This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/2097ea-232d-4a2f-90e7-43fe4a51b54b/1/lROKdm6UM4M0MJ6vLxc2VKf73CI.roa File: lROKdm6UM4M0MJ6vLxc2VKf73CI.roa (raw, json) Hash identifier: p9GWewT9kC2oXFjDBOMGkwHQcDAAzHvbBy1Lpy2DuDs= Subject key identifier: 95:13:8A:76:6E:94:33:83:34:30:9E:AF:2F:17:36:54:A7:FB:DC:22 Certificate issuer: /CN=b7138e4840caa3a1bd51852714a135fb0e837c45 Certificate serial: 019B3210F0B484382FD0FDDD9703DB8E4403 Authority key identifier: B7:13:8E:48:40:CA:A3:A1:BD:51:85:27:14:A1:35:FB:0E:83:7C:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txOOSEDKo6G9UYUnFKE1-w6DfEU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/2097ea-232d-4a2f-90e7-43fe4a51b54b/1/lROKdm6UM4M0MJ6vLxc2VKf73CI.roa Signing time: Thu 18 Dec 2025 15:25:29 +0000 ROA not before: Thu 18 Dec 2025 15:25:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 216359 IP address blocks: 194.153.212.0/23 maxlen: 23 195.128.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/2097ea-232d-4a2f-90e7-43fe4a51b54b/1/txOOSEDKo6G9UYUnFKE1-w6DfEU.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/2097ea-232d-4a2f-90e7-43fe4a51b54b/1/txOOSEDKo6G9UYUnFKE1-w6DfEU.mft rsync://rpki.ripe.net/repository/DEFAULT/txOOSEDKo6G9UYUnFKE1-w6DfEU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:10:f0:b4:84:38:2f:d0:fd:dd:97:03:db:8e:44:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b7138e4840caa3a1bd51852714a135fb0e837c45 Validity Not Before: Dec 18 15:25:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=95138a766e94338334309eaf2f173654a7fbdc22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:9a:5e:4a:43:79:04:d8:01:b0:04:d6:67:a7: e4:94:48:25:6e:86:74:3c:67:31:7f:de:41:bb:05: dc:47:e9:45:e1:7a:6d:f0:8a:f0:f7:ca:dd:7f:a6: 91:42:5f:d5:3b:47:be:11:87:8b:43:d1:cd:ca:c0: 8e:ec:9f:2a:b1:73:a8:63:55:1c:69:a3:14:44:8a: 9b:0e:ac:9a:b6:b5:f5:14:5c:79:36:d0:74:7b:5d: fa:3c:b1:25:6b:72:d8:50:42:2c:3e:57:21:26:97: f8:71:c4:1c:05:03:ca:78:27:e9:c4:fe:19:20:1d: 6e:16:b8:66:a0:62:e9:8f:0a:00:d2:70:23:36:d1: bf:75:39:95:70:d6:92:cf:0b:69:46:6b:15:a2:da: 5d:ec:12:0a:e0:26:0d:c5:17:31:0f:b0:87:8c:a4: 15:ce:a4:80:89:8f:1d:82:00:2b:d1:9a:18:bd:0d: d1:4f:6f:e1:6d:1a:54:f6:2b:fe:7d:59:47:88:d7: bd:6c:b5:f2:02:90:53:60:4b:cd:c5:c9:5d:dd:8f: 8d:dc:a7:af:7e:71:80:68:19:78:a8:e4:74:87:c1: ab:6f:a3:9d:b3:66:68:20:f1:fe:de:28:1b:f6:82: c7:51:b3:f6:7a:0c:b7:09:44:03:bc:bf:e9:6e:c8: ad:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:13:8A:76:6E:94:33:83:34:30:9E:AF:2F:17:36:54:A7:FB:DC:22 X509v3 Authority Key Identifier: keyid:B7:13:8E:48:40:CA:A3:A1:BD:51:85:27:14:A1:35:FB:0E:83:7C:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txOOSEDKo6G9UYUnFKE1-w6DfEU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/2097ea-232d-4a2f-90e7-43fe4a51b54b/1/lROKdm6UM4M0MJ6vLxc2VKf73CI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/2097ea-232d-4a2f-90e7-43fe4a51b54b/1/txOOSEDKo6G9UYUnFKE1-w6DfEU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.153.212.0/23 195.128.131.