This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/31d1f0-94e5-4fd4-87f2-ee96e28ea6e9/1/wCY1_XE2obeKJbx5m_aVtIIpSJ0.roa File: wCY1_XE2obeKJbx5m_aVtIIpSJ0.roa (raw, json) Hash identifier: IrizyUZppxsaZx9puuAZtialqb9m0XB5Lu51pe6ilJg= Subject key identifier: C0:26:35:FD:71:36:A1:B7:8A:25:BC:79:9B:F6:95:B4:82:29:48:9D Certificate issuer: /CN=e5a70a81aa0308a3cbbf68578b180f356b6ed8ac Certificate serial: 019AB69DA2107B13CFD56C9CAB02376604D0 Authority key identifier: E5:A7:0A:81:AA:03:08:A3:CB:BF:68:57:8B:18:0F:35:6B:6E:D8:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5acKgaoDCKPLv2hXixgPNWtu2Kw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/31d1f0-94e5-4fd4-87f2-ee96e28ea6e9/1/wCY1_XE2obeKJbx5m_aVtIIpSJ0.roa Signing time: Mon 24 Nov 2025 16:06:15 +0000 ROA not before: Mon 24 Nov 2025 16:06:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213483 IP address blocks: 185.219.89.0/24 maxlen: 24 2a14:df00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/31d1f0-94e5-4fd4-87f2-ee96e28ea6e9/1/5acKgaoDCKPLv2hXixgPNWtu2Kw.crl rsync://rpki.ripe.net/repository/DEFAULT/81/31d1f0-94e5-4fd4-87f2-ee96e28ea6e9/1/5acKgaoDCKPLv2hXixgPNWtu2Kw.mft rsync://rpki.ripe.net/repository/DEFAULT/5acKgaoDCKPLv2hXixgPNWtu2Kw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 29 Nov 2025 01:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:9d:a2:10:7b:13:cf:d5:6c:9c:ab:02:37:66:04:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e5a70a81aa0308a3cbbf68578b180f356b6ed8ac Validity Not Before: Nov 24 16:06:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c02635fd7136a1b78a25bc799bf695b48229489d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:02:bb:3e:0e:41:a5:79:22:e2:41:d9:7c:46: 0b:54:3c:15:02:c6:37:6f:39:db:da:8c:e7:a6:37: 84:da:81:8f:b7:2b:17:cd:43:ab:b5:f1:81:32:ff: 1d:56:7a:e7:9e:21:29:9d:5d:d9:ce:6a:c0:4e:94: 41:31:10:3d:8c:54:96:54:8e:b1:a1:b5:db:4f:a4: 2d:e0:e4:00:81:cc:96:e2:45:a9:2c:a2:e2:05:70: 32:d9:38:e6:43:67:c2:2e:c5:ba:b6:98:7e:f0:cb: e2:41:3a:15:31:69:c1:4a:5b:44:af:71:76:1b:e2: be:b9:7c:4b:46:23:43:81:14:26:b5:c4:f6:5e:b4: e0:ab:a4:64:0c:be:f8:f1:9c:f7:d5:d1:3a:cd:70: a8:32:9f:39:27:34:99:78:bd:a5:65:ca:42:83:59: 41:7e:3b:de:1e:04:b0:8b:6c:c1:8f:91:42:58:86: 65:8f:05:f6:a1:0e:52:7f:cf:7a:79:2c:d0:91:4b: c6:3b:6e:74:7e:48:02:84:ad:e2:29:f8:61:93:da: 2a:a3:c7:20:4b:35:d4:a0:7f:a3:72:00:46:a3:b0: 52:83:46:bc:7d:83:04:25:82:e8:5d:9f:f3:88:ff: 1f:f4:c5:6b:4a:1f:de:df:12:94:a5:fd:0e:ef:2e: 1d:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:26:35:FD:71:36:A1:B7:8A:25:BC:79:9B:F6:95:B4:82:29:48:9D X509v3 Authority Key Identifier: