This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cUMYeK0SuH0JD4WEkp96Por51S4.roa File: cUMYeK0SuH0JD4WEkp96Por51S4.roa (raw, json) Hash identifier: EhIEb8z4cYL7rYTvyBiQkCf0Yv75CAdXDIVp4xl5UGM= Subject key identifier: 71:43:18:78:AD:12:B8:7D:09:0F:85:84:92:9F:7A:3E:8A:F9:D5:2E Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B025AE74DD0DFA7B14F9E00F0768DF871 Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cUMYeK0SuH0JD4WEkp96Por51S4.roa Signing time: Tue 09 Dec 2025 09:04:30 +0000 ROA not before: Tue 09 Dec 2025 09:04:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 16509 IP address blocks: 45.90.17.0/24 maxlen: 24 185.222.30.0/24 maxlen: 24 185.223.82.0/24 maxlen: 24 185.230.65.0/24 maxlen: 24 185.230.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 04:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:5a:e7:4d:d0:df:a7:b1:4f:9e:00:f0:76:8d:f8:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Dec 9 09:04:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=71431878ad12b87d090f8584929f7a3e8af9d52e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:86:35:e5:18:81:ee:26:ba:5a:8b:f9:92:2e: 9c:ca:05:6c:e9:ca:03:95:ba:ac:dd:f8:b7:d9:5c: c2:38:1e:15:5e:f4:a8:c7:40:b9:fc:f4:2c:08:2c: 6c:cc:57:e9:07:33:57:32:48:9f:20:17:7e:e9:2a: 9c:55:a5:7b:fa:45:91:0c:b6:16:8c:68:d3:8d:8d: 01:4d:c4:e8:c3:b4:28:de:cf:c5:d6:ab:35:1d:31: 35:f6:10:98:f0:05:8d:0f:59:ca:e0:04:75:84:04: 92:9c:60:15:fb:48:5a:ba:46:96:29:69:ea:5e:c6: c4:3a:f4:26:85:ea:0b:2d:69:fa:15:c4:51:01:21: 5d:0e:75:42:32:8c:66:d1:76:6d:cf:96:e3:46:1f: 64:3a:95:1f:b8:72:2e:27:a9:78:69:64:c3:bf:36: d4:2d:1e:91:0c:fa:e0:46:92:ec:27:37:07:53:0a: e7:20:0e:c8:e2:e0:64:33:d8:e0:44:f4:73:c7:44: 9b:41:02:cf:d8:e1:c7:01:40:29:90:db:c1:0b:69: cb:1f:5e:aa:af:6a:de:c5:4e:40:e2:93:38:b8:7d: 25:3d:f2:96:93:3a:a0:9e:31:76:7c:07:b1:9e:fd: 6f:da:9f:8d:2f:5a:59:af:14:a7:eb:ef:83:43:2b: ee:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:43:18:78:AD:12:B8:7D:09:0F:85:84:92:9F:7A:3E:8A:F9:D5:2E X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/cUMYeK0SuH0JD4WEkp96Por51S4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.17.0/24 185.222.30.0/24 185.223.82.0/24 185.230.65.0-185.230.66.255 Signature Algorithm: sha256WithRSAEncryption 6f:60:e6:bc:60:8f:ee:05:05:97:9d:3e:e3:f1:97:bc:74:85: 2e:e2:cf:18:27:7e:9a:9b:99:17:22:0e:53:3d:c0:71:17:f8: cd:b5:bf:b8:22:bd:d3:2c:a5:ac:af:c7:bf:10:ec:31:c9:f2: 56:30:de:8c:b0:12:e2:1b:ef:ab:e8:95:f7:ff:13:10:27:c6: c0:55:4f:71:0a:9b:e0:06:a7:28:a6:d9:e4:49:17:bf:da:5a: 34:d6:ca:c8:9e:57:4e:bb:55:81:cf:4d:d0:bd:a7:2b:65:39: 72:df:0c:7c:9b:90:07:37:f2:c7:27:7f:67:62:b0:e0:04:a3: b1:e6:f9:75:bc:39:ed:8a:28:e7:1f:09:c4:84:28:42:a9:45: 4c:67:39:8b:8b:a4:97:f2:52:c1:2b:53:50:45:5c:40:e8:b6: 88:b2:47:85:63:26:76:77:ac:81:d9:3d:28:b7:ea:95:5b:65: 46:9d:72:62:51:41:d2:f4:e4:ff:e9:d5:06:fa:85:50:d6:ba: de:6a:b3:b9:fc:b0:42:31:28:be:03:a1:63:c9:57:37:da:ef: 66:05:b9:4c:8e:a0:9c:04:1e:35:f0:80:49:5c:c0:ce:ca:80: c6:1b:64:2c:a3:e6:cc:0f:61:44:5e:50:b4:3c:fb:40:65:c6: c1:61:18:f4 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZsCWudN0N+nsU+eAPB2jfhxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjUxMjA5MDkwNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTQzMTg3OGFkMTJiODdkMDkwZjg1ODQ5MjlmN2EzZThhZjlkNTJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YY15RiB7ia6Wov5ki6cygVs6coD lbqs3fi32VzCOB4VXvSox0C5/PQsCCxszFfpBzNXMkifIBd+6SqcVaV7+kWRDLYW jGjTjY0BTcTow7Qo3s/F1qs1HTE19hCY8AWND1nK4AR1hASSnGAV+0haukaWKWnq XsbEOvQmheoLLWn6FcRRASFdDnVCMoxm0XZtz5bjRh9kOpUfuHIuJ6l4aWTDvzbU LR6RDPrgRpLsJzcHUwrnIA7I4uBkM9jgRPRzx0SbQQLP2OHHAUApkNvBC2nLH16q r2rexU5A4pM4uH0lPfKWkzqgnjF2fAexnv1v2p+NL1pZrxSn6++DQyvuDwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFHFDGHitErh9CQ+FhJKfej6K+dUuMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvY1VNWWVLMFN1SDBKRDRXRWtwOTZQb3I1MVM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALVoRAwQA ud4eAwQAud9SMAwDBAC55kEDBAC55kIwDQYJKoZIhvcNAQELBQADggEBAG9g5rxg j+4FBZedPuPxl7x0hS7izxgnfpqbmRciDlM9wHEX+M21v7givdMspayvx78Q7DHJ 8lYw3oywEuIb76volff/ExAnxsBVT3EKm+AGpyim2eRJF7/aWjTWysieV067VYHP TdC9pytlOXLfDHybkAc38scnf2disOAEo7Hm+XW8Oe2KKOcfCcSEKEKpRUxnOYuL pJfyUsErU1BFXEDotoiyR4VjJnZ3rIHZPSi36pVbZUadcmJRQdL05P/p1Qb6hVDW ut5qs7n8sEIxKL4DoWPJVzfa72YFuUyOoJwEHjXwgElcwM7KgMYbZCyj5swPYURe ULQ8+0BlxsFhGPQ= -----END CERTIFICATE-----Generated at Fri Dec 12 09:46:18 2025 by rpki-client