This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/HZhwyfKwqypgTctIAF1kQCyKm-g.roa File: HZhwyfKwqypgTctIAF1kQCyKm-g.roa (raw, json) Hash identifier: LGS1UmMU+4m8lLls8h4CixSnB8TXlksI3e4kAzHbgdA= Subject key identifier: 1D:98:70:C9:F2:B0:AB:2A:60:4D:CB:48:00:5D:64:40:2C:8A:9B:E8 Certificate issuer: /CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0 Certificate serial: 019B042DCF9655D5F2E3CE3CD16DFC50E83E Authority key identifier: 29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/HZhwyfKwqypgTctIAF1kQCyKm-g.roa Signing time: Tue 09 Dec 2025 17:34:29 +0000 ROA not before: Tue 09 Dec 2025 17:34:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48573 IP address blocks: 31.185.0.0/21 maxlen: 21 31.185.0.0/22 maxlen: 22 31.185.0.0/24 maxlen: 24 31.185.1.0/24 maxlen: 24 31.185.2.0/24 maxlen: 24 31.185.3.0/24 maxlen: 24 31.185.4.0/22 maxlen: 22 31.185.4.0/24 maxlen: 24 31.185.5.0/24 maxlen: 24 31.185.6.0/24 maxlen: 24 94.143.40.0/21 maxlen: 21 94.143.40.0/22 maxlen: 22 94.143.40.0/24 maxlen: 24 94.143.42.0/23 maxlen: 23 94.143.42.0/24 maxlen: 24 94.143.43.0/24 maxlen: 24 94.143.44.0/22 maxlen: 22 95.215.136.0/22 maxlen: 22 95.215.136.0/23 maxlen: 23 95.215.138.0/23 maxlen: 23 185.43.8.0/22 maxlen: 22 185.43.8.0/23 maxlen: 23 185.43.8.0/24 maxlen: 24 185.43.10.0/23 maxlen: 23 185.43.10.0/24 maxlen: 24 185.43.11.0/24 maxlen: 24 193.29.230.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.mft rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:04:2d:cf:96:55:d5:f2:e3:ce:3c:d1:6d:fc:50:e8:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=290bcc50a9a33ba5651efd1afe40b6fdb02556f0 Validity Not Before: Dec 9 17:34:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=1d9870c9f2b0ab2a604dcb48005d64402c8a9be8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:24:c4:7c:92:5d:fb:47:bc:4c:50:3a:c3:cd: 64:d2:3f:47:3a:bf:f2:61:b9:73:51:08:44:f3:a7: 6b:96:ff:96:36:48:ad:05:26:9e:4b:05:02:71:67: 33:fd:6e:9e:2a:33:ad:6b:f5:ac:93:ae:c1:fe:90: f1:18:3c:c7:f0:87:c1:c5:f0:cf:a7:d0:0a:3a:87: 43:a5:06:40:85:6e:c2:48:7d:30:e3:0f:91:e6:a1: b5:c6:6d:28:67:31:d3:6c:c1:f5:33:7e:99:f8:34: be:be:c3:de:02:7e:43:c6:9a:90:88:09:62:af:a3: b3:2a:5e:9d:5a:4a:d8:57:32:89:79:85:1e:03:7c: 89:8b:20:c8:9f:48:83:3c:e6:b4:fe:8d:ab:10:dd: c7:ed:ff:4f:c1:be:f3:d7:9d:fc:0c:08:72:c4:11: 06:de:d0:7c:e3:53:46:bc:47:8c:5d:bc:e6:71:41: b2:e7:4e:84:51:72:59:1d:2b:5c:88:b1:70:29:7f: 99:2f:f3:db:19:a6:5b:90:f4:9e:ad:7b:a9:a8:b6: 55:65:b5:76:5e:c6:25:cb:5f:1e:d6:c6:56:cc:29: ba:7b:c6:de:58:fd:82:2d:78:b8:a3:cd:85:9c:70: 7c:04:69:c4:90:18:e2:15:e8:2e:24:95:67:32:90: 3c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:98:70:C9:F2:B0:AB:2A:60:4D:CB:48:00:5D:64:40:2C:8A:9B:E8 X509v3 Authority Key Identifier: