This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XU8JShliIrFwd9C9NZ_SUhlcqZE.roa File: XU8JShliIrFwd9C9NZ_SUhlcqZE.roa (raw, json) Hash identifier: QsHII7q3w7NdORSRKqSh0xnPIK+Xv9n7FIlh5nIr98Q= Subject key identifier: 5D:4F:09:4A:19:62:22:B1:70:77:D0:BD:35:9F:D2:52:19:5C:A9:91 Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003 Certificate serial: 019AEB1B0CCFD41EDE6CF58C8403FE3E90EB Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XU8JShliIrFwd9C9NZ_SUhlcqZE.roa Signing time: Thu 04 Dec 2025 20:43:29 +0000 ROA not before: Thu 04 Dec 2025 20:43:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 401152 IP address blocks: 77.239.100.0/22 maxlen: 24 77.239.112.0/22 maxlen: 24 144.31.8.0/23 maxlen: 24 144.31.11.0/24 maxlen: 24 144.31.13.0/24 maxlen: 24 144.31.15.0/24 maxlen: 24 144.31.28.0/24 maxlen: 24 144.31.29.0/24 maxlen: 24 144.31.32.0/19 maxlen: 19 144.31.91.0/24 maxlen: 24 144.31.96.0/22 maxlen: 24 144.31.100.0/22 maxlen: 24 144.31.104.0/23 maxlen: 24 144.31.109.0/24 maxlen: 24 144.31.110.0/24 maxlen: 24 144.31.111.0/24 maxlen: 24 144.31.112.0/22 maxlen: 24 144.31.128.0/21 maxlen: 24 144.31.136.0/24 maxlen: 24 144.31.140.0/24 maxlen: 24 144.31.141.0/24 maxlen: 24 144.31.142.0/24 maxlen: 24 144.31.143.0/24 maxlen: 24 144.31.144.0/20 maxlen: 24 144.31.207.0/24 maxlen: 24 144.31.248.0/21 maxlen: 24 150.241.64.0/22 maxlen: 24 150.241.80.0/24 maxlen: 24 150.241.81.0/24 maxlen: 24 193.23.192.0/24 maxlen: 24 193.23.198.0/24 maxlen: 24 193.23.204.0/22 maxlen: 22 193.23.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:eb:1b:0c:cf:d4:1e:de:6c:f5:8c:84:03:fe:3e:90:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003 Validity Not Before: Dec 4 20:43:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5d4f094a196222b17077d0bd359fd252195ca991 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ac:69:1c:79:3c:41:fa:e1:3b:64:3e:1d:61: f2:7b:34:d0:2a:3b:e3:28:48:44:92:28:21:eb:a2: 6d:17:36:5e:fe:6d:be:03:e0:70:ab:9f:1a:6e:18: 10:76:2c:da:a9:95:83:ef:7e:dc:11:c4:b8:c1:f8: 1c:11:96:de:68:41:b7:2e:68:8b:f1:b9:ff:a3:a0: 78:b2:96:f8:d9:96:7d:d3:0a:51:74:cc:2f:f1:2e: b8:48:cc:bd:f0:87:29:f8:cc:48:5c:99:47:97:f0: d8:85:87:ed:19:51:c4:c1:21:c3:ea:d1:6d:c4:e3: 1b:e9:73:60:91:07:69:49:14:3e:5b:29:0a:e9:38: 99:90:89:c2:f4:dd:99:01:1d:de:10:c3:2c:03:bf: 10:fc:90:f7:d0:c7:4f:06:54:a2:c4:07:94:e1:71: cb:fe:ba:30:01:51:09:55:0b:bb:7e:1e:aa:85:2c: 38:fd:93:5c:83:60:cb:5b:b2:de:e4:63:b1:28:b9: e7:40:ce:16:1b:2a:81:0c:df:aa:97:86:68:74:37: 6c:d4:4b:7a:3c:07:ed:38:e7:1e:41:34:4f:77:16: 9f:d0:54:32:ec:5b:22:f3:8b:97:55:a8:22:77:fb: a8:1a:ea:8a:6e:6d:6d:34:17:58:26:42:75:c4:ec: 84:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:4F:09:4A:19:62:22:B1:70:77:D0:BD:35:9F:D2:52:19:5C:A9:91 X509v3 Authority Key Identifier: keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XU8JShliIrFwd9C9NZ_SUhlcqZE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.239.100.0/22 