This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D8qfIMwswYeFuPYVEJwo-RfHovU.roa File: D8qfIMwswYeFuPYVEJwo-RfHovU.roa (raw, json) Hash identifier: DlPAlAMHiaq82CpMR5fDXZTEto874BKT+CW0VB9TSow= Subject key identifier: 0F:CA:9F:20:CC:2C:C1:87:85:B8:F6:15:10:9C:28:F9:17:C7:A2:F5 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A96BB24000F1299729C26BDD3E3629A4E Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D8qfIMwswYeFuPYVEJwo-RfHovU.roa Signing time: Tue 18 Nov 2025 11:30:38 +0000 ROA not before: Tue 18 Nov 2025 11:30:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 135391 IP address blocks: 82.163.18.0/24 maxlen: 24 109.176.248.0/24 maxlen: 24 109.176.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:96:bb:24:00:0f:12:99:72:9c:26:bd:d3:e3:62:9a:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 18 11:30:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0fca9f20cc2cc18785b8f615109c28f917c7a2f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:50:5c:49:9b:3c:3b:30:f1:df:fd:3a:fb:d9: 8f:47:85:f0:ee:fc:4b:eb:2c:57:1e:ce:70:dd:d4: d0:d9:06:82:2a:30:7e:26:1f:30:52:b7:9f:f1:af: dd:ff:0a:ad:b2:51:9a:8f:d3:8b:22:48:94:de:b8: 93:d2:cf:25:f4:34:23:3f:06:42:5a:d5:b9:70:d3: d1:ef:9c:12:7a:39:ed:47:12:e1:5f:62:6f:04:62: 01:db:28:88:86:7a:96:fa:7f:4f:f8:9d:23:55:97: 37:db:e7:3a:81:77:3a:09:e6:83:ac:54:98:eb:49: 0c:3e:5c:af:6c:55:6d:a3:49:f0:b0:8b:22:15:97: b8:04:39:00:90:63:10:ac:c4:f3:bf:2f:b4:3d:91: c0:01:18:f7:4e:85:0f:cc:a9:a8:94:7c:45:0d:fc: 43:1a:59:59:9e:f4:08:cc:91:c3:5d:e0:cc:a5:5c: 8b:1f:69:ed:b1:5c:d2:f0:ad:d1:4a:85:3a:d1:4e: b8:b7:c7:bd:cf:3c:5c:6f:e9:b4:b6:6c:c2:20:09: 9d:4f:c3:02:01:c3:29:57:b9:54:b5:ef:c9:5f:a9: 93:d6:21:24:7b:f2:7c:ea:22:60:83:c1:ec:15:bf: a6:fe:db:2a:86:27:95:45:c5:79:e1:14:34:05:f2: fa:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:CA:9F:20:CC:2C:C1:87:85:B8:F6:15:10:9C:28:F9:17:C7:A2:F5 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/D8qfIMwswYeFuPYVEJwo-RfHovU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.163.18.0/24 109.176.248.0/24 109.176.252.0/24 Signature Algorithm: sha256WithRSAEncryption 51:f0:70:9b:40:d3:f0:26:1c:3d:2a:25:eb:e4:5d:51:7f:e2: bb:a7:e6:69:47:ca:b8:e4:73:25:fe:71:6d:bd:d4:5b:af:a2: 75:d0:c6:80:04:f1:96:fc:c3:17:c7:3e:ae:6f:1a:b9:d5:84: 77:53:32:5d:09:d4:1e:0e:14:13:2f:cf:3d:66:94:08:04:02: 00:2e:34:c9:10:1b:bb:3d:f8:23:5f:4d:51:07:de:31:21:a9: 15:fd:a2:aa:32:5e:42:cb:44:82:1e:bc:0a:cd:73:6b:68:f0: d8:7d:7e:42:12:5f:11:31:59:39:9a:ab:c4:40:0c:1c:1a:cb: 47:c6:ff:dd:6f:e7:b2:f8:4b:fc:fb:e4:c9:c7:36:97:7d:20: 56:0a:a0:ea:98:85:06:d0:03:e5:b6:54:ea:2a:66:7b:5c:1b: a7:00:bd:18:87:14:7e:0b:51:f4:42:cb:51:f6:e0:a9:c2:a9: cc:ae:d4:21:4d:06:07:73:90:15:fb:7f:4c:50:fe:3b:0a:bd: 54:2e:15:1d:5f:c4:85:72:c2:49:15:23:7f:8c:b2:8b:12:25: ff:8f:04:f4:d5:a5:2e:eb:91:33:36:bc:66:9b:ff:dd:58:12: 0b:24:63:5f:38:59:f0:22:fe:20:f4:53:06:dd:25:18:1d:2c: eb:3f:af:bf -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZqWuyQADxKZcpwmvdPjYppOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTE4MTEzMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmNhOWYyMGNjMmNjMTg3ODViOGY2MTUxMDljMjhmOTE3YzdhMmY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFBcSZs8OzDx3/06+9mPR4Xw7vxL 6yxXHs5w3dTQ2QaCKjB+Jh8wUref8a/d/wqtslGaj9OLIkiU3riT0s8l9DQjPwZC WtW5cNPR75wSejntRxLhX2JvBGIB2yiIhnqW+n9P+J0jVZc32+c6gXc6CeaDrFSY 60kMPlyvbFVto0nwsIsiFZe4BDkAkGMQrMTzvy+0PZHAARj3ToUPzKmolHxFDfxD GllZnvQIzJHDXeDMpVyLH2ntsVzS8K3RSoU60U64t8e9zzxcb+m0tmzCIAmdT8MC AcMpV7lUte/JX6mT1iEke/J86iJgg8HsFb+m/tsqhieVRcV54RQ0BfL6KwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFA/KnyDMLMGHhbj2FRCcKPkXx6L1MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvRDhxZklNd3N3WWVGdVBZVkVKd28tUmZIb3ZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUqMSAwQA bbD4AwQAbbD8MA0GCSqGSIb3DQEBCwUAA4IBAQBR8HCbQNPwJhw9KiXr5F1Rf+K7 p+ZpR8q45HMl/nFtvdRbr6J10MaABPGW/MMXxz6ubxq51YR3UzJdCdQeDhQTL889 ZpQIBAIALjTJEBu7PfgjX01RB94xIakV/aKqMl5Cy0SCHrwKzXNraPDYfX5CEl8R MVk5mqvEQAwcGstHxv/db+ey+Ev8++TJxzaXfSBWCqDqmIUG0APltlTqKmZ7XBun AL0YhxR+C1H0QstR9uCpwqnMrtQhTQYHc5AV+39MUP47Cr1ULhUdX8SFcsJJFSN/ jLKLEiX/jwT01aUu65EzNrxmm//dWBILJGNfOFnwIv4g9FMG3SUYHSzrP6+/ -----END CERTIFICATE-----Generated at Sun Nov 23 12:07:16 2025 by rpki-client