keyid:E5:A7:0A:81:AA:03:08:A3:CB:BF:68:57:8B:18:0F:35:6B:6E:D8:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5acKgaoDCKPLv2hXixgPNWtu2Kw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/31d1f0-94e5-4fd4-87f2-ee96e28ea6e9/1/wCY1_XE2obeKJbx5m_aVtIIpSJ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/31d1f0-94e5-4fd4-87f2-ee96e28ea6e9/1/5acKgaoDCKPLv2hXixgPNWtu2Kw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.219.89.0/24 IPv6: 2a14:df00::/32 Signature Algorithm: sha256WithRSAEncryption 5c:bc:a5:1d:24:6d:c2:29:e7:01:c1:66:88:20:c9:0b:2c:d9: 04:ec:e1:7c:9f:71:e3:d6:ba:77:21:02:3d:e6:4e:07:61:72: a0:3e:44:e5:d9:dc:25:52:86:29:37:48:bb:a0:08:22:9e:c3: f0:78:2e:29:18:59:28:73:04:d1:22:da:ff:c3:3c:1c:42:03: 59:5e:4f:44:be:26:89:90:c0:aa:a3:35:4d:19:54:b6:07:c0: b9:b1:0c:4a:f1:3a:b7:08:84:b8:cb:59:a2:d7:2e:89:56:2d: e1:7f:f7:b5:6f:76:39:d1:c0:ff:08:55:5e:b4:ec:a4:bd:4c: bd:a1:76:0d:e7:54:da:ed:41:ed:17:16:64:01:db:f1:b7:b8: f9:21:86:1d:d8:4e:1f:83:84:e9:e4:9f:e1:4b:9f:78:78:66: c2:45:0e:9c:e8:a6:fb:20:aa:58:fb:30:12:7b:4e:e2:2e:dd: 6d:e2:0d:7a:db:67:28:a9:16:24:3a:3b:7c:23:97:a2:18:30: 2d:bc:2e:19:48:70:57:ed:1c:1a:80:d4:2c:4c:dd:c5:58:f0: ae:6e:fb:f2:af:c7:b8:17:4e:f6:ac:c4:cb:90:1c:63:8d:75: c1:f6:c5:09:af:30:9b:6a:25:5e:16:55:8e:b7:c2:a5:ef:e9: da:d1:59:a7 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZq2naIQexPP1WycqwI3ZgTQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU1YTcwYTgxYWEwMzA4YTNjYmJmNjg1NzhiMTgwZjM1NmI2 ZWQ4YWMwHhcNMjUxMTI0MTYwNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMDI2MzVmZDcxMzZhMWI3OGEyNWJjNzk5YmY2OTViNDgyMjk0ODlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gK7Pg5BpXki4kHZfEYLVDwVAsY3 bznb2oznpjeE2oGPtysXzUOrtfGBMv8dVnrnniEpnV3ZzmrATpRBMRA9jFSWVI6x obXbT6Qt4OQAgcyW4kWpLKLiBXAy2TjmQ2fCLsW6tph+8MviQToVMWnBSltEr3F2 G+K+uXxLRiNDgRQmtcT2XrTgq6RkDL748Zz31dE6zXCoMp85JzSZeL2lZcpCg1lB fjveHgSwi2zBj5FCWIZljwX2oQ5Sf896eSzQkUvGO250fkgChK3iKfhhk9oqo8cg SzXUoH+jcgBGo7BSg0a8fYMEJYLoXZ/ziP8f9MVrSh/e3xKUpf0O7y4dHQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMAmNf1xNqG3iiW8eZv2lbSCKUidMB8GA1UdIwQY MBaAFOWnCoGqAwijy79oV4sYDzVrbtisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWFjS2dhb0RDS1BMdjJoWGl4Z1BOV3R1Mkt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zMWQxZjAtOTRlNS00ZmQ0LTg3ZjIt ZWU5NmUyOGVhNmU5LzEvd0NZMV9YRTJvYmVLSmJ4NW1fYVZ0SUlwU0owLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS8zMWQxZjAtOTRlNS00ZmQ0LTg3ZjItZWU5NmUyOGVhNmU5 LzEvNWFjS2dhb0RDS1BMdjJoWGl4Z1BOV3R1Mkt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudtZMA0E AgACMAcDBQAqFN8AMA0GCSqGSIb3DQEBCwUAA4IBAQBcvKUdJG3CKecBwWaIIMkL LNkE7OF8n3Hj1rp3IQI95k4HYXKgPkTl2dwlUoYpN0i7oAginsPweC4pGFkocwTR Itr/wzwcQgNZXk9EviaJkMCqozVNGVS2B8C5sQxK8Tq3CIS4y1mi1y6JVi3hf/e1 b3Y50cD/CFVetOykvUy9oXYN51Ta7UHtFxZkAdvxt7j5IYYd2E4fg4Tp5J/hS594 eGbCRQ6c6Kb7IKpY+zASe07iLt1t4g1622coqRYkOjt8I5eiGDAtvC4ZSHBX7Rwa gNQsTN3FWPCubvvyr8e4F072rMTLkBxjjXXB9sUJrzCbaiVeFlWOt8Kl7+na0Vmn -----END CERTIFICATE-----Generated at Fri Nov 28 09:42:49 2025 by rpki-client