This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wXidDrJCcJaZOJUOfRj4CqkREbQ.roa File: wXidDrJCcJaZOJUOfRj4CqkREbQ.roa (raw, json) Hash identifier: +lG9IRKWGJNnzExVzTQqqhRDdxQjFdruWASmPg0wplg= Subject key identifier: C1:78:9D:0E:B2:42:70:96:99:38:95:0E:7D:18:F8:0A:A9:11:11:B4 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019A54AA12A88BF9BE8003114429D3B9F22D Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wXidDrJCcJaZOJUOfRj4CqkREbQ.roa Signing time: Wed 05 Nov 2025 15:37:03 +0000 ROA not before: Wed 05 Nov 2025 15:37:03 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 211373 IP address blocks: 81.168.117.0/24 maxlen: 24 212.38.68.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:54:aa:12:a8:8b:f9:be:80:03:11:44:29:d3:b9:f2:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Nov 5 15:37:03 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c1789d0eb24270969938950e7d18f80aa91111b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:82:d4:5d:64:3f:74:fa:1b:23:12:9b:55:05: 94:1d:6d:50:62:15:23:17:52:fc:0c:4f:c5:05:ef: 0e:0f:33:a2:f9:45:c4:be:4c:2f:18:ab:fb:ca:8b: 80:c7:0e:cd:6b:90:28:29:a5:28:eb:6d:c4:5a:f6: 23:9a:d8:5e:71:f0:55:06:a3:f9:07:60:26:3a:9a: f0:8f:14:ad:67:4a:4c:cb:4e:b4:97:f3:d4:fe:ba: 06:6e:74:9a:61:0b:13:d4:8b:8c:4b:58:52:52:bd: 2f:e7:33:a1:c3:19:06:5a:65:08:4d:79:13:e3:bd: a4:d9:cc:45:92:2a:28:98:f0:f5:6e:db:2e:63:2e: 90:49:26:a6:aa:e9:31:f9:03:1e:d8:80:db:c5:5c: dd:7e:c8:eb:18:a1:0d:ae:a8:c8:1f:8c:90:2d:7e: 9f:cf:4c:e0:cc:1c:8a:af:7f:96:75:e4:c2:02:f2: be:2e:bb:5e:ca:cc:a4:5b:86:04:ff:49:02:7c:95: 3f:98:02:a2:4a:7e:ba:d1:38:a4:c2:1d:f8:ee:ab: 29:dd:69:47:e8:8f:5b:fb:46:83:4a:63:f9:62:87: 20:fa:c0:4d:29:de:04:94:5a:b3:75:eb:52:73:ed: 5e:e1:cd:6d:cf:60:3b:78:4d:52:f0:62:c7:fc:4f: 9b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:78:9D:0E:B2:42:70:96:99:38:95:0E:7D:18:F8:0A:A9:11:11:B4 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wXidDrJCcJaZOJUOfRj4CqkREbQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.168.117.0/24 212.38.68.0/24 Signature Algorithm: sha256WithRSAEncryption 21:63:56:ca:9d:87:87:da:93:83:e2:27:37:d4:24:10:8b:6f: 9c:e8:2d:c5:c4:bb:5e:f8:9c:5d:e1:ed:b1:2d:ee:2a:7e:01: a3:cc:6c:c0:22:c4:e7:a8:52:bc:02:a8:56:e4:a7:aa:a3:cb: 3f:b6:c4:14:0d:92:dc:eb:63:0b:87:2d:79:5e:c5:e9:17:cb: 94:5a:dc:48:22:5b:fa:78:12:8d:34:01:95:25:84:30:e1:0d: ea:2e:f7:5b:c4:5f:56:65:33:32:2a:b5:4e:48:75:04:8a:17: f5:77:4a:29:26:f9:7c:62:ee:4c:ab:45:2e:ad:be:48:7c:8f: 69:ab:8d:22:7d:a0:da:df:80:8a:8e:da:2d:72:8d:14:ce:44: 9e:2c:4c:68:e0:69:a1:93:25:d1:16:0b:49:1c:2a:ea:91:e6: 59:c0:3a:56:d1:63:84:fc:d0:4a:c3:5e:c2:6c:fb:e2:9f:15: bb:7f:d4:90:f0:82:7e:c5:af:19:b1:85:a1:8a:ae:57:d3:6f: ab:e5:74:41:30:32:c6:6e:60:ee:34:9c:f9:e0:c3:c6:fb:2b: dc:04:f6:cc:ba:1e:0d:9b:0a:3a:85:54:a0:ce:22:8d:00:7c: c7:0f:4e:43:c8:9b:25:0f:97:16:b7:e5:6d:d1:da:01:16:07: 31:0c:9c:0d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZpUqhKoi/m+gAMRRCnTufItMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMTA1MTUzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMTc4OWQwZWIyNDI3MDk2OTkzODk1MGU3ZDE4ZjgwYWE5MTExMWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oLUXWQ/dPobIxKbVQWUHW1QYhUj F1L8DE/FBe8ODzOi+UXEvkwvGKv7youAxw7Na5AoKaUo623EWvYjmthecfBVBqP5 B2AmOprwjxStZ0pMy060l/PU/roGbnSaYQsT1IuMS1hSUr0v5zOhwxkGWmUITXkT 472k2cxFkioomPD1btsuYy6QSSamqukx+QMe2IDbxVzdfsjrGKENrqjIH4yQLX6f z0zgzByKr3+WdeTCAvK+LrteysykW4YE/0kCfJU/mAKiSn660Tikwh347qsp3WlH 6I9b+0aDSmP5Yocg+sBNKd4ElFqzdetSc+1e4c1tz2A7eE1S8GLH/E+bqQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMF4nQ6yQnCWmTiVDn0Y+AqpERG0MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvd1hpZERySkNjSmFaT0pVT2ZSajRDcWtSRWJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah1AwQA 1CZEMA0GCSqGSIb3DQEBCwUAA4IBAQAhY1bKnYeH2pOD4ic31CQQi2+c6C3FxLte +Jxd4e2xLe4qfgGjzGzAIsTnqFK8AqhW5Keqo8s/tsQUDZLc62MLhy15XsXpF8uU WtxIIlv6eBKNNAGVJYQw4Q3qLvdbxF9WZTMyKrVOSHUEihf1d0opJvl8Yu5Mq0Uu rb5IfI9pq40ifaDa34CKjtotco0UzkSeLExo4GmhkyXRFgtJHCrqkeZZwDpW0WOE /NBKw17CbPvinxW7f9SQ8IJ+xa8ZsYWhiq5X02+r5XRBMDLGbmDuNJz54MPG+yvc BPbMuh4Nmwo6hVSgziKNAHzHD05DyJslD5cWt+Vt0doBFgcxDJwN -----END CERTIFICATE-----Generated at Sun Nov 23 12:07:10 2025 by rpki-client