This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UfVpVlPSK8MNPc3nZW_J-wuJjdI.roa File: UfVpVlPSK8MNPc3nZW_J-wuJjdI.roa (raw, json) Hash identifier: MrFp94qmlANKNZfzeyvNdl/ru7Lu/2Z1PBc7o6o/8KQ= Subject key identifier: 51:F5:69:56:53:D2:2B:C3:0D:3D:CD:E7:65:6F:C9:FB:0B:89:8D:D2 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A77FA8670DDE84B29145CAB890FC6486C Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UfVpVlPSK8MNPc3nZW_J-wuJjdI.roa Signing time: Wed 12 Nov 2025 12:11:38 +0000 ROA not before: Wed 12 Nov 2025 12:11:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211415 IP address blocks: 109.176.29.0/24 maxlen: 24 109.176.31.0/24 maxlen: 24 213.218.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:77:fa:86:70:dd:e8:4b:29:14:5c:ab:89:0f:c6:48:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 12 12:11:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=51f5695653d22bc30d3dcde7656fc9fb0b898dd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:c3:ea:10:1c:87:70:ba:fc:01:0a:b2:89:59: d7:8f:ba:ec:70:da:4a:46:d2:38:12:4f:68:86:18: ef:80:78:72:8c:99:62:43:2d:82:e9:cf:4b:87:4f: 2a:50:02:b7:1a:f6:24:ad:7d:1f:c8:c5:9a:68:e6: 2e:d3:09:d1:8f:91:3c:ef:d9:38:55:c2:31:c8:a9: 1e:9f:72:68:35:67:91:7c:8e:f2:4f:bc:7c:7c:ae: cf:07:71:e0:4b:f1:dc:53:bb:dc:23:42:4e:cc:65: f6:46:26:9f:f6:43:5e:48:ff:99:a4:9e:d6:fb:2f: 99:97:4e:d6:3c:95:d5:9c:c8:98:fe:34:14:7d:7f: 1b:fa:51:c5:6d:b6:b9:5f:72:5a:72:e7:1d:a3:79: 2d:eb:7e:49:13:ce:6d:ee:bc:4b:80:99:2f:d4:d6: 47:0b:2a:74:fb:bb:6e:05:da:8f:e9:14:96:e8:46: 5c:82:a7:19:62:ef:96:fd:52:fc:20:9c:d1:4a:9d: ed:87:66:8f:a3:73:31:6a:2a:ca:7c:a9:5e:fe:41: 5e:38:6e:67:f0:30:98:3f:57:4b:90:d0:f2:fc:24: 8c:28:b6:4d:66:de:e2:a5:bb:6a:81:91:10:11:b1: 8a:d7:61:d1:71:28:cb:82:9b:11:87:38:8e:dc:27: 26:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:F5:69:56:53:D2:2B:C3:0D:3D:CD:E7:65:6F:C9:FB:0B:89:8D:D2 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UfVpVlPSK8MNPc3nZW_J-wuJjdI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.176.29.0/24 109.176.31.0/24 213.218.242.0/24 Signature Algorithm: sha256WithRSAEncryption a3:82:6b:c7:25:8f:fb:f3:ab:f1:f3:0d:c5:ac:5e:7c:22:96: 36:a5:d8:17:17:9d:9c:43:6d:d8:a4:1c:a9:30:63:26:4f:dc: 12:d0:df:97:58:21:2c:f8:38:cd:2b:9e:e7:3a:3e:42:c2:e6: a8:1e:78:2b:b4:95:f8:fd:84:52:ba:b2:b0:82:f5:ae:78:18: 77:34:59:df:ad:3f:45:c6:2e:7a:d3:fd:8b:79:8a:4c:97:5f: 67:26:e6:3e:d2:34:60:83:8d:3c:48:a1:f0:b3:09:81:22:0d: fa:1a:72:8b:39:51:cb:e4:3f:ee:45:32:85:2d:4d:e2:20:01: 48:8c:31:a6:68:29:f2:67:84:38:14:f1:7a:fb:53:75:92:ad: 2f:24:c0:b1:e3:27:6b:5a:3d:7a:41:bf:1c:5a:6b:23:93:77: cf:0d:54:14:81:88:b5:17:e5:26:55:69:57:91:9d:e3:c8:4c: b1:bf:a6:6c:46:64:47:1a:90:8f:41:c4:93:3d:b7:d0:d5:3d: dc:0b:42:14:8e:35:20:57:f4:53:59:f4:fe:35:e6:49:a6:c8: 8c:3c:35:00:82:65:fd:c5:f7:ef:72:20:4c:96:9d:f0:37:4b: 53:ca:b2:e6:a6:fb:ce:2f:f4:58:92:5d:3c:33:f5:0a:67:a3: f0:a1:73:37 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZp3+oZw3ehLKRRcq4kPxkhsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTEyMTIxMTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MWY1Njk1NjUzZDIyYmMzMGQzZGNkZTc2NTZmYzlmYjBiODk4ZGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA48PqEByHcLr8AQqyiVnXj7rscNpK RtI4Ek9ohhjvgHhyjJliQy2C6c9Lh08qUAK3GvYkrX0fyMWaaOYu0wnRj5E879k4 VcIxyKken3JoNWeRfI7yT7x8fK7PB3HgS/HcU7vcI0JOzGX2Riaf9kNeSP+ZpJ7W +y+Zl07WPJXVnMiY/jQUfX8b+lHFbba5X3Jacucdo3kt635JE85t7rxLgJkv1NZH Cyp0+7tuBdqP6RSW6EZcgqcZYu+W/VL8IJzRSp3th2aPo3MxairKfKle/kFeOG5n 8DCYP1dLkNDy/CSMKLZNZt7ipbtqgZEQEbGK12HRcSjLgpsRhziO3CcmsQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFFH1aVZT0ivDDT3N52VvyfsLiY3SMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvVWZWcFZsUFNLOE1OUGMzblpXX0otd3VKamRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbAdAwQA bbAfAwQA1dryMA0GCSqGSIb3DQEBCwUAA4IBAQCjgmvHJY/786vx8w3FrF58IpY2 pdgXF52cQ23YpBypMGMmT9wS0N+XWCEs+DjNK57nOj5CwuaoHngrtJX4/YRSurKw gvWueBh3NFnfrT9Fxi560/2LeYpMl19nJuY+0jRgg408SKHwswmBIg36GnKLOVHL 5D/uRTKFLU3iIAFIjDGmaCnyZ4Q4FPF6+1N1kq0vJMCx4ydrWj16Qb8cWmsjk3fP DVQUgYi1F+UmVWlXkZ3jyEyxv6ZsRmRHGpCPQcSTPbfQ1T3cC0IUjjUgV/RTWfT+ NeZJpsiMPDUAgmX9xffvciBMlp3wN0tTyrLmpvvOL/RYkl08M/UKZ6PwoXM3 -----END CERTIFICATE-----Generated at Sun Nov 23 12:07:17 2025 by rpki-client