This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CF2C2MBr4mPbisMWXCPv65Kg0BI.roa File: CF2C2MBr4mPbisMWXCPv65Kg0BI.roa (raw, json) Hash identifier: gr7wKICgT33ynyucLoWoPCq0s+8qjS8TrnN2F+BxjsY= Subject key identifier: 08:5D:82:D8:C0:6B:E2:63:DB:8A:C3:16:5C:23:EF:EB:92:A0:D0:12 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A9BEF3B49002DF2F1419B69EE0761CD2C Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CF2C2MBr4mPbisMWXCPv65Kg0BI.roa Signing time: Wed 19 Nov 2025 11:45:37 +0000 ROA not before: Wed 19 Nov 2025 11:45:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9304 IP address blocks: 77.93.136.0/24 maxlen: 24 81.168.109.0/24 maxlen: 24 82.152.61.0/24 maxlen: 24 82.152.71.0/24 maxlen: 24 82.152.107.0/24 maxlen: 24 82.153.41.0/24 maxlen: 24 82.153.144.0/24 maxlen: 24 89.213.127.0/24 maxlen: 24 89.213.212.0/24 maxlen: 24 89.213.224.0/24 maxlen: 24 109.176.91.0/24 maxlen: 24 212.38.81.0/24 maxlen: 24 213.130.151.0/24 maxlen: 24 217.144.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9b:ef:3b:49:00:2d:f2:f1:41:9b:69:ee:07:61:cd:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 19 11:45:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=085d82d8c06be263db8ac3165c23efeb92a0d012 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:0e:4e:f4:64:d1:51:28:e4:b9:11:c0:45:59: d7:25:56:11:80:f9:95:ee:98:89:d7:63:03:46:e4: 8c:94:17:0f:0e:59:a1:12:92:1f:03:36:dc:b1:51: 94:96:49:b0:a5:29:44:b6:99:ce:3b:cb:d2:0e:72: 31:43:8e:57:dc:89:8d:5c:13:25:44:20:61:67:9c: a1:8c:03:c4:5f:91:45:70:fe:55:24:73:78:68:0b: d0:f3:13:0f:4d:a6:64:60:ef:01:21:c2:d7:19:5e: 2a:f6:c9:b3:e4:82:1b:0e:92:b8:cc:78:1d:11:0f: 28:ec:12:42:9f:57:bb:28:98:10:c8:60:97:ca:22: b8:4c:66:94:da:e9:da:d0:37:db:f3:45:11:22:bf: e7:fa:4e:09:60:be:7f:d3:32:af:46:db:f7:d2:34: 41:90:ba:3d:21:df:90:ca:7b:d6:52:85:3c:12:53: 05:d0:94:ad:97:73:30:70:74:e0:0a:e5:06:f3:74: 2a:a9:c9:46:db:7f:57:7f:8d:23:78:b8:99:c2:2b: 97:94:09:6d:48:73:c6:51:56:09:59:bd:e7:de:61: f9:93:38:73:5c:4b:54:87:d6:6b:4a:04:1c:a4:ff: c3:7a:35:23:a6:e4:ac:a4:1c:01:1f:c3:f0:8d:e3: 49:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:5D:82:D8:C0:6B:E2:63:DB:8A:C3:16:5C:23:EF:EB:92:A0:D0:12 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CF2C2MBr4mPbisMWXCPv65Kg0BI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.93.136.0/24 81.168.109.0/24 82.152.61.0/24 82.152.71.0/24 82.152.107.0/24 82.153.41.0/24 82.153.144.0/24 89.213.127.0/24 89.213.212.0/24 89.213.224.0/24 109.176.91.0/24 212.38.81.0/24 213.130.151.0/24 217.144.153.