This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/zSArTYhnYGg68DxYt5zpTU1kAto.roa File: zSArTYhnYGg68DxYt5zpTU1kAto.roa (raw, json) Hash identifier: 09zNv9luAhfQiqIhDYxKqjr2pKjjpJXfNolCADm+km8= Subject key identifier: CD:20:2B:4D:88:67:60:68:3A:F0:3C:58:B7:9C:E9:4D:4D:64:02:DA Certificate issuer: /CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19 Certificate serial: 01971B72C137A22C01AE4840ABB4716E4C9E Authority key identifier: 6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/zSArTYhnYGg68DxYt5zpTU1kAto.roa Signing time: Thu 29 May 2025 09:49:54 +0000 ROA not before: Thu 29 May 2025 09:49:54 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 21058 IP address blocks: 80.83.160.0/20 maxlen: 20 80.83.160.0/24 maxlen: 24 80.83.161.0/24 maxlen: 24 80.83.162.0/24 maxlen: 24 80.83.163.0/24 maxlen: 24 80.83.164.0/24 maxlen: 24 80.83.165.0/24 maxlen: 24 80.83.166.0/24 maxlen: 24 80.83.167.0/24 maxlen: 24 80.83.168.0/24 maxlen: 24 80.83.169.0/24 maxlen: 24 80.83.171.0/24 maxlen: 24 80.83.172.0/24 maxlen: 24 80.83.173.0/24 maxlen: 24 80.83.174.0/24 maxlen: 24 80.83.175.0/24 maxlen: 24 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 01:97:1b:72:c1:37:a2:2c:01:ae:48:40:ab:b4:71:6e:4c:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ad70ef25e522c0d26e977a1d24ff77ead3ada19 Validity Not Before: May 29 09:49:54 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=cd202b4d886760683af03c58b79ce94d4d6402da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0c:dd:af:60:8d:72:76:14:04:0c:b7:f3:d6: 43:b6:f3:4b:55:0f:c6:48:78:12:a8:e7:3b:66:34: e9:89:92:9a:cf:a6:9b:f8:f0:f5:63:38:01:1c:42: c8:c7:0e:69:16:3c:43:b3:3a:04:f6:47:bc:9d:cc: 08:3a:6d:c4:f4:7e:d8:26:65:be:78:0a:d8:c6:16: ad:de:1d:22:de:c9:8a:c5:29:e5:44:6e:c3:a7:cc: ea:6c:cf:e0:02:09:ec:24:0d:e4:aa:c9:83:2f:a5: d1:14:16:1d:e7:6a:1e:ec:e6:3c:9e:ad:91:83:5a: c4:dd:20:3b:c7:ea:be:7f:5f:b3:aa:7d:bb:a2:5b: d5:cc:cd:5d:58:ec:11:7b:81:73:94:e1:f4:17:52: 69:d9:48:4c:c2:f3:58:2c:a5:bf:03:83:b2:b2:f2: c8:98:d5:d1:d9:41:32:7a:e9:d1:c8:bb:3b:b5:19: 11:eb:76:27:2d:6a:aa:fe:85:ea:f1:9c:05:3b:be: 13:50:22:1a:b8:d0:a2:dc:87:b4:03:4b:ac:5f:9a: 48:42:db:9a:b9:47:47:50:e6:29:5d:8d:f3:b1:cc: 66:08:d4:63:a2:25:62:4d:87:18:fc:82:c1:45:d7: ca:da:c4:ee:c0:ba:9d:e9:57:1e:a9:30:e0:82:4c: ec:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:20:2B:4D:88:67:60:68:3A:F0:3C:58:B7:9C:E9:4D:4D:64:02:DA X509v3 Authority Key Identifier: keyid:6A:D7:0E:F2:5E:52:2C:0D:26:E9:77:A1:D2:4F:F7:7E:AD:3A:DA:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atcO8l5SLA0m6Xeh0k_3fq062hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/zSArTYhnYGg68DxYt5zpTU1kAto.