This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M7pCsmn3p3GJk9INjbJFvzWbe6k.roa File: M7pCsmn3p3GJk9INjbJFvzWbe6k.roa (raw, json) Hash identifier: vbyk6+pAjQLP8BIBW6Jynh7/b1LNcth6plSd4TIX8f8= Subject key identifier: 33:BA:42:B2:69:F7:A7:71:89:93:D2:0D:8D:B2:45:BF:35:9B:7B:A9 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B0291DCA06BE675018BBEDD57E563E442 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M7pCsmn3p3GJk9INjbJFvzWbe6k.roa Signing time: Tue 09 Dec 2025 10:04:32 +0000 ROA not before: Tue 09 Dec 2025 10:04:32 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215727 IP address blocks: 82.153.148.0/24 maxlen: 24 89.213.63.0/24 maxlen: 24 89.213.157.0/24 maxlen: 24 89.213.227.0/24 maxlen: 24 109.176.242.0/24 maxlen: 24 213.130.137.0/24 maxlen: 24 213.130.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:91:dc:a0:6b:e6:75:01:8b:be:dd:57:e5:63:e4:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 9 10:04:32 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=33ba42b269f7a7718993d20d8db245bf359b7ba9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:a3:3d:fc:49:83:f3:c2:29:b2:7e:4f:a4:1a: 94:26:4e:97:81:39:f2:d6:8c:29:53:63:ff:39:6a: 3e:f0:15:e1:8b:03:4c:59:b0:11:29:b1:69:38:72: 3e:2f:d6:9b:38:25:30:ce:d0:7f:d1:66:21:64:63: 32:0c:65:52:66:66:93:04:e7:b2:85:53:e8:ab:21: 5b:eb:ce:a9:1e:86:32:9c:8a:e0:c9:31:0f:36:72: ec:b5:92:7b:71:89:9b:4f:f5:27:48:54:45:b3:32: 4a:eb:51:2f:7f:09:1a:b1:6e:a0:9b:81:4e:8d:87: 19:80:48:2c:a9:1a:fc:b3:7a:cc:d5:1a:d5:33:fa: ae:01:6e:3b:c6:c7:da:98:b5:ce:57:0d:d9:fe:56: c4:4e:c0:30:e0:7d:cc:be:4a:4b:5a:fc:aa:4e:41: c0:2f:26:f9:e4:f9:dd:b0:40:18:45:1a:77:24:04: 42:cb:22:41:7b:9d:a3:b8:b0:9a:42:3e:d8:f1:b0: 66:37:44:65:41:b6:30:66:6a:83:0b:3f:27:01:16: 33:90:4b:f2:9e:b8:f1:0d:5a:c8:e8:95:ed:87:79: 6c:1f:5e:93:3a:9f:c6:a1:41:9a:36:33:ab:ac:d9: a9:97:a0:de:e1:6e:18:80:88:8a:25:9e:ac:34:d9: 9a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:BA:42:B2:69:F7:A7:71:89:93:D2:0D:8D:B2:45:BF:35:9B:7B:A9 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M7pCsmn3p3GJk9INjbJFvzWbe6k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.153.148.0/24 89.213.63.0/24 89.213.157.0/24 89.213.227.0/24 109.176.242.0/24 213.130.137.0/24 213.130.152.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:af:94:54:62:46:d8:5e:b0:d6:8f:7a:08:52:1d:78:b2:0a: de:37:07:f2:37:28:6e:6f:7b:e4:7c:95:69:88:d5:78:e0:35: f0:48:80:f3:ea:79:78:ea:82:08:5f:6c:4e:db:03:04:d5:f5: f4:ad:d7:d3:17:23:5c:d0:fd:93:94:c7:ec:6c:13:89:55:8d: 97:57:8a:60:2a:e8:cc:79:9d:a9:74:1a:2f:c4:2d:c2:5c:d1: 1e:f2:c7:12:3f:fc:23:0b:fa:92:4b:16:87:19:cb:d1:de:a1: d3:23:a7:a8:63:53:04:0c:49:c3:e5:49:73:a5:c4:44:15:1f: 85:41:f9:fb:0f:6c:a9:cd:e5:1a:fa:7e:81:55:60:cd:10:82: ca:84:01:47:6c:a3:01:df:e9:f4:69:2c:ea:09:ca:5d:9b:9f: fe:bd:8f:08:0b:df:ac:16:f9:3b:38:75:d8:e8:32:2a:c1:27: a8:15:36:f5:f4:be:4f:3d:a6:50:0e:6d:26:2d:af:aa:c3:2e: 1a:21:03:1c:ec:68:14:d8:22:30:17:c9:94:42:b6:59:ab:09: 86:d3:87:14:ea:9b:ff:43:43:84:c9:d7:c2:cf:ee:1b:29:ff: 83:a8:b4:a3:a2:b4:fd:a2:c7:4a:0a:8d:2f:5c:f4:63:2f:17: 12:58:de:6b -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgISAZsCkdyga+Z1AYu+3VflY+RCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjA5MTAwNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzM2JhNDJiMjY5ZjdhNzcxODk5M2QyMGQ4ZGIyNDViZjM1OWI3YmE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaM9/EmD88Ipsn5PpBqUJk6XgTny 1owpU2P/OWo+8BXhiwNMWbARKbFpOHI+L9abOCUwztB/0WYhZGMyDGVSZmaTBOey hVPoqyFb686pHoYynIrgyTEPNnLstZJ7cYmbT/UnSFRFszJK61EvfwkasW6gm4FO jYcZgEgsqRr8s3rM1RrVM/quAW47xsfamLXOVw3Z/lbETsAw4H3MvkpLWvyqTkHA Lyb55PndsEAYRRp3JARCyyJBe52juLCaQj7Y8bBmN0RlQbYwZmqDCz8nARYzkEvy nrjxDVrI6JXth3lsH16TOp/GoUGaNjOrrNmpl6De4W4YgIiKJZ6sNNmaeQIDAQAB o4ICLTCCAikwHQYDVR0OBBYEFDO6QrJp96dxiZPSDY2yRb81m3upMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvTTdwQ3NtbjNwM0dKazlJTmpiSkZ2eldiZTZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUpmUAwQA WdU/AwQAWdWdAwQAWdXjAwQAbbDyAwQA1YKJAwQA1YKYMA0GCSqGSIb3DQEBCwUA A4IBAQAur5RUYkbYXrDWj3oIUh14sgreNwfyNyhub3vkfJVpiNV44DXwSIDz6nl4 6oIIX2xO2wME1fX0rdfTFyNc0P2TlMfsbBOJVY2XV4pgKujMeZ2pdBovxC3CXNEe 8scSP/wjC/qSSxaHGcvR3qHTI6eoY1MEDEnD5UlzpcREFR+FQfn7D2ypzeUa+n6B VWDNEILKhAFHbKMB3+n0aSzqCcpdm5/+vY8IC9+sFvk7OHXY6DIqwSeoFTb19L5P PaZQDm0mLa+qwy4aIQMc7GgU2CIwF8mUQrZZqwmG04cU6pv/Q0OEydfCz+4bKf+D qLSjorT9osdKCo0vXPRjLxcSWN5r -----END CERTIFICATE-----Generated at Fri Dec 19 12:46:30 2025 by rpki-client