This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/04shIJz5IjFz6c1cY6KGhxSXODk.roa File: 04shIJz5IjFz6c1cY6KGhxSXODk.roa (raw, json) Hash identifier: eHcSW44cbjs8QXew8FdRC0x6Ql4EYha3SISYT7NbzcI= Subject key identifier: D3:8B:21:20:9C:F9:22:31:73:E9:CD:5C:63:A2:86:87:14:97:38:39 Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c Certificate serial: 019A58F7F9549DB9575EAD535C07D79269E0 Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/04shIJz5IjFz6c1cY6KGhxSXODk.roa Signing time: Thu 06 Nov 2025 11:40:37 +0000 ROA not before: Thu 06 Nov 2025 11:40:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 20836 IP address blocks: 95.157.64.0/19 maxlen: 24 95.157.75.0/24 maxlen: 24 95.157.96.0/19 maxlen: 24 178.249.184.0/21 maxlen: 24 178.249.189.0/24 maxlen: 24 185.47.228.0/22 maxlen: 24 217.171.32.0/20 maxlen: 24 2001:b60::/32 maxlen: 48 2001:b61::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.mft rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 08:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:58:f7:f9:54:9d:b9:57:5e:ad:53:5c:07:d7:92:69:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c Validity Not Before: Nov 6 11:40:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d38b21209cf9223173e9cd5c63a2868714973839 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:3b:80:ec:ea:79:50:06:5e:e3:53:c7:75:4c: 41:02:37:20:93:be:ce:81:61:f5:5e:a0:0a:78:92: 92:c9:84:5a:de:13:87:d1:e5:f8:be:cd:0b:3f:28: f4:3b:82:6e:71:ec:70:b7:4a:22:c1:ba:20:21:79: f5:3c:61:4d:e5:8d:08:eb:25:3c:42:6f:83:3d:0b: 5f:87:9f:0a:25:70:a3:43:2e:1e:cd:0d:27:7e:48: fe:3a:b6:70:ff:82:4b:26:17:be:1b:e1:0d:d5:a9: ad:07:d0:c5:30:61:04:21:55:83:13:71:0f:ed:b4: df:f6:ef:31:c1:1e:c0:4b:53:49:c8:a6:88:d7:5e: 54:26:08:47:d8:bb:39:97:1a:a5:97:49:9f:31:19: 82:24:1f:a2:89:d2:9b:8d:ea:ad:0f:c7:4a:eb:d6: a5:c5:3b:00:38:93:5b:81:8c:9d:22:83:df:4c:51: 49:46:39:42:66:c0:13:b5:a3:75:9b:f0:d7:46:9f: 42:a5:1d:43:bd:19:55:13:fe:97:28:ee:00:4d:69: 28:a9:71:39:f5:73:15:4b:3d:fc:f6:c4:62:09:e3: d7:eb:ed:3f:ef:08:ac:36:b9:eb:4e:cf:69:36:6e: fe:f2:7c:b0:79:c0:66:23:12:d4:56:2c:f8:3f:34: ff:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:8B:21:20:9C:F9:22:31:73:E9:CD:5C:63:A2:86:87:14:97:38:39 X509v3 Authority Key Identifier: keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/04shIJz5IjFz6c1cY6KGhxSXODk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.157.64.0/18 178.249.184.0/21 185.47.228.0/22 217.171.32.0/20 IPv6: 2001:b60::/31 Signature Algorithm: sha256WithRSAEncryption 57:15:d4:65:7d:22:3a:86:8c:92:03:fc:4d:f2:d9:ca:ba:14: 5f:54:08:3b:93:0b:3e:8f:8e:e8:63:19:44:96:5b:39:75:b2: 77:10:f6:89:44:fa:95:27:70:9c:66:a0:86:d0:ee:9d:25:dc: 1c:ae:38:b9:91:da:61:26:86:79:c2:fe:d3:5f:15:55:ea:c5: 57:2d:33:69:eb:d3:60:5b:80:b0:bc:b0:4d:eb:1c:e9:e7:9c: 93:bb:16:0e:d6:ff:15:0b:e1:3f:ef:9b:3d:ab:a5:b3:7b:da: 5e:a8:b2:ce:df:90:bc:ee:94:8f:3b:ee:5e:15:10:90:22:0c: bd:d9:f9:c8:ad:2b:4f:25:85:e3:6f:ae:8e:34:3e:e2:ce:c3: 77:0a:e5:8e:6b:31:cc:70:4c:6f:d3:f7:aa:16:ac:af:4d:8b: 8a:fb:6f:a3:f5:f3:86:6c:f6:5b:e2:b3:cd:b1:db:97:67:b3: 0c:8c:59:33:91:16:10:64:30:f6:9f:2a:85:06:69:bb:e5:23: a5:d0:7f:91:6d:30:79:47:a5:ad:23:68:ba:9d:95:36:be:c7: e6:f7:66:dd:0b:24:4b:a0:69:0f:c6:fb:8a:a4:30:34:61:5c: 17:61:f4:6b:47:13:f0:e5:cf:2f:b9:89:cf:91:37:ee:3a:9c: cd:f8:90:63 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZpY9/lUnblXXq1TXAfXkmngMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh ZmYyM2MwHhcNMjUxMTA2MTE0MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzhiMjEyMDljZjkyMjMxNzNlOWNkNWM2M2EyODY4NzE0OTczODM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzuA7Op5UAZe41PHdUxBAjcgk77O gWH1XqAKeJKSyYRa3hOH0eX4vs0LPyj0O4Jucexwt0oiwbogIXn1PGFN5Y0I6yU8 Qm+DPQtfh58KJXCjQy4ezQ0nfkj+OrZw/4JLJhe+G+EN1amtB9DFMGEEIVWDE3EP 7bTf9u8xwR7AS1NJyKaI115UJghH2Ls5lxqll0mfMRmCJB+iidKbjeqtD8dK69al xTsAOJNbgYydIoPfTFFJRjlCZsATtaN1m/DXRp9CpR1DvRlVE/6XKO4ATWkoqXE5 9XMVSz389sRiCePX6+0/7wisNrnrTs9pNm7+8nywecBmIxLUViz4PzT/jwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFNOLISCc+SIxc+nNXGOihocUlzg5MB8GA1UdIwQY MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt MTVjYzlkYzdiZDg3LzEvMDRzaElKejVJakZ6NmMxY1k2S0doeFNYT0RrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3 LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX51AAwQD svm4AwQCuS/kAwQE2asgMA0EAgACMAcDBQEgAQtgMA0GCSqGSIb3DQEBCwUAA4IB AQBXFdRlfSI6hoySA/xN8tnKuhRfVAg7kws+j47oYxlElls5dbJ3EPaJRPqVJ3Cc ZqCG0O6dJdwcrji5kdphJoZ5wv7TXxVV6sVXLTNp69NgW4CwvLBN6xzp55yTuxYO 1v8VC+E/75s9q6Wze9peqLLO35C87pSPO+5eFRCQIgy92fnIrStPJYXjb66OND7i zsN3CuWOazHMcExv0/eqFqyvTYuK+2+j9fOGbPZb4rPNsduXZ7MMjFkzkRYQZDD2 nyqFBmm75SOl0H+RbTB5R6WtI2i6nZU2vsfm92bdCyRLoGkPxvuKpDA0YVwXYfRr RxPw5c8vuYnPkTfuOpzN+JBj -----END CERTIFICATE-----Generated at Fri Dec 12 17:14:27 2025 by rpki-client