This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/T2UILx0xZCl-NfaUn-sgbZ8spYQ.roa File: T2UILx0xZCl-NfaUn-sgbZ8spYQ.roa (raw, json) Hash identifier: KaLsJ5UjlVOzlblbaG8kt7Jb7aM0Babxazskcd9EmVE= Subject key identifier: 4F:65:08:2F:1D:31:64:29:7E:35:F6:94:9F:EB:20:6D:9F:2C:A5:84 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B0291D7BD1DD356D12801413036EDBF57 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/T2UILx0xZCl-NfaUn-sgbZ8spYQ.roa Signing time: Tue 09 Dec 2025 10:04:30 +0000 ROA not before: Tue 09 Dec 2025 10:04:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 29802 IP address blocks: 82.152.57.0/24 maxlen: 24 82.152.58.0/24 maxlen: 24 82.152.73.0/24 maxlen: 24 82.152.75.0/24 maxlen: 24 82.152.76.0/23 maxlen: 24 82.152.79.0/24 maxlen: 24 82.152.86.0/23 maxlen: 24 82.152.88.0/24 maxlen: 24 82.152.109.0/24 maxlen: 24 82.152.226.0/24 maxlen: 24 82.152.240.0/24 maxlen: 24 82.152.243.0/24 maxlen: 24 82.153.38.0/24 maxlen: 24 82.153.56.0/24 maxlen: 24 82.153.61.0/24 maxlen: 24 82.153.83.0/24 maxlen: 24 82.153.84.0/24 maxlen: 24 82.153.152.0/24 maxlen: 24 82.153.186.0/24 maxlen: 24 82.153.201.0/24 maxlen: 24 82.153.239.0/24 maxlen: 24 89.213.98.0/24 maxlen: 24 89.213.232.0/23 maxlen: 24 89.213.234.0/23 maxlen: 24 89.213.236.0/23 maxlen: 24 109.176.27.0/24 maxlen: 24 109.176.32.0/21 maxlen: 24 109.176.40.0/21 maxlen: 24 109.176.48.0/21 maxlen: 24 109.176.56.0/21 maxlen: 24 109.176.235.0/24 maxlen: 24 213.130.130.0/24 maxlen: 24 213.130.149.0/24 maxlen: 24 213.218.214.0/24 maxlen: 24 213.218.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 19:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:91:d7:bd:1d:d3:56:d1:28:01:41:30:36:ed:bf:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 9 10:04:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4f65082f1d3164297e35f6949feb206d9f2ca584 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ab:04:84:a7:ef:63:c2:73:00:28:d3:45:79: fe:f1:74:e1:b9:ff:b2:f1:a4:b3:f5:55:8e:02:a2: 9b:f6:98:e5:bb:da:dc:2d:6e:f4:0d:c3:b5:ff:78: fb:f5:d0:f4:ee:75:37:41:d5:ae:df:45:57:43:ad: fa:f5:6b:d4:e1:44:cc:92:56:0e:82:2d:9d:88:0e: f3:01:b3:86:8c:c1:a3:36:fd:81:0c:a2:37:13:12: fe:b3:93:cd:60:78:3d:05:43:67:df:9c:20:6d:fb: 46:b1:8e:57:f7:58:36:c2:89:98:fd:84:fa:7a:ba: b1:41:13:ed:a3:c0:ef:76:e8:bc:76:2d:c9:7b:61: 29:4d:60:c2:6b:35:77:db:75:66:f7:68:c7:41:52: c5:bf:89:9e:22:88:3c:85:77:73:48:e8:b2:23:dc: 46:bc:cb:66:5d:ab:3b:03:a6:98:3c:c5:3b:ed:51: a7:95:05:17:28:53:fc:0b:12:80:85:3b:4f:22:9c: d6:7e:7c:4b:a9:69:1f:61:cc:86:e8:bb:b9:e6:7b: 4e:f7:45:25:e1:0a:80:05:81:90:d1:c2:f4:17:f4: ae:a9:aa:70:d7:d2:22:33:c3:28:5d:e7:fc:7d:d6: f0:c4:71:01:7d:8a:f1:bd:3d:42:44:e7:37:0d:5d: 1c:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:65:08:2F:1D:31:64:29:7E:35:F6:94:9F:EB:20:6D:9F:2C:A5:84 