This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/3U2HMxedCVt6_kMIDQH--335xZ4.roa File: 3U2HMxedCVt6_kMIDQH--335xZ4.roa (raw, json) Hash identifier: 88sss7mFD2sWeeU8HLQ5OArgZS/AoA8AY0GLqd56WLQ= Subject key identifier: DD:4D:87:33:17:9D:09:5B:7A:FE:43:08:0D:01:FE:FB:7D:F9:C5:9E Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24 Certificate serial: 019B23CB123E2AD2C183F9B996DFAFB2AABA Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/3U2HMxedCVt6_kMIDQH--335xZ4.roa Signing time: Mon 15 Dec 2025 20:54:29 +0000 ROA not before: Mon 15 Dec 2025 20:54:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 48407 IP address blocks: 81.90.16.0/20 maxlen: 20 81.90.16.0/21 maxlen: 21 81.90.17.0/24 maxlen: 24 81.90.18.0/24 maxlen: 24 81.90.19.0/24 maxlen: 24 93.94.50.0/24 maxlen: 24 93.94.53.0/24 maxlen: 24 93.94.54.0/24 maxlen: 24 93.94.55.0/24 maxlen: 24 2a00:8b20::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 17:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:23:cb:12:3e:2a:d2:c1:83:f9:b9:96:df:af:b2:aa:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24 Validity Not Before: Dec 15 20:54:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=dd4d8733179d095b7afe43080d01fefb7df9c59e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:99:ba:d6:04:a8:9f:13:8e:54:7c:31:a7:78: f8:a9:fe:55:c2:d2:f0:3b:5d:5c:27:48:6d:7d:68: 86:b6:55:a4:7f:3a:cd:84:e7:ad:85:bc:16:fc:01: 3b:d4:3d:25:b6:9c:5b:b0:c7:c9:95:46:c3:60:46: 5b:dd:2a:ad:c3:6d:71:28:6b:b5:61:20:78:aa:ae: 5e:23:ab:c5:23:3a:a5:97:0f:ac:73:34:2a:b3:2a: 59:6a:e5:b1:ef:b3:17:16:7d:51:88:df:fe:af:12: 7f:53:f4:64:4d:12:5b:34:2b:ec:e7:3a:bb:27:b4: bb:c6:c4:8a:5b:e4:ff:6d:7d:04:73:d8:52:ba:bb: 83:2f:63:42:c8:a8:75:ee:0e:fb:da:44:77:0c:97: e9:96:87:b6:c6:83:ac:8e:bc:9e:37:4a:d4:9e:a7: 8f:dc:88:62:b1:9b:54:eb:e2:25:83:77:a3:4a:3e: 11:40:b7:82:7d:8f:b5:f5:21:9d:26:ec:2b:eb:61: 66:99:32:3b:fd:49:44:60:f9:05:71:69:ac:54:70: 22:37:7e:43:87:61:2d:f2:7e:a7:8a:3f:d5:23:de: fe:28:0e:0c:06:db:90:54:68:82:c3:41:7f:4a:0c: 7e:39:d8:6b:63:7f:20:dd:9b:11:ab:0f:24:67:5a: 10:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:4D:87:33:17:9D:09:5B:7A:FE:43:08:0D:01:FE:FB:7D:F9:C5:9E X509v3 Authority Key Identifier: keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/3U2HMxedCVt6_kMIDQH--335xZ4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.90.16.0/20 93.94.50.0/24 93.94.53.0-93.94.55.255 IPv6: 2a00:8b20::/32 Signature Algorithm: sha256WithRSAEncryption 23:f5:97:b3:86:35:1a:08:66:27:51:0d:57:12:82:a2:ef:2c: 1c:22:cc:5f:c0:71:34:fc:0a:c6:cd:fa:02:7b:91:3c:89:46: 19:6a:52:ff:31:f4:30:90:c8:0c:af:e0:c8:52:ab:74:bf:ca: 1a:f2:7b:66:c5:16:94:35:76:a6:44:9d:e8:7a:1b:ad:c7:af: 7c:11:c8:07:05:5b:7d:ac:1d:ca:31:7e:d2:59:85:cc:44:74: 06:04:d9:4f:04:62:82:c4:b7:40:1c:ce:24:dd:d6:24:a0:d0: d1:d7:15:ec:88:7b:3e:b1:51:80:e2:1b:9b:6e:05:9a:40:e7: 3f:5b:83:22:6b:cf:18:e2:92:ea:4d:5c:68:39:fd:de:c3:85: e3:bd:69:21:6e:d8:64:54:ee:05:33:a7:58:06:32:1a:40:99: 29:3e:91:03:22:22:82:5c:ee:90:8b:33:5a:76:0c:95:12:ca: 76:34:47:c0:ea:80:72:75:6e:44:50:df:9b:f8:91:fb:e8:17: 07:28:cd:8c:f6:60:4f:f6:f6:a6:6d:fb:fc:52:47:ee:61:e1: 26:cf:78:81:d4:df:5f:0a:66:42:bc:af:fa:5c:a5:d9:18:1b: d6:ed:99:6c:b5:0c:a0:49:9a:48:bb:68:85:df:92:63:12:44: 21:ed:de:e3 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZsjyxI+KtLBg/m5lt+vsqq6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj NjNlMjQwHhcNMjUxMjE1MjA1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDRkODczMzE3OWQwOTViN2FmZTQzMDgwZDAxZmVmYjdkZjljNTllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5m61gSonxOOVHwxp3j4qf5VwtLw O11cJ0htfWiGtlWkfzrNhOethbwW/AE71D0ltpxbsMfJlUbDYEZb3Sqtw21xKGu1 YSB4qq5eI6vFIzqllw+sczQqsypZauWx77MXFn1RiN/+rxJ/U/RkTRJbNCvs5zq7 J7S7xsSKW+T/bX0Ec9hSuruDL2NCyKh17g772kR3DJfploe2xoOsjryeN0rUnqeP 3IhisZtU6+Ilg3ejSj4RQLeCfY+19SGdJuwr62FmmTI7/UlEYPkFcWmsVHAiN35D h2Et8n6nij/VI97+KA4MBtuQVGiCw0F/Sgx+OdhrY38g3ZsRqw8kZ1oQhwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFN1NhzMXnQlbev5DCA0B/vt9+cWeMB8GA1UdIwQY MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt MGRiYmMyNDllNjU3LzEvM1UySE14ZWRDVnQ2X2tNSURRSC0tMzM1eFo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3 LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQEUVoQAwQA XV4yMAwDBABdXjUDBANdXjAwDQQCAAIwBwMFACoAiyAwDQYJKoZIhvcNAQELBQAD ggEBACP1l7OGNRoIZidRDVcSgqLvLBwizF/AcTT8CsbN+gJ7kTyJRhlqUv8x9DCQ yAyv4MhSq3S/yhrye2bFFpQ1dqZEneh6G63Hr3wRyAcFW32sHcoxftJZhcxEdAYE 2U8EYoLEt0AcziTd1iSg0NHXFeyIez6xUYDiG5tuBZpA5z9bgyJrzxjikupNXGg5 /d7DheO9aSFu2GRU7gUzp1gGMhpAmSk+kQMiIoJc7pCLM1p2DJUSynY0R8DqgHJ1 bkRQ35v4kfvoFwcozYz2YE/29qZt+/xSR+5h4SbPeIHU318KZkK8r/pcpdkYG9bt mWy1DKBJmki7aIXfkmMSRCHt3uM= -----END CERTIFICATE-----Generated at Wed Dec 17 20:45:23 2025 by rpki-client