This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/rSfDslg7pwYbYa8pBppG0FkKl2U.roa File: rSfDslg7pwYbYa8pBppG0FkKl2U.roa (raw, json) Hash identifier: u4hQ4fpeaHLkp1B+Nra5rSdmzSsxTY2tPORLgl3fDVg= Subject key identifier: AD:27:C3:B2:58:3B:A7:06:1B:61:AF:29:06:9A:46:D0:59:0A:97:65 Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d Certificate serial: 019B11709610B0B88AB89815100D8E437EB3 Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/rSfDslg7pwYbYa8pBppG0FkKl2U.roa Signing time: Fri 12 Dec 2025 07:22:29 +0000 ROA not before: Fri 12 Dec 2025 07:22:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 199527 IP address blocks: 86.38.163.0/24 maxlen: 24 185.189.152.0/24 maxlen: 24 213.252.208.0/24 maxlen: 24 213.252.209.0/24 maxlen: 24 213.252.242.0/24 maxlen: 24 213.252.250.0/24 maxlen: 24 213.252.251.0/24 maxlen: 24 213.252.253.0/24 maxlen: 24 2a00:f501:a001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 20:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:70:96:10:b0:b8:8a:b8:98:15:10:0d:8e:43:7e:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d Validity Not Before: Dec 12 07:22:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ad27c3b2583ba7061b61af29069a46d0590a9765 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:81:05:6b:f4:9f:da:89:a1:b2:70:93:02:db: 5a:3a:e7:fc:7b:e4:29:b5:e9:e5:56:cc:8e:0d:ab: b7:9e:31:36:c3:15:ea:8c:7a:8e:6c:a9:7e:3c:0f: a9:e7:74:59:7e:35:70:14:ac:27:81:15:f9:f8:0f: 9c:ca:24:84:00:17:f7:d2:04:63:6e:58:8a:de:5d: db:cf:23:5e:5e:b8:2d:8c:25:5e:1b:65:d5:a3:c4: a1:e0:26:a7:ba:6e:7f:3b:a3:79:87:76:97:55:eb: bd:64:d8:b4:cd:61:a7:85:6a:c5:c0:d2:1f:48:68: 50:18:12:8c:3d:c9:d5:5d:b2:bc:32:47:50:74:cd: a8:bc:73:20:f8:88:8e:af:61:cd:c9:f5:ea:e7:8e: 06:1d:3d:1f:26:22:af:e4:f2:05:54:27:c9:60:a0: e4:c3:60:4f:14:39:6c:ef:98:5e:ff:29:62:a0:ec: 31:4e:08:43:82:4e:63:ea:7b:a6:56:74:60:7f:b7: 61:3a:33:7b:11:a0:3f:bc:1c:4c:30:4a:d0:21:77: ce:62:c4:cd:db:7b:2a:9b:71:ef:40:52:8e:0f:7d: 1a:e3:c1:63:76:71:93:47:48:bb:09:14:d5:9f:da: 15:60:0d:f2:af:26:43:8d:a3:a4:4a:c5:9a:d7:84: ce:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:27:C3:B2:58:3B:A7:06:1B:61:AF:29:06:9A:46:D0:59:0A:97:65 X509v3 Authority Key Identifier: keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/rSfDslg7pwYbYa8pBppG0FkKl2U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.163.0/24 185.189.152.0/24 213.252.208.0/23 213.252.242.0/24 213.252.250.0/23 213.252.253.0/24 IPv6: 2a00:f501:a001::/48 Signature Algorithm: sha256WithRSAEncryption 3c:5b:41:e1:ba:f0:07:19:6b:d0:e3:2d:72:59:b4:d0:98:38: 6c:5a:48:f7:bf:c0:10:b1:de:80:ad:74:8f:62:38:c9:ae:4b: 6a:3b:fb:b1:a0:48:0c:e1:9f:03:e6:29:4c:8c:3c:c9:24:d8: 8b:f2:59:f4:f8:a5:40:b0:56:08:3f:81:20:bc:88:8d:3e:3b: 63:39:20:d9:34:96:36:c7:5b:1d:ec:e0:5a:14:75:7c:8b:8a: 50:6c:e4:1e:83:22:21:76:2a:e1:90:6f:8d:79:41:dd:b7:9f: 20:de:31:3b:08:57:07:1b:d3:4e:38:52:e6:8f:75:6d:e6:2e: 79:4d:98:e8:89:b4:7e:fb:24:d2:86:9d:4d:95:7c:d9:24:4d: d4:f9:a3:a1:7f:bb:07:15:9b:67:ce:65:79:c7:a4:7e:b7:78: fd:ce:18:7a:8d:82:75:99:8e:af:f1:04:e7:cd:f1:5b:19:47: c0:00:93:ea:47:85:8b:cb:13:91:60:df:0e:51:cb:e0:37:84: 4c:9a:a3:4f:16:c4:a5:66:56:c7:b4:d8:dd:98:9a:aa:09:7f: e3:d3:e4:f2:a8:15:72:5b:3b:6c:d6:3a:4f:8b:90:9f:2b:7f: ca:35:aa:83:6d:cb:8a:c6:ac:a3:01:87:5e:9a:e7:61:ba:c6: ba:ff:35:0a -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZsRcJYQsLiKuJgVEA2OQ36zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3 MTE4MGQwHhcNMjUxMjEyMDcyMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDI3YzNiMjU4M2JhNzA2MWI2MWFmMjkwNjlhNDZkMDU5MGE5NzY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIEFa/Sf2omhsnCTAttaOuf8e+Qp tenlVsyODau3njE2wxXqjHqObKl+PA+p53RZfjVwFKwngRX5+A+cyiSEABf30gRj bliK3l3bzyNeXrgtjCVeG2XVo8Sh4Canum5/O6N5h3aXVeu9ZNi0zWGnhWrFwNIf SGhQGBKMPcnVXbK8MkdQdM2ovHMg+IiOr2HNyfXq544GHT0fJiKv5PIFVCfJYKDk w2BPFDls75he/ylioOwxTghDgk5j6numVnRgf7dhOjN7EaA/vBxMMErQIXfOYsTN 23sqm3HvQFKOD30a48FjdnGTR0i7CRTVn9oVYA3yryZDjaOkSsWa14TOQQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFK0nw7JYO6cGG2GvKQaaRtBZCpdlMB8GA1UdIwQY MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt MDQ2ODA0MjQ4NmRjLzEvclNmRHNsZzdwd1liWWE4cEJwcEcwRmtLbDJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAViajAwQA ub2YAwQB1fzQAwQA1fzyAwQB1fz6AwQA1fz9MA8EAgACMAkDBwAqAPUBoAEwDQYJ KoZIhvcNAQELBQADggEBADxbQeG68AcZa9DjLXJZtNCYOGxaSPe/wBCx3oCtdI9i OMmuS2o7+7GgSAzhnwPmKUyMPMkk2IvyWfT4pUCwVgg/gSC8iI0+O2M5INk0ljbH Wx3s4FoUdXyLilBs5B6DIiF2KuGQb415Qd23nyDeMTsIVwcb0044UuaPdW3mLnlN mOiJtH77JNKGnU2VfNkkTdT5o6F/uwcVm2fOZXnHpH63eP3OGHqNgnWZjq/xBOfN 8VsZR8AAk+pHhYvLE5Fg3w5Ry+A3hEyao08WxKVmVse02N2YmqoJf+PT5PKoFXJb O2zWOk+LkJ8rf8o1qoNty4rGrKMBh16a52G6xrr/NQo= -----END CERTIFICATE-----Generated at Tue Dec 16 04:32:31 2025 by rpki-client