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:03:ac:00:8d:38:85:f6:62:ec:ae:64:22:cb:7e:06:6e:da: 5b:7f:7b:f5:c0:78:19:d9:91:e6:61:ea:a6:51:ab:be:ce:d5: 10:bf:b3:71:bf:c3:b5:8c:33:10:30:a1:c0:03:b4:ea:83:6c: 0d:5d:c0:16:d0:b0:ac:62:d7:a7:91:12:a6:62:55:52:d2:58: fb:37:eb:52:00:ec:8f:96:30:2e:1b:f8:8d:7a:98:6c:67:7b: 80:87:e3:cb:07:e2:c6:4c:8d:8f:e8:6a:51:b8:5c:66:91:b9: 6d:13:7c:fa:68:40:bb:6b:ae:bd:e7:24:c0:aa:af:ba:71:a5: 6d:b0:e2:c6:81:f7:b1:35:98:d4:33:0e:0f:7a:8f:63:3f:15: 20:79:65:0f:cf:35:d8:44:68:50:7c:4b:e9:8f:2b:7d:b8:19: ba:b2:b8:5d:db:fe:01:1f:fe:8b:8f:5c:e9:7a:fc:57:52:79: af:ed:d2:48:b3:ff:00:d2:4c:9f:4e:97:bb:02:fe:a4:1b:fd: dd:65:9b:ae:19:95:13:3b:eb:32:81:11:8c:74:09:21:42:fa: ea:e5:95:1b:ae:eb:7b:71:f1:ea:6a:22:e9:12:20:bf:75:87: 76:c2:d4:a8:2b:35:12:f2:12:c9:dd:62:c7:c0:59:12:66:a5: e7:af:d5:6b -----BEGIN CERTIFICATE----- MIIFSzCCBDOgAwIBAgISAZqb7ztJAC3y8UGbae4HYc0sMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTE5MTE0NTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODVkODJkOGMwNmJlMjYzZGI4YWMzMTY1YzIzZWZlYjkyYTBkMDEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Q5O9GTRUSjkuRHARVnXJVYRgPmV 7piJ12MDRuSMlBcPDlmhEpIfAzbcsVGUlkmwpSlEtpnOO8vSDnIxQ45X3ImNXBMl RCBhZ5yhjAPEX5FFcP5VJHN4aAvQ8xMPTaZkYO8BIcLXGV4q9smz5IIbDpK4zHgd EQ8o7BJCn1e7KJgQyGCXyiK4TGaU2una0Dfb80URIr/n+k4JYL5/0zKvRtv30jRB kLo9Id+QynvWUoU8ElMF0JStl3MwcHTgCuUG83QqqclG239Xf40jeLiZwiuXlAlt SHPGUVYJWb3n3mH5kzhzXEtUh9ZrSgQcpP/DejUjpuSspBwBH8PwjeNJNQIDAQAB o4ICVzCCAlMwHQYDVR0OBBYEFAhdgtjAa+Jj24rDFlwj7+uSoNASMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvQ0YyQzJNQnI0bVBiaXNNV1hDUHY2NUtnMEJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQATV2IAwQA UahtAwQAUpg9AwQAUphHAwQAUphrAwQAUpkpAwQAUpmQAwQAWdV/AwQAWdXUAwQA WdXgAwQAbbBbAwQA1CZRAwQA1YKXAwQA2ZCZMA0GCSqGSIb3DQEBCwUAA4IBAQB8 A6wAjTiF9mLsrmQiy34Gbtpbf3v1wHgZ2ZHmYeqmUau+ztUQv7Nxv8O1jDMQMKHA A7Tqg2wNXcAW0LCsYtenkRKmYlVS0lj7N+tSAOyPljAuG/iNephsZ3uAh+PLB+LG TI2P6GpRuFxmkbltE3z6aEC7a6695yTAqq+6caVtsOLGgfexNZjUMw4Peo9jPxUg eWUPzzXYRGhQfEvpjyt9uBm6srhd2/4BH/6Lj1zpevxXUnmv7dJIs/8A0kyfTpe7 Av6kG/3dZZuuGZUTO+sygRGMdAkhQvrq5ZUbrut7cfHqaiLpEiC/dYd2wtSoKzUS 8hLJ3WLHwFkSZqXnr9Vr -----END CERTIFICATE-----Generated at Sun Nov 23 12:07:11 2025 by rpki-client