keyid:29:0B:CC:50:A9:A3:3B:A5:65:1E:FD:1A:FE:40:B6:FD:B0:25:56:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQvMUKmjO6VlHv0a_kC2_bAlVvA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/HZhwyfKwqypgTctIAF1kQCyKm-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/4b6ef4-38ee-4c06-8cb6-76982493ea1a/1/KQvMUKmjO6VlHv0a_kC2_bAlVvA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.185.0.0/21 94.143.40.0/21 95.215.136.0/22 185.43.8.0/22 193.29.230.0/23 Signature Algorithm: sha256WithRSAEncryption 66:a4:cf:f0:ba:70:77:2e:8c:e0:94:05:58:4b:f3:d7:4b:f6: e8:ca:1c:8d:d3:38:c8:5b:18:cb:b7:27:82:0b:18:65:2d:b3: 28:e8:be:65:9f:c6:72:93:03:d7:2e:8a:4f:05:4c:d4:be:f0: 46:42:e7:eb:fe:fe:c8:72:f6:5a:38:aa:9f:77:8c:bd:04:e5: ba:c6:83:2e:66:a0:0a:3f:24:e9:40:06:bf:83:79:ac:38:63: e5:9c:78:47:12:7d:d0:16:08:36:61:2c:5e:3f:5f:95:4f:49: 3d:2e:d0:4e:a1:c0:c4:36:89:08:eb:5a:77:44:84:6b:ae:47: c3:ea:b9:0b:87:cb:62:b6:2b:c2:a6:76:0d:a6:8d:f7:60:74: 3f:1a:8e:21:98:a2:66:e4:e8:a8:88:11:cb:46:06:fe:88:5f: 00:11:03:a2:b9:75:0c:ea:fb:1c:bf:31:03:e2:25:8c:d3:50: b8:7b:02:e6:4b:25:02:79:3d:79:4d:f0:34:0c:47:a3:f5:7a: 5f:44:97:67:e0:63:e2:41:27:9c:36:f9:e9:05:31:1e:d7:1a: ad:4b:e0:64:40:48:b9:51:3e:65:7d:e2:98:12:9b:89:a7:8a: c3:d5:ae:0c:34:9f:5d:58:4c:93:ca:0a:85:90:cb:2e:3c:68: bd:09:6b:28 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZsELc+WVdXy48480W38UOg+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MGJjYzUwYTlhMzNiYTU2NTFlZmQxYWZlNDBiNmZkYjAy NTU2ZjAwHhcNMjUxMjA5MTczNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZDk4NzBjOWYyYjBhYjJhNjA0ZGNiNDgwMDVkNjQ0MDJjOGE5YmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yTEfJJd+0e8TFA6w81k0j9HOr/y YblzUQhE86drlv+WNkitBSaeSwUCcWcz/W6eKjOta/Wsk67B/pDxGDzH8IfBxfDP p9AKOodDpQZAhW7CSH0w4w+R5qG1xm0oZzHTbMH1M36Z+DS+vsPeAn5DxpqQiAli r6OzKl6dWkrYVzKJeYUeA3yJiyDIn0iDPOa0/o2rEN3H7f9Pwb7z1538DAhyxBEG 3tB841NGvEeMXbzmcUGy506EUXJZHStciLFwKX+ZL/PbGaZbkPSerXupqLZVZbV2 XsYly18e1sZWzCm6e8beWP2CLXi4o82FnHB8BGnEkBjiFeguJJVnMpA8SwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFB2YcMnysKsqYE3LSABdZEAsipvoMB8GA1UdIwQY MBaAFCkLzFCpozulZR79Gv5Atv2wJVbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYt NzY5ODI0OTNlYTFhLzEvSFpod3lmS3dxeXBnVGN0SUFGMWtRQ3lLbS1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi80YjZlZjQtMzhlZS00YzA2LThjYjYtNzY5ODI0OTNlYTFh LzEvS1F2TVVLbWpPNlZsSHYwYV9rQzJfYkFsVnZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDH7kAAwQD Xo8oAwQCX9eIAwQCuSsIAwQBwR3mMA0GCSqGSIb3DQEBCwUAA4IBAQBmpM/wunB3 LozglAVYS/PXS/boyhyN0zjIWxjLtyeCCxhlLbMo6L5ln8ZykwPXLopPBUzUvvBG Qufr/v7IcvZaOKqfd4y9BOW6xoMuZqAKPyTpQAa/g3msOGPlnHhHEn3QFgg2YSxe P1+VT0k9LtBOocDENokI61p3RIRrrkfD6rkLh8titivCpnYNpo33YHQ/Go4hmKJm 5OioiBHLRgb+iF8AEQOiuXUM6vscvzED4iWM01C4ewLmSyUCeT15TfA0DEej9Xpf RJdn4GPiQSecNvnpBTEe1xqtS+BkQEi5UT5lfeKYEpuJp4rD1a4MNJ9dWEyTygqF kMsuPGi9CWso -----END CERTIFICATE-----Generated at Wed Dec 10 09:42:35 2025 by rpki-client