This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-MHL7FCFOo3d5SBfZqVAq6OGUKg.roa File: 1-MHL7FCFOo3d5SBfZqVAq6OGUKg.roa (raw, json) Hash identifier: JKX+6uz7j+QIFz/PbhY8E7/mwj5YSnWWxlrzu1hhuDY= Subject key identifier: F8:C1:CB:EC:50:85:3A:8D:DD:E5:20:5F:66:A5:40:AB:A3:86:50:A8 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019A9D343D2ECBBE2E0130FCDA14C7D2E54F Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-MHL7FCFOo3d5SBfZqVAq6OGUKg.roa Signing time: Wed 19 Nov 2025 17:40:37 +0000 ROA not before: Wed 19 Nov 2025 17:40:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 46450 IP address blocks: 45.67.145.0/24 maxlen: 24 45.248.53.0/24 maxlen: 24 162.218.93.0/24 maxlen: 24 162.218.95.0/24 maxlen: 24 185.198.89.0/24 maxlen: 24 185.198.90.0/24 maxlen: 24 185.198.91.0/24 maxlen: 24 212.60.16.0/23 maxlen: 23 217.197.168.0/24 maxlen: 24 217.197.171.0/24 maxlen: 24 2a07:c6c0:9::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:9d:34:3d:2e:cb:be:2e:01:30:fc:da:14:c7:d2:e5:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Nov 19 17:40:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f8c1cbec50853a8ddde5205f66a540aba38650a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ef:f5:88:e0:d2:87:96:2e:43:99:1f:f8:b6: 7e:08:90:a2:75:00:57:59:c9:20:3f:b1:12:ee:a1: f6:bc:b5:4c:60:c8:71:7b:7e:8d:dd:0f:2e:5f:a6: 99:b5:10:b4:69:b6:88:de:cf:e2:61:dd:e6:dd:24: cf:05:a9:8c:21:01:d7:4e:f1:e4:66:60:ba:f5:b2: ac:fa:4d:98:d8:fa:40:42:33:33:76:e9:9d:45:36: b8:4e:38:91:b6:36:85:e9:fc:23:76:5f:9a:56:ad: e1:dd:e1:9c:f1:fb:55:cd:40:5c:8d:fc:d6:a1:b6: 27:a5:42:84:7d:e4:0d:e3:e5:02:34:ae:5f:9d:ad: cc:ab:68:d8:67:16:83:06:78:20:d3:14:c2:6a:a0: 8e:e7:c9:d9:2e:8c:7f:cd:e4:3b:ef:85:36:fa:64: a5:13:7b:6b:e9:e2:fe:1e:8b:1e:ee:42:19:e3:bc: ca:19:20:7f:79:a3:29:04:90:b9:80:79:35:62:19: aa:6e:50:b1:59:f6:60:94:74:5b:22:64:5d:2b:fb: c7:6a:48:2c:02:da:5c:d5:d3:07:13:b8:08:d9:b7: 08:9e:02:2e:8d:5a:0f:c2:00:3c:d2:95:30:aa:1b: 58:55:3c:48:56:59:1e:3a:2a:f0:89:a1:ed:6d:62: 93:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:C1:CB:EC:50:85:3A:8D:DD:E5:20:5F:66:A5:40:AB:A3:86:50:A8 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-MHL7FCFOo3d5SBfZqVAq6OGUKg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.145.0/24 45.248.53.0/24 162.218.93.0/24 162.218.95.0/24 185.198.89.0-185.198.91.255 212.60.16.0/23 217.197.168.0/24 