This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/8nsB2P0ggwqXvoNDODV6DOqtJz4.roa File: 8nsB2P0ggwqXvoNDODV6DOqtJz4.roa (raw, json) Hash identifier: JlDiWPppoyrLKRplxZxZXaqKBF7T+Di52eh0wgNrrbo= Subject key identifier: F2:7B:01:D8:FD:20:83:0A:97:BE:83:43:38:35:7A:0C:EA:AD:27:3E Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019A9736BA513A544B5CDACEAA9A00E4A897 Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/8nsB2P0ggwqXvoNDODV6DOqtJz4.roa Signing time: Tue 18 Nov 2025 13:45:37 +0000 ROA not before: Tue 18 Nov 2025 13:45:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 262287 IP address blocks: 149.126.12.0/24 maxlen: 24 2a0a:8f40:4::/48 maxlen: 48 2a0a:8f40:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:97:36:ba:51:3a:54:4b:5c:da:ce:aa:9a:00:e4:a8:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Nov 18 13:45:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f27b01d8fd20830a97be834338357a0ceaad273e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ed:7e:83:51:4f:3f:23:11:cd:52:11:b2:3b: 3c:bf:bd:0a:4b:f7:3a:84:64:c0:ae:03:e4:d4:f4: 7b:a3:23:67:c9:62:d3:3f:8d:9a:42:72:05:ad:b0: 8d:30:94:42:61:95:e2:ab:49:5f:11:0f:0e:34:7a: 95:5e:cd:a1:50:7d:7e:33:48:7a:33:32:34:a7:31: 20:1a:be:45:c1:b9:a1:b3:bb:16:66:7c:c6:7b:df: 1e:5b:4d:55:7d:a5:5c:64:fd:61:00:f7:7f:eb:bf: e4:92:67:99:e2:24:57:5e:1c:2a:c5:fd:0d:a5:22: f9:61:2b:70:b2:cc:85:73:f2:29:5c:2d:9c:d4:16: 00:e8:77:7c:b0:94:4a:86:94:d0:d1:f3:96:a1:e8: a7:55:a1:8d:be:5c:29:4b:54:11:f4:6e:a1:ea:07: 68:7c:4b:53:c9:60:46:2e:c2:61:1b:97:b9:75:81: fd:0c:3b:8b:88:52:53:df:9f:a5:d9:30:41:dd:84: 55:88:c5:a1:b7:3b:ee:50:c7:c0:99:28:3b:b0:b2: a5:b3:12:2d:5a:a1:34:63:65:27:83:b9:ae:a7:19: 3c:e5:2a:49:8b:19:1e:36:f7:f0:38:33:4b:8d:91: 6e:54:7a:00:5c:99:45:63:be:92:51:57:a3:68:51: b1:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:7B:01:D8:FD:20:83:0A:97:BE:83:43:38:35:7A:0C:EA:AD:27:3E X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/8nsB2P0ggwqXvoNDODV6DOqtJz4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 149.126.12.0/24 IPv6: 2a0a:8f40:4::/47 Signature Algorithm: sha256WithRSAEncryption 76:4f:e0:06:87:b2:7e:db:8f:37:9a:ca:81:df:20:fd:af:28: bf:34:24:65:9b:5f:78:07:f0:9f:6a:82:31:d9:56:70:1c:f8: 69:59:c6:36:2d:73:c5:99:65:99:1e:98:90:b3:4d:1f:aa:fa: 5a:5a:fd:72:5c:e3:c0:ad:fd:45:2a:5e:00:9d:c2:1f:9f:7a: d9:68:80:6a:ec:2a:f8:a9:95:3e:86:c9:c6:03:50:8d:ee:27: 75:3d:0b:20:d9:5b:18:5a:e3:14:08:7b:07:79:2c:bb:b5:4b: b6:7a:be:9b:54:18:ca:ad:e1:3a:f9:af:54:44:30:02:22:f2: 41:3b:d8:8d:ba:c5:6f:02:f4:bd:89:85:c6:f2:6e:a7:4d:65: f2:f4:4e:f9:a5:37:36:f1:0b:90:df:1c:e7:51:ea:f9:9c:d7: 44:b4:44:32:a6:a7:17:9f:bb:cf:8d:64:d7:12:46:e9:47:1b: 71:45:12:c0:e3:d4:4d:65:02:3b:17:e0:1d:73:26:32:49:e9: a5:a0:9d:82:84:e7:41:ba:c3:6b:82:17:2e:36:9b:6a:c7:8c: da:d0:73:4d:44:1f:ba:68:c8:54:66:28:1c:8a:22:8b:56:91: 23:24:28:be:ad:a9:7b:6a:1c:7f:71:64:d3:49:d8:33:20:37: 1e:fb:4f:f7 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZqXNrpROlRLXNrOqpoA5KiXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjUxMTE4MTM0NTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjdiMDFkOGZkMjA4MzBhOTdiZTgzNDMzODM1N2EwY2VhYWQyNzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+1+g1FPPyMRzVIRsjs8v70KS/c6 hGTArgPk1PR7oyNnyWLTP42aQnIFrbCNMJRCYZXiq0lfEQ8ONHqVXs2hUH1+M0h6 MzI0pzEgGr5Fwbmhs7sWZnzGe98eW01VfaVcZP1hAPd/67/kkmeZ4iRXXhwqxf0N pSL5YStwssyFc/IpXC2c1BYA6Hd8sJRKhpTQ0fOWoeinVaGNvlwpS1QR9G6h6gdo fEtTyWBGLsJhG5e5dYH9DDuLiFJT35+l2TBB3YRViMWhtzvuUMfAmSg7sLKlsxIt WqE0Y2Ung7mupxk85SpJixkeNvfwODNLjZFuVHoAXJlFY76SUVejaFGxnQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFPJ7Adj9IIMKl76DQzg1egzqrSc+MB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvOG5zQjJQMGdnd3FYdm9ORE9EVjZET3F0Sno0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAlX4MMA8E AgACMAkDBwEqCo9AAAQwDQYJKoZIhvcNAQELBQADggEBAHZP4AaHsn7bjzeayoHf IP2vKL80JGWbX3gH8J9qgjHZVnAc+GlZxjYtc8WZZZkemJCzTR+q+lpa/XJc48Ct /UUqXgCdwh+fetlogGrsKviplT6GycYDUI3uJ3U9CyDZWxha4xQIewd5LLu1S7Z6 vptUGMqt4Tr5r1REMAIi8kE72I26xW8C9L2JhcbybqdNZfL0TvmlNzbxC5DfHOdR 6vmc10S0RDKmpxefu8+NZNcSRulHG3FFEsDj1E1lAjsX4B1zJjJJ6aWgnYKE50G6 w2uCFy42m2rHjNrQc01EH7poyFRmKByKIotWkSMkKL6tqXtqHH9xZNNJ2DMgNx77 T/c= -----END CERTIFICATE-----Generated at Fri Dec 5 12:04:52 2025 by rpki-client