This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tFKx2W0hVUngD8acE4McZx87sLc.roa File: tFKx2W0hVUngD8acE4McZx87sLc.roa (raw, json) Hash identifier: lGDNoZz2KcU43imZSTSiOsd4WfNE56Crra/N3mYFU1E= Subject key identifier: B4:52:B1:D9:6D:21:55:49:E0:0F:C6:9C:13:83:1C:67:1F:3B:B0:B7 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019A7852675A06595C42757647EE116E89ED Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tFKx2W0hVUngD8acE4McZx87sLc.roa Signing time: Wed 12 Nov 2025 13:47:37 +0000 ROA not before: Wed 12 Nov 2025 13:47:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9009 IP address blocks: 5.182.196.0/24 maxlen: 24 79.98.183.0/24 maxlen: 24 92.249.29.0/24 maxlen: 24 94.154.171.0/24 maxlen: 24 103.130.176.0/24 maxlen: 24 103.130.177.0/24 maxlen: 24 103.210.14.0/24 maxlen: 24 103.210.15.0/24 maxlen: 24 103.216.198.0/24 maxlen: 24 104.232.36.0/24 maxlen: 24 162.218.92.0/24 maxlen: 24 185.52.139.0/24 maxlen: 24 185.161.190.0/24 maxlen: 24 185.187.214.0/24 maxlen: 24 185.187.215.0/24 maxlen: 24 185.201.42.0/24 maxlen: 24 185.208.152.0/24 maxlen: 24 185.208.153.0/24 maxlen: 24 185.230.121.0/24 maxlen: 24 185.253.120.0/24 maxlen: 24 185.253.121.0/24 maxlen: 24 2a0a:8f40:3::/48 maxlen: 48 2a0a:8f40:4::/48 maxlen: 48 2a0a:8f40:6::/48 maxlen: 48 2a0a:8f40:8::/48 maxlen: 48 2a0a:8f40:9::/48 maxlen: 48 2a0a:8f40:a::/48 maxlen: 48 2a0a:8f40:b::/48 maxlen: 48 2a0a:8f40:c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 05:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:78:52:67:5a:06:59:5c:42:75:76:47:ee:11:6e:89:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Nov 12 13:47:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b452b1d96d215549e00fc69c13831c671f3bb0b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:25:0b:8f:c5:bc:89:9b:29:2b:88:f0:47:87: bd:96:77:eb:13:65:dd:db:43:52:12:8b:a2:00:d9: ba:1d:3e:9c:11:f8:92:28:8c:34:60:6e:b4:53:cf: eb:5d:a2:ae:a2:eb:b6:da:19:c1:a8:ab:34:17:12: cc:34:cd:8c:d0:86:b3:39:70:0a:f2:28:70:a9:4f: 44:d6:06:14:d4:5c:09:1e:11:4e:29:65:c2:09:d5: 14:d8:2c:f7:72:5f:01:1b:0e:b1:05:f5:5d:8e:ef: 26:6d:08:85:a9:02:71:0b:8b:1c:d7:e5:21:58:1b: 14:46:97:57:a3:2b:b7:5c:24:e6:bd:fc:11:d8:3b: 22:b5:e1:79:93:c4:93:3c:e8:0e:e5:f3:08:62:e4: b1:aa:98:f5:34:e5:96:4e:1f:92:b7:62:18:39:e1: 0c:dc:ae:24:63:34:07:f0:d6:70:af:65:f3:65:56: cd:85:79:e1:37:85:85:7e:2d:41:7c:c3:c6:e8:9d: a5:59:4a:8b:68:c3:da:c3:80:07:88:8f:be:70:d3: c0:bf:2c:ca:f3:4c:24:78:49:e2:e1:c4:61:f7:a3: bd:c0:1d:1a:56:72:f9:8e:0a:dd:e2:03:84:db:6e: 91:73:a0:d6:de:b9:97:1f:ec:84:1f:a0:da:9f:88: 6f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:52:B1:D9:6D:21:55:49:E0:0F:C6:9C:13:83:1C:67:1F:3B:B0:B7 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tFKx2W0hVUngD8acE4McZx87sLc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.196.0/24 