This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_yLedYpy-GTPcXMtProZkZE898Y.roa File: _yLedYpy-GTPcXMtProZkZE898Y.roa (raw, json) Hash identifier: j2i1x7dOzxVITlGJ4OJOv0D/ZkUZ/Z/3Nvwt6t5sIIY= Subject key identifier: FF:22:DE:75:8A:72:F8:64:CF:71:73:2D:3E:BA:19:91:91:3C:F7:C6 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A791BD3E2D6E15542A98FDDDC0F6B76A4 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_yLedYpy-GTPcXMtProZkZE898Y.roa Signing time: Wed 12 Nov 2025 17:27:38 +0000 ROA not before: Wed 12 Nov 2025 17:27:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 137517 IP address blocks: 82.152.12.0/24 maxlen: 24 213.130.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:79:1b:d3:e2:d6:e1:55:42:a9:8f:dd:dc:0f:6b:76:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 12 17:27:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=ff22de758a72f864cf71732d3eba1991913cf7c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:73:10:4f:91:10:0c:51:ae:88:e8:a1:48:f2: 16:e4:32:b6:af:5e:34:74:8f:a3:5c:97:ec:17:71: 3a:78:f6:51:13:cd:07:1c:81:2f:54:5d:3a:33:30: 54:dd:19:8c:26:b5:fd:eb:44:e4:18:d8:62:f5:02: 44:04:35:eb:65:e9:c4:a7:4e:57:ff:d7:f0:f4:fb: 99:83:e6:3b:ef:5e:ca:6d:b1:3a:c2:56:bf:1a:34: 08:9f:b1:95:e3:29:c7:26:12:57:d1:3d:7e:bc:5a: 8b:e8:f2:85:52:4c:1c:2b:5d:ee:8d:2a:5f:cb:29: 5e:42:a8:dd:92:a8:05:26:60:3e:38:d6:3b:1c:07: 30:14:9f:4a:94:92:d7:49:35:f7:e0:7c:0d:f1:ec: 51:a2:3f:91:8c:4a:e8:49:3c:58:c8:08:f1:0b:a1: d3:ae:5b:28:a9:f1:b6:6b:8a:60:b9:45:d7:6f:20: ca:3c:a1:52:9d:a4:f8:fe:24:b5:f9:96:63:1a:cb: 1c:e1:8b:5d:0e:e4:7c:f5:61:4d:2d:ed:83:df:c5: b5:a2:b0:c4:77:a1:e5:f7:3d:41:ce:7b:79:f0:25: be:6d:6d:ed:39:06:7f:14:a1:38:c2:8a:69:e6:53: 1d:72:00:b9:f7:5b:9a:2b:d1:14:4e:43:14:36:d8: ad:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:22:DE:75:8A:72:F8:64:CF:71:73:2D:3E:BA:19:91:91:3C:F7:C6 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_yLedYpy-GTPcXMtProZkZE898Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.12.0/24 213.130.138.0/24 Signature Algorithm: sha256WithRSAEncryption 58:7f:20:9c:87:4c:c7:57:8c:50:18:73:c2:09:15:fa:65:4a: 54:7e:99:a5:29:77:4d:34:4d:3a:6a:1d:8c:6f:18:9c:bb:98: b3:05:e6:5f:17:20:a2:5b:c0:c8:40:f1:66:46:ed:b9:06:f4: bd:7a:c4:19:11:5b:11:bd:5c:8e:ad:dd:8d:7e:f7:64:f8:bc: 6f:a5:aa:66:63:45:9a:2e:10:4f:4d:86:87:5b:8d:14:10:f4: 52:e9:84:e5:78:24:f3:64:91:00:7f:8b:9f:f9:9f:1e:2d:b3: e4:75:0a:8f:04:9a:63:32:0e:29:99:41:01:10:83:48:77:58: d8:80:01:57:d4:25:3d:75:48:a8:2c:2e:9e:b9:d0:b4:7d:7f: fb:2c:f7:86:7e:e5:33:18:02:8b:7a:39:2e:49:ef:85:28:a8: 70:5f:b4:b6:5b:b0:86:43:fc:22:e4:66:f5:fc:68:2a:1c:63: a3:f1:c4:57:6d:7a:41:df:42:af:fd:3a:1a:f0:f4:33:64:a7: 3e:9c:46:cd:a5:b9:99:f8:94:64:1d:c2:8e:8e:05:a7:f8:83: 5d:67:83:84:10:3e:f9:b8:6a:ce:cf:a4:40:02:72:f5:48:87: 28:44:3c:2b:cb:e6:44:7e:00:38:09:5d:45:53:c6:e4:de:0a: 0a:be:f0:93 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZp5G9Pi1uFVQqmP3dwPa3akMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTEyMTcyNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjIyZGU3NThhNzJmODY0Y2Y3MTczMmQzZWJhMTk5MTkxM2NmN2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHMQT5EQDFGuiOihSPIW5DK2r140 dI+jXJfsF3E6ePZRE80HHIEvVF06MzBU3RmMJrX960TkGNhi9QJEBDXrZenEp05X /9fw9PuZg+Y7717KbbE6wla/GjQIn7GV4ynHJhJX0T1+vFqL6PKFUkwcK13ujSpf yyleQqjdkqgFJmA+ONY7HAcwFJ9KlJLXSTX34HwN8exRoj+RjEroSTxYyAjxC6HT rlsoqfG2a4pguUXXbyDKPKFSnaT4/iS1+ZZjGssc4YtdDuR89WFNLe2D38W1orDE d6Hl9z1Bznt58CW+bW3tOQZ/FKE4wopp5lMdcgC591uaK9EUTkMUNtitfQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFP8i3nWKcvhkz3FzLT66GZGRPPfGMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvX3lMZWRZcHktR1RQY1hNdFByb1prWkU4OThZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpgMAwQA 1YKKMA0GCSqGSIb3DQEBCwUAA4IBAQBYfyCch0zHV4xQGHPCCRX6ZUpUfpmlKXdN NE06ah2Mbxicu5izBeZfFyCiW8DIQPFmRu25BvS9esQZEVsRvVyOrd2Nfvdk+Lxv papmY0WaLhBPTYaHW40UEPRS6YTleCTzZJEAf4uf+Z8eLbPkdQqPBJpjMg4pmUEB EINId1jYgAFX1CU9dUioLC6eudC0fX/7LPeGfuUzGAKLejkuSe+FKKhwX7S2W7CG Q/wi5Gb1/GgqHGOj8cRXbXpB30Kv/Toa8PQzZKc+nEbNpbmZ+JRkHcKOjgWn+INd Z4OEED75uGrOz6RAAnL1SIcoRDwry+ZEfgA4CV1FU8bk3goKvvCT -----END CERTIFICATE-----Generated at Sun Nov 23 12:07:12 2025 by rpki-client