlen: 24 89.34.122.0/24 maxlen: 24 89.34.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 04:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:c6:4f:79:ab:76:81:1c:21:0c:93:95:94:2f:fe:2b:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Nov 27 17:14:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c46845757a63d216d771f4793a0a654c64078cca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:95:bc:47:17:f6:56:e3:01:eb:75:87:53:b6: c3:c7:c0:6a:3b:65:15:d2:72:b5:f8:23:f2:52:3d: 49:15:49:3e:19:be:af:ed:fd:cc:2b:68:67:9c:d1: 60:07:e5:5d:46:e2:ae:b5:9a:9f:11:e1:09:4c:9c: 37:d3:67:b8:f3:85:b6:09:80:7e:d5:32:bb:df:38: e8:55:de:f3:51:36:23:50:b0:5a:a7:bd:3e:e7:ca: e7:f5:a6:ea:27:27:3c:57:2e:23:ac:7e:d1:98:30: 23:ac:0c:29:dc:78:92:76:92:f3:75:1e:ff:78:83: 59:da:12:1a:a5:4e:18:bd:86:2d:16:5f:6d:10:25: 0e:7c:71:17:0f:71:96:a9:88:50:58:d3:e0:f0:12: 72:a9:8e:8c:ae:ce:ba:fd:e6:20:a0:23:26:4f:6c: bb:c4:9c:45:78:6e:6d:5c:fb:af:fd:61:64:8c:03: 9f:16:da:89:2c:31:bc:c6:f8:df:fa:9d:31:4d:23: 7b:81:ea:e3:22:10:ed:54:a2:b3:c3:39:de:4b:4a: c8:81:6e:4a:e8:ed:49:53:d1:be:c3:c4:e5:b9:c7: 9f:c5:ba:51:54:e7:98:ca:f3:d5:3e:75:c6:f7:49: 7b:f3:f5:bc:2b:1c:96:40:ee:e4:cc:31:2f:5b:ce: 03:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:68:45:75:7A:63:D2:16:D7:71:F4:79:3A:0A:65:4C:64:07:8C:CA X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xGhFdXpj0hbXcfR5OgplTGQHjMo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.32.163.0-89.32.164.255 89.34.122.0/23 Signature Algorithm: sha256WithRSAEncryption 9c:db:e3:80:00:c0:c3:6f:cc:8d:fd:b6:3d:33:f1:78:41:6e: a4:47:52:0c:80:ce:c2:9e:cf:b8:eb:6a:9c:ce:43:2a:77:ac: 6c:aa:a1:bb:30:6a:f1:7f:c2:b8:e3:b7:f3:13:34:b7:1a:6c: 33:8b:5e:aa:48:91:61:48:9b:b2:a2:c4:f4:f1:72:dc:57:86: 39:de:63:16:ae:0a:11:8d:21:38:8a:32:1b:c3:64:cf:e3:f9: ad:be:67:47:3b:4a:ac:d3:fc:1c:63:e4:3f:4a:d0:0f:0e:10: 97:6b:cf:0e:d4:73:88:88:26:fb:bf:f8:a2:d0:d5:bc:86:af: 8b:8f:72:e8:22:6b:aa:d2:e2:1b:71:3c:c1:7a:81:93:0f:63: dc:04:0b:2f:3e:ea:3e:e1:4f:7f:51:70:55:ab:d0:77:a9:b9: 81:41:29:a2:ca:36:63:40:bf:0b:6f:14:bd:97:cc:7f:55:87: 10:03:cc:70:85:77:af:49:58:2e:ed:88:40:60:a8:4c:c0:9d: db:e1:90:f5:2a:72:21:53:77:ce:d2:1c:b1:53:50:64:0a:49: 71:1b:14:41:41:fe:0f:c9:46:b7:05:3d:27:64:ef:73:7d:97: 31:0d:97:e6:9a:b3:2b:0a:4f:54:16:9b:f2:a0:dd:e8:ec:d3: 73:f6:6d:65 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZrGT3mrdoEcIQyTlZQv/iseMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjUxMTI3MTcxNDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNDY4NDU3NTdhNjNkMjE2ZDc3MWY0NzkzYTBhNjU0YzY0MDc4Y2NhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZW8Rxf2VuMB63WHU7bDx8BqO2UV 0nK1+CPyUj1JFUk+Gb6v7f3MK2hnnNFgB+VdRuKutZqfEeEJTJw302e484W2CYB+ 1TK73zjoVd7zUTYjULBap70+58rn9abqJyc8Vy4jrH7RmDAjrAwp3HiSdpLzdR7/ eINZ2hIapU4YvYYtFl9tECUOfHEXD3GWqYhQWNPg8BJyqY6Mrs66/eYgoCMmT2y7 xJxFeG5tXPuv/WFkjAOfFtqJLDG8xvjf+p0xTSN7gerjIhDtVKKzwzneS0rIgW5K 6O1JU9G+w8TlucefxbpRVOeYyvPVPnXG90l78/W8KxyWQO7kzDEvW84DMQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFMRoRXV6Y9IW13H0eToKZUxkB4zKMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEveEdoRmRYcGowaGJYY2ZSNU9ncGxUR1FIak1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZIKMD BABZIKQDBAFZInowDQYJKoZIhvcNAQELBQADggEBAJzb44AAwMNvzI39tj0z8XhB bqRHUgyAzsKez7jrapzOQyp3rGyqobswavF/wrjjt/MTNLcabDOLXqpIkWFIm7Ki xPTxctxXhjneYxauChGNITiKMhvDZM/j+a2+Z0c7SqzT/Bxj5D9K0A8OEJdrzw7U c4iIJvu/+KLQ1byGr4uPcugia6rS4htxPMF6gZMPY9wECy8+6j7hT39RcFWr0Hep uYFBKaLKNmNAvwtvFL2XzH9VhxADzHCFd69JWC7tiEBgqEzAndvhkPUqciFTd87S HLFTUGQKSXEbFEFB/g/JRrcFPSdk73N9lzENl+aasysKT1QWm/Kg3ejs03P2bWU= -----END CERTIFICATE-----Generated at Wed Dec 3 11:45:24 2025 by rpki-client