This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/ssXkSN1jTVCr8Ro7SER-PtVFMpI.roa File: ssXkSN1jTVCr8Ro7SER-PtVFMpI.roa (raw, json) Hash identifier: fywyRNgLXYwi49TfrjREhrwEaF8UFMSa7cIq2r7FZBA= Subject key identifier: B2:C5:E4:48:DD:63:4D:50:AB:F1:1A:3B:48:44:7E:3E:D5:45:32:92 Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa Certificate serial: 019B31BF770FD1086E41E0FF404FD22F05C5 Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/ssXkSN1jTVCr8Ro7SER-PtVFMpI.roa Signing time: Thu 18 Dec 2025 13:56:29 +0000 ROA not before: Thu 18 Dec 2025 13:56:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 8339 IP address blocks: 62.40.128.0/17 maxlen: 24 62.40.128.0/24 maxlen: 24 81.217.0.0/16 maxlen: 24 82.149.96.0/19 maxlen: 24 82.218.0.0/16 maxlen: 24 89.104.0.0/19 maxlen: 24 92.62.16.0/20 maxlen: 24 92.62.30.0/24 maxlen: 24 94.16.32.0/19 maxlen: 24 95.143.224.0/20 maxlen: 24 176.120.160.0/21 maxlen: 21 178.18.160.0/20 maxlen: 24 185.100.96.0/22 maxlen: 24 194.106.224.0/19 maxlen: 24 195.202.128.0/19 maxlen: 24 195.202.128.0/24 maxlen: 24 195.202.138.0/24 maxlen: 24 195.202.160.0/19 maxlen: 24 195.202.160.0/24 maxlen: 24 195.230.160.0/19 maxlen: 24 195.230.160.0/24 maxlen: 24 202.170.80.0/21 maxlen: 24 2a00:1b38::/32 maxlen: 32 2a02:e200::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.mft rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:bf:77:0f:d1:08:6e:41:e0:ff:40:4f:d2:2f:05:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa Validity Not Before: Dec 18 13:56:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b2c5e448dd634d50abf11a3b48447e3ed5453292 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:fb:68:10:95:8d:e7:4e:80:8f:c9:e7:68:8a: a9:1f:22:1c:8c:c8:19:f8:c3:33:49:db:8a:d7:73: ef:32:ab:fe:34:e7:c7:6d:0b:24:67:19:a3:bc:f2: 39:ca:92:47:c0:8e:75:c8:45:e0:a7:f5:60:c1:ba: 43:8e:2b:94:16:0a:4f:1b:e3:11:9d:ea:60:b5:a0: ad:d6:da:81:85:c2:26:b8:db:76:73:5e:7c:57:85: fc:df:a7:34:d1:3b:f5:e0:41:26:e7:84:12:a0:87: 32:79:54:ed:f5:99:b2:e7:15:c8:dd:02:31:6e:bd: 14:c9:4d:0e:87:00:0c:0e:3b:af:51:6d:ad:74:fd: 7d:18:70:e0:c1:2e:60:6b:88:f9:5f:96:c4:3a:a6: 65:e1:a0:dd:a2:43:f5:91:47:c0:7c:42:76:58:1e: ae:b6:29:2b:ef:d4:83:ed:5d:f0:84:13:c8:65:78: cd:9b:33:1f:c4:76:b2:a3:c5:26:95:4c:0b:02:e9: b3:40:80:19:f2:a4:37:64:b4:12:f2:16:33:90:e4: 98:c1:34:3d:2c:46:5b:b6:b2:a5:e4:fb:89:dd:f7: 9d:d5:93:f4:b7:0e:a3:c5:37:89:3f:f2:b3:30:87: ab:49:85:06:4f:25:fc:b0:14:b4:90:e0:97:27:51: 07:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:C5:E4:48:DD:63:4D:50:AB:F1:1A:3B:48:44:7E:3E:D5:45:32:92 X509v3 Authority Key Identifier: keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/ssXkSN1jTVCr8Ro7SER-PtVFMpI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.40.128.0/17 