This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YpoFpYXHxFdGAqSX3-fjyViDppc.roa File: YpoFpYXHxFdGAqSX3-fjyViDppc.roa (raw, json) Hash identifier: 07RpZX2i+nSpAybqcaKSXKNtxcZ8rI8dvGkCTJouuCs= Subject key identifier: 62:9A:05:A5:85:C7:C4:57:46:02:A4:97:DF:E7:E3:C9:58:83:A6:97 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B03F6E22F37C5AAB4EB8004AE3C7F549C Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YpoFpYXHxFdGAqSX3-fjyViDppc.roa Signing time: Tue 09 Dec 2025 16:34:29 +0000 ROA not before: Tue 09 Dec 2025 16:34:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 49981 IP address blocks: 45.130.201.0/24 maxlen: 24 185.244.138.0/24 maxlen: 24 212.119.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 15:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:03:f6:e2:2f:37:c5:aa:b4:eb:80:04:ae:3c:7f:54:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Dec 9 16:34:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=629a05a585c7c4574602a497dfe7e3c95883a697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:54:93:76:3d:b6:82:31:b2:1e:6f:6d:f5:5e: f6:48:c8:12:71:ec:9c:61:f8:7f:b1:3c:fb:96:2f: e6:29:46:64:c0:dc:0f:ed:95:60:e9:41:4b:bc:bf: b9:44:c0:18:81:a5:68:1b:49:e5:1d:e2:bb:2b:e9: c7:6b:c0:59:d6:0b:df:d3:c2:a9:5a:6e:c0:f0:0c: 4e:10:9f:2a:7b:91:15:eb:3f:ca:24:ff:de:66:d2: dd:0c:9a:32:76:28:c5:14:0d:42:7c:13:66:ca:53: 36:ac:2a:f3:44:d1:bc:d5:a2:d4:ea:42:01:08:a3: 1d:dd:5a:1b:99:43:55:52:f9:a0:2e:89:00:a0:16: a3:d8:42:17:bb:82:8c:84:64:b5:10:74:3a:13:7a: a2:82:7b:f5:d1:97:d1:b6:39:a5:dc:4f:a4:b7:ea: 98:82:1f:58:7f:75:e2:37:0d:2d:df:3e:1d:f0:74: f3:05:99:ba:ee:6e:0d:48:43:00:ca:16:04:ee:b6: fd:12:4d:2d:6f:be:37:13:2c:93:66:7e:97:89:a0: b7:4d:e8:72:4b:7a:38:3a:6f:46:51:86:69:92:63: 68:70:31:8f:5b:e4:00:6b:f5:3f:b4:61:00:8f:4f: d4:60:48:57:64:a1:10:d4:87:29:aa:4d:7c:b9:47: c9:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:9A:05:A5:85:C7:C4:57:46:02:A4:97:DF:E7:E3:C9:58:83:A6:97 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YpoFpYXHxFdGAqSX3-fjyViDppc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.130.201.0/24 185.244.138.0/24 212.119.35.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:85:c1:a9:5c:9b:92:99:b7:56:f1:4c:88:0d:6e:67:9e:1b: a8:51:f1:34:9c:b0:42:2e:31:f9:7b:03:ec:54:75:15:fa:10: 6e:48:c7:f9:74:d3:29:7f:c9:ea:46:df:b9:40:9e:5a:69:20: cb:58:e9:47:92:6b:82:4b:f5:0d:82:ad:87:b2:ab:ce:4c:ef: 30:8a:88:71:71:60:cf:6e:c6:e0:be:21:e7:d5:05:61:ad:ea: e5:1b:21:ff:fb:38:f9:73:55:b8:be:cb:37:c6:71:f5:45:5c: 15:ee:99:31:51:df:a6:a5:44:fc:d6:4e:59:6a:59:e2:a0:eb: 0a:ec:13:d7:7f:40:52:51:7d:e7:03:df:6f:cf:1d:1e:6f:39: 24:71:f5:66:70:d4:84:89:5d:e2:4d:ce:55:64:9b:3b:a9:db: b1:52:88:13:26:f0:27:1f:a8:51:bb:fd:3b:6d:7d:c6:6d:48: 78:f7:9c:6e:cf:47:dd:1c:94:fa:bd:33:1a:d2:0f:66:8d:b5: 48:7d:20:57:99:b6:80:30:98:a9:d2:58:d8:8e:45:f3:1e:5f: 3c:3d:3b:9b:24:93:da:ea:1f:21:ca:ae:68:92:8f:e5:c2:aa: f0:ad:15:d3:75:09:87:72:2d:e2:8f:7f:4b:94:e4:ca:48:33: 92:93:1f:1f -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZsD9uIvN8WqtOuABK48f1ScMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjUxMjA5MTYzNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MjlhMDVhNTg1YzdjNDU3NDYwMmE0OTdkZmU3ZTNjOTU4ODNhNjk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylSTdj22gjGyHm9t9V72SMgSceyc Yfh/sTz7li/mKUZkwNwP7ZVg6UFLvL+5RMAYgaVoG0nlHeK7K+nHa8BZ1gvf08Kp Wm7A8AxOEJ8qe5EV6z/KJP/eZtLdDJoydijFFA1CfBNmylM2rCrzRNG81aLU6kIB CKMd3VobmUNVUvmgLokAoBaj2EIXu4KMhGS1EHQ6E3qignv10ZfRtjml3E+kt+qY gh9Yf3XiNw0t3z4d8HTzBZm67m4NSEMAyhYE7rb9Ek0tb743EyyTZn6XiaC3Tehy S3o4Om9GUYZpkmNocDGPW+QAa/U/tGEAj0/UYEhXZKEQ1Icpqk18uUfJKwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGKaBaWFx8RXRgKkl9/n48lYg6aXMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvWXBvRnBZWEh4RmRHQXFTWDMtZmp5VmlEcHBjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYLJAwQA ufSKAwQA1HcjMA0GCSqGSIb3DQEBCwUAA4IBAQA8hcGpXJuSmbdW8UyIDW5nnhuo UfE0nLBCLjH5ewPsVHUV+hBuSMf5dNMpf8nqRt+5QJ5aaSDLWOlHkmuCS/UNgq2H sqvOTO8wiohxcWDPbsbgviHn1QVhrerlGyH/+zj5c1W4vss3xnH1RVwV7pkxUd+m pUT81k5ZalnioOsK7BPXf0BSUX3nA99vzx0ebzkkcfVmcNSEiV3iTc5VZJs7qdux UogTJvAnH6hRu/07bX3GbUh495xuz0fdHJT6vTMa0g9mjbVIfSBXmbaAMJip0ljY jkXzHl88PTubJJPa6h8hyq5oko/lwqrwrRXTdQmHci3ij39LlOTKSDOSkx8f -----END CERTIFICATE-----Generated at Fri Dec 19 22:58:09 2025 by rpki-client