This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/w41Q-pBzKfdWHXR2vGX4i5Q4snE.roa File: w41Q-pBzKfdWHXR2vGX4i5Q4snE.roa (raw, json) Hash identifier: WtueUI2Jm3MhYJ2HMFzJ55B+hyohmoA3tc1o3ULlx0U= Subject key identifier: C3:8D:50:FA:90:73:29:F7:56:1D:74:76:BC:65:F8:8B:94:38:B2:71 Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b Certificate serial: 019AFDA43A72BC17F2907053996E68DEAB07 Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/w41Q-pBzKfdWHXR2vGX4i5Q4snE.roa Signing time: Mon 08 Dec 2025 11:06:29 +0000 ROA not before: Mon 08 Dec 2025 11:06:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 5430 IP address blocks: 194.97.172.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.mft rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 05:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fd:a4:3a:72:bc:17:f2:90:70:53:99:6e:68:de:ab:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b Validity Not Before: Dec 8 11:06:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=c38d50fa907329f7561d7476bc65f88b9438b271 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e3:8b:3d:8f:1b:14:5e:28:ba:71:5d:bb:b6: a6:76:20:82:99:d4:6f:3c:e1:86:74:eb:31:72:cf: 65:be:ca:20:27:d1:99:6d:58:6a:b1:3d:65:d6:ed: 9a:30:80:32:0b:0f:9b:73:ca:6b:31:1e:01:af:3d: 1c:53:bd:b5:8d:e4:dc:15:83:12:88:40:f8:f9:3f: 9b:81:33:0e:18:f4:a0:19:49:bc:d9:51:cf:f9:da: 45:92:1f:0f:0a:61:a5:31:93:d0:76:8b:8c:c8:45: 01:89:38:4b:c2:35:b5:fc:78:6e:58:9f:74:81:18: b1:66:5f:18:c2:c8:f8:27:aa:36:1c:71:e3:ee:8c: 5d:74:ac:c7:01:3f:2b:b1:5d:36:6e:57:78:ef:76: e8:ec:80:a3:ea:fd:a9:7f:a5:a0:3c:7e:7b:61:55: 14:68:00:d0:62:01:d2:88:0d:50:c3:f1:4b:05:51: f4:77:bf:70:75:f0:45:cd:a4:d4:be:0a:0f:fc:77: 46:04:92:57:02:75:5e:76:da:2e:f7:ea:33:a0:17: 33:44:32:ca:fa:a1:40:b0:33:8d:27:22:19:1e:40: 51:c0:6f:95:f6:04:41:1e:d2:18:20:5a:30:08:ab: ac:3a:20:c1:09:a9:6e:b0:30:73:27:70:63:6c:db: a2:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:8D:50:FA:90:73:29:F7:56:1D:74:76:BC:65:F8:8B:94:38:B2:71 X509v3 Authority Key Identifier: keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/w41Q-pBzKfdWHXR2vGX4i5Q4snE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.97.172.0/22 Signature Algorithm: sha256WithRSAEncryption 5b:8b:18:2a:3f:1e:c7:38:fa:b1:ab:07:cf:66:15:9e:e5:37: fa:10:ac:28:eb:0c:8d:52:e5:85:4b:b9:cc:99:aa:07:88:2a: e7:48:9a:cd:36:ad:d9:ff:d2:9f:c1:f6:c4:6e:7c:c8:c1:39: 2c:55:91:6c:69:8a:00:c1:e5:45:e7:4c:ce:4b:bf:6e:8c:3b: 19:8a:ff:68:41:b8:f5:e4:e0:cb:2d:09:9f:ad:88:da:8f:6c: da:cb:8e:a4:b1:f6:99:e9:7e:8d:22:d8:2d:bc:4c:84:15:1f: 86:f8:83:c5:99:0a:5a:17:c9:5f:93:d0:07:92:cc:fa:03:c1: fd:57:91:40:11:65:36:65:4c:9b:2e:79:54:ed:33:99:31:0e: 8d:f8:a2:6b:fc:d2:9c:1f:90:ea:e9:6d:0a:e2:70:c7:4a:6c: 68:de:83:0a:b3:35:1d:d9:d4:82:10:3d:5f:84:7c:a4:af:7a: ac:61:f7:27:49:aa:27:83:38:b8:ff:6e:0c:d4:e0:91:f7:8a: a7:3a:3c:fc:c4:e9:c6:65:53:5f:9e:f1:14:40:ea:e7:39:c9: 99:a9:1a:d5:0a:92:f1:04:01:9d:bf:03:42:c6:7b:3c:03:ab: 43:30:db:6b:0a:66:29:b7:7d:a6:25:e4:0a:22:44:88:ef:93: 64:27:9d:9c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZr9pDpyvBfykHBTmW5o3qsHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4 OWU5NWIwHhcNMjUxMjA4MTEwNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMzhkNTBmYTkwNzMyOWY3NTYxZDc0NzZiYzY1Zjg4Yjk0MzhiMjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuOLPY8bFF4ounFdu7amdiCCmdRv POGGdOsxcs9lvsogJ9GZbVhqsT1l1u2aMIAyCw+bc8prMR4Brz0cU721jeTcFYMS iED4+T+bgTMOGPSgGUm82VHP+dpFkh8PCmGlMZPQdouMyEUBiThLwjW1/HhuWJ90 gRixZl8Ywsj4J6o2HHHj7oxddKzHAT8rsV02bld473bo7ICj6v2pf6WgPH57YVUU aADQYgHSiA1Qw/FLBVH0d79wdfBFzaTUvgoP/HdGBJJXAnVedtou9+ozoBczRDLK +qFAsDONJyIZHkBRwG+V9gRBHtIYIFowCKusOiDBCalusDBzJ3BjbNuilQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMONUPqQcyn3Vh10drxl+IuUOLJxMB8GA1UdIwQY MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt NDAyMTI2NWMzOWIwLzEvdzQxUS1wQnpLZmRXSFhSMnZHWDRpNVE0c25FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwmGsMA0G CSqGSIb3DQEBCwUAA4IBAQBbixgqPx7HOPqxqwfPZhWe5Tf6EKwo6wyNUuWFS7nM maoHiCrnSJrNNq3Z/9KfwfbEbnzIwTksVZFsaYoAweVF50zOS79ujDsZiv9oQbj1 5ODLLQmfrYjaj2zay46ksfaZ6X6NItgtvEyEFR+G+IPFmQpaF8lfk9AHksz6A8H9 V5FAEWU2ZUybLnlU7TOZMQ6N+KJr/NKcH5Dq6W0K4nDHSmxo3oMKszUd2dSCED1f hHykr3qsYfcnSaongzi4/24M1OCR94qnOjz8xOnGZVNfnvEUQOrnOcmZqRrVCpLx BAGdvwNCxns8A6tDMNtrCmYpt32mJeQKIkSI75NkJ52c -----END CERTIFICATE-----Generated at Fri Dec 12 11:51:18 2025 by rpki-client