This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SDtl60b97cbYOEbf-lOMpPIPuyg.roa File: SDtl60b97cbYOEbf-lOMpPIPuyg.roa (raw, json) Hash identifier: 72ixRYwDNv5wWkIDIQCEwLqoE3MlakqtZ0TrR5LFdJs= Subject key identifier: 48:3B:65:EB:46:FD:ED:C6:D8:38:46:DF:FA:53:8C:A4:F2:0F:BB:28 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B21A798858D149EBCD7AFE7D6F0A98269 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SDtl60b97cbYOEbf-lOMpPIPuyg.roa Signing time: Mon 15 Dec 2025 10:56:30 +0000 ROA not before: Mon 15 Dec 2025 10:56:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 16276 IP address blocks: 82.152.8.0/24 maxlen: 24 82.152.57.0/24 maxlen: 24 82.152.58.0/24 maxlen: 24 82.152.73.0/24 maxlen: 24 82.152.75.0/24 maxlen: 24 82.152.98.0/24 maxlen: 24 82.152.109.0/24 maxlen: 24 82.152.226.0/24 maxlen: 24 82.152.240.0/24 maxlen: 24 82.152.243.0/24 maxlen: 24 82.153.205.0/24 maxlen: 24 82.153.217.0/24 maxlen: 24 82.163.23.0/24 maxlen: 24 89.213.105.0/24 maxlen: 24 109.176.40.0/21 maxlen: 24 109.176.48.0/21 maxlen: 24 109.176.153.0/24 maxlen: 24 109.176.213.0/24 maxlen: 24 212.38.79.0/24 maxlen: 24 213.130.130.0/24 maxlen: 24 213.130.149.0/24 maxlen: 24 213.130.156.0/24 maxlen: 24 213.210.54.0/24 maxlen: 24 213.218.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:a7:98:85:8d:14:9e:bc:d7:af:e7:d6:f0:a9:82:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 15 10:56:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=483b65eb46fdedc6d83846dffa538ca4f20fbb28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9c:68:1a:db:56:87:ac:6c:29:e8:b4:ab:5e: 24:9f:51:7e:ef:36:b6:69:e5:65:3e:ad:3e:2e:73: f9:dd:db:e9:c2:e6:d4:83:b7:a4:ed:ac:84:70:90: 24:3a:d6:e2:aa:31:93:dd:94:a0:04:4a:0e:a9:00: 4c:f5:b6:b9:87:fb:11:4e:0b:9e:c9:cb:b7:58:26: 9a:34:8e:62:4b:ba:3a:da:40:3a:bc:d0:a9:96:59: 5c:d7:55:7d:c0:e6:83:32:41:76:3e:4b:0e:62:e1: df:ca:fe:3e:01:32:f6:a5:dc:88:ef:87:d8:2e:ef: 41:30:6a:06:cb:16:60:6a:da:f4:e3:9b:53:33:44: 88:cf:f0:d8:aa:9a:8d:36:0a:de:44:69:a3:6d:78: 10:89:0a:c7:13:19:05:84:21:30:c5:9c:2e:06:75: 01:82:c1:7a:b4:70:1c:6a:4c:30:7a:ef:13:c3:70: 81:cf:90:4e:08:cc:17:99:15:4f:e1:96:92:2e:20: 36:0d:47:43:b5:f4:d6:c6:25:77:72:72:11:fc:16: b8:87:db:23:3f:2d:a6:21:fa:59:e1:7b:41:7c:73: 90:e4:53:21:17:69:da:29:57:1b:64:97:a2:38:75: a4:a9:f5:a3:35:41:7b:7e:77:55:5e:98:03:c9:5e: aa:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:3B:65:EB:46:FD:ED:C6:D8:38:46:DF:FA:53:8C:A4:F2:0F:BB:28 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SDtl60b97cbYOEbf-lOMpPIPuyg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.8.0/24 82.152.57.0-82.152.58.255 82.152.73.0/24 82.152.75.0/24 