This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xkzFWUZnc4arEqMdaezi6kzRkzc.roa File: xkzFWUZnc4arEqMdaezi6kzRkzc.roa (raw, json) Hash identifier: qkpKweV9Tws6XpAFuyGn4vbO4QGM9YyxA6oeKnxf4LM= Subject key identifier: C6:4C:C5:59:46:67:73:86:AB:12:A3:1D:69:EC:E2:EA:4C:D1:93:37 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019AE39B7C102053D40C31C8CC3132E4BEB8 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xkzFWUZnc4arEqMdaezi6kzRkzc.roa Signing time: Wed 03 Dec 2025 09:46:49 +0000 ROA not before: Wed 03 Dec 2025 09:46:49 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 16276 IP address blocks: 82.152.8.0/24 maxlen: 24 82.152.57.0/24 maxlen: 24 82.152.58.0/24 maxlen: 24 82.152.73.0/24 maxlen: 24 82.152.75.0/24 maxlen: 24 82.152.98.0/24 maxlen: 24 82.152.109.0/24 maxlen: 24 82.152.226.0/24 maxlen: 24 82.152.240.0/24 maxlen: 24 82.152.243.0/24 maxlen: 24 82.153.205.0/24 maxlen: 24 82.153.217.0/24 maxlen: 24 82.163.23.0/24 maxlen: 24 89.213.164.0/24 maxlen: 24 109.176.40.0/21 maxlen: 24 109.176.48.0/21 maxlen: 24 109.176.153.0/24 maxlen: 24 212.38.79.0/24 maxlen: 24 213.130.130.0/24 maxlen: 24 213.130.149.0/24 maxlen: 24 213.130.156.0/24 maxlen: 24 213.210.54.0/24 maxlen: 24 213.218.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 20:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:9b:7c:10:20:53:d4:0c:31:c8:cc:31:32:e4:be:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 3 09:46:49 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c64cc55946677386ab12a31d69ece2ea4cd19337 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:54:a5:dd:ab:19:23:be:8b:e8:b6:82:6c:93: 4c:4a:52:6f:00:1b:a5:98:bb:ca:80:54:a6:15:74: a5:6e:ce:38:01:89:9a:d1:bc:56:a2:af:83:75:1d: 79:5b:f0:07:66:6b:16:e5:88:4f:ac:d4:1b:b3:cd: 35:25:39:51:34:30:51:8a:93:04:c7:5d:39:58:22: c6:a8:f5:a5:4f:74:fb:4f:cc:b3:00:21:d7:56:a3: 18:88:73:39:9d:ac:b8:3f:cd:2c:df:e7:1a:32:77: a7:82:42:92:47:21:b9:0c:15:7f:da:f5:55:cc:88: ff:69:d9:f1:18:d3:aa:8a:39:55:67:9a:cd:54:e4: 01:ca:c7:45:cb:15:99:31:6c:b5:30:fc:29:6c:10: ee:54:b3:93:94:35:71:25:d3:e5:6a:58:70:4c:0b: cd:c8:68:62:47:36:96:8e:18:a2:1e:93:3b:01:5c: 8f:35:74:16:ee:39:7d:33:5a:44:2f:ba:95:49:da: 82:30:83:6c:52:94:f8:a1:3b:c5:42:7a:66:47:6c: d7:c7:a3:af:fe:e1:e2:b8:2c:9f:17:d3:0a:88:c4: a6:ed:d3:98:78:4c:d9:63:5c:88:ee:ed:3d:be:42: d7:02:5f:44:2a:ae:18:7d:05:c2:23:a8:e0:ab:e3: a4:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:4C:C5:59:46:67:73:86:AB:12:A3:1D:69:EC:E2:EA:4C:D1:93:37 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xkzFWUZnc4arEqMdaezi6kzRkzc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.8.0/24 82.152.57.0-82.152.58.255 