This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/pNUNn2MnU3-GiNtbvd54dDhn7wE.roa File: pNUNn2MnU3-GiNtbvd54dDhn7wE.roa (raw, json) Hash identifier: pGiaVjPf4QmIlwy3l9odYFypPFyEfYvKHQP2kWHJza8= Subject key identifier: A4:D5:0D:9F:63:27:53:7F:86:88:DB:5B:BD:DE:78:74:38:67:EF:01 Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Certificate serial: 019B0D32C592C0F00E4A9235BB0993E2306D Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/pNUNn2MnU3-GiNtbvd54dDhn7wE.roa Signing time: Thu 11 Dec 2025 11:36:29 +0000 ROA not before: Thu 11 Dec 2025 11:36:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 212462 IP address blocks: 109.234.80.0/24 maxlen: 24 109.234.85.0/24 maxlen: 24 185.33.66.0/24 maxlen: 24 185.33.67.0/24 maxlen: 24 185.235.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.mft rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:32:c5:92:c0:f0:0e:4a:92:35:bb:09:93:e2:30:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb Validity Not Before: Dec 11 11:36:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a4d50d9f6327537f8688db5bbdde78743867ef01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:dd:74:e8:19:92:e4:a3:9a:15:50:6a:d3:4b: c1:e5:a3:aa:ca:4f:6e:0a:73:f3:6d:d9:f0:82:70: c6:18:ce:f5:dc:b5:7d:d8:aa:f9:30:ee:dc:e7:8d: 96:13:8e:9a:73:63:be:ae:8e:66:03:ff:10:73:5e: 73:a6:2c:60:b3:27:b9:c8:e2:0e:d8:21:92:3f:63: 74:fb:37:d9:43:fd:e8:4d:c3:ab:56:a0:bd:d0:02: dc:4d:51:6c:39:2a:e2:ba:89:e8:79:d8:46:b5:97: 54:5b:47:83:af:53:f5:1b:6a:ae:e4:cb:1b:08:fe: 06:ce:dc:2f:74:19:20:04:21:cb:7a:a9:ef:ee:4f: 66:48:b9:f3:d4:08:7c:3e:94:d3:43:d0:af:1a:84: ac:ab:c7:28:b6:c0:9f:45:d9:fe:b8:af:b0:05:4c: c0:b4:9a:4e:e3:de:ac:56:91:a5:27:33:db:fb:12: aa:ea:c4:bf:d1:ec:66:c4:b4:9d:42:06:59:ba:a2: 98:74:f7:12:64:c4:66:36:71:81:ef:86:95:2d:42: 1d:d1:0b:72:79:4f:0e:8f:71:6f:f0:ac:83:e3:0a: 5f:b2:ce:bd:56:4a:08:77:8f:af:8e:57:c3:27:db: aa:4a:36:30:6b:95:09:58:42:d8:4c:39:28:a9:61: c3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:D5:0D:9F:63:27:53:7F:86:88:DB:5B:BD:DE:78:74:38:67:EF:01 X509v3 Authority Key Identifier: keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/pNUNn2MnU3-GiNtbvd54dDhn7wE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.234.80.0/24 109.234.85.0/24 185.33.66.0/23 185.235.35.0/24 Signature Algorithm: sha256WithRSAEncryption 67:ef:0e:59:92:bf:7f:21:c9:d4:af:33:da:83:16:0d:0c:27: a1:1f:59:72:33:2e:11:71:2f:b1:44:26:42:17:e7:3e:9c:84: 4e:23:11:c6:5f:46:c9:47:88:71:73:ab:b2:7c:48:82:03:2c: f3:b2:9d:3b:91:47:78:f0:55:71:31:f3:92:b2:81:17:37:43: 69:de:92:a3:e4:70:7b:f6:fa:3f:28:7f:ca:3c:c7:2c:9d:db: 94:2e:29:3a:6d:a0:90:65:17:e8:53:47:4c:84:5e:37:af:3d: 34:c3:6e:92:a4:86:24:ae:4e:79:c2:0a:de:d6:eb:71:22:76: ab:57:9b:bd:dd:b6:ed:fa:b9:87:e9:7f:9a:8d:82:a0:ec:79: f8:94:f3:14:b4:ba:31:76:30:02:1b:a0:ee:80:cf:39:00:53: 71:b2:84:a1:96:16:67:bc:84:b2:91:76:a8:71:c3:8e:20:55: 9b:1e:c0:ec:c6:68:bc:b4:bc:b5:3c:87:e0:b0:21:df:69:cd: 5b:6a:e7:0a:11:f3:67:d6:b6:33:87:9c:1c:49:1a:45:1c:d2: 10:c7:e6:6e:c7:e6:0e:33:dd:79:93:e2:fa:75:a8:a9:73:a7: 2c:90:d5:cf:62:53:b2:c6:80:2e:a2:3e:68:68:e4:19:51:d3: 70:fb:6b:73 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZsNMsWSwPAOSpI1uwmT4jBtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFiNTRmZTgzMWI2YTcxOWY0MmU2Yzg0ODZmZDAzYjU1MGJl NzYxZmIwHhcNMjUxMjExMTEzNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNGQ1MGQ5ZjYzMjc1MzdmODY4OGRiNWJiZGRlNzg3NDM4NjdlZjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut106BmS5KOaFVBq00vB5aOqyk9u CnPzbdnwgnDGGM713LV92Kr5MO7c542WE46ac2O+ro5mA/8Qc15zpixgsye5yOIO 2CGSP2N0+zfZQ/3oTcOrVqC90ALcTVFsOSriuonoedhGtZdUW0eDr1P1G2qu5Msb CP4GztwvdBkgBCHLeqnv7k9mSLnz1Ah8PpTTQ9CvGoSsq8cotsCfRdn+uK+wBUzA tJpO496sVpGlJzPb+xKq6sS/0exmxLSdQgZZuqKYdPcSZMRmNnGB74aVLUId0Qty eU8Oj3Fv8KyD4wpfss69VkoId4+vjlfDJ9uqSjYwa5UJWELYTDkoqWHD4QIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFKTVDZ9jJ1N/hojbW73eeHQ4Z+8BMB8GA1UdIwQY MBaAFKtU/oMbanGfQubISG/QO1UL52H7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYt NmZkOTc4OTIwNWJhLzEvcE5VTm4yTW5VMy1HaU50YnZkNTRkRGhuN3dFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS81ZWFhYTctMzEwNy00MjY4LWFhZDYtNmZkOTc4OTIwNWJh LzEvcTFULWd4dHFjWjlDNXNoSWI5QTdWUXZuWWZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbepQAwQA bepVAwQBuSFCAwQAuesjMA0GCSqGSIb3DQEBCwUAA4IBAQBn7w5Zkr9/IcnUrzPa gxYNDCehH1lyMy4RcS+xRCZCF+c+nIROIxHGX0bJR4hxc6uyfEiCAyzzsp07kUd4 8FVxMfOSsoEXN0Np3pKj5HB79vo/KH/KPMcsnduULik6baCQZRfoU0dMhF43rz00 w26SpIYkrk55wgre1utxInarV5u93bbt+rmH6X+ajYKg7Hn4lPMUtLoxdjACG6Du gM85AFNxsoShlhZnvISykXaoccOOIFWbHsDsxmi8tLy1PIfgsCHfac1baucKEfNn 1rYzh5wcSRpFHNIQx+Zux+YOM915k+L6daipc6cskNXPYlOyxoAuoj5oaOQZUdNw +2tz -----END CERTIFICATE-----Generated at Thu Dec 11 23:18:05 2025 by rpki-client