This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b8qhZS9qj4nlLEtFJo3FSYK5Ps8.roa File: b8qhZS9qj4nlLEtFJo3FSYK5Ps8.roa (raw, json) Hash identifier: vVSp8drz0E6Ig9drEBj0moFaZZaR/pS9GttHpa5vlTU= Subject key identifier: 6F:CA:A1:65:2F:6A:8F:89:E5:2C:4B:45:26:8D:C5:49:82:B9:3E:CF Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019AC98A34538001FAB67FDF21BB80D4B463 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b8qhZS9qj4nlLEtFJo3FSYK5Ps8.roa Signing time: Fri 28 Nov 2025 08:17:49 +0000 ROA not before: Fri 28 Nov 2025 08:17:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 399073 IP address blocks: 77.107.105.0/24 maxlen: 24 81.168.126.0/24 maxlen: 24 82.152.51.0/24 maxlen: 24 82.153.159.0/24 maxlen: 24 82.153.215.0/24 maxlen: 24 109.176.193.0/24 maxlen: 24 217.145.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 17:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:c9:8a:34:53:80:01:fa:b6:7f:df:21:bb:80:d4:b4:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 28 08:17:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=6fcaa1652f6a8f89e52c4b45268dc54982b93ecf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:f3:59:4f:0c:97:16:e7:ed:37:a5:fe:33:0e: b3:af:a8:29:ab:be:6a:34:8c:5c:d3:93:fd:b5:9c: 94:73:a8:93:94:a9:a8:ca:22:c7:f9:e0:49:d3:5c: f8:b1:ff:cf:c0:f4:fd:b1:1a:3d:36:ec:c1:27:38: a6:b1:b4:bf:e7:46:26:be:33:0d:9b:1d:45:56:43: 4d:02:f8:08:ae:a7:ca:eb:b3:68:ef:8f:7d:80:a0: 64:63:98:ac:32:00:b9:39:47:81:f4:c5:60:b8:9c: 90:9c:12:95:97:5a:7e:42:b4:ca:81:c7:98:e9:ad: f5:84:04:76:32:8c:e3:00:ea:f9:83:21:40:fe:3c: bc:2c:3c:1c:f8:ed:83:03:e2:2f:dd:d9:a9:9f:1c: 1a:30:d2:c5:9b:20:55:d8:68:53:12:42:ad:70:c0: a6:62:44:99:5f:2e:8e:7c:03:e7:6b:53:88:22:33: f6:bc:8d:40:a9:86:76:06:27:ed:28:02:17:c7:4b: 98:88:0f:2e:10:d8:82:b1:35:84:d3:72:17:13:95: cc:85:a6:b2:9d:43:a0:a7:48:7a:ac:ae:87:01:2a: 0d:23:ad:6b:a8:3a:4c:66:19:aa:eb:d6:cf:4c:f7: fa:18:60:d0:d5:83:ea:de:ee:0a:cc:17:37:a2:8a: 39:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:CA:A1:65:2F:6A:8F:89:E5:2C:4B:45:26:8D:C5:49:82:B9:3E:CF X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/b8qhZS9qj4nlLEtFJo3FSYK5Ps8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.107.105.0/24 81.168.126.0/24 82.152.51.0/24 82.153.159.0/24 82.153.215.0/24 109.176.193.0/24 217.145.78.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:9d:e1:81:e1:2d:e6:d8:22:07:4f:40:a0:65:e0:ea:d5:2e: 54:79:9b:21:86:ee:61:77:b9:e2:27:e8:c8:99:a2:30:df:39: 1d:95:83:6c:6d:3c:87:88:42:32:49:fe:08:39:1d:fa:c9:b4: 8e:f2:32:57:81:df:bb:f8:0c:23:64:54:c3:28:7e:e0:e2:d2: b5:f8:c5:b6:a8:a4:31:20:9d:42:1f:4b:9a:ae:a7:fd:a5:1e: 69:2a:72:d4:61:af:33:48:95:d9:98:0f:d9:13:39:8a:f0:fe: f4:b5:f3:02:1d:f8:9f:0d:ee:dc:04:2b:59:a7:b7:da:b1:03: 0e:73:8a:56:43:ca:f2:81:f1:4f:7b:d5:ad:04:6f:7b:24:6c: ef:66:d8:01:c8:9b:a8:79:4e:07:99:f0:2b:dd:73:41:27:e6: 94:c1:ba:7d:e6:fd:3c:0b:b5:b0:bc:76:53:dd:5d:7b:b4:43: fa:88:9a:c2:ae:28:e9:09:3e:7c:15:1f:73:79:5e:1a:2d:b5: ca:10:14:d0:a4:46:5e:cd:ed:97:ff:1f:57:19:43:23:6b:30: f0:d4:aa:a9:c0:b3:b1:a3:f6:ee:16:3c:5e:29:19:a8:a9:51: c5:30:5b:59:45:f4:a8:cb:5c:cb:07:da:59:9f:e8:93:46:cd: 6a:0b:f2:43 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZrJijRTgAH6tn/fIbuA1LRjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTI4MDgxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZmNhYTE2NTJmNmE4Zjg5ZTUyYzRiNDUyNjhkYzU0OTgyYjkzZWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPNZTwyXFuftN6X+Mw6zr6gpq75q NIxc05P9tZyUc6iTlKmoyiLH+eBJ01z4sf/PwPT9sRo9NuzBJzimsbS/50YmvjMN mx1FVkNNAvgIrqfK67No7499gKBkY5isMgC5OUeB9MVguJyQnBKVl1p+QrTKgceY 6a31hAR2MozjAOr5gyFA/jy8LDwc+O2DA+Iv3dmpnxwaMNLFmyBV2GhTEkKtcMCm YkSZXy6OfAPna1OIIjP2vI1AqYZ2BiftKAIXx0uYiA8uENiCsTWE03IXE5XMhaay nUOgp0h6rK6HASoNI61rqDpMZhmq69bPTPf6GGDQ1YPq3u4KzBc3ooo5QwIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFG/KoWUvao+J5SxLRSaNxUmCuT7PMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvYjhxaFpTOXFqNG5sTEV0RkpvM0ZTWUs1UHM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATWtpAwQA Uah+AwQAUpgzAwQAUpmfAwQAUpnXAwQAbbDBAwQA2ZFOMA0GCSqGSIb3DQEBCwUA A4IBAQB+neGB4S3m2CIHT0CgZeDq1S5UeZshhu5hd7niJ+jImaIw3zkdlYNsbTyH iEIySf4IOR36ybSO8jJXgd+7+AwjZFTDKH7g4tK1+MW2qKQxIJ1CH0uarqf9pR5p KnLUYa8zSJXZmA/ZEzmK8P70tfMCHfifDe7cBCtZp7fasQMOc4pWQ8rygfFPe9Wt BG97JGzvZtgByJuoeU4HmfAr3XNBJ+aUwbp95v08C7WwvHZT3V17tEP6iJrCrijp CT58FR9zeV4aLbXKEBTQpEZeze2X/x9XGUMjazDw1KqpwLOxo/buFjxeKRmoqVHF MFtZRfSoy1zLB9pZn+iTRs1qC/JD -----END CERTIFICATE-----Generated at Sat Dec 6 01:49:55 2025 by rpki-client