This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/S02swQr7SFMh1XkGlgNtdFd8qjU.roa File: S02swQr7SFMh1XkGlgNtdFd8qjU.roa (raw, json) Hash identifier: kmf6fs03LsiKFjFFr7/yypScWdj2E7KkoQrmpe8X1MU= Subject key identifier: 4B:4D:AC:C1:0A:FB:48:53:21:D5:79:06:96:03:6D:74:57:7C:AA:35 Certificate issuer: /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6 Certificate serial: 019B32240B9935A586EA85501F23D232A727 Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/S02swQr7SFMh1XkGlgNtdFd8qjU.roa Signing time: Thu 18 Dec 2025 15:46:21 +0000 ROA not before: Thu 18 Dec 2025 15:46:21 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 42669 IP address blocks: 77.242.176.0/20 maxlen: 24 185.128.76.0/22 maxlen: 24 2a0b:aa80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:24:0b:99:35:a5:86:ea:85:50:1f:23:d2:32:a7:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6 Validity Not Before: Dec 18 15:46:21 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4b4dacc10afb485321d5790696036d74577caa35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:47:1c:ab:c0:c6:39:c3:f7:0d:0d:ee:47:15: 86:39:79:16:a5:af:c3:30:db:3a:cf:b5:4d:28:b3: 0c:90:37:21:49:0d:8a:27:dd:97:01:16:23:f4:a1: b6:6e:70:86:fd:80:0e:f5:eb:e8:01:09:8f:10:4d: 56:7d:b5:b2:5c:18:e3:0e:4c:9f:d4:c0:db:78:56: 51:09:a2:15:8f:8c:91:30:68:9c:41:07:89:83:b6: c6:bf:ad:5e:c1:97:93:72:06:77:b1:02:e2:b2:09: de:59:aa:70:e6:ff:de:a8:1e:f6:fa:8a:f6:ca:92: 4a:bc:8b:3f:07:6d:de:e9:f1:80:f5:a7:a0:27:34: 07:ff:04:3d:9c:b2:d4:92:ab:90:48:20:d1:24:04: 6c:60:6f:cf:66:81:5d:89:2f:b3:fc:6c:cb:cc:11: 44:55:e9:8d:e5:24:ca:fb:df:c0:ab:76:8c:6a:d7: ec:76:10:b3:93:73:12:21:27:af:de:cc:63:09:08: 8e:55:61:e8:4a:d4:09:32:91:bd:b1:da:85:b8:26: 25:05:d8:48:38:c1:a7:eb:43:9d:7b:ab:f2:3f:38: a9:4d:7b:c1:6f:5d:6f:bb:e4:10:f9:0a:89:cb:e1: e1:5f:63:43:9a:86:1e:c8:cf:17:05:ee:5c:ac:83: 93:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:4D:AC:C1:0A:FB:48:53:21:D5:79:06:96:03:6D:74:57:7C:AA:35 X509v3 Authority Key Identifier: keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/S02swQr7SFMh1XkGlgNtdFd8qjU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.242.176.0/20 185.128.76.0/22 IPv6: 2a0b:aa80::/29 Signature Algorithm: sha256WithRSAEncryption 38:4b:5e:5c:00:a2:3e:02:99:07:6f:a4:16:4f:f4:3d:41:5a: e8:93:66:59:50:fd:74:d2:06:b4:46:85:f6:93:0d:cb:28:cf: 50:26:57:e1:1e:e5:09:21:33:f6:04:05:d7:8c:11:cd:e5:2a: 04:26:e3:75:04:3e:63:9c:57:b5:b0:9a:c6:a1:87:3c:5a:d6: 16:e6:23:7e:82:13:10:3f:94:c4:e0:5c:2e:f3:cf:0b:19:76: dc:d7:09:22:4f:d0:e7:8b:22:82:21:de:dd:ee:1b:01:da:3f: 2d:35:c9:8c:fc:82:85:ce:ec:b0:a1:b7:92:bf:22:a8:f9:d3: 1c:64:89:8a:1d:11:df:77:ad:4b:3b:b6:7b:e8:ca:a6:8d:24: 99:d9:c1:d2:82:0c:4d:81:57:f4:fe:41:eb:03:2c:3e:8a:aa: 1c:a2:e7:22:45:e3:df:48:e1:eb:ff:1b:f9:4d:18:58:e3:4b: a2:fa:f5:09:05:7c:e4:33:c1:7e:61:c9:4c:04:2b:52:2a:a9: 5a:9a:76:c1:ad:52:5c:49:82:49:77:ac:dc:6d:c5:8f:cf:44: 66:3f:2e:5d:78:9f:ed:c1:a8:46:97:dd:a3:7c:56:a7:25:57: 5c:54:1c:af:c5:9a:6f:b2:0a:89:ad:49:ee:d1:07:59:75:37: 22:da:d3:06 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZsyJAuZNaWG6oVQHyPSMqcnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwNDY4N2EzZWU2MzIyYjc1N2RlODFlN2Y1M2M1ZDMyZWVi ZTMzYTYwHhcNMjUxMjE4MTU0NjIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YjRkYWNjMTBhZmI0ODUzMjFkNTc5MDY5NjAzNmQ3NDU3N2NhYTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkccq8DGOcP3DQ3uRxWGOXkWpa/D MNs6z7VNKLMMkDchSQ2KJ92XARYj9KG2bnCG/YAO9evoAQmPEE1WfbWyXBjjDkyf 1MDbeFZRCaIVj4yRMGicQQeJg7bGv61ewZeTcgZ3sQLisgneWapw5v/eqB72+or2 ypJKvIs/B23e6fGA9aegJzQH/wQ9nLLUkquQSCDRJARsYG/PZoFdiS+z/GzLzBFE VemN5STK+9/Aq3aMatfsdhCzk3MSISev3sxjCQiOVWHoStQJMpG9sdqFuCYlBdhI OMGn60Ode6vyPzipTXvBb11vu+QQ+QqJy+HhX2NDmoYeyM8XBe5crIOTBQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEtNrMEK+0hTIdV5BpYDbXRXfKo1MB8GA1UdIwQY MBaAFNBGh6PuYyK3V96B5/U8XTLuvjOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYt OTdiZTQyNmEyMzM0LzEvUzAyc3dRcjdTRk1oMVhrR2xnTnRkRmQ4cWpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0 LzEvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfKwAwQC uYBMMA0EAgACMAcDBQMqC6qAMA0GCSqGSIb3DQEBCwUAA4IBAQA4S15cAKI+ApkH b6QWT/Q9QVrok2ZZUP100ga0RoX2kw3LKM9QJlfhHuUJITP2BAXXjBHN5SoEJuN1 BD5jnFe1sJrGoYc8WtYW5iN+ghMQP5TE4Fwu888LGXbc1wkiT9DniyKCId7d7hsB 2j8tNcmM/IKFzuywobeSvyKo+dMcZImKHRHfd61LO7Z76MqmjSSZ2cHSggxNgVf0 /kHrAyw+iqocouciRePfSOHr/xv5TRhY40ui+vUJBXzkM8F+YclMBCtSKqlamnbB rVJcSYJJd6zcbcWPz0RmPy5deJ/twahGl92jfFanJVdcVByvxZpvsgqJrUnu0QdZ dTci2tMG -----END CERTIFICATE-----Generated at Sun Dec 21 12:09:21 2025 by rpki-client