This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2LZEdSvpTrZ3JdbDBnKTjcL-4Do.roa File: 2LZEdSvpTrZ3JdbDBnKTjcL-4Do.roa (raw, json) Hash identifier: yrvO/xNRtTYGJN/g5y4IZ2KZ9wXbOPwmjtz6Uh7e3Xw= Subject key identifier: D8:B6:44:75:2B:E9:4E:B6:77:25:D6:C3:06:72:93:8D:C2:FE:E0:3A Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019AA5ADB6C29FCAFB5AC68C3EF44A42BEC5 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2LZEdSvpTrZ3JdbDBnKTjcL-4Do.roa Signing time: Fri 21 Nov 2025 09:10:16 +0000 ROA not before: Fri 21 Nov 2025 09:10:16 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 13649 IP address blocks: 82.153.68.0/24 maxlen: 24 82.153.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a5:ad:b6:c2:9f:ca:fb:5a:c6:8c:3e:f4:4a:42:be:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 21 09:10:16 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d8b644752be94eb67725d6c30672938dc2fee03a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:af:e5:a4:9a:e9:c3:33:86:0e:2d:a6:a5:70: ee:91:4a:4e:c0:a7:2b:57:4d:71:1a:c8:2b:6e:72: 00:92:c8:1d:48:49:69:f0:26:e5:b7:90:dd:75:e5: a0:1b:b8:b2:bf:f4:59:09:80:d1:dc:29:51:30:a1: 46:7b:bd:9c:ce:0c:16:69:0a:1c:63:e8:a6:dd:44: 47:2b:5f:58:8a:21:37:84:ef:df:e7:1c:8f:38:4b: 14:b5:7a:b0:a1:f1:95:d0:82:d7:f8:63:b5:b4:18: b4:81:39:d0:fc:53:b4:bb:c1:5c:90:ee:0f:ba:6f: af:50:81:5f:c8:c7:d1:3a:9a:44:96:12:91:37:d9: cb:24:74:18:a1:f1:d5:d2:c3:75:e9:9d:38:74:71: 12:73:c7:d6:b5:4d:d9:b5:30:de:71:0e:de:ba:c2: 9e:f4:e8:a7:c0:de:52:b4:cf:71:64:68:9a:11:8a: f1:03:ec:1b:92:44:d1:ca:83:5e:0a:26:7a:d2:37: a8:56:87:dd:8c:64:6b:fe:eb:8e:6b:0c:11:e6:9e: e1:7a:74:80:30:9e:81:0c:8d:4c:86:e8:88:73:47: b1:1f:57:1a:6e:f2:3b:29:f4:40:48:83:72:70:0c: 99:ec:c4:f0:ca:f6:b0:da:5e:7f:ff:d3:c8:c0:26: 73:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:B6:44:75:2B:E9:4E:B6:77:25:D6:C3:06:72:93:8D:C2:FE:E0:3A X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2LZEdSvpTrZ3JdbDBnKTjcL-4Do.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.153.68.0/24 82.153.71.0/24 Signature Algorithm: sha256WithRSAEncryption ac:3f:a9:05:5a:59:76:75:8d:54:55:7f:37:7a:e2:a9:37:66: e5:a2:32:66:db:6b:01:50:b9:39:7d:09:a0:11:45:49:0e:d6: ce:fc:f1:70:8a:4d:c8:3c:2e:1e:a3:f6:f0:62:85:f3:36:81: da:26:36:95:1f:f6:c2:39:c4:f8:77:86:9a:0b:48:14:71:1d: ec:11:ef:82:f9:27:43:00:0a:29:1c:5b:b7:96:e8:b5:91:43: 7c:f3:1c:12:e8:3a:d7:39:d8:30:33:9b:03:a6:dc:9e:fb:af: 75:f0:b2:c0:b1:eb:f1:2e:0e:5b:03:39:e3:cd:ed:0b:3a:87: c3:13:eb:6d:27:bc:f0:9d:8d:c2:b0:ff:6e:07:79:d2:99:5e: 0e:87:cf:81:0d:d1:e4:91:56:77:c5:9a:28:91:67:d4:b6:cb: fd:22:c6:79:e0:de:1f:87:6e:7d:e3:e7:d5:2d:92:7f:a1:90: f6:c0:88:f8:7a:4a:35:e7:bb:91:39:71:04:f5:d4:40:09:eb: 44:42:c2:49:c3:91:21:f6:80:4e:e8:0e:a8:fe:5e:a0:29:ad: 6b:73:f4:1f:4c:2c:9f:2a:b6:f0:42:b3:32:82:67:e4:d6:40: 80:7a:4d:50:12:7c:13:98:6b:be:ff:ce:7b:0c:c6:9d:03:03: b3:32:bd:09 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZqlrbbCn8r7WsaMPvRKQr7FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTIxMDkxMDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGI2NDQ3NTJiZTk0ZWI2NzcyNWQ2YzMwNjcyOTM4ZGMyZmVlMDNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq/lpJrpwzOGDi2mpXDukUpOwKcr V01xGsgrbnIAksgdSElp8Cblt5DddeWgG7iyv/RZCYDR3ClRMKFGe72czgwWaQoc Y+im3URHK19YiiE3hO/f5xyPOEsUtXqwofGV0ILX+GO1tBi0gTnQ/FO0u8FckO4P um+vUIFfyMfROppElhKRN9nLJHQYofHV0sN16Z04dHESc8fWtU3ZtTDecQ7eusKe 9OinwN5StM9xZGiaEYrxA+wbkkTRyoNeCiZ60jeoVofdjGRr/uuOawwR5p7henSA MJ6BDI1MhuiIc0exH1cabvI7KfRASINycAyZ7MTwyvaw2l5//9PIwCZzKwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNi2RHUr6U62dyXWwwZyk43C/uA6MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvMkxaRWRTdnBUclozSmRiREJuS1RqY0wtNERvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUplEAwQA UplHMA0GCSqGSIb3DQEBCwUAA4IBAQCsP6kFWll2dY1UVX83euKpN2blojJm22sB ULk5fQmgEUVJDtbO/PFwik3IPC4eo/bwYoXzNoHaJjaVH/bCOcT4d4aaC0gUcR3s Ee+C+SdDAAopHFu3lui1kUN88xwS6DrXOdgwM5sDptye+6918LLAsevxLg5bAznj ze0LOofDE+ttJ7zwnY3CsP9uB3nSmV4Oh8+BDdHkkVZ3xZookWfUtsv9IsZ54N4f h2594+fVLZJ/oZD2wIj4eko157uROXEE9dRACetEQsJJw5Eh9oBO6A6o/l6gKa1r c/QfTCyfKrbwQrMygmfk1kCAek1QEnwTmGu+/857DMadAwOzMr0J -----END CERTIFICATE-----Generated at Sun Nov 23 12:06:55 2025 by rpki-client