This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xrAGGF01PIBtwk0kB8nSHNHwxoE.roa File: xrAGGF01PIBtwk0kB8nSHNHwxoE.roa (raw, json) Hash identifier: qK2H6bqJC2HvYnX9Zc01/NbXNDBJ00ECATCr3MSxwBk= Subject key identifier: C6:B0:06:18:5D:35:3C:80:6D:C2:4D:24:07:C9:D2:1C:D1:F0:C6:81 Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019AFF211666262E51F76A457D687574E515 Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xrAGGF01PIBtwk0kB8nSHNHwxoE.roa Signing time: Mon 08 Dec 2025 18:02:29 +0000 ROA not before: Mon 08 Dec 2025 18:02:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 174 IP address blocks: 94.176.142.0/24 maxlen: 24 185.150.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 11:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ff:21:16:66:26:2e:51:f7:6a:45:7d:68:75:74:e5:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Dec 8 18:02:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c6b006185d353c806dc24d2407c9d21cd1f0c681 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d4:f9:5e:70:e3:37:57:59:68:24:fb:2f:c2: 92:da:98:be:26:68:63:d9:6c:4b:3e:d2:17:72:d8: 5a:a9:2c:24:e6:f5:64:33:bb:a6:af:94:64:4a:c1: 6c:d5:49:66:90:08:8d:42:ed:a8:b6:10:ac:77:a9: dd:d3:77:e3:fe:f4:3b:7e:02:7a:8e:14:78:85:2b: d3:88:54:fa:c7:1e:d0:38:79:dd:27:e8:69:fa:a2: f1:10:aa:d2:83:02:8b:10:69:f1:93:1e:60:64:ec: 09:6d:c7:dc:0f:f2:4c:20:2b:d0:31:72:92:8b:99: 07:9e:fb:e3:ed:97:8e:c3:ce:50:d3:3b:3b:ad:b7: cb:82:55:08:f8:ab:89:9f:e4:b9:56:65:e2:2f:c4: dd:4e:46:47:6b:bf:ba:bf:b8:ed:35:df:e8:ae:97: 99:28:1f:75:88:24:4f:7d:d3:9a:76:16:45:51:67: c8:34:02:24:bc:4f:4e:e4:ec:20:65:89:b9:10:92: 29:ab:df:ae:12:2e:67:da:1b:e8:af:70:73:0a:d2: 47:80:7e:aa:5c:3a:dc:99:b1:21:d5:19:61:cf:cf: 05:7d:7f:50:3b:c9:86:ee:57:b1:a2:24:d9:aa:b5: f6:96:8b:5c:53:0f:94:76:73:12:0e:44:42:b6:68: a3:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:B0:06:18:5D:35:3C:80:6D:C2:4D:24:07:C9:D2:1C:D1:F0:C6:81 X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/xrAGGF01PIBtwk0kB8nSHNHwxoE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.176.142.0/24 185.150.204.0/24 Signature Algorithm: sha256WithRSAEncryption b2:b2:53:22:a4:ef:dd:b4:1e:6d:ee:3e:73:3c:d4:cb:06:05: b2:61:05:65:12:22:ae:1b:a4:8f:36:5d:a6:80:f2:49:a0:ec: 04:05:a2:70:f3:ae:71:48:b7:70:3e:4e:4f:c7:d7:c1:b0:d2: 8e:da:3f:a9:f0:a2:c2:c9:bd:a0:22:9a:86:f0:4b:f8:f1:ef: 8d:27:bf:35:09:55:58:d5:e2:12:32:8c:66:e8:9f:99:66:5e: 1f:8c:7d:fd:d0:d8:a5:4e:a6:72:19:14:e0:85:cf:09:ac:5e: a9:c5:1d:93:a7:10:0b:23:31:3f:d7:a0:32:77:9e:63:28:d0: b7:3e:ce:40:ac:af:ef:77:cc:9b:5f:e7:49:6a:48:e4:fb:c9: e4:d3:2b:66:9b:09:8f:5d:d3:b7:db:13:5c:2f:cb:ef:c6:96: e3:df:69:07:1f:3b:e8:a9:dc:1a:db:87:ee:0f:43:2f:45:ef: 03:bb:73:7c:da:fd:da:b7:d2:79:09:de:15:b0:81:80:2b:c3: 21:21:f9:d7:be:9d:42:8b:ea:35:02:21:a7:ac:4e:26:f9:8c: c8:25:9e:48:8a:33:e7:0d:7e:ba:d3:90:0e:fe:a4:c5:13:e4: 5a:78:aa:a2:a9:5b:21:74:ad:df:79:86:2b:f2:f6:25:aa:e8: 9b:49:be:c0 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZr/IRZmJi5R92pFfWh1dOUVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjUxMjA4MTgwMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmIwMDYxODVkMzUzYzgwNmRjMjRkMjQwN2M5ZDIxY2QxZjBjNjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNT5XnDjN1dZaCT7L8KS2pi+Jmhj 2WxLPtIXcthaqSwk5vVkM7umr5RkSsFs1UlmkAiNQu2othCsd6nd03fj/vQ7fgJ6 jhR4hSvTiFT6xx7QOHndJ+hp+qLxEKrSgwKLEGnxkx5gZOwJbcfcD/JMICvQMXKS i5kHnvvj7ZeOw85Q0zs7rbfLglUI+KuJn+S5VmXiL8TdTkZHa7+6v7jtNd/orpeZ KB91iCRPfdOadhZFUWfINAIkvE9O5OwgZYm5EJIpq9+uEi5n2hvor3BzCtJHgH6q XDrcmbEh1Rlhz88FfX9QO8mG7lexoiTZqrX2lotcUw+UdnMSDkRCtmijqwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMawBhhdNTyAbcJNJAfJ0hzR8MaBMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEveHJBR0dGMDFQSUJ0d2swa0I4blNITkh3eG9FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrCOAwQA uZbMMA0GCSqGSIb3DQEBCwUAA4IBAQCyslMipO/dtB5t7j5zPNTLBgWyYQVlEiKu G6SPNl2mgPJJoOwEBaJw865xSLdwPk5Px9fBsNKO2j+p8KLCyb2gIpqG8Ev48e+N J781CVVY1eISMoxm6J+ZZl4fjH390NilTqZyGRTghc8JrF6pxR2TpxALIzE/16Ay d55jKNC3Ps5ArK/vd8ybX+dJakjk+8nk0ytmmwmPXdO32xNcL8vvxpbj32kHHzvo qdwa24fuD0MvRe8Du3N82v3at9J5Cd4VsIGAK8MhIfnXvp1Ci+o1AiGnrE4m+YzI JZ5IijPnDX6605AO/qTFE+RaeKqiqVshdK3feYYr8vYlquibSb7A -----END CERTIFICATE-----Generated at Thu Dec 11 16:42:08 2025 by rpki-client