This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ApYRvXayNDvg2KFHzqzLpngsfak.roa File: ApYRvXayNDvg2KFHzqzLpngsfak.roa (raw, json) Hash identifier: Q+3gPvQehxwcYqMDesfQmJU+raCAOUlcW9RgBKqZpto= Subject key identifier: 02:96:11:BD:76:B2:34:3B:E0:D8:A1:47:CE:AC:CB:A6:78:2C:7D:A9 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B0291D5B3CBB56E0A7448E5052DDBA404 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ApYRvXayNDvg2KFHzqzLpngsfak.roa Signing time: Tue 09 Dec 2025 10:04:30 +0000 ROA not before: Tue 09 Dec 2025 10:04:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 5511 IP address blocks: 82.153.148.0/24 maxlen: 24 89.213.63.0/24 maxlen: 24 89.213.157.0/24 maxlen: 24 89.213.227.0/24 maxlen: 24 109.176.242.0/24 maxlen: 24 213.130.137.0/24 maxlen: 24 213.130.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:91:d5:b3:cb:b5:6e:0a:74:48:e5:05:2d:db:a4:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 9 10:04:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=029611bd76b2343be0d8a147ceaccba6782c7da9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:d0:93:98:06:dd:80:5b:1d:33:9d:8b:8d:d4: f5:58:d8:4a:d0:09:5d:68:80:92:75:9b:99:31:cb: 38:75:5a:ce:c9:3c:c1:12:bc:0c:9f:e6:e8:8a:3a: 65:6e:d0:e3:25:c0:de:0b:b4:8f:15:85:49:14:b6: 4c:49:73:0d:49:f6:e3:8c:33:6d:ff:bc:d9:58:5f: ac:2c:dc:28:cb:0e:04:26:0a:e1:19:76:23:15:3c: b4:ae:5c:88:38:a8:3c:b8:ac:7b:b1:a5:19:52:84: 08:f7:9b:09:37:2a:81:56:22:57:c2:47:34:c1:1f: 9d:df:a6:8e:cf:6c:44:62:98:b8:f7:9a:64:69:2e: 72:5a:c4:0d:c5:a4:d6:99:a6:73:95:de:7f:99:72: c0:b1:53:42:6c:b2:30:d5:ce:c9:fb:c3:19:97:43: 23:96:2e:30:32:4f:a6:d5:89:e0:1f:ef:5c:42:f6: e7:f1:bb:cb:d3:0e:2a:c5:f4:97:2d:31:f1:4f:db: e5:93:f4:a4:70:d5:1b:6b:5f:13:86:ad:5c:5a:91: b9:a9:72:bb:07:42:53:96:68:34:de:7a:98:64:9a: 5b:fb:42:e6:1f:1d:bf:91:e5:49:a3:3b:64:13:05: 93:00:49:da:54:96:a1:92:23:e7:41:10:65:17:c3: e6:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:96:11:BD:76:B2:34:3B:E0:D8:A1:47:CE:AC:CB:A6:78:2C:7D:A9 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ApYRvXayNDvg2KFHzqzLpngsfak.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.153.148.0/24 89.213.63.0/24 89.213.157.0/24 89.213.227.0/24 109.176.242.0/24 213.130.137.0/24 213.130.152.0/24 Signature Algorithm: sha256WithRSAEncryption 60:a0:86:d2:75:5b:95:c8:67:81:6a:27:a3:08:39:71:f7:56: 5e:03:b1:a6:db:2b:c6:a2:9b:a9:46:7e:fd:50:95:73:a4:77: 8f:bf:46:e1:ba:b9:25:ac:09:f0:1a:79:e0:b5:57:08:ad:67: 59:d2:ff:b1:32:79:a8:b9:20:98:ac:e8:9b:0e:6e:2a:4e:8c: 2a:56:93:49:dc:02:56:c0:9b:df:65:f6:e6:fc:d3:91:83:66: 1f:10:e2:d8:a9:a3:ac:e8:c8:87:d3:df:92:fa:86:02:01:0d: f7:0e:00:f8:19:66:96:32:07:9f:41:7e:2f:c2:25:aa:83:ae: fb:bd:cf:c3:87:d6:b5:8d:36:87:a3:a9:2e:ba:4a:2c:60:f9: 82:f2:07:8d:b4:ce:6e:46:fc:cb:df:73:47:16:de:82:31:82: 03:23:d5:c1:d7:f4:af:be:d8:c2:8e:ee:59:03:3e:ae:9f:7b: 22:d4:66:77:85:11:c8:dc:48:cb:5f:00:6d:19:b7:54:d2:f2: ed:ce:f5:d4:7b:a5:2c:00:76:89:86:d9:b3:cb:94:4a:11:ba: 9e:32:dd:31:31:c5:4f:f8:2c:f5:a8:45:f5:f0:c8:13:80:42: 09:43:a3:08:c6:b6:ee:23:5f:f2:82:0f:02:49:5e:ea:af:40: 70:ef:f8:8c -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZsCkdWzy7VuCnRI5QUt26QEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjA5MTAwNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMjk2MTFiZDc2YjIzNDNiZTBkOGExNDdjZWFjY2JhNjc4MmM3ZGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktCTmAbdgFsdM52LjdT1WNhK0Ald aICSdZuZMcs4dVrOyTzBErwMn+boijplbtDjJcDeC7SPFYVJFLZMSXMNSfbjjDNt /7zZWF+sLNwoyw4EJgrhGXYjFTy0rlyIOKg8uKx7saUZUoQI95sJNyqBViJXwkc0 wR+d36aOz2xEYpi495pkaS5yWsQNxaTWmaZzld5/mXLAsVNCbLIw1c7J+8MZl0Mj li4wMk+m1YngH+9cQvbn8bvL0w4qxfSXLTHxT9vlk/SkcNUba18Thq1cWpG5qXK7 B0JTlmg03nqYZJpb+0LmHx2/keVJoztkEwWTAEnaVJahkiPnQRBlF8Pm1wIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFAKWEb12sjQ74NihR86sy6Z4LH2pMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvQXBZUnZYYXlORHZnMktGSHpxekxwbmdzZmFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpmUAwQA WdU/AwQAWdWdAwQAWdXjAwQAbbDyAwQA1YKJAwQA1YKYMA0GCSqGSIb3DQEBCwUA A4IBAQBgoIbSdVuVyGeBaiejCDlx91ZeA7Gm2yvGopupRn79UJVzpHePv0bhurkl rAnwGnngtVcIrWdZ0v+xMnmouSCYrOibDm4qTowqVpNJ3AJWwJvfZfbm/NORg2Yf EOLYqaOs6MiH09+S+oYCAQ33DgD4GWaWMgefQX4vwiWqg677vc/Dh9a1jTaHo6ku ukosYPmC8geNtM5uRvzL33NHFt6CMYIDI9XB1/SvvtjCju5ZAz6un3si1GZ3hRHI 3EjLXwBtGbdU0vLtzvXUe6UsAHaJhtmzy5RKEbqeMt0xMcVP+Cz1qEX18MgTgEIJ Q6MIxrbuI1/ygg8CSV7qr0Bw7/iM -----END CERTIFICATE-----Generated at Fri Dec 19 16:48:58 2025 by rpki-client