217.197.171.0/24 IPv6: 2a07:c6c0:9::/48 Signature Algorithm: sha256WithRSAEncryption 72:e4:6a:f9:5d:f9:63:a5:6e:01:9e:3c:ea:84:b9:fe:55:69: 2f:ea:c6:5e:2f:a6:fe:00:68:ab:ef:e0:6f:f8:c1:2c:65:61: 79:1a:56:23:67:ee:7c:2d:7b:4e:a7:30:b4:b4:2b:f2:04:41: 3f:e8:ad:ca:8f:b1:c8:43:f7:68:2f:a3:ae:12:27:9f:40:59: 52:84:d8:47:f6:1d:b7:f7:79:a5:89:19:e7:94:43:17:8b:68: bd:26:66:0e:3e:7e:e8:09:2c:32:71:cc:79:e8:a7:4a:a3:82: 36:52:c0:13:28:b9:55:da:70:e8:97:e6:ad:e8:4e:6c:01:75: 3b:3e:a9:87:06:78:92:c2:37:66:06:ed:a4:74:3c:c3:df:9e: 09:12:4c:fe:b4:8b:27:2d:85:75:17:d0:11:02:ad:67:4f:c2: b9:e5:fd:c4:94:df:86:32:2b:f3:14:02:65:8c:73:6b:db:16: f2:9d:35:0a:d1:70:02:9a:44:f4:cc:9a:12:24:08:5c:1b:c7: 21:4d:e7:b2:56:50:c1:10:ed:26:1b:eb:7c:76:8e:44:d4:7d: 5b:8d:26:2c:2a:52:35:a3:3b:14:92:a7:cb:a4:23:03:99:c8: f6:43:b5:79:f9:f5:28:8e:08:b7:72:fa:b3:b5:27:19:64:cd: 87:7f:61:0b -----BEGIN CERTIFICATE----- MIIFQTCCBCmgAwIBAgISAZqdND0uy74uATD82hTH0uVPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjUxMTE5MTc0MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOGMxY2JlYzUwODUzYThkZGRlNTIwNWY2NmE1NDBhYmEzODY1MGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte/1iODSh5YuQ5kf+LZ+CJCidQBX WckgP7ES7qH2vLVMYMhxe36N3Q8uX6aZtRC0abaI3s/iYd3m3STPBamMIQHXTvHk ZmC69bKs+k2Y2PpAQjMzdumdRTa4TjiRtjaF6fwjdl+aVq3h3eGc8ftVzUBcjfzW obYnpUKEfeQN4+UCNK5fna3Mq2jYZxaDBngg0xTCaqCO58nZLox/zeQ774U2+mSl E3tr6eL+Hose7kIZ47zKGSB/eaMpBJC5gHk1YhmqblCxWfZglHRbImRdK/vHakgs Atpc1dMHE7gI2bcIngIujVoPwgA80pUwqhtYVTxIVlkeOirwiaHtbWKTBQIDAQAB o4ICTTCCAkkwHQYDVR0OBBYEFPjBy+xQhTqN3eUgX2alQKujhlCoMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvMS1NSEw3RkNGT28zZDVTQmZacVZBcTZPR1VLZy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEw MS8xL2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjBiBggrBgEFBQcBBwEB/wRTMFEwPgQCAAEwOAMEAC1DkQME AC34NQMEAKLaXQMEAKLaXzAMAwQAucZZAwQCucZYAwQB1DwQAwQA2cWoAwQA2cWr MA8EAgACMAkDBwAqB8bAAAkwDQYJKoZIhvcNAQELBQADggEBAHLkavld+WOlbgGe POqEuf5VaS/qxl4vpv4AaKvv4G/4wSxlYXkaViNn7nwte06nMLS0K/IEQT/orcqP schD92gvo64SJ59AWVKE2Ef2Hbf3eaWJGeeUQxeLaL0mZg4+fugJLDJxzHnop0qj gjZSwBMouVXacOiX5q3oTmwBdTs+qYcGeJLCN2YG7aR0PMPfngkSTP60iycthXUX 0BECrWdPwrnl/cSU34YyK/MUAmWMc2vbFvKdNQrRcAKaRPTMmhIkCFwbxyFN57JW UMEQ7SYb63x2jkTUfVuNJiwqUjWjOxSSp8ukIwOZyPZDtXn59SiOCLdy+rO1Jxlk zYd/YQs= -----END CERTIFICATE-----Generated at Fri Dec 5 13:47:15 2025 by rpki-client