81.217.0.0/16 82.149.96.0/19 82.218.0.0/16 89.104.0.0/19 92.62.16.0/20 94.16.32.0/19 95.143.224.0/20 176.120.160.0/21 178.18.160.0/20 185.100.96.0/22 194.106.224.0/19 195.202.128.0/18 195.230.160.0/19 202.170.80.0/21 IPv6: 2a00:1b38::/32 2a02:e200::/30 Signature Algorithm: sha256WithRSAEncryption 80:6d:96:67:b8:9b:e9:94:4b:51:03:b8:3c:6d:5f:40:b4:c0: 08:86:76:1b:07:be:87:d3:30:32:31:20:53:1f:65:59:0d:c8: b4:f5:48:a8:71:1f:8f:15:84:08:05:b9:78:6a:d7:c7:8f:83: 27:76:ed:e0:39:1e:c4:f8:57:8b:70:7f:82:0a:f6:37:25:ea: 6b:85:5a:77:fb:45:a8:fa:29:3c:7f:d7:0d:bf:a7:a3:c0:5c: 07:f8:45:36:57:3f:03:6a:ae:f8:bf:a6:3e:81:37:af:27:fb: bc:06:51:7e:e5:59:5b:38:52:e8:b9:a7:c6:44:57:c2:62:c7: bf:99:9a:50:ae:c7:61:d6:48:a7:63:cf:0a:5a:84:1a:8c:93: 85:e5:3f:b6:6a:1a:70:29:12:60:93:15:af:13:01:47:4b:28: 72:d3:66:9d:f8:58:ad:99:c5:63:28:10:ca:bc:39:16:d8:55: ae:6f:0d:ff:e0:fd:63:10:af:86:e4:87:c3:19:1e:01:6d:3e: 02:d2:81:a6:29:e2:6d:32:e6:1a:6b:1c:21:19:8f:11:4a:a0: 9e:22:d1:5f:20:8e:1d:38:f7:1d:29:b6:3f:70:16:5a:f3:d9: 1e:fa:83:32:cc:37:6f:2c:25:ac:d1:01:e5:c4:9e:a3:19:da: 6a:08:1d:d2 -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgISAZsxv3cP0QhuQeD/QE/SLwXFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyZjFjODg0MmU3Y2Y4OTFiMjM0ZDNhMWUwZTJlMGVmNzNl ODQyYWEwHhcNMjUxMjE4MTM1NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMmM1ZTQ0OGRkNjM0ZDUwYWJmMTFhM2I0ODQ0N2UzZWQ1NDUzMjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PtoEJWN506Aj8nnaIqpHyIcjMgZ +MMzSduK13PvMqv+NOfHbQskZxmjvPI5ypJHwI51yEXgp/VgwbpDjiuUFgpPG+MR nepgtaCt1tqBhcImuNt2c158V4X836c00Tv14EEm54QSoIcyeVTt9Zmy5xXI3QIx br0UyU0OhwAMDjuvUW2tdP19GHDgwS5ga4j5X5bEOqZl4aDdokP1kUfAfEJ2WB6u tikr79SD7V3whBPIZXjNmzMfxHayo8UmlUwLAumzQIAZ8qQ3ZLQS8hYzkOSYwTQ9 LEZbtrKl5PuJ3fed1ZP0tw6jxTeJP/KzMIerSYUGTyX8sBS0kOCXJ1EHGwIDAQAB o4ICcjCCAm4wHQYDVR0OBBYEFLLF5EjdY01Qq/EaO0hEfj7VRTKSMB8GA1UdIwQY MBaAFNLxyIQufPiRsjTToeDi4O9z6EKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUt YTE5NDQ0ZjdhMzM3LzEvc3NYa1NOMWpUVkNyOFJvN1NFUi1QdFZGTXBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUtYTE5NDQ0ZjdhMzM3 LzEvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWAMEBz4ogAMD AFHZAwQFUpVgAwMAUtoDBAVZaAADBARcPhADBAVeECADBARfj+ADBAOweKADBASy EqADBAK5ZGADBAXCauADBAbDyoADBAXD5qADBAPKqlAwFAQCAAIwDgMFACoAGzgD BQIqAuIAMA0GCSqGSIb3DQEBCwUAA4IBAQCAbZZnuJvplEtRA7g8bV9AtMAIhnYb B76H0zAyMSBTH2VZDci09UiocR+PFYQIBbl4atfHj4Mndu3gOR7E+FeLcH+CCvY3 JeprhVp3+0Wo+ik8f9cNv6ejwFwH+EU2Vz8Daq74v6Y+gTevJ/u8BlF+5VlbOFLo uafGRFfCYse/mZpQrsdh1kinY88KWoQajJOF5T+2ahpwKRJgkxWvEwFHSyhy02ad +FitmcVjKBDKvDkW2FWubw3/4P1jEK+G5IfDGR4BbT4C0oGmKeJtMuYaaxwhGY8R SqCeItFfII4dOPcdKbY/cBZa89ke+oMyzDdvLCWs0QHlxJ6jGdpqCB3S -----END CERTIFICATE-----Generated at Sun Dec 21 23:40:43 2025 by rpki-client