82.152.98.0/24 82.152.109.0/24 82.152.226.0/24 82.152.240.0/24 82.152.243.0/24 82.153.205.0/24 82.153.217.0/24 82.163.23.0/24 89.213.105.0/24 109.176.40.0-109.176.55.255 109.176.153.0/24 109.176.213.0/24 212.38.79.0/24 213.130.130.0/24 213.130.149.0/24 213.130.156.0/24 213.210.54.0/24 213.218.214.0/24 Signature Algorithm: sha256WithRSAEncryption 29:10:74:7b:63:b5:fe:7a:e8:93:d5:56:64:65:4c:56:95:c2: b0:6d:16:36:52:cc:bd:4f:1f:12:48:c0:ea:46:8e:82:f7:ad: 86:af:ca:16:9d:0f:40:15:0e:7d:a7:ef:e3:d4:1d:d3:79:14: 7a:15:87:0a:37:25:ef:50:b6:2a:4e:c6:27:5e:6d:7c:4d:c7: 7f:90:b6:d0:5f:7c:27:6b:98:dd:99:45:7f:31:a6:bc:cb:55: 81:d9:3e:27:8b:1f:ff:91:fc:89:2a:3e:15:48:ee:fc:28:fa: b5:47:83:bd:4d:60:59:bb:3b:e5:03:24:54:38:6c:19:68:51: 2f:a9:aa:79:56:68:cc:f4:7a:e4:c0:a8:6c:79:ad:f8:51:9d: 5e:0d:f1:6a:91:1e:26:7d:a7:4a:97:b2:7f:46:84:67:66:bc: 32:f4:39:d4:86:c4:c8:93:03:01:54:90:00:55:3a:7b:6d:59: 55:31:7d:ff:fd:30:2e:25:36:5a:64:9d:cf:57:42:83:60:83: df:ac:a8:08:3c:5a:eb:b0:46:5d:fa:71:e3:7b:62:85:06:78: 81:95:63:dc:28:a3:d0:72:53:52:f2:b1:7b:32:99:a6:f9:34: 71:6a:ac:98:2d:32:34:b6:dc:d8:a2:2e:9e:0d:93:f1:0d:a3: 1b:53:ae:be -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgISAZshp5iFjRSevNev59bwqYJpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjE1MTA1NjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ODNiNjVlYjQ2ZmRlZGM2ZDgzODQ2ZGZmYTUzOGNhNGYyMGZiYjI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5xoGttWh6xsKei0q14kn1F+7za2 aeVlPq0+LnP53dvpwubUg7ek7ayEcJAkOtbiqjGT3ZSgBEoOqQBM9ba5h/sRTgue ycu3WCaaNI5iS7o62kA6vNCplllc11V9wOaDMkF2PksOYuHfyv4+ATL2pdyI74fY Lu9BMGoGyxZgatr045tTM0SIz/DYqpqNNgreRGmjbXgQiQrHExkFhCEwxZwuBnUB gsF6tHAcakwweu8Tw3CBz5BOCMwXmRVP4ZaSLiA2DUdDtfTWxiV3cnIR/Ba4h9sj Py2mIfpZ4XtBfHOQ5FMhF2naKVcbZJeiOHWkqfWjNUF7fndVXpgDyV6qVQIDAQAB o4ICnDCCApgwHQYDVR0OBBYEFEg7ZetG/e3G2DhG3/pTjKTyD7soMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvU0R0bDYwYjk3Y2JZT0ViZi1sT01wUElQdXlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBABS mAgwDAMEAFKYOQMEAFKYOgMEAFKYSQMEAFKYSwMEAFKYYgMEAFKYbQMEAFKY4gME AFKY8AMEAFKY8wMEAFKZzQMEAFKZ2QMEAFKjFwMEAFnVaTAMAwQDbbAoAwQDbbAw AwQAbbCZAwQAbbDVAwQA1CZPAwQA1YKCAwQA1YKVAwQA1YKcAwQA1dI2AwQA1drW MA0GCSqGSIb3DQEBCwUAA4IBAQApEHR7Y7X+euiT1VZkZUxWlcKwbRY2Usy9Tx8S SMDqRo6C962Gr8oWnQ9AFQ59p+/j1B3TeRR6FYcKNyXvULYqTsYnXm18Tcd/kLbQ X3wna5jdmUV/Maa8y1WB2T4nix//kfyJKj4VSO78KPq1R4O9TWBZuzvlAyRUOGwZ aFEvqap5VmjM9HrkwKhsea34UZ1eDfFqkR4mfadKl7J/RoRnZrwy9DnUhsTIkwMB VJAAVTp7bVlVMX3//TAuJTZaZJ3PV0KDYIPfrKgIPFrrsEZd+nHje2KFBniBlWPc KKPQclNS8rF7Mpmm+TRxaqyYLTI0ttzYoi6eDZPxDaMbU66+ -----END CERTIFICATE-----Generated at Sun Dec 21 07:17:32 2025 by rpki-client