This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AAy8OXnpVNc-EVHZjAnGTNFxNeU.roa File: AAy8OXnpVNc-EVHZjAnGTNFxNeU.roa (raw, json) Hash identifier: D1zf6QXUhZX55bVpMpW8CnCz0nUSdqyqtxpT4YZtQOo= Subject key identifier: 00:0C:BC:39:79:E9:54:D7:3E:11:51:D9:8C:09:C6:4C:D1:71:35:E5 Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 0193AF2FC1A9515FA1DE37DD3989835A7BE9 Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AAy8OXnpVNc-EVHZjAnGTNFxNeU.roa Signing time: Tue 10 Dec 2024 06:09:22 +0000 ROA not before: Tue 10 Dec 2024 06:09:22 +0000 ROA not after: Tue 01 Jul 2025 00:00:00 +0000 asID: 0 IP address blocks: 193.124.89.0/24 maxlen: 24 193.124.224.0/23 maxlen: 23 194.58.155.0/24 maxlen: 24 194.85.251.0/24 maxlen: 24 194.87.17.0/24 maxlen: 24 194.87.23.0/24 maxlen: 24 194.87.105.0/24 maxlen: 24 194.87.108.0/24 maxlen: 24 194.87.169.0/24 maxlen: 24 194.87.224.0/24 maxlen: 24 194.135.33.0/24 maxlen: 24 195.133.24.0/23 maxlen: 23 195.133.37.0/24 maxlen: 24 195.133.40.0/23 maxlen: 23 195.133.50.0/23 maxlen: 23 195.133.92.0/23 maxlen: 23 212.192.1.0/24 maxlen: 24 212.192.2.0/24 maxlen: 24 212.192.16.0/21 maxlen: 21 212.193.26.0/23 maxlen: 23 2a01:57c0::/29 maxlen: 29 2a0c:ff40::/29 maxlen: 29 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 01:93:af:2f:c1:a9:51:5f:a1:de:37:dd:39:89:83:5a:7b:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Dec 10 06:09:22 2024 GMT Not After : Jul 1 00:00:00 2025 GMT Subject: CN=000cbc3979e954d73e1151d98c09c64cd17135e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:52:27:2e:a4:16:30:33:51:2b:60:33:29:3a: 99:d9:2b:12:4a:b8:a1:6f:82:f1:8e:ac:4a:62:16: b3:68:03:c0:8f:6e:95:d6:df:8f:ee:51:1a:59:48: 2b:08:39:fc:c0:63:df:b5:fc:bf:22:d0:d2:8a:15: a5:cc:64:89:44:0a:7c:01:bb:8e:8b:44:bb:e1:9e: 38:96:b4:d8:1c:ee:d4:e3:49:c7:78:73:7e:4d:5c: 78:b8:3b:9d:ce:0c:31:aa:47:0b:23:5c:cf:08:b9: 3e:62:15:21:6a:ed:55:a4:ae:d8:a9:4f:6d:d8:97: e6:fb:5d:33:7d:43:22:15:5a:38:a5:d4:0c:ea:41: 40:1e:da:a0:19:8f:d9:b3:20:b8:44:5c:92:1f:73: c1:24:ac:45:7d:1a:0f:c5:22:2d:78:9f:26:99:27: 3a:2c:0f:87:15:b1:12:ec:2c:b2:50:ab:a9:09:4e: 43:5d:1f:8d:c0:99:ed:ad:33:fa:45:66:65:d1:38: 66:df:bb:59:9e:8f:07:d4:a1:10:0d:d4:e3:72:85: 77:89:6d:cb:74:82:03:f1:44:7b:90:b7:5b:20:49: 6c:0d:7d:f2:6b:38:90:c3:f2:67:fd:fe:91:97:2b: e7:61:83:54:e0:98:f6:25:e5:55:2b:5f:0f:7d:14: 28:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:0C:BC:39:79:E9:54:D7:3E:11:51:D9:8C:09:C6:4C:D1:71:35:E5 X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/AAy8OXnpVNc-EVHZjAnGTNFxNeU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.124.89.0/24 193.124.224.0/23 194.58.155.0/24 