This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/VmO3UXEyesCK7xMSxb16ZIYzF9A.roa File: VmO3UXEyesCK7xMSxb16ZIYzF9A.roa (raw, json) Hash identifier: aPLCPS23hjqSkPvp6cN+PKiJ+R1FoeAcBOZnERoWNo8= Subject key identifier: 56:63:B7:51:71:32:7A:C0:8A:EF:13:12:C5:BD:7A:64:86:33:17:D0 Certificate issuer: /CN=86170339c2bc664d600fa98b8061269d48e4f2c6 Certificate serial: 019B218241E14F763975C486C41C51D6F43C Authority key identifier: 86:17:03:39:C2:BC:66:4D:60:0F:A9:8B:80:61:26:9D:48:E4:F2:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/VmO3UXEyesCK7xMSxb16ZIYzF9A.roa Signing time: Mon 15 Dec 2025 10:15:43 +0000 ROA not before: Mon 15 Dec 2025 10:15:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 50224 IP address blocks: 94.103.125.0/24 maxlen: 24 2a11:3a06::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.mft rsync://rpki.ripe.net/repository/DEFAULT/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:82:41:e1:4f:76:39:75:c4:86:c4:1c:51:d6:f4:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86170339c2bc664d600fa98b8061269d48e4f2c6 Validity Not Before: Dec 15 10:15:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=5663b75171327ac08aef1312c5bd7a64863317d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:74:8e:d8:78:c0:c5:d8:c5:78:91:7e:bb:aa: 86:26:34:24:99:c2:e8:b5:61:8a:a4:02:6d:2f:32: f8:79:25:81:bb:31:04:c2:bc:2e:fe:d4:05:13:cc: f9:41:4b:ed:3f:37:74:50:77:2f:12:63:30:70:9f: 61:e5:8b:6e:dd:14:3c:7b:34:53:c0:67:49:21:42: 59:6f:d8:03:e7:7a:41:97:76:64:60:b8:fa:9c:dd: 68:da:61:4c:2c:de:78:fd:29:d8:fa:48:a4:8b:13: 02:4d:06:a9:dd:23:33:88:66:ef:dd:e0:ad:68:22: 63:db:30:45:2e:3d:c0:3a:1e:86:23:82:99:36:e2: b9:09:ea:c7:4b:c5:46:6f:3b:d0:c4:a2:cb:01:27: 79:fc:63:1a:85:bf:ff:91:98:af:92:e1:bb:96:7e: f7:7f:56:9b:fa:1e:a9:23:ad:ab:b9:78:ec:06:b6: f8:f6:76:e7:19:31:9c:a5:67:be:49:96:86:bf:ca: 72:f1:3f:65:93:8e:50:7b:3b:74:db:fa:c7:7c:79: b7:f4:a4:15:80:ed:4d:fe:0b:b8:e5:e8:e0:16:fc: 0e:21:0b:fe:f7:31:aa:e7:e3:62:be:ac:64:0e:f8: 92:ce:4d:f0:02:50:39:5e:d6:1e:cb:5f:22:d0:bd: d8:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:63:B7:51:71:32:7A:C0:8A:EF:13:12:C5:BD:7A:64:86:33:17:D0 X509v3 Authority Key Identifier: keyid:86:17:03:39:C2:BC:66:4D:60:0F:A9:8B:80:61:26:9D:48:E4:F2:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/VmO3UXEyesCK7xMSxb16ZIYzF9A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/c98aa3-0e0c-4d97-9bc3-74d91cdbe195/1/hhcDOcK8Zk1gD6mLgGEmnUjk8sY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.103.125.0/24 IPv6: 2a11:3a06::/32 Signature