This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iZtzbb7i_dOvkutvgJa-yLbJ7Xg.roa File: iZtzbb7i_dOvkutvgJa-yLbJ7Xg.roa (raw, json) Hash identifier: omIDbYyxIymzVPEa3vq6lMXmx/+z7Aj4ODO5LqdfKWA= Subject key identifier: 89:9B:73:6D:BE:E2:FD:D3:AF:92:EB:6F:80:96:BE:C8:B6:C9:ED:78 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B0291D7703CDA4FECBD973989EC0A8D68 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iZtzbb7i_dOvkutvgJa-yLbJ7Xg.roa Signing time: Tue 09 Dec 2025 10:04:30 +0000 ROA not before: Tue 09 Dec 2025 10:04:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 17497 IP address blocks: 213.130.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:91:d7:70:3c:da:4f:ec:bd:97:39:89:ec:0a:8d:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 9 10:04:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=899b736dbee2fdd3af92eb6f8096bec8b6c9ed78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:82:c6:fe:15:07:26:50:7d:87:61:26:5e:70: dd:7c:70:a8:44:aa:2a:1f:50:cc:ac:4e:ff:89:ce: fc:15:98:3e:a7:20:cb:a2:23:91:66:00:5b:1b:d0: f2:45:f4:23:43:29:89:94:bc:cd:2d:29:03:7d:da: f5:7b:22:21:2c:68:7a:39:69:88:29:07:0e:af:69: c2:ce:f8:b8:84:70:94:02:ea:a4:db:ae:b5:2c:3a: e6:b7:37:43:b1:20:85:50:07:7e:76:a9:f2:21:cb: 2c:35:28:85:a0:32:00:32:e6:1b:cc:2e:9c:91:35: 9f:23:9b:a9:60:6f:77:26:f1:53:6f:88:40:f3:e4: ec:96:6b:80:77:07:7e:c9:33:8f:b7:d2:40:ca:80: 61:85:50:0b:93:51:37:38:04:55:59:9d:a9:5e:3d: 27:98:83:e5:e5:5a:bb:9d:6f:f1:b5:be:24:e1:01: 95:0f:eb:80:40:11:86:8d:ee:b3:c3:b7:77:ed:69: 84:65:a5:4a:00:13:17:39:05:1c:7b:8a:80:a8:9e: e9:23:72:92:b7:3f:4a:1c:bf:81:2a:36:e5:c8:81: 35:f0:47:2b:8b:1e:b3:26:5d:6c:1a:93:1d:7f:18: 5d:3b:df:ee:fd:9f:05:e6:09:8a:38:af:04:91:8f: f4:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9B:73:6D:BE:E2:FD:D3:AF:92:EB:6F:80:96:BE:C8:B6:C9:ED:78 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iZtzbb7i_dOvkutvgJa-yLbJ7Xg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.130.138.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:01:e9:39:ec:15:6e:c1:92:bb:3b:fc:bf:28:fc:58:c2:6f: 7a:15:2f:f9:44:1b:1d:d8:3d:84:69:8a:09:8f:00:96:d1:c3: 15:44:60:c5:d3:ce:6a:df:27:e7:26:cf:25:38:9f:1e:c2:12: 38:b0:cd:dd:4e:1a:2a:9a:e0:e4:e4:ea:14:4b:0a:09:d6:de: a3:24:12:60:83:1e:1b:0e:32:cc:04:1b:3e:a5:85:62:cc:1a: 95:b5:ec:5a:08:06:77:b3:ca:29:90:5d:23:02:54:1f:29:33: e0:41:71:b9:07:f2:ff:be:38:18:14:2e:bc:be:06:e7:34:15: 88:cf:d5:a1:03:95:a6:45:38:71:e7:cb:1b:e1:57:34:b0:34: c2:25:74:62:bd:e6:8e:b9:56:5f:a6:34:05:78:20:75:f0:89: ba:a0:5d:0a:25:b5:b4:cd:2e:74:08:ab:8b:03:60:47:60:a1: 1a:f7:1b:1a:01:8f:97:de:6e:45:0d:28:f4:c7:83:aa:14:5e: 54:77:a6:77:09:d9:16:27:57:00:26:0d:7c:45:86:9a:0b:1d: 98:b3:e0:4f:6d:12:78:1f:85:a4:98:ce:bc:3e:fe:3d:ab:82: 6d:c4:54:b5:36:1a:7a:5e:de:4e:a3:d4:f3:0d:1d:21:eb:0e: 94:3c:3a:74 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZsCkddwPNpP7L2XOYnsCo1oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjA5MTAwNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OTliNzM2ZGJlZTJmZGQzYWY5MmViNmY4MDk2YmVjOGI2YzllZDc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ILG/hUHJlB9h2EmXnDdfHCoRKoq H1DMrE7/ic78FZg+pyDLoiORZgBbG9DyRfQjQymJlLzNLSkDfdr1eyIhLGh6OWmI KQcOr2nCzvi4hHCUAuqk2661LDrmtzdDsSCFUAd+dqnyIcssNSiFoDIAMuYbzC6c kTWfI5upYG93JvFTb4hA8+TslmuAdwd+yTOPt9JAyoBhhVALk1E3OARVWZ2pXj0n mIPl5Vq7nW/xtb4k4QGVD+uAQBGGje6zw7d37WmEZaVKABMXOQUce4qAqJ7pI3KS tz9KHL+BKjblyIE18Ecrix6zJl1sGpMdfxhdO9/u/Z8F5gmKOK8EkY/0SQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFImbc22+4v3Tr5Lrb4CWvsi2ye14MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvaVp0emJiN2lfZE92a3V0dmdKYS15TGJKN1hnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YKKMA0G CSqGSIb3DQEBCwUAA4IBAQCcAek57BVuwZK7O/y/KPxYwm96FS/5RBsd2D2EaYoJ jwCW0cMVRGDF085q3yfnJs8lOJ8ewhI4sM3dThoqmuDk5OoUSwoJ1t6jJBJggx4b DjLMBBs+pYVizBqVtexaCAZ3s8opkF0jAlQfKTPgQXG5B/L/vjgYFC68vgbnNBWI z9WhA5WmRThx58sb4Vc0sDTCJXRiveaOuVZfpjQFeCB18Im6oF0KJbW0zS50CKuL A2BHYKEa9xsaAY+X3m5FDSj0x4OqFF5Ud6Z3CdkWJ1cAJg18RYaaCx2Ys+BPbRJ4 H4WkmM68Pv49q4JtxFS1Nhp6Xt5Oo9TzDR0h6w6UPDp0 -----END CERTIFICATE-----Generated at Wed Dec 10 07:52:44 2025 by rpki-client