This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/XhfjkU9H43kof2M4wKfSEqEcyOU.roa File: XhfjkU9H43kof2M4wKfSEqEcyOU.roa (raw, json) Hash identifier: eZAN/IrnfZUxiKE3atNAS0YoAlIU2q4UAjYkYHhgMvc= Subject key identifier: 5E:17:E3:91:4F:47:E3:79:28:7F:63:38:C0:A7:D2:12:A1:1C:C8:E5 Certificate issuer: /CN=a34e6017e1fe0393278c2859f43043b31ee6c89a Certificate serial: 019B36133F55B7F2B25329A886E9232596D0 Authority key identifier: A3:4E:60:17:E1:FE:03:93:27:8C:28:59:F4:30:43:B3:1E:E6:C8:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o05gF-H-A5MnjChZ9DBDsx7myJo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/XhfjkU9H43kof2M4wKfSEqEcyOU.roa Signing time: Fri 19 Dec 2025 10:06:29 +0000 ROA not before: Fri 19 Dec 2025 10:06:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 202757 IP address blocks: 46.247.132.0/24 maxlen: 24 46.247.133.0/24 maxlen: 24 46.247.134.0/24 maxlen: 24 46.247.135.0/24 maxlen: 24 89.127.236.0/24 maxlen: 24 89.127.238.0/24 maxlen: 24 185.88.196.0/24 maxlen: 24 185.88.197.0/24 maxlen: 24 185.88.198.0/24 maxlen: 24 185.88.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/o05gF-H-A5MnjChZ9DBDsx7myJo.crl rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/o05gF-H-A5MnjChZ9DBDsx7myJo.mft rsync://rpki.ripe.net/repository/DEFAULT/o05gF-H-A5MnjChZ9DBDsx7myJo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 22:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:13:3f:55:b7:f2:b2:53:29:a8:86:e9:23:25:96:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a34e6017e1fe0393278c2859f43043b31ee6c89a Validity Not Before: Dec 19 10:06:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5e17e3914f47e379287f6338c0a7d212a11cc8e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:00:c2:cd:ff:ba:c4:cf:ba:16:52:e0:1a:7e: 4e:e2:5d:cd:77:cd:ce:61:f7:dd:4c:aa:cb:77:b0: c6:ef:92:fb:d0:13:fd:86:36:6c:0d:70:06:39:75: 5e:7c:23:10:f4:73:e8:f5:5a:50:59:5a:c4:48:41: 88:39:8c:96:c2:c9:32:1e:28:d4:08:c7:27:7b:84: e4:18:76:bd:48:cf:51:28:3a:e8:11:d5:3a:b2:d9: e1:57:1d:c2:4e:9f:d1:cb:03:ec:34:20:f3:d4:3d: 64:20:25:85:c2:81:30:33:bf:b0:8e:41:d7:cf:5b: fc:ce:74:d8:23:45:ab:8e:d4:a5:cc:3a:37:bc:6e: fa:3b:f4:cb:5b:55:e7:e7:f6:5e:21:e4:4d:1a:7c: 36:4f:dc:d3:7b:fa:8c:6f:d4:ca:eb:d1:b1:6a:a4: b1:2a:ee:96:a8:2e:57:58:ec:e2:18:9d:4d:65:13: 0d:c6:5f:0e:93:59:c4:5c:90:f5:31:91:4e:69:0d: 51:17:f0:b1:41:62:1a:8f:c6:0f:10:44:43:f4:64: e0:7b:47:c6:1b:06:71:d9:88:9f:68:5d:34:0f:56: 3c:bc:c1:cc:5c:c7:1f:83:e6:37:0f:af:c6:5a:5f: bf:ee:df:f8:d8:84:28:b8:de:11:50:50:e8:f6:43: bc:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:17:E3:91:4F:47:E3:79:28:7F:63:38:C0:A7:D2:12:A1:1C:C8:E5 X509v3 Authority Key Identifier: