This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/HxD2Tgnl9DbU7Fb8vyXYt-Ezj6A.roa File: HxD2Tgnl9DbU7Fb8vyXYt-Ezj6A.roa (raw, json) Hash identifier: 21Z2ZIhjOIjkwftoPhASqvQtUr2MxHlKe4XS++23wKw= Subject key identifier: 1F:10:F6:4E:09:E5:F4:36:D4:EC:56:FC:BF:25:D8:B7:E1:33:8F:A0 Certificate issuer: /CN=87b1396fd11c730ef20448129b282856ac504cb7 Certificate serial: 019AF934F840176B5056928D98A8A3E59F53 Authority key identifier: 87:B1:39:6F:D1:1C:73:0E:F2:04:48:12:9B:28:28:56:AC:50:4C:B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h7E5b9Eccw7yBEgSmygoVqxQTLc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/HxD2Tgnl9DbU7Fb8vyXYt-Ezj6A.roa Signing time: Sun 07 Dec 2025 14:26:29 +0000 ROA not before: Sun 07 Dec 2025 14:26:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57043 IP address blocks: 192.109.206.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/h7E5b9Eccw7yBEgSmygoVqxQTLc.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/h7E5b9Eccw7yBEgSmygoVqxQTLc.mft rsync://rpki.ripe.net/repository/DEFAULT/h7E5b9Eccw7yBEgSmygoVqxQTLc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f9:34:f8:40:17:6b:50:56:92:8d:98:a8:a3:e5:9f:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87b1396fd11c730ef20448129b282856ac504cb7 Validity Not Before: Dec 7 14:26:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1f10f64e09e5f436d4ec56fcbf25d8b7e1338fa0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:c5:85:6c:fa:72:13:e5:3f:08:d5:cd:d3:04: 55:3d:cf:12:64:54:19:04:1f:91:bc:2c:c3:2b:8b: f9:09:51:88:cf:54:c6:55:24:4d:59:1d:f4:52:5f: f7:64:7f:a5:95:23:4f:b4:89:fb:3e:df:4d:37:f8: 69:70:c5:76:c6:6b:d8:2c:bd:16:a9:e9:b2:1d:73: 23:9b:f5:25:3c:b8:6d:ad:df:e2:0b:7a:f5:48:fa: ae:38:2e:aa:98:01:70:8e:83:14:5b:79:c1:84:ec: 8d:4a:44:31:42:f0:a7:c1:80:fa:24:bf:90:1e:fb: 53:24:22:b5:84:fb:21:0a:c3:bd:54:45:2b:55:2c: ed:42:9c:f2:48:21:92:ef:18:32:86:91:3d:1b:96: be:ac:b4:13:45:84:cb:07:9e:8c:64:0f:17:59:80: d5:a2:15:af:45:6f:45:ce:b0:65:83:0c:bb:1d:07: 55:36:0f:d5:8b:2c:a3:ad:3b:a1:14:7b:ce:ee:75: b1:aa:70:91:18:e3:50:eb:a8:4c:90:38:c3:26:61: 24:6e:a0:a9:ea:b9:05:5b:b2:92:b6:26:5d:b9:a5: 11:0b:68:6c:45:0b:98:73:39:65:b9:3a:ac:39:e2: ba:13:32:1d:80:ec:ff:d7:ea:00:cf:37:4b:c7:33: 24:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:10:F6:4E:09:E5:F4:36:D4:EC:56:FC:BF:25:D8:B7:E1:33:8F:A0 X509v3 Authority Key Identifier: keyid:87:B1:39:6F:D1:1C:73:0E:F2:04:48:12:9B:28:28:56:AC:50:4C:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h7E5b9Eccw7yBEgSmygoVqxQTLc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/HxD2Tgnl9DbU7Fb8vyXYt-Ezj6A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/38bc90-1d53-4d47-bbdb-f4e7c9cc43ff/1/h7E5b9Eccw7yBEgSmygoVqxQTLc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.109.206.0/24 