77.239.112.0/22 144.31.8.0/23 144.31.11.0/24 144.31.13.0/24 144.31.15.0/24 144.31.28.0/23 144.31.32.0/19 144.31.91.0/24 144.31.96.0-144.31.105.255 144.31.109.0-144.31.115.255 144.31.128.0-144.31.136.255 144.31.140.0-144.31.159.255 144.31.207.0/24 144.31.248.0/21 150.241.64.0/22 150.241.80.0/23 193.23.192.0/24 193.23.198.0/24 193.23.204.0/22 193.23.212.0/22 Signature Algorithm: sha256WithRSAEncryption 0a:f6:9d:6b:73:d2:8a:ff:0f:ad:26:f7:c8:e1:42:9e:1b:6b: 1c:27:47:e2:93:50:2f:77:c8:81:ee:c1:6f:30:8f:fc:8a:ca: 97:a9:9e:c7:27:25:30:fe:c6:85:68:7b:94:d4:b7:35:63:51: 8b:fc:8e:d3:df:04:13:86:b0:49:3f:2e:8e:3e:14:0f:42:9d: cf:c6:0d:84:0d:5b:a2:c9:73:ae:32:b3:0d:b3:dd:be:ce:1e: dd:98:8d:a6:df:b8:5e:6b:36:2c:11:e9:c1:bc:ed:32:99:25: ae:d3:dd:e9:1e:58:35:f0:42:68:e6:fb:b6:a2:19:97:4b:e3: 26:d8:f7:d1:da:f5:8c:76:92:69:eb:a6:0a:fc:b8:72:7c:86: eb:31:49:d8:49:e2:3d:ed:d6:37:27:24:85:c1:e0:80:45:ab: d0:10:e5:c0:6b:c8:ac:72:78:a2:6e:fc:6c:a3:8b:44:41:8a: 9c:00:6c:03:38:9a:e3:31:0d:ba:58:cb:d5:b0:d7:9e:ce:5a: e7:57:d0:ec:1d:3f:35:99:f5:89:d7:96:cb:87:4d:6c:8d:2f: 4f:bc:54:81:e6:4b:6e:c0:e1:e8:d3:d1:f0:cf:1a:eb:ff:41: c2:45:f7:be:43:d0:b1:d7:68:08:22:a9:81:6d:c4:13:6f:56: ef:49:80:af -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgISAZrrGwzP1B7ebPWMhAP+PpDrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4 NDAwMDMwHhcNMjUxMjA0MjA0MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDRmMDk0YTE5NjIyMmIxNzA3N2QwYmQzNTlmZDI1MjE5NWNhOTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0axpHHk8QfrhO2Q+HWHyezTQKjvj KEhEkigh66JtFzZe/m2+A+Bwq58abhgQdizaqZWD737cEcS4wfgcEZbeaEG3LmiL 8bn/o6B4spb42ZZ90wpRdMwv8S64SMy98Icp+MxIXJlHl/DYhYftGVHEwSHD6tFt xOMb6XNgkQdpSRQ+WykK6TiZkInC9N2ZAR3eEMMsA78Q/JD30MdPBlSixAeU4XHL /rowAVEJVQu7fh6qhSw4/ZNcg2DLW7Le5GOxKLnnQM4WGyqBDN+ql4ZodDds1Et6 PAftOOceQTRPdxaf0FQy7Fsi84uXVagid/uoGuqKbm1tNBdYJkJ1xOyE9wIDAQAB o4ICpjCCAqIwHQYDVR0OBBYEFF1PCUoZYiKxcHfQvTWf0lIZXKmRMB8GA1UdIwQY MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt MTQzOTY3YThmZTA4LzEvWFU4SlNobGlJckZ3ZDlDOU5aX1NVaGxjcVpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4 LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAJN 72QDBAJN73ADBAGQHwgDBACQHwsDBACQHw0DBACQHw8DBAGQHxwDBAWQHyADBACQ H1swDAMEBZAfYAMEAZAfaDAMAwQAkB9tAwQCkB9wMAwDBAeQH4ADBACQH4gwDAME ApAfjAMEBZAfgAMEAJAfzwMEA5Af+AMEApbxQAMEAZbxUAMEAMEXwAMEAMEXxgME AsEXzAMEAsEX1DANBgkqhkiG9w0BAQsFAAOCAQEACvada3PSiv8PrSb3yOFCnhtr HCdH4pNQL3fIge7BbzCP/IrKl6mexyclMP7GhWh7lNS3NWNRi/yO098EE4awST8u jj4UD0Kdz8YNhA1boslzrjKzDbPdvs4e3ZiNpt+4Xms2LBHpwbztMpklrtPd6R5Y NfBCaOb7tqIZl0vjJtj30dr1jHaSaeumCvy4cnyG6zFJ2EniPe3WNyckhcHggEWr 0BDlwGvIrHJ4om78bKOLREGKnABsAzia4zENuljL1bDXns5a51fQ7B0/NZn1ideW y4dNbI0vT7xUgeZLbsDh6NPR8M8a6/9BwkX3vkPQsddoCCKpgW3EE29W70mArw== -----END CERTIFICATE-----Generated at Fri Dec 5 17:53:13 2025 by rpki-client