keyid:A3:4E:60:17:E1:FE:03:93:27:8C:28:59:F4:30:43:B3:1E:E6:C8:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o05gF-H-A5MnjChZ9DBDsx7myJo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/XhfjkU9H43kof2M4wKfSEqEcyOU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/6d625c-7e60-4523-9491-d112299ff695/1/o05gF-H-A5MnjChZ9DBDsx7myJo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.247.132.0/22 89.127.236.0/24 89.127.238.0/24 185.88.196.0/22 Signature Algorithm: sha256WithRSAEncryption 44:c6:1a:e5:b7:e8:e0:19:ca:25:d6:16:30:c3:02:45:11:40: 0c:62:01:b9:22:bc:c7:18:58:66:90:92:04:4a:54:1d:22:44: d4:6d:73:f1:14:ab:e3:d9:ce:64:4c:0b:a0:87:f7:1c:46:58: f0:38:7f:eb:a8:e2:cf:a1:6a:8f:92:63:21:c9:9e:df:f7:90: 29:73:0e:c6:3d:4e:e9:24:ca:62:87:de:49:27:7e:9d:06:d7: 6c:f3:d9:10:82:fa:59:d8:6e:86:36:1c:a0:20:40:96:31:a7: 13:f9:82:54:ba:ff:38:3a:ed:a8:f6:90:0a:37:fc:db:fa:25: ef:0c:0f:b5:25:ec:b0:46:8d:02:d8:62:f0:5d:7d:47:05:01: 7d:b9:5f:90:6d:b7:16:4b:45:75:28:90:1b:85:ef:6a:e4:60: a1:77:70:29:2a:d6:32:30:3e:ce:77:f8:63:66:20:01:6b:41: 09:96:25:cc:cc:9a:41:77:03:ee:be:28:c1:0d:57:81:cd:79: be:fa:3f:5a:d1:0d:65:a0:4f:d5:ea:92:fe:4e:45:3a:d0:b6: 95:e3:62:a9:52:ec:dd:0e:e6:e7:87:c7:a7:4f:0f:57:2d:69: 09:04:bd:87:03:ad:4b:46:8d:4e:b3:e6:58:fc:5a:7e:3f:1f: 51:9d:21:58 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZs2Ez9Vt/KyUymohukjJZbQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzNGU2MDE3ZTFmZTAzOTMyNzhjMjg1OWY0MzA0M2IzMWVl NmM4OWEwHhcNMjUxMjE5MTAwNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTE3ZTM5MTRmNDdlMzc5Mjg3ZjYzMzhjMGE3ZDIxMmExMWNjOGU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwDCzf+6xM+6FlLgGn5O4l3Nd83O YffdTKrLd7DG75L70BP9hjZsDXAGOXVefCMQ9HPo9VpQWVrESEGIOYyWwskyHijU CMcne4TkGHa9SM9RKDroEdU6stnhVx3CTp/RywPsNCDz1D1kICWFwoEwM7+wjkHX z1v8znTYI0WrjtSlzDo3vG76O/TLW1Xn5/ZeIeRNGnw2T9zTe/qMb9TK69GxaqSx Ku6WqC5XWOziGJ1NZRMNxl8Ok1nEXJD1MZFOaQ1RF/CxQWIaj8YPEERD9GTge0fG GwZx2YifaF00D1Y8vMHMXMcfg+Y3D6/GWl+/7t/42IQouN4RUFDo9kO8ewIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFF4X45FPR+N5KH9jOMCn0hKhHMjlMB8GA1UdIwQY MBaAFKNOYBfh/gOTJ4woWfQwQ7Me5siaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbzA1Z0YtSC1BNU1uakNoWjlEQkRzeDdteUpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82ZDYyNWMtN2U2MC00NTIzLTk0OTEt ZDExMjI5OWZmNjk1LzEvWGhmamtVOUg0M2tvZjJNNHdLZlNFcUVjeU9VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC82ZDYyNWMtN2U2MC00NTIzLTk0OTEtZDExMjI5OWZmNjk1 LzEvbzA1Z0YtSC1BNU1uakNoWjlEQkRzeDdteUpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLveEAwQA WX/sAwQAWX/uAwQCuVjEMA0GCSqGSIb3DQEBCwUAA4IBAQBExhrlt+jgGcol1hYw wwJFEUAMYgG5IrzHGFhmkJIESlQdIkTUbXPxFKvj2c5kTAugh/ccRljwOH/rqOLP oWqPkmMhyZ7f95Apcw7GPU7pJMpih95JJ36dBtds89kQgvpZ2G6GNhygIECWMacT +YJUuv84Ou2o9pAKN/zb+iXvDA+1JeywRo0C2GLwXX1HBQF9uV+QbbcWS0V1KJAb he9q5GChd3ApKtYyMD7Od/hjZiABa0EJliXMzJpBdwPuvijBDVeBzXm++j9a0Q1l oE/V6pL+TkU60LaV42KpUuzdDubnh8enTw9XLWkJBL2HA61LRo1Os+ZY/Fp+Px9R nSFY -----END CERTIFICATE-----Generated at Sun Dec 21 06:14:14 2025 by rpki-client