Signature Algorithm: sha256WithRSAEncryption 78:60:0d:40:1e:c5:65:78:15:1f:90:16:6c:b4:8f:04:62:e2: 89:34:2e:b7:f6:23:94:34:14:c5:f1:c1:c2:8a:53:80:d0:0b: 76:51:ec:2b:9a:44:72:9f:65:7d:d5:c3:64:4d:0d:77:72:a2: 40:ff:bd:19:02:95:ba:55:ed:41:c5:87:c2:92:eb:06:b0:1c: 56:4e:5e:9a:78:26:43:ac:bb:c2:76:cb:be:bb:0a:ce:55:33: cd:3a:9f:12:b5:78:ae:14:31:77:06:8e:21:ca:64:05:9a:93: 7e:93:20:8f:92:96:03:aa:48:57:85:ef:39:65:7a:95:ad:53: fa:55:6d:c8:77:09:10:e5:be:7f:8a:a3:58:59:5f:b9:0d:f5: ec:90:b1:d6:78:b3:6f:5b:3c:d5:b9:9c:b2:1f:ce:99:90:db: 3c:2d:2f:cd:c3:d1:45:0d:d8:20:52:5a:eb:d8:fc:d2:e3:9f: 3b:d2:48:bb:87:92:4b:43:2b:17:46:16:81:bf:3f:36:8b:f5: af:7f:84:8e:73:d8:54:48:9e:80:0f:ae:0a:3d:a2:b4:f8:d0: d7:43:f0:ea:85:79:af:1a:23:28:0b:53:76:b5:f4:9d:a3:7b: 20:2b:05:74:49:1b:06:16:5e:c0:30:bf:a1:4e:b4:b3:e9:3d: c9:88:aa:3a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZr5NPhAF2tQVpKNmKij5Z9TMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YjEzOTZmZDExYzczMGVmMjA0NDgxMjliMjgyODU2YWM1 MDRjYjcwHhcNMjUxMjA3MTQyNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjEwZjY0ZTA5ZTVmNDM2ZDRlYzU2ZmNiZjI1ZDhiN2UxMzM4ZmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8WFbPpyE+U/CNXN0wRVPc8SZFQZ BB+RvCzDK4v5CVGIz1TGVSRNWR30Ul/3ZH+llSNPtIn7Pt9NN/hpcMV2xmvYLL0W qemyHXMjm/UlPLhtrd/iC3r1SPquOC6qmAFwjoMUW3nBhOyNSkQxQvCnwYD6JL+Q HvtTJCK1hPshCsO9VEUrVSztQpzySCGS7xgyhpE9G5a+rLQTRYTLB56MZA8XWYDV ohWvRW9FzrBlgwy7HQdVNg/ViyyjrTuhFHvO7nWxqnCRGONQ66hMkDjDJmEkbqCp 6rkFW7KStiZduaURC2hsRQuYczlluTqsOeK6EzIdgOz/1+oAzzdLxzMk9QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFB8Q9k4J5fQ21OxW/L8l2LfhM4+gMB8GA1UdIwQY MBaAFIexOW/RHHMO8gRIEpsoKFasUEy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDdFNWI5RWNjdzd5QkVnU215Z29WcXhRVExjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zOGJjOTAtMWQ1My00ZDQ3LWJiZGIt ZjRlN2M5Y2M0M2ZmLzEvSHhEMlRnbmw5RGJVN0ZiOHZ5WFl0LUV6ajZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8zOGJjOTAtMWQ1My00ZDQ3LWJiZGItZjRlN2M5Y2M0M2Zm LzEvaDdFNWI5RWNjdzd5QkVnU215Z29WcXhRVExjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3OMA0G CSqGSIb3DQEBCwUAA4IBAQB4YA1AHsVleBUfkBZstI8EYuKJNC639iOUNBTF8cHC ilOA0At2UewrmkRyn2V91cNkTQ13cqJA/70ZApW6Ve1BxYfCkusGsBxWTl6aeCZD rLvCdsu+uwrOVTPNOp8StXiuFDF3Bo4hymQFmpN+kyCPkpYDqkhXhe85ZXqVrVP6 VW3IdwkQ5b5/iqNYWV+5DfXskLHWeLNvWzzVuZyyH86ZkNs8LS/Nw9FFDdggUlrr 2PzS45870ki7h5JLQysXRhaBvz82i/Wvf4SOc9hUSJ6AD64KPaK0+NDXQ/DqhXmv GiMoC1N2tfSdo3sgKwV0SRsGFl7AML+hTrSz6T3JiKo6 -----END CERTIFICATE-----Generated at Sun Dec 14 14:03:02 2025 by rpki-client