This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2dFln-ZCp_PbGJJnRCB65_dT-p8.roa File: 2dFln-ZCp_PbGJJnRCB65_dT-p8.roa (raw, json) Hash identifier: NWiOBcDz47dNoE2bvT6wIIGcme2IEw3dEPDvwqTGaAU= Subject key identifier: D9:D1:65:9F:E6:42:A7:F3:DB:18:92:67:44:20:7A:E7:F7:53:FA:9F Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A77FA851399B94C60DA1E3E0A502F77A0 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2dFln-ZCp_PbGJJnRCB65_dT-p8.roa Signing time: Wed 12 Nov 2025 12:11:38 +0000 ROA not before: Wed 12 Nov 2025 12:11:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 200017 IP address blocks: 82.152.14.0/24 maxlen: 24 82.153.1.0/24 maxlen: 24 82.153.245.0/24 maxlen: 24 109.176.24.0/24 maxlen: 24 109.176.26.0/24 maxlen: 24 212.38.68.0/24 maxlen: 24 212.38.74.0/24 maxlen: 24 213.152.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:77:fa:85:13:99:b9:4c:60:da:1e:3e:0a:50:2f:77:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 12 12:11:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d9d1659fe642a7f3db18926744207ae7f753fa9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:0d:23:14:2b:17:3c:66:7c:50:07:ee:88:c3: db:d5:9f:e8:15:7f:c7:47:11:c5:47:b2:26:a9:a9: 8f:3b:ee:5b:4b:35:59:08:b9:bf:7b:79:c8:fe:52: 42:dd:72:4e:f5:ad:6f:c5:1c:92:75:e3:72:f8:6a: fa:38:5e:2c:02:b4:0a:9a:8d:e0:62:56:b3:5b:1c: 54:42:a2:bc:fd:d7:06:0e:19:ff:e0:48:fa:41:d3: 93:56:4e:c7:ad:c6:32:13:96:17:ea:09:c8:76:52: d4:ac:2e:04:79:5a:13:3b:a3:a1:f6:3d:ed:e5:24: 9c:74:e1:fe:eb:df:29:d4:32:e5:57:6a:de:41:97: 0a:65:c3:12:86:b3:1d:ad:bb:25:65:6e:30:d1:6d: 4b:e3:dc:49:91:08:ef:b4:4d:57:0c:cd:43:a8:7b: 1f:7d:1a:45:20:ef:a0:33:89:92:0f:79:7c:81:18: 82:08:98:8f:34:69:de:99:f0:17:9a:fb:07:36:e5: 93:7b:b9:c6:a0:f0:ca:b0:2a:bd:99:86:90:3e:28: bf:6e:38:d6:98:1f:a9:e0:32:d1:d3:b7:d6:d0:d3: 62:d5:7c:79:ff:1e:4d:16:cc:30:5d:ee:54:11:0c: 0e:7d:78:2d:5e:2a:d2:28:c7:be:ef:14:3c:82:ef: 8f:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:D1:65:9F:E6:42:A7:F3:DB:18:92:67:44:20:7A:E7:F7:53:FA:9F X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2dFln-ZCp_PbGJJnRCB65_dT-p8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.14.0/24 82.153.1.0/24 82.153.245.0/24 109.176.24.0/24 109.176.26.0/24 212.38.68.0/24 212.38.74.0/24 213.152.42.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:03:63:e5:09:56:d3:73:37:7e:0b:96:33:92:b5:27:35:37: c4:3d:2c:a0:07:e2:e0:98:8f:0c:b6:a2:58:f0:99:27:84:b0: c1:78:3c:bf:18:a9:d9:67:67:5d:a0:10:78:15:bb:6d:9d:da: 65:e8:14:b4:ce:47:7c:09:08:0d:53:b9:fb:4a:03:eb:2e:1c: 3d:7a:e1:94:5a:16:99:54:b2:c6:52:a0:ac:42:95:b3:08:61: 20:1c:7e:65:80:5f:fc:2c:35:c5:de:3a:7c:d7:48:8b:83:0d: a3:69:70:db:69:52:f9:6e:b8:77:36:d5:aa:67:85:c2:02:eb: 38:c2:4c:5c:40:3b:b7:4e:0a:1d:dd:c0:29:cf:12:6f:91:57: cb:62:80:01:ee:8c:0c:51:70:c7:bf:25:b0:f3:9d:e8:81:99: cf:78:6e:a4:70:a7:ce:a0:87:89:d6:a8:ee:53:52:50:6d:bd: 9d:76:57:50:10:c4:fd:9e:44:73:09:95:88:af:f0:81:ef:eb: bf:43:a9:81:ea:f3:d2:69:ab:70:91:35:88:ee:4a:d6:34:76: 08:cf:b9:c7:02:3a:13:9e:4f:1d:a5:a8:d9:1b:ca:a2:b7:e0: 19:ac:8f:3b:54:a7:19:c9:5d:9d:f9:bd:46:99:2b:ce:96:11: 99:43:ea:f6 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZp3+oUTmblMYNoePgpQL3egMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTEyMTIxMTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWQxNjU5ZmU2NDJhN2YzZGIxODkyNjc0NDIwN2FlN2Y3NTNmYTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyA0jFCsXPGZ8UAfuiMPb1Z/oFX/H RxHFR7ImqamPO+5bSzVZCLm/e3nI/lJC3XJO9a1vxRySdeNy+Gr6OF4sArQKmo3g YlazWxxUQqK8/dcGDhn/4Ej6QdOTVk7HrcYyE5YX6gnIdlLUrC4EeVoTO6Oh9j3t 5SScdOH+698p1DLlV2reQZcKZcMShrMdrbslZW4w0W1L49xJkQjvtE1XDM1DqHsf fRpFIO+gM4mSD3l8gRiCCJiPNGnemfAXmvsHNuWTe7nGoPDKsCq9mYaQPii/bjjW mB+p4DLR07fW0NNi1Xx5/x5NFswwXe5UEQwOfXgtXirSKMe+7xQ8gu+PvQIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFNnRZZ/mQqfz2xiSZ0Qgeuf3U/qfMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvMmRGbG4tWkNwX1BiR0pKblJDQjY1X2RULXA4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUpgOAwQA UpkBAwQAUpn1AwQAbbAYAwQAbbAaAwQA1CZEAwQA1CZKAwQA1ZgqMA0GCSqGSIb3 DQEBCwUAA4IBAQAcA2PlCVbTczd+C5YzkrUnNTfEPSygB+LgmI8MtqJY8JknhLDB eDy/GKnZZ2ddoBB4Fbttndpl6BS0zkd8CQgNU7n7SgPrLhw9euGUWhaZVLLGUqCs QpWzCGEgHH5lgF/8LDXF3jp810iLgw2jaXDbaVL5brh3NtWqZ4XCAus4wkxcQDu3 Tgod3cApzxJvkVfLYoAB7owMUXDHvyWw853ogZnPeG6kcKfOoIeJ1qjuU1JQbb2d dldQEMT9nkRzCZWIr/CB7+u/Q6mB6vPSaatwkTWI7krWNHYIz7nHAjoTnk8dpajZ G8qit+AZrI87VKcZyV2d+b1GmSvOlhGZQ+r2 -----END CERTIFICATE-----Generated at Sun Nov 23 12:07:11 2025 by rpki-client