This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gQV7FQnXh7W4oT-9MSvwbdKsb6o.roa File: gQV7FQnXh7W4oT-9MSvwbdKsb6o.roa (raw, json) Hash identifier: vo/4RcUQwHSRPhNHeKJ+Q2VLP/jzvmMUf7gnlz+b4zI= Subject key identifier: 81:05:7B:15:09:D7:87:B5:B8:A1:3F:BD:31:2B:F0:6D:D2:AC:6F:AA Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A77FA8709CC9013F52E518DBDB0BB4133 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gQV7FQnXh7W4oT-9MSvwbdKsb6o.roa Signing time: Wed 12 Nov 2025 12:11:38 +0000 ROA not before: Wed 12 Nov 2025 12:11:38 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211439 IP address blocks: 37.252.28.0/24 maxlen: 24 79.99.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:77:fa:87:09:cc:90:13:f5:2e:51:8d:bd:b0:bb:41:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 12 12:11:38 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=81057b1509d787b5b8a13fbd312bf06dd2ac6faa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:11:a8:a4:04:16:60:11:0f:fe:b0:1e:a6:36: 13:a2:30:ad:6d:a0:a3:e6:41:1c:f3:d2:d9:93:77: 40:dc:84:60:43:95:4d:10:e4:86:c3:f5:35:fd:e6: 63:8d:75:f1:a7:d6:53:9d:46:e0:40:ed:0f:9d:17: 8a:62:59:80:24:19:11:cf:da:c4:4a:a3:f9:ab:3c: 2d:0f:a7:d2:b4:ea:e4:18:21:e0:99:95:f3:f7:be: b9:84:85:2e:d6:7d:83:08:31:6d:d9:15:0e:04:7d: 6c:7a:fc:91:58:6a:84:d5:36:cd:17:d0:3d:c1:69: df:fa:11:a3:3b:34:7f:25:e4:64:ac:78:f0:40:0b: 69:0f:f2:af:ab:39:e8:51:b4:6d:35:2e:d5:ea:7a: 80:8c:74:d6:9f:51:ba:22:43:34:c6:6b:9c:45:7a: 17:17:79:aa:5b:3d:2a:30:54:dd:87:e0:f3:8d:84: 65:a3:1c:1e:81:3a:97:f1:73:03:f0:ec:fb:e0:d9: 43:e2:55:dc:95:97:72:7c:ca:cb:38:12:2e:ad:bc: fa:d6:34:f3:79:cf:fa:f3:87:be:42:29:85:50:05: 3c:d3:2d:8d:ec:af:6a:6a:82:62:cc:90:67:e0:d8: 6c:04:07:9c:d5:5f:8e:c7:db:aa:3e:fc:36:27:99: 6b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:05:7B:15:09:D7:87:B5:B8:A1:3F:BD:31:2B:F0:6D:D2:AC:6F:AA X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gQV7FQnXh7W4oT-9MSvwbdKsb6o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.252.28.0/24 79.99.149.0/24 Signature Algorithm: sha256WithRSAEncryption 11:92:c8:67:85:ae:09:61:d8:41:a5:70:ec:0d:e8:f4:12:bd: 9f:93:83:bc:e4:9e:b9:6c:db:4c:3b:db:2e:34:48:1f:f0:4c: c3:95:6e:64:6b:c3:fd:29:14:36:89:4a:9d:3e:a3:10:24:d4: 5e:76:de:5f:79:5b:d5:e4:92:b2:a0:26:17:ee:6e:41:7a:41: cc:46:22:8c:75:9c:eb:4b:c3:cd:bd:1e:02:59:1c:81:2b:28: 92:19:ac:87:4c:5c:fb:40:41:f5:8c:a2:95:29:69:81:d3:17: 08:44:f5:d2:be:62:38:fb:5d:4d:fb:8c:8d:d2:61:20:ea:6f: 5b:78:65:d3:40:07:6c:74:91:67:c5:59:4a:f8:0e:df:d1:cb: 40:64:35:91:cc:c5:d6:09:95:bd:ba:ca:a6:64:1c:b6:32:46: b8:5f:26:64:c9:36:19:bf:22:7c:2c:e1:f0:72:74:c5:f3:56: 10:e8:ca:a6:0c:ca:45:c3:f4:c3:33:f6:83:b0:5e:eb:45:e8: d9:9e:8c:aa:15:44:b6:cd:d2:4d:32:d9:54:12:d6:cf:6c:3a: 1b:f6:78:8e:d5:07:fd:1a:d0:ce:a8:4c:ef:67:e7:87:1e:fe: fe:8e:20:a0:26:e8:38:09:d9:43:db:fa:3b:0c:53:e3:84:d1: 4d:b7:5b:5c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZp3+ocJzJAT9S5Rjb2wu0EzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTEyMTIxMTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MTA1N2IxNTA5ZDc4N2I1YjhhMTNmYmQzMTJiZjA2ZGQyYWM2ZmFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhGopAQWYBEP/rAepjYTojCtbaCj 5kEc89LZk3dA3IRgQ5VNEOSGw/U1/eZjjXXxp9ZTnUbgQO0PnReKYlmAJBkRz9rE SqP5qzwtD6fStOrkGCHgmZXz9765hIUu1n2DCDFt2RUOBH1sevyRWGqE1TbNF9A9 wWnf+hGjOzR/JeRkrHjwQAtpD/KvqznoUbRtNS7V6nqAjHTWn1G6IkM0xmucRXoX F3mqWz0qMFTdh+DzjYRloxwegTqX8XMD8Oz74NlD4lXclZdyfMrLOBIurbz61jTz ec/684e+QimFUAU80y2N7K9qaoJizJBn4NhsBAec1V+Ox9uqPvw2J5lrEwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIEFexUJ14e1uKE/vTEr8G3SrG+qMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvZ1FWN0ZRblhoN1c0b1QtOU1TdndiZEtzYjZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJfwcAwQA T2OVMA0GCSqGSIb3DQEBCwUAA4IBAQARkshnha4JYdhBpXDsDej0Er2fk4O85J65 bNtMO9suNEgf8EzDlW5ka8P9KRQ2iUqdPqMQJNRedt5feVvV5JKyoCYX7m5BekHM RiKMdZzrS8PNvR4CWRyBKyiSGayHTFz7QEH1jKKVKWmB0xcIRPXSvmI4+11N+4yN 0mEg6m9beGXTQAdsdJFnxVlK+A7f0ctAZDWRzMXWCZW9usqmZBy2Mka4XyZkyTYZ vyJ8LOHwcnTF81YQ6MqmDMpFw/TDM/aDsF7rRejZnoyqFUS2zdJNMtlUEtbPbDob 9niO1Qf9GtDOqEzvZ+eHHv7+jiCgJug4CdlD2/o7DFPjhNFNt1tc -----END CERTIFICATE-----Generated at Sun Nov 23 12:06:51 2025 by rpki-client