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/T2UILx0xZCl-NfaUn-sgbZ8spYQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.57.0-82.152.58.255 82.152.73.0/24 82.152.75.0-82.152.77.255 82.152.79.0/24 82.152.86.0-82.152.88.255 82.152.109.0/24 82.152.226.0/24 82.152.240.0/24 82.152.243.0/24 82.153.38.0/24 82.153.56.0/24 82.153.61.0/24 82.153.83.0-82.153.84.255 82.153.152.0/24 82.153.186.0/24 82.153.201.0/24 82.153.239.0/24 89.213.98.0/24 89.213.232.0-89.213.237.255 109.176.27.0/24 109.176.32.0/19 109.176.235.0/24 213.130.130.0/24 213.130.149.0/24 213.218.214.0/24 213.218.231.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:81:9c:76:d1:0b:2b:96:bf:c5:37:d1:08:99:64:02:aa:2c: ec:ee:b9:f3:2d:6a:b0:e5:f8:b9:55:99:c3:0f:67:fe:e8:95: 81:e4:81:53:b9:18:3c:1d:dc:5a:89:82:61:a8:ae:10:87:8d: 69:05:59:4c:7e:f5:ac:12:ee:1f:b8:76:b9:9b:eb:97:4c:96: 5d:6c:85:1f:00:b5:5f:2a:94:66:a5:cf:db:59:df:fb:8b:0f: 48:cf:af:45:5c:f2:99:fb:b0:62:c4:33:a2:e7:f2:10:3a:48: a4:67:b5:df:c9:19:d3:2e:c2:7c:87:52:01:8b:fb:06:f4:57: dd:f2:d9:23:ca:f6:9d:92:c8:26:e0:a6:33:97:b8:5c:46:b4: d5:4b:ec:cb:97:96:fe:55:46:6a:52:5d:cf:b2:02:94:b1:5a: ee:2e:1b:ec:db:35:23:34:28:a8:fd:e4:24:08:f2:4f:44:41: a5:52:2e:55:5e:23:31:0a:a8:3d:50:44:86:52:c0:5e:37:2d: 2e:26:aa:44:57:fc:15:67:b8:a9:9c:54:9b:a6:c2:a5:4a:ed: 1d:7f:06:3a:41:1f:dc:b6:eb:34:ff:6c:bb:23:94:55:b9:06: d5:19:92:3d:3a:0c:23:ab:4c:2d:5f:f4:4d:f5:48:14:c4:0d: 85:54:20:ea -----BEGIN CERTIFICATE----- MIIFwDCCBKigAwIBAgISAZsCkde9HdNW0SgBQTA27b9XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjA5MTAwNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZjY1MDgyZjFkMzE2NDI5N2UzNWY2OTQ5ZmViMjA2ZDlmMmNhNTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqsEhKfvY8JzACjTRXn+8XThuf+y 8aSz9VWOAqKb9pjlu9rcLW70DcO1/3j79dD07nU3QdWu30VXQ6369WvU4UTMklYO gi2diA7zAbOGjMGjNv2BDKI3ExL+s5PNYHg9BUNn35wgbftGsY5X91g2womY/YT6 erqxQRPto8Dvdui8di3Je2EpTWDCazV323Vm92jHQVLFv4meIog8hXdzSOiyI9xG vMtmXas7A6aYPMU77VGnlQUXKFP8CxKAhTtPIpzWfnxLqWkfYcyG6Lu55ntO90Ul 4QqABYGQ0cL0F/Suqapw19IiM8MoXef8fdbwxHEBfYrxvT1CROc3DV0c6wIDAQAB o4ICzDCCAsgwHQYDVR0OBBYEFE9lCC8dMWQpfjX2lJ/rIG2fLKWEMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvVDJVSUx4MHhaQ2wtTmZhVW4tc2diWjhzcFlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQwDAME AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFnVYjAMAwQDWdXo AwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDrAwQA1YKCAwQA1YKVAwQA1drWAwQA1drn MA0GCSqGSIb3DQEBCwUAA4IBAQArgZx20Qsrlr/FN9EImWQCqizs7rnzLWqw5fi5 VZnDD2f+6JWB5IFTuRg8HdxaiYJhqK4Qh41pBVlMfvWsEu4fuHa5m+uXTJZdbIUf ALVfKpRmpc/bWd/7iw9Iz69FXPKZ+7BixDOi5/IQOkikZ7XfyRnTLsJ8h1IBi/sG 9Ffd8tkjyvadksgm4KYzl7hcRrTVS+zLl5b+VUZqUl3PsgKUsVruLhvs2zUjNCio /eQkCPJPREGlUi5VXiMxCqg9UESGUsBeNy0uJqpEV/wVZ7ipnFSbpsKlSu0dfwY6 QR/ctus0/2y7I5RVuQbVGZI9Ogwjq0wtX/RN9UgUxA2FVCDq -----END CERTIFICATE-----Generated at Tue Dec 16 04:03:05 2025 by rpki-client