82.152.73.0/24 82.152.75.0/24 82.152.98.0/24 82.152.109.0/24 82.152.226.0/24 82.152.240.0/24 82.152.243.0/24 82.153.205.0/24 82.153.217.0/24 82.163.23.0/24 89.213.164.0/24 109.176.40.0-109.176.55.255 109.176.153.0/24 212.38.79.0/24 213.130.130.0/24 213.130.149.0/24 213.130.156.0/24 213.210.54.0/24 213.218.214.0/24 Signature Algorithm: sha256WithRSAEncryption 88:2c:d2:68:93:6f:06:a4:c0:41:7d:0d:51:fe:90:e2:3d:97: ca:0a:cf:e6:97:90:83:a3:eb:90:17:fd:10:7d:b4:87:d0:15: 8e:7a:8b:fc:ef:81:86:57:1c:08:2f:62:23:5f:9d:f6:c6:ac: 90:1f:7f:ba:f3:ff:6e:19:0c:a5:a4:02:4f:37:d0:79:ca:ad: 6e:4b:1b:16:33:1a:fa:c6:ed:e6:91:0f:a4:c8:b8:83:be:78: 44:d8:df:9f:e4:6f:56:c1:ea:ec:81:d8:d9:be:10:e1:42:1f: ac:29:0b:11:7e:d5:a9:e6:90:1b:d8:b4:fa:49:62:d9:61:f0: 59:04:fd:36:3d:31:25:1e:d3:bb:ec:23:9a:b6:7f:a2:fd:de: 77:2b:8b:2b:5e:64:77:a3:e5:3d:a9:4b:1e:6a:4e:e8:e5:45: 01:39:8e:7a:be:d9:39:57:59:4b:8c:8a:74:00:4c:ca:c6:08: b9:15:90:12:88:ed:70:f6:b1:81:f6:99:0d:ba:82:64:25:80: 08:7e:c4:33:c3:af:0d:35:08:c0:d5:cd:a2:73:ea:6d:13:0c: 5f:c9:7d:0b:b6:d6:e9:0e:eb:03:68:e9:a3:17:c2:25:b0:bd: 87:eb:fc:89:5e:cf:57:b0:36:ab:cc:98:72:34:03:97:d4:23: a1:c5:69:c8 -----BEGIN CERTIFICATE----- MIIFijCCBHKgAwIBAgISAZrjm3wQIFPUDDHIzDEy5L64MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjAzMDk0NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNjRjYzU1OTQ2Njc3Mzg2YWIxMmEzMWQ2OWVjZTJlYTRjZDE5MzM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lSl3asZI76L6LaCbJNMSlJvABul mLvKgFSmFXSlbs44AYma0bxWoq+DdR15W/AHZmsW5YhPrNQbs801JTlRNDBRipME x105WCLGqPWlT3T7T8yzACHXVqMYiHM5nay4P80s3+caMnengkKSRyG5DBV/2vVV zIj/adnxGNOqijlVZ5rNVOQBysdFyxWZMWy1MPwpbBDuVLOTlDVxJdPlalhwTAvN yGhiRzaWjhiiHpM7AVyPNXQW7jl9M1pEL7qVSdqCMINsUpT4oTvFQnpmR2zXx6Ov /uHiuCyfF9MKiMSm7dOYeEzZY1yI7u09vkLXAl9EKq4YfQXCI6jgq+OkIQIDAQAB o4ICljCCApIwHQYDVR0OBBYEFMZMxVlGZ3OGqxKjHWns4upM0ZM3MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEveGt6RldVWm5jNGFyRXFNZGFlemk2a3pSa3pjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBABS mAgwDAMEAFKYOQMEAFKYOgMEAFKYSQMEAFKYSwMEAFKYYgMEAFKYbQMEAFKY4gME AFKY8AMEAFKY8wMEAFKZzQMEAFKZ2QMEAFKjFwMEAFnVpDAMAwQDbbAoAwQDbbAw AwQAbbCZAwQA1CZPAwQA1YKCAwQA1YKVAwQA1YKcAwQA1dI2AwQA1drWMA0GCSqG SIb3DQEBCwUAA4IBAQCILNJok28GpMBBfQ1R/pDiPZfKCs/ml5CDo+uQF/0QfbSH 0BWOeov874GGVxwIL2IjX532xqyQH3+68/9uGQylpAJPN9B5yq1uSxsWMxr6xu3m kQ+kyLiDvnhE2N+f5G9WwersgdjZvhDhQh+sKQsRftWp5pAb2LT6SWLZYfBZBP02 PTElHtO77COatn+i/d53K4srXmR3o+U9qUseak7o5UUBOY56vtk5V1lLjIp0AEzK xgi5FZASiO1w9rGB9pkNuoJkJYAIfsQzw68NNQjA1c2ic+ptEwxfyX0LttbpDusD aOmjF8IlsL2H6/yJXs9XsDarzJhyNAOX1COhxWnI -----END CERTIFICATE-----Generated at Fri Dec 5 04:29:25 2025 by rpki-client