194.85.251.0/24 194.87.17.0/24 194.87.23.0/24 194.87.105.0/24 194.87.108.0/24 194.87.169.0/24 194.87.224.0/24 194.135.33.0/24 195.133.24.0/23 195.133.37.0/24 195.133.40.0/23 195.133.50.0/23 195.133.92.0/23 212.192.1.0-212.192.2.255 212.192.16.0/21 212.193.26.0/23 IPv6: 2a01:57c0::/29 2a0c:ff40::/29 Signature Algorithm: sha256WithRSAEncryption 79:04:7f:c7:44:39:b5:29:ba:88:51:4a:13:0f:05:7d:63:4c: 78:b3:92:4f:25:7d:c8:9e:81:ba:cc:e1:4b:88:62:c5:3e:38: b8:d0:70:f6:38:0e:b3:b8:4b:8f:ef:a8:24:06:83:92:b2:de: fe:b0:51:90:ab:4a:74:e9:f6:6d:fb:1e:eb:2b:01:c7:fb:af: cb:5b:2b:85:89:90:5d:65:d4:6c:23:29:1a:c5:bb:80:20:42: 5b:a0:d8:43:74:84:9d:96:65:79:d5:85:03:30:56:4a:c9:1b: e2:30:39:20:91:2b:c3:4e:11:0d:72:e7:3b:75:17:64:eb:fd: ce:d2:63:23:cc:ed:6c:6d:b1:53:07:f0:98:74:b9:04:1e:81: ca:10:b0:63:63:75:ca:36:d2:f7:8d:13:fa:82:6e:22:ee:81: b6:b7:67:c9:9c:7f:6c:0d:34:cf:c4:36:2e:11:02:46:75:72: b1:8b:0b:36:46:2b:4a:c5:d7:83:d3:3e:9b:0b:da:64:6e:24: 7a:b4:35:c2:be:48:1c:c7:53:d3:f6:b4:d2:1f:e8:e5:ab:48: 16:e7:a4:6a:b7:39:20:eb:fd:c0:f2:14:e6:37:b8:81:c8:61: 4b:c9:f9:81:ce:aa:d4:74:1a:66:1d:2f:fb:bb:a3:44:15:53: e1:73:09:1f -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgISAZOvL8GpUV+h3jfdOYmDWnvpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjQxMjEwMDYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDBjYmMzOTc5ZTk1NGQ3M2UxMTUxZDk4YzA5YzY0Y2QxNzEzNWU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1InLqQWMDNRK2AzKTqZ2SsSSrih b4LxjqxKYhazaAPAj26V1t+P7lEaWUgrCDn8wGPftfy/ItDSihWlzGSJRAp8AbuO i0S74Z44lrTYHO7U40nHeHN+TVx4uDudzgwxqkcLI1zPCLk+YhUhau1VpK7YqU9t 2Jfm+10zfUMiFVo4pdQM6kFAHtqgGY/ZsyC4RFySH3PBJKxFfRoPxSIteJ8mmSc6 LA+HFbES7CyyUKupCU5DXR+NwJntrTP6RWZl0Thm37tZno8H1KEQDdTjcoV3iW3L dIID8UR7kLdbIElsDX3yaziQw/Jn/f6RlyvnYYNU4Jj2JeVVK18PfRQoIwIDAQAB o4IClzCCApMwHQYDVR0OBBYEFAAMvDl56VTXPhFR2YwJxkzRcTXlMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvQUF5OE9YbnBWTmMtRVZIWmpBbkdUTkZ4TmVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAMF8 WQMEAcF84AMEAMI6mwMEAMJV+wMEAMJXEQMEAMJXFwMEAMJXaQMEAMJXbAMEAMJX qQMEAMJX4AMEAMKHIQMEAcOFGAMEAMOFJQMEAcOFKAMEAcOFMgMEAcOFXDAMAwQA 1MABAwQA1MACAwQD1MAQAwQB1MEaMBQEAgACMA4DBQMqAVfAAwUDKgz/QDANBgkq hkiG9w0BAQsFAAOCAQEAeQR/x0Q5tSm6iFFKEw8FfWNMeLOSTyV9yJ6BuszhS4hi xT44uNBw9jgOs7hLj++oJAaDkrLe/rBRkKtKdOn2bfse6ysBx/uvy1srhYmQXWXU bCMpGsW7gCBCW6DYQ3SEnZZledWFAzBWSskb4jA5IJErw04RDXLnO3UXZOv9ztJj I8ztbG2xUwfwmHS5BB6ByhCwY2N1yjbS940T+oJuIu6BtrdnyZx/bA00z8Q2LhEC RnVysYsLNkYrSsXXg9M+mwvaZG4kerQ1wr5IHMdT0/a00h/o5atIFuekarc5IOv9 wPIU5je4gchhS8n5gc6q1HQaZh0v+7ujRBVT4XMJHw== -----END CERTIFICATE-----Generated at Sun Dec 21 01:19:13 2025 by rpki-client