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:7b:9f:c1:b5:1e:a5:e0:88:aa:8f:58:6b:65:7a:51:d9:8d: b6:a6:2a:14:d9:43:44:62:7e:3e:c9:ef:5e:33:28:d2:ef:74: 7b:4b:b9:15:e1:be:f6:83:c2:7a:1a:04:54:c6:ad:74:d0:d5: 63:2c:ee:cb:20:9e:f1:05:f8:93:df:52:40:df:de:4b:8e:92: e7:17:fd:a4:01:ec:d3:cb:b0:9d:53:18:93:b2:5c:b1:1a:79: d8:51:1e:ce:94:2d:4a:46:dd:a2:ab:76:5a:62:79:52:86:37: a6:13:4b:ad:8f:5b:8d:46:8b:ab:32:33:fb:f0:11:28:76:24: 3e:6c:1f:5b:a4:f5:70:09:84:62:9f:8d:d3:61:65:97:6d:53: 06:60:ba:24:e3:36:b8:9c:46:e1:89:af:90:2c:6c:90:e3:57: 7d:d8:cc:b5:94:21:ee:ee:ca:65:2e:0f:65:8a:a1:bd:05:7a: 31:da:1a:55:d1:6f:2c:a3:45:9a:81:ba:57:8c:4a:fc:c3:52: f1:35:cf:26:f4:4f:17:a1:0b:8e:ee:2d:55:a7:0b:5d:a0:ef: 6c:ec:62:14:b0:17:0d:ad:51:f0:1a:56:56:c1:63:67:84:62: 72:19:7e:37:78:11:51:28:c1:f6:d6:ef:63:ef:09:36:ae:c3: 44:a6:94:e2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsyEPC0hDgv0P3dlwPbjkQDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MTM4ZTQ4NDBjYWEzYTFiZDUxODUyNzE0YTEzNWZiMGU4 MzdjNDUwHhcNMjUxMjE4MTUyNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NTEzOGE3NjZlOTQzMzgzMzQzMDllYWYyZjE3MzY1NGE3ZmJkYzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZpeSkN5BNgBsATWZ6fklEglboZ0 PGcxf95BuwXcR+lF4Xpt8Irw98rdf6aRQl/VO0e+EYeLQ9HNysCO7J8qsXOoY1Uc aaMURIqbDqyatrX1FFx5NtB0e136PLEla3LYUEIsPlchJpf4ccQcBQPKeCfpxP4Z IB1uFrhmoGLpjwoA0nAjNtG/dTmVcNaSzwtpRmsVotpd7BIK4CYNxRcxD7CHjKQV zqSAiY8dggAr0ZoYvQ3RT2/hbRpU9iv+fVlHiNe9bLXyApBTYEvNxcld3Y+N3Kev fnGAaBl4qOR0h8Grb6Ods2ZoIPH+3igb9oLHUbP2egy3CUQDvL/pbsit+QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJUTinZulDODNDCery8XNlSn+9wiMB8GA1UdIwQY MBaAFLcTjkhAyqOhvVGFJxShNfsOg3xFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHhPT1NFREtvNkc5VVlVbkZLRTEtdzZEZkVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yMDk3ZWEtMjMyZC00YTJmLTkwZTct NDNmZTRhNTFiNTRiLzEvbFJPS2RtNlVNNE0wTUo2dkx4YzJWS2Y3M0NJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC8yMDk3ZWEtMjMyZC00YTJmLTkwZTctNDNmZTRhNTFiNTRi LzEvdHhPT1NFREtvNkc5VVlVbkZLRTEtdzZEZkVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwpnUAwQA w4CDMA0GCSqGSIb3DQEBCwUAA4IBAQALe5/BtR6l4Iiqj1hrZXpR2Y22pioU2UNE Yn4+ye9eMyjS73R7S7kV4b72g8J6GgRUxq100NVjLO7LIJ7xBfiT31JA395LjpLn F/2kAezTy7CdUxiTslyxGnnYUR7OlC1KRt2iq3ZaYnlShjemE0utj1uNRourMjP7 8BEodiQ+bB9bpPVwCYRin43TYWWXbVMGYLok4za4nEbhia+QLGyQ41d92My1lCHu 7splLg9liqG9BXox2hpV0W8so0WagbpXjEr8w1LxNc8m9E8XoQuO7i1VpwtdoO9s 7GIUsBcNrVHwGlZWwWNnhGJyGX43eBFRKMH21u9j7wk2rsNEppTi -----END CERTIFICATE-----Generated at Fri Dec 26 17:16:26 2025 by rpki-client