This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XOvbyx3UQe3ioe3WIioqTg18gLc.roa File: XOvbyx3UQe3ioe3WIioqTg18gLc.roa (raw, json) Hash identifier: ea9vAcTvRvN3FKh7IaXOQom5/auFDGoilHFurQmTuD0= Subject key identifier: 5C:EB:DB:CB:1D:D4:41:ED:E2:A1:ED:D6:22:2A:2A:4E:0D:7C:80:B7 Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Certificate serial: 019ADB9B6F7C0D8F25EE1BCF19B456A001DF Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XOvbyx3UQe3ioe3WIioqTg18gLc.roa Signing time: Mon 01 Dec 2025 20:29:48 +0000 ROA not before: Mon 01 Dec 2025 20:29:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9009 IP address blocks: 45.12.206.0/24 maxlen: 24 45.12.207.0/24 maxlen: 24 45.66.132.0/24 maxlen: 24 45.85.3.0/24 maxlen: 24 45.144.243.0/24 maxlen: 24 81.90.190.0/24 maxlen: 24 185.126.119.0/24 maxlen: 24 185.126.139.0/24 maxlen: 24 185.160.25.0/24 maxlen: 24 2a0c:8a40:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 08:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:db:9b:6f:7c:0d:8f:25:ee:1b:cf:19:b4:56:a0:01:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Validity Not Before: Dec 1 20:29:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5cebdbcb1dd441ede2a1edd6222a2a4e0d7c80b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:5e:f9:16:e3:69:df:55:cc:62:5a:14:8a:e5: f3:f6:b0:29:9d:5e:96:84:81:c2:90:c2:5a:aa:32: 0e:da:39:bf:a0:37:d1:62:63:6f:93:09:3a:a1:8d: ba:ba:20:c3:13:84:8c:51:39:c2:10:a7:e3:f4:d2: f7:22:e5:fb:88:b4:d6:ac:b6:17:12:fc:ec:25:8e: 06:da:1a:b1:3d:06:4b:73:70:6b:a5:84:b1:d6:03: 43:37:32:14:08:fd:66:12:a0:e6:ff:f1:78:a9:08: 3f:b5:a0:1c:e4:81:e2:11:41:b8:cf:76:63:62:67: 82:49:fb:1f:07:dd:ef:c9:87:af:82:1c:9a:62:2d: c2:dd:3e:bc:e3:2d:b5:48:fb:02:78:ef:7a:5e:5b: 5a:ce:2f:70:08:ed:9e:c2:e3:3e:88:29:8a:1d:b7: 16:67:5c:19:71:eb:99:01:2e:4e:47:6c:6d:39:cb: 02:39:f8:d3:9d:61:2b:2e:0c:29:91:5f:a8:58:1f: 02:e0:28:78:ee:30:be:6b:d7:ad:50:74:0b:c3:5d: d6:e5:71:57:e5:2c:34:9c:9f:37:34:68:6b:79:6a: 19:e7:ef:87:06:40:ed:ee:bd:fe:e7:73:e8:63:2c: 5d:3d:83:15:6c:66:4f:15:3e:99:83:7c:94:3c:68: d5:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:EB:DB:CB:1D:D4:41:ED:E2:A1:ED:D6:22:2A:2A:4E:0D:7C:80:B7 X509v3 Authority Key Identifier: keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/XOvbyx3UQe3ioe3WIioqTg18gLc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.12.206.0/23 45.66.132.0/24 45.85.3.0/24 