This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/WDmj-H3ycITrY6iNS1LuX9KJJJQ.roa File: WDmj-H3ycITrY6iNS1LuX9KJJJQ.roa (raw, json) Hash identifier: um3YW2A0VPS4/OiZB93uXLNfjQpFL8frWz28jHTI43I= Subject key identifier: 58:39:A3:F8:7D:F2:70:84:EB:63:A8:8D:4B:52:EE:5F:D2:89:24:94 Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981 Certificate serial: 019B1EDE6383CC0C7F24CBAE51BE3E8919EB Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/WDmj-H3ycITrY6iNS1LuX9KJJJQ.roa Signing time: Sun 14 Dec 2025 21:57:29 +0000 ROA not before: Sun 14 Dec 2025 21:57:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 31480 IP address blocks: 91.196.32.0/22 maxlen: 22 185.59.136.0/24 maxlen: 24 193.151.108.0/22 maxlen: 22 193.151.108.0/24 maxlen: 24 193.151.109.0/24 maxlen: 24 193.151.110.0/24 maxlen: 24 2a0c:1d80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.mft rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1e:de:63:83:cc:0c:7f:24:cb:ae:51:be:3e:89:19:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981 Validity Not Before: Dec 14 21:57:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5839a3f87df27084eb63a88d4b52ee5fd2892494 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:87:66:dc:4f:27:83:06:40:8d:ae:de:b0:ed: dd:41:62:76:60:b9:07:21:b9:c6:ad:61:16:08:e1: 30:ba:68:40:51:84:af:9b:07:36:a8:ab:cd:5d:01: 54:29:25:df:31:4b:48:49:eb:e4:da:a5:c1:ca:1e: 3d:c1:dd:23:c1:e1:fb:1b:48:7b:91:bb:ff:eb:95: 42:4a:49:82:f3:92:f9:62:8f:ee:0a:01:7f:2d:c8: 87:47:0b:bf:7e:95:e0:ab:b8:e8:d0:c6:31:8f:5d: 2c:d0:86:c0:09:39:0d:26:5c:57:fe:52:84:ca:c1: 45:e0:4c:b6:7e:c3:b8:27:12:f8:77:cc:6f:11:83: 91:5f:e6:1a:70:01:98:ad:da:cb:3a:e8:d3:cf:96: 66:a5:61:2a:e7:a8:70:15:f0:ad:c0:52:fe:bd:1f: db:1a:37:5c:3a:c4:02:7b:7a:d2:e4:df:a0:b6:84: b5:64:33:a8:a6:f6:5b:b3:66:41:a9:84:7d:34:95: 24:94:62:4e:19:8a:d9:5f:41:1e:9d:1d:8f:ca:b0: c3:13:92:11:53:7e:f9:3b:12:da:a7:8f:0d:f5:d2: 69:cb:27:11:81:d3:a3:66:b7:74:a1:56:d6:ae:92: 6f:84:c2:cc:c1:a3:a0:b0:82:7b:3b:7d:9e:4b:1a: 90:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:39:A3:F8:7D:F2:70:84:EB:63:A8:8D:4B:52:EE:5F:D2:89:24:94 X509v3 Authority Key Identifier: keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/WDmj-H3ycITrY6iNS1LuX9KJJJQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.196.32.0/22 185.59.136.0/24 193.151.108.0/22 IPv6: 2a0c:1d80::/29 Signature Algorithm: sha256WithRSAEncryption 22:56:5d:3b:3d:0f:81:9f:15:63:ed:af:0c:4b:59:20:8c:b5: 27:c7:cb:5a:4f:09:58:ed:b3:04:81:20:2a:30:cb:3d:83:1d: f7:f3:34:fd:c6:e8:d8:19:50:ee:cd:a8:fd:23:ac:e2:fc:42: 67:40:1d:7e:72:f0:d9:cd:ad:76:7e:2b:e1:4e:73:13:23:75: ef:7a:5c:cf:c9:53:a7:03:68:f6:a3:4a:82:69:c9:43:bf:c3: 01:2d:14:2d:cc:4a:1b:58:22:af:ee:09:e0:7e:c0:25:e1:ef: fa:f2:70:58:f4:3b:fe:fb:ec:d4:83:ac:1a:c6:b8:44:1e:50: 4b:a2:da:0c:9d:33:b2:30:ca:73:fd:b4:51:ce:97:43:fc:79: ec:1a:95:d3:64:84:ee:aa:08:0c:bf:6b:3e:74:6d:8e:66:19: 2c:90:50:06:b0:09:64:24:e8:75:87:a7:1c:a5:6f:31:a2:06: d5:ee:fe:bc:56:d3:5d:4e:d6:c0:10:8d:79:dd:88:ba:34:90: 7d:c7:68:a8:2a:54:b4:30:3d:e5:ba:e2:c6:67:b2:bc:16:d2: 26:d0:11:33:d7:86:a1:60:85:c9:c1:fd:0c:bb:10:61:82:e9: 4d:0a:79:85:ab:1e:8d:31:28:ea:b0:97:0a:c8:8f:24:1b:60: bb:c8:7f:95 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZse3mODzAx/JMuuUb4+iRnrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw NGE5ODEwHhcNMjUxMjE0MjE1NzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ODM5YTNmODdkZjI3MDg0ZWI2M2E4OGQ0YjUyZWU1ZmQyODkyNDk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxodm3E8ngwZAja7esO3dQWJ2YLkH IbnGrWEWCOEwumhAUYSvmwc2qKvNXQFUKSXfMUtISevk2qXByh49wd0jweH7G0h7 kbv/65VCSkmC85L5Yo/uCgF/LciHRwu/fpXgq7jo0MYxj10s0IbACTkNJlxX/lKE ysFF4Ey2fsO4JxL4d8xvEYORX+YacAGYrdrLOujTz5ZmpWEq56hwFfCtwFL+vR/b GjdcOsQCe3rS5N+gtoS1ZDOopvZbs2ZBqYR9NJUklGJOGYrZX0EenR2PyrDDE5IR U375OxLap48N9dJpyycRgdOjZrd0oVbWrpJvhMLMwaOgsIJ7O32eSxqQ8QIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFFg5o/h98nCE62OojUtS7l/SiSSUMB8GA1UdIwQY MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt ODM2YzMxMmFjOGMyLzEvV0Rtai1IM3ljSVRyWTZpTlMxTHVYOUtKSkpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQAiVl07 PQ+BnxVj7a8MS1kgjLUnx8taTwlY7bMEgSAqMMs9gx338zT9xujYGVDuzaj9I6zi /EJnQB1+cvDZza12fivhTnMTI3XvelzPyVOnA2j2o0qCaclDv8MBLRQtzEobWCKv 7gngfsAl4e/68nBY9Dv+++zUg6waxrhEHlBLotoMnTOyMMpz/bRRzpdD/HnsGpXT ZITuqggMv2s+dG2OZhkskFAGsAlkJOh1h6ccpW8xogbV7v68VtNdTtbAEI153Yi6 NJB9x2ioKlS0MD3luuLGZ7K8FtIm0BEz14ahYIXJwf0MuxBhgulNCnmFqx6NMSjq sJcKyI8kG2C7yH+V -----END CERTIFICATE-----Generated at Sat Dec 20 10:30:35 2025 by rpki-client