This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QfsYNZufR321HXtczSVe0iyWuD8.roa File: QfsYNZufR321HXtczSVe0iyWuD8.roa (raw, json) Hash identifier: W12A34YxwHLKTIPHG9p04oFOPBANZmk8IrM4XXiJbqQ= Subject key identifier: 41:FB:18:35:9B:9F:47:7D:B5:1D:7B:5C:CD:25:5E:D2:2C:96:B8:3F Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019AC98A33F3D91DB3B4BC96E77E6B7D01F8 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QfsYNZufR321HXtczSVe0iyWuD8.roa Signing time: Fri 28 Nov 2025 08:17:48 +0000 ROA not before: Fri 28 Nov 2025 08:17:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 5065 IP address blocks: 77.93.138.0/23 maxlen: 24 82.152.52.0/23 maxlen: 24 82.153.44.0/24 maxlen: 24 82.153.46.0/24 maxlen: 24 109.176.75.0/24 maxlen: 24 213.130.150.0/24 maxlen: 24 213.210.48.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 20:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:c9:8a:33:f3:d9:1d:b3:b4:bc:96:e7:7e:6b:7d:01:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 28 08:17:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=41fb18359b9f477db51d7b5ccd255ed22c96b83f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:3c:6a:38:ac:4d:d0:75:eb:3b:b1:de:e6:12: 31:01:7e:40:7b:a5:49:9b:cc:a6:f9:4c:a6:e5:8a: c5:4d:da:51:18:f6:72:0c:53:3a:2e:d2:92:66:48: c5:a0:7e:6b:47:ad:24:70:38:ee:d6:36:95:88:8e: 4c:ca:3e:2d:e6:d2:04:84:bd:5f:70:c2:6d:37:29: 50:59:a8:97:13:c5:71:c0:45:14:cf:be:6d:92:02: e5:a4:b3:74:df:9b:75:c2:5e:cf:53:f6:52:c6:9e: 0b:b7:b9:b8:04:b7:a6:72:b1:cb:be:47:d1:3a:fb: 46:1b:1c:18:34:05:4a:d3:0d:04:6c:3e:38:f3:12: 22:07:33:1e:55:89:ae:33:88:03:b2:dd:93:41:3b: fa:e6:9c:f5:69:f5:f5:08:e5:97:a9:42:27:50:ea: 41:77:51:c3:09:43:db:a1:4b:14:6d:d7:62:40:d5: 1b:ef:af:e3:52:d1:81:de:56:88:2f:3e:07:40:32: 79:c0:5c:4b:9c:42:79:64:20:c2:8a:03:04:7d:dd: fd:94:5f:e4:61:66:4d:35:81:24:44:b8:0e:43:41: 9a:6a:7f:9f:61:c3:bc:10:94:8e:94:04:46:e7:f4: ff:44:1c:04:71:b7:01:b6:0c:44:37:26:2c:87:8c: dc:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:FB:18:35:9B:9F:47:7D:B5:1D:7B:5C:CD:25:5E:D2:2C:96:B8:3F X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/QfsYNZufR321HXtczSVe0iyWuD8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.93.138.0/23 82.152.52.0/23 82.153.44.0/24 82.153.46.0/24 109.176.75.0/24 213.130.150.0/24 213.210.48.0/23 Signature Algorithm: sha256WithRSAEncryption 01:da:b0:0c:ba:90:d7:b6:f7:b7:c6:d7:50:09:59:64:e1:3d: cc:24:d2:cd:7e:5b:98:6b:b3:b4:58:ac:93:4c:e7:32:64:95: 7d:9b:a9:3c:9b:06:ea:2f:40:13:d1:b7:d9:af:b5:63:e0:c8: 47:f4:05:01:86:03:7c:13:f5:75:1e:aa:e9:d3:39:11:50:20: 06:40:01:d3:51:56:7c:e2:9c:22:6f:b9:e6:98:50:d7:13:78: 30:d4:78:eb:58:9d:fb:1b:14:5f:2a:df:71:dc:ad:8c:c6:1a: 42:64:f6:22:cf:8d:71:04:ef:72:76:ea:26:2f:97:67:9e:d5: 97:1f:c9:c6:a3:ad:6b:a3:b1:d3:4a:84:82:69:0e:38:ef:02: f4:ff:bf:c9:49:76:ce:fc:74:24:f5:da:36:19:05:d6:7d:cc: bb:7b:95:0d:43:73:2e:a5:31:ea:58:2c:3e:db:f0:e1:c9:0b: ac:c4:2e:c0:8a:5c:de:13:19:51:42:02:a0:ff:56:00:3d:52: 3e:ae:91:f2:f8:c8:38:43:55:db:9d:6c:5e:2f:9c:4f:c4:37: 7e:f3:73:c7:41:56:56:c3:fe:f4:78:a3:2c:81:d7:0d:7b:51: d1:db:53:5f:aa:66:a1:62:7a:4c:89:c1:5a:9c:a9:d1:87:4a: c0:ab:33:44 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZrJijPz2R2ztLyW535rfQH4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTI4MDgxNzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MWZiMTgzNTliOWY0NzdkYjUxZDdiNWNjZDI1NWVkMjJjOTZiODNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jxqOKxN0HXrO7He5hIxAX5Ae6VJ m8ym+Uym5YrFTdpRGPZyDFM6LtKSZkjFoH5rR60kcDju1jaViI5Myj4t5tIEhL1f cMJtNylQWaiXE8VxwEUUz75tkgLlpLN035t1wl7PU/ZSxp4Lt7m4BLemcrHLvkfR OvtGGxwYNAVK0w0EbD448xIiBzMeVYmuM4gDst2TQTv65pz1afX1COWXqUInUOpB d1HDCUPboUsUbddiQNUb76/jUtGB3laILz4HQDJ5wFxLnEJ5ZCDCigMEfd39lF/k YWZNNYEkRLgOQ0Gaan+fYcO8EJSOlARG5/T/RBwEcbcBtgxENyYsh4zcyQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFEH7GDWbn0d9tR17XM0lXtIslrg/MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvUWZzWU5adWZSMzIxSFh0Y3pTVmUwaXlXdUQ4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTV2KAwQB Upg0AwQAUpksAwQAUpkuAwQAbbBLAwQA1YKWAwQB1dIwMA0GCSqGSIb3DQEBCwUA A4IBAQAB2rAMupDXtve3xtdQCVlk4T3MJNLNfluYa7O0WKyTTOcyZJV9m6k8mwbq L0AT0bfZr7Vj4MhH9AUBhgN8E/V1Hqrp0zkRUCAGQAHTUVZ84pwib7nmmFDXE3gw 1HjrWJ37GxRfKt9x3K2MxhpCZPYiz41xBO9yduomL5dnntWXH8nGo61ro7HTSoSC aQ447wL0/7/JSXbO/HQk9do2GQXWfcy7e5UNQ3MupTHqWCw+2/DhyQusxC7Ailze ExlRQgKg/1YAPVI+rpHy+Mg4Q1XbnWxeL5xPxDd+83PHQVZWw/70eKMsgdcNe1HR 21NfqmahYnpMicFanKnRh0rAqzNE -----END CERTIFICATE-----Generated at Fri Dec 5 04:25:52 2025 by rpki-client