Algorithm: sha256WithRSAEncryption 99:b6:61:6b:a3:9a:c5:2f:6d:46:cc:0b:96:9f:f3:7d:1b:5a: b2:7c:51:29:2f:51:6b:3c:07:2d:32:17:18:d9:c2:8f:b1:cb: 86:99:da:bb:73:29:30:2a:1c:fb:24:44:b3:18:6d:40:c7:a6: c9:55:a0:db:d6:8d:76:c3:b5:54:a8:18:aa:18:7c:60:4a:b1: b4:92:22:5e:78:ae:03:92:b7:93:a9:46:06:f3:43:2f:f4:37: 73:4c:36:bb:c2:5e:48:44:34:58:6f:cb:09:1e:ab:ef:5b:7c: 7a:99:40:7d:12:b1:24:1a:66:1d:0f:bb:48:fd:3c:24:e8:ca: f6:b7:64:d9:88:77:24:65:af:79:72:3b:13:4a:74:ee:fc:40: 76:11:ec:63:71:77:84:b5:71:b6:30:85:4c:80:42:01:6b:38: 28:52:59:60:81:9e:83:7d:9d:63:bd:cf:f7:b8:af:49:d5:77: df:7d:99:92:ff:e5:75:17:e8:73:ad:98:b0:e0:19:81:33:e9: bf:ee:65:7d:b6:9a:4e:6d:8c:73:15:dc:a7:41:0d:97:fb:55: 44:44:b9:4e:dc:bf:74:98:de:de:91:50:f1:33:c9:30:50:f7: bd:d6:94:a5:1f:7f:6b:af:66:d4:5d:53:26:d4:ea:ea:a6:93: c0:6a:68:4d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZshgkHhT3Y5dcSGxBxR1vQ8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MTcwMzM5YzJiYzY2NGQ2MDBmYTk4YjgwNjEyNjlkNDhl NGYyYzYwHhcNMjUxMjE1MTAxNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NjYzYjc1MTcxMzI3YWMwOGFlZjEzMTJjNWJkN2E2NDg2MzMxN2QwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3SO2HjAxdjFeJF+u6qGJjQkmcLo tWGKpAJtLzL4eSWBuzEEwrwu/tQFE8z5QUvtPzd0UHcvEmMwcJ9h5Ytu3RQ8ezRT wGdJIUJZb9gD53pBl3ZkYLj6nN1o2mFMLN54/SnY+kikixMCTQap3SMziGbv3eCt aCJj2zBFLj3AOh6GI4KZNuK5CerHS8VGbzvQxKLLASd5/GMahb//kZivkuG7ln73 f1ab+h6pI62ruXjsBrb49nbnGTGcpWe+SZaGv8py8T9lk45Qezt02/rHfHm39KQV gO1N/gu45ejgFvwOIQv+9zGq5+NivqxkDviSzk3wAlA5XtYey18i0L3YaQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFZjt1FxMnrAiu8TEsW9emSGMxfQMB8GA1UdIwQY MBaAFIYXAznCvGZNYA+pi4BhJp1I5PLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGhjRE9jSzhaazFnRDZtTGdHRW1uVWprOHNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9jOThhYTMtMGUwYy00ZDk3LTliYzMt NzRkOTFjZGJlMTk1LzEvVm1PM1VYRXllc0NLN3hNU3hiMTZaSVl6RjlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9jOThhYTMtMGUwYy00ZDk3LTliYzMtNzRkOTFjZGJlMTk1 LzEvaGhjRE9jSzhaazFnRDZtTGdHRW1uVWprOHNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXmd9MA0E AgACMAcDBQAqEToGMA0GCSqGSIb3DQEBCwUAA4IBAQCZtmFro5rFL21GzAuWn/N9 G1qyfFEpL1FrPActMhcY2cKPscuGmdq7cykwKhz7JESzGG1Ax6bJVaDb1o12w7VU qBiqGHxgSrG0kiJeeK4DkreTqUYG80Mv9DdzTDa7wl5IRDRYb8sJHqvvW3x6mUB9 ErEkGmYdD7tI/Twk6Mr2t2TZiHckZa95cjsTSnTu/EB2EexjcXeEtXG2MIVMgEIB azgoUllggZ6DfZ1jvc/3uK9J1XfffZmS/+V1F+hzrZiw4BmBM+m/7mV9tppObYxz FdynQQ2X+1VERLlO3L90mN7ekVDxM8kwUPe91pSlH39rr2bUXVMm1OrqppPAamhN -----END CERTIFICATE-----Generated at Sat Dec 20 15:55:34 2025 by rpki-client