79.98.183.0/24 92.249.29.0/24 94.154.171.0/24 103.130.176.0/23 103.210.14.0/23 103.216.198.0/24 104.232.36.0/24 162.218.92.0/24 185.52.139.0/24 185.161.190.0/24 185.187.214.0/23 185.201.42.0/24 185.208.152.0/23 185.230.121.0/24 185.253.120.0/23 IPv6: 2a0a:8f40:3::-2a0a:8f40:4:ffff:ffff:ffff:ffff:ffff 2a0a:8f40:6::/48 2a0a:8f40:8::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 0a:5e:0f:52:39:58:dd:99:74:91:36:b9:5b:06:17:60:3a:bf: 48:f8:c4:23:4a:27:3a:0a:c5:27:8b:2a:25:a2:02:f9:e6:aa: e5:34:d3:8e:ad:10:27:a8:65:4d:d7:8e:58:80:cb:2f:f0:82: 01:b2:8b:39:78:a1:2f:fd:ac:6e:99:41:66:0f:b5:cd:45:5c: 06:7a:f3:2d:9d:53:74:52:25:6f:5e:a0:c2:19:4a:d5:f3:3a: 06:e1:57:78:34:1f:ec:93:8c:d4:d6:fb:4a:35:8e:fb:4d:9c: 40:38:bf:06:4e:a2:49:11:54:15:ce:d7:86:7c:12:a5:1b:d0: 87:7f:ff:6b:48:09:6e:5a:7c:68:1e:e8:87:10:91:e2:d2:e2: 0f:82:15:1b:a3:94:ad:36:31:c4:cf:2f:d7:41:c3:52:b0:4a: e4:cc:50:a8:cf:22:18:a6:81:82:7e:ac:f5:d1:56:47:95:a9: d3:ea:05:26:8d:19:d1:a5:c6:0b:dd:be:76:f0:fd:2b:86:65: 63:a1:65:30:e2:c8:be:fe:c5:36:37:53:43:40:fc:66:d3:8f: 32:82:41:c8:e0:92:a9:3a:d8:fc:fe:c4:e8:38:dc:3c:08:23: 27:bd:cd:26:dc:c5:ce:57:22:7c:4b:82:21:11:6b:f3:97:d1: 4d:61:7e:11 -----BEGIN CERTIFICATE----- MIIFkzCCBHugAwIBAgISAZp4UmdaBllcQnV2R+4RbontMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjUxMTEyMTM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNDUyYjFkOTZkMjE1NTQ5ZTAwZmM2OWMxMzgzMWM2NzFmM2JiMGI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyULj8W8iZspK4jwR4e9lnfrE2Xd 20NSEouiANm6HT6cEfiSKIw0YG60U8/rXaKuouu22hnBqKs0FxLMNM2M0IazOXAK 8ihwqU9E1gYU1FwJHhFOKWXCCdUU2Cz3cl8BGw6xBfVdju8mbQiFqQJxC4sc1+Uh WBsURpdXoyu3XCTmvfwR2DsiteF5k8STPOgO5fMIYuSxqpj1NOWWTh+St2IYOeEM 3K4kYzQH8NZwr2XzZVbNhXnhN4WFfi1BfMPG6J2lWUqLaMPaw4AHiI++cNPAvyzK 80wkeEni4cRh96O9wB0aVnL5jgrd4gOE226Rc6DW3rmXH+yEH6Dan4hvlQIDAQAB o4ICnzCCApswHQYDVR0OBBYEFLRSsdltIVVJ4A/GnBODHGcfO7C3MB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvdEZLeDJXMGhWVW5nRDhhY0U0TWNaeDg3c0xjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTBmBAIAATBgAwQABbbE AwQAT2K3AwQAXPkdAwQAXpqrAwQBZ4KwAwQBZ9IOAwQAZ9jGAwQAaOgkAwQAotpc AwQAuTSLAwQAuaG+AwQBubvWAwQAuckqAwQBudCYAwQAueZ5AwQBuf14MDcEAgAC MDEwEgMHACoKj0AAAwMHACoKj0AABAMHACoKj0AABjASAwcDKgqPQAAIAwcAKgqP QAAMMA0GCSqGSIb3DQEBCwUAA4IBAQAKXg9SOVjdmXSRNrlbBhdgOr9I+MQjSic6 CsUniyologL55qrlNNOOrRAnqGVN145YgMsv8IIBsos5eKEv/axumUFmD7XNRVwG evMtnVN0UiVvXqDCGUrV8zoG4Vd4NB/sk4zU1vtKNY77TZxAOL8GTqJJEVQVzteG fBKlG9CHf/9rSAluWnxoHuiHEJHi0uIPghUbo5StNjHEzy/XQcNSsErkzFCozyIY poGCfqz10VZHlanT6gUmjRnRpcYL3b528P0rhmVjoWUw4si+/sU2N1NDQPxm048y gkHI4JKpOtj8/sToONw8CCMnvc0m3MXOVyJ8S4IhEWvzl9FNYX4R -----END CERTIFICATE-----Generated at Wed Dec 3 11:46:05 2025 by rpki-client