This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/yJtgUHZrNGIphWEtuEirIf27Jww.roa File: yJtgUHZrNGIphWEtuEirIf27Jww.roa (raw, json) Hash identifier: zOQtzaZFlNqZsL/r+xQWgVSCPH9Fe6GrpDnDb0dgb2o= Subject key identifier: C8:9B:60:50:76:6B:34:62:29:85:61:2D:B8:48:AB:21:FD:BB:27:0C Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf Certificate serial: 019A924838B38B13F18BA2FEC602DB9ED546 Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/yJtgUHZrNGIphWEtuEirIf27Jww.roa Signing time: Mon 17 Nov 2025 14:46:37 +0000 ROA not before: Mon 17 Nov 2025 14:46:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 205795 IP address blocks: 45.141.149.0/24 maxlen: 24 2a13:a440::/48 maxlen: 48 2a13:a440:1::/48 maxlen: 48 2a13:a440:2::/48 maxlen: 48 2a13:a440:3::/48 maxlen: 48 2a13:a440:4::/48 maxlen: 48 2a13:a440:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:92:48:38:b3:8b:13:f1:8b:a2:fe:c6:02:db:9e:d5:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf Validity Not Before: Nov 17 14:46:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c89b6050766b34622985612db848ab21fdbb270c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a8:65:64:f2:ff:a9:89:89:c8:2f:20:91:b2: ba:2e:e7:a5:73:fe:f7:8e:3b:5a:d3:fd:82:28:b6: 0b:f2:ba:f9:bc:ce:f5:a2:a6:8d:e1:7c:63:ce:24: 34:f4:f5:5d:f6:6f:86:a5:c3:ca:5e:70:5c:19:65: 14:1c:bc:38:37:01:60:f3:ed:96:b6:7d:9d:c1:ed: 4b:21:e4:bc:05:c5:f1:91:63:24:df:fb:95:07:99: fe:c7:04:b6:0d:80:38:5d:16:d1:89:4f:d5:28:e5: 92:75:f0:32:c4:79:ed:7a:94:b4:72:c8:72:87:6b: 8f:99:7e:e4:9a:38:bf:6d:b6:6b:f7:63:3c:a5:f7: 4e:a3:5b:2f:92:35:07:45:03:f0:f6:6b:47:4d:19: 77:db:ae:05:3f:30:fc:82:8c:e6:63:93:a7:4d:8b: 5b:2b:bd:07:ad:28:ec:b4:22:62:47:14:5b:7d:5b: e3:ee:4e:e0:ba:3f:cc:52:2b:66:83:ca:34:5e:36: 7b:3d:54:ed:65:1c:e2:e4:b4:2b:d2:af:79:80:62: d7:d5:63:7b:e2:85:15:ca:c0:dc:3a:34:e7:5b:86: 89:b0:41:72:e2:83:83:a4:49:5a:35:8e:75:a3:04: e1:7d:90:c4:fb:fb:55:40:b3:6e:f6:15:cd:1a:36: 2e:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:9B:60:50:76:6B:34:62:29:85:61:2D:B8:48:AB:21:FD:BB:27:0C X509v3 Authority Key Identifier: keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/yJtgUHZrNGIphWEtuEirIf27Jww.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.141.149.0/24 IPv6: 2a13:a440::-2a13:a440:5:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 69:bc:7f:7a:a9:81:89:11:ae:d8:d1:33:96:fe:bc:e9:2f:30: 87:b1:7e:6c:8d:15:cb:c9:41:7f:df:6e:23:f3:6a:22:fe:5a: b6:b9:52:3c:7e:0e:6b:9d:c8:fd:4c:de:d7:ac:c1:57:08:17: fb:0e:e9:33:72:21:64:81:93:1b:ca:12:03:87:cd:a2:92:15: ea:3d:44:53:f4:8d:c7:7d:3c:65:e7:a7:fc:63:67:c1:ce:f5: 59:ea:16:4e:83:37:4f:69:54:f6:52:98:0d:e8:9f:4a:b4:4f: e9:d4:b9:ee:15:95:da:69:af:0a:4a:0e:ba:71:44:b6:fa:f6: e0:41:cc:d1:92:1e:99:57:15:21:23:b8:d7:c3:70:8f:5e:34: 7a:b5:05:5c:ed:dc:f3:92:9d:dd:aa:ff:de:66:b9:35:71:84: 83:93:8f:32:f0:c0:77:60:65:e0:91:16:9e:6f:3f:d0:9e:1d: c0:99:c6:af:25:c4:98:8e:5e:c5:cf:98:bb:e0:68:ce:9c:62: cb:25:0c:1d:e6:32:ce:f4:4a:f3:91:e7:ee:b6:63:19:e1:46: 45:bb:e9:a4:45:bb:0e:fc:f3:c6:e1:76:c3:29:2a:95:84:9a: 78:3b:c5:54:d7:f5:6a:ce:f5:28:fc:46:02:d7:c0:93:09:3a: 64:4f:06:42 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZqSSDizixPxi6L+xgLbntVGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl ZjVkYWYwHhcNMjUxMTE3MTQ0NjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODliNjA1MDc2NmIzNDYyMjk4NTYxMmRiODQ4YWIyMWZkYmIyNzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqhlZPL/qYmJyC8gkbK6Luelc/73 jjta0/2CKLYL8rr5vM71oqaN4XxjziQ09PVd9m+GpcPKXnBcGWUUHLw4NwFg8+2W tn2dwe1LIeS8BcXxkWMk3/uVB5n+xwS2DYA4XRbRiU/VKOWSdfAyxHntepS0cshy h2uPmX7kmji/bbZr92M8pfdOo1svkjUHRQPw9mtHTRl3264FPzD8gozmY5OnTYtb K70HrSjstCJiRxRbfVvj7k7guj/MUitmg8o0XjZ7PVTtZRzi5LQr0q95gGLX1WN7 4oUVysDcOjTnW4aJsEFy4oODpElaNY51owThfZDE+/tVQLNu9hXNGjYuRwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFMibYFB2azRiKYVhLbhIqyH9uycMMB8GA1UdIwQY MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt NWRkNmUyMmViYWIwLzEveUp0Z1VIWnJOR0lwaFdFdHVFaXJJZjI3Snd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALY2VMBgE AgACMBIwEAMFBioTpEADBwEqE6RAAAQwDQYJKoZIhvcNAQELBQADggEBAGm8f3qp gYkRrtjRM5b+vOkvMIexfmyNFcvJQX/fbiPzaiL+Wra5Ujx+DmudyP1M3teswVcI F/sO6TNyIWSBkxvKEgOHzaKSFeo9RFP0jcd9PGXnp/xjZ8HO9VnqFk6DN09pVPZS mA3on0q0T+nUue4VldpprwpKDrpxRLb69uBBzNGSHplXFSEjuNfDcI9eNHq1BVzt 3POSnd2q/95muTVxhIOTjzLwwHdgZeCRFp5vP9CeHcCZxq8lxJiOXsXPmLvgaM6c YsslDB3mMs70SvOR5+62YxnhRkW76aRFuw7888bhdsMpKpWEmng7xVTX9WrO9Sj8 RgLXwJMJOmRPBkI= -----END CERTIFICATE-----Generated at Fri Dec 5 18:22:20 2025 by rpki-client