45.144.243.0/24 81.90.190.0/24 185.126.119.0/24 185.126.139.0/24 185.160.25.0/24 IPv6: 2a0c:8a40:2::/48 Signature Algorithm: sha256WithRSAEncryption 1b:bd:f0:58:5c:b0:44:05:5d:5a:3b:57:c1:07:ab:78:60:7e: c1:e2:b9:06:1f:0c:fe:2c:7c:79:69:19:20:a6:71:45:0c:b8: 8c:a0:da:0b:4a:cc:9e:7f:62:37:3c:18:66:65:42:aa:84:48: a3:a8:66:8b:ad:cd:20:13:6b:25:32:95:90:e6:16:29:04:65: fb:84:15:0b:be:25:4a:35:49:d4:e3:45:bd:fe:b6:2a:11:ec: 4d:50:24:57:12:da:14:98:e4:c2:3f:37:05:8f:be:23:3a:0f: 59:7c:01:a3:19:87:b2:c9:bd:fc:59:a9:70:fb:60:d5:ae:0f: 5f:db:bc:59:d0:95:ab:00:f1:c6:07:85:be:65:e4:e8:f0:51: 65:9f:d1:0d:25:00:9f:07:5e:5d:c5:df:bf:23:c6:68:64:ef: b0:c1:85:78:eb:75:18:22:3a:0f:53:6b:f0:78:4b:75:d6:bd: 77:36:91:7b:3d:f5:95:e2:cb:ed:ed:1e:da:39:18:ad:83:43: e4:6d:d2:e4:f3:31:37:6f:37:2c:df:de:1f:28:8a:4e:c2:6b: 79:dc:c6:04:68:5c:01:13:33:bf:10:5a:5c:51:4f:0a:31:c7: d3:54:b0:8a:71:d5:e1:aa:8d:d8:b0:77:ec:cd:04:3c:5d:22: c0:fe:03:c2 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZrbm298DY8l7hvPGbRWoAHfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy ODhmMTMwHhcNMjUxMjAxMjAyOTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1Y2ViZGJjYjFkZDQ0MWVkZTJhMWVkZDYyMjJhMmE0ZTBkN2M4MGI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2175FuNp31XMYloUiuXz9rApnV6W hIHCkMJaqjIO2jm/oDfRYmNvkwk6oY26uiDDE4SMUTnCEKfj9NL3IuX7iLTWrLYX EvzsJY4G2hqxPQZLc3BrpYSx1gNDNzIUCP1mEqDm//F4qQg/taAc5IHiEUG4z3Zj YmeCSfsfB93vyYevghyaYi3C3T684y21SPsCeO96Xltazi9wCO2ewuM+iCmKHbcW Z1wZceuZAS5OR2xtOcsCOfjTnWErLgwpkV+oWB8C4Ch47jC+a9etUHQLw13W5XFX 5Sw0nJ83NGhreWoZ5++HBkDt7r3+53PoYyxdPYMVbGZPFT6Zg3yUPGjVLQIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFFzr28sd1EHt4qHt1iIqKk4NfIC3MB8GA1UdIwQY MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt NzM2Nzg5ZWU2ZmQwLzEvWE92Ynl4M1VRZTNpb2UzV0lpb3FUZzE4Z0xjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQBLQzOAwQA LUKEAwQALVUDAwQALZDzAwQAUVq+AwQAuX53AwQAuX6LAwQAuaAZMA8EAgACMAkD BwAqDIpAAAIwDQYJKoZIhvcNAQELBQADggEBABu98FhcsEQFXVo7V8EHq3hgfsHi uQYfDP4sfHlpGSCmcUUMuIyg2gtKzJ5/Yjc8GGZlQqqESKOoZoutzSATayUylZDm FikEZfuEFQu+JUo1SdTjRb3+tioR7E1QJFcS2hSY5MI/NwWPviM6D1l8AaMZh7LJ vfxZqXD7YNWuD1/bvFnQlasA8cYHhb5l5OjwUWWf0Q0lAJ8HXl3F378jxmhk77DB hXjrdRgiOg9Ta/B4S3XWvXc2kXs99ZXiy+3tHto5GK2DQ+Rt0uTzMTdvNyzf3h8o ik7Ca3ncxgRoXAETM78QWlxRTwoxx9NUsIpx1eGqjdiwd+zNBDxdIsD+A8I= -----END CERTIFICATE-----Generated at Wed Dec 3 11:45:23 2025 by rpki-client