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23968a-fa36-4654-bfbf-9404e177200e/1/atcO8l5SLA0m6Xeh0k_3fq062hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.83.160.0/20 Signature Algorithm: sha256WithRSAEncryption 00:a0:6c:82:86:38:5e:07:f9:61:55:cf:b6:2b:8b:3a:3d:59: 13:0e:3a:15:b5:92:7e:25:d3:56:9d:0c:79:e0:59:ec:81:43: a2:93:97:c7:7f:21:ab:eb:5e:4d:81:af:3b:77:0c:f0:1e:a1: fd:cd:28:5b:8e:ab:c0:37:91:30:3b:78:26:ee:77:48:2d:83: 5c:93:dd:6d:6e:10:d5:5c:26:48:75:d0:98:a1:ce:26:4b:fe: 1a:0e:fd:40:5f:e1:28:08:e3:b6:38:6b:82:20:0b:a6:27:12: 76:6b:2b:ea:1b:8c:55:17:90:55:5f:a3:fa:34:b1:61:b3:40: fb:c9:27:da:7a:54:8b:10:bc:83:17:c2:b6:d2:80:f9:74:b2: ba:a6:0f:ee:51:5c:df:a7:56:c6:1b:b7:ec:29:ef:61:02:2f: 88:7b:5d:17:66:59:0e:a9:90:5d:23:f1:93:6f:3c:b4:cf:59: 57:4b:8a:92:13:01:40:a2:15:25:5b:af:3c:15:d4:40:b4:c7: ce:b9:51:aa:a4:ed:6e:78:d8:b1:25:ac:da:74:28:ff:7b:18: b7:d0:a5:91:bb:d5:ca:ca:7c:18:76:5a:8f:8d:f1:b3:a4:8f: ad:14:2a:b7:94:d4:c8:68:5d:12:5d:50:88:51:2a:bc:82:92: fb:b5:f4:8b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZcbcsE3oiwBrkhAq7RxbkyeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZDcwZWYyNWU1MjJjMGQyNmU5NzdhMWQyNGZmNzdlYWQz YWRhMTkwHhcNMjUwNTI5MDk0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZDIwMmI0ZDg4Njc2MDY4M2FmMDNjNThiNzljZTk0ZDRkNjQwMmRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgzdr2CNcnYUBAy389ZDtvNLVQ/G SHgSqOc7ZjTpiZKaz6ab+PD1YzgBHELIxw5pFjxDszoE9ke8ncwIOm3E9H7YJmW+ eArYxhat3h0i3smKxSnlRG7Dp8zqbM/gAgnsJA3kqsmDL6XRFBYd52oe7OY8nq2R g1rE3SA7x+q+f1+zqn27olvVzM1dWOwRe4FzlOH0F1Jp2UhMwvNYLKW/A4OysvLI mNXR2UEyeunRyLs7tRkR63YnLWqq/oXq8ZwFO74TUCIauNCi3Ie0A0usX5pIQtua uUdHUOYpXY3zscxmCNRjoiViTYcY/ILBRdfK2sTuwLqd6VceqTDggkzs9QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFM0gK02IZ2BoOvA8WLec6U1NZALaMB8GA1UdIwQY MBaAFGrXDvJeUiwNJul3odJP936tOtoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYt OTQwNGUxNzcyMDBlLzEvelNBclRZaG5ZR2c2OER4WXQ1enBUVTFrQXRvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi8yMzk2OGEtZmEzNi00NjU0LWJmYmYtOTQwNGUxNzcyMDBl LzEvYXRjTzhsNVNMQTBtNlhlaDBrXzNmcTA2MmhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUFOgMA0G CSqGSIb3DQEBCwUAA4IBAQAAoGyChjheB/lhVc+2K4s6PVkTDjoVtZJ+JdNWnQx5 4FnsgUOik5fHfyGr615Nga87dwzwHqH9zShbjqvAN5EwO3gm7ndILYNck91tbhDV XCZIddCYoc4mS/4aDv1AX+EoCOO2OGuCIAumJxJ2ayvqG4xVF5BVX6P6NLFhs0D7 ySfaelSLELyDF8K20oD5dLK6pg/uUVzfp1bGG7fsKe9hAi+Ie10XZlkOqZBdI/GT bzy0z1lXS4qSEwFAohUlW688FdRAtMfOuVGqpO1ueNixJazadCj/exi30KWRu9XK ynwYdlqPjfGzpI+tFCq3lNTIaF0SXVCIUSq8gpL7tfSL -----END CERTIFICATE-----Generated at Wed Dec 24 00:17:28 2025 by rpki-client