This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/Uf3rnLD2FeTDGBhV4auB-GpHM1s.roa File: Uf3rnLD2FeTDGBhV4auB-GpHM1s.roa (raw, json) Hash identifier: ECPU9dL14nC9wQ4VpmYN1TfdrxIkC7KfqX1VDc+N1h4= Subject key identifier: 51:FD:EB:9C:B0:F6:15:E4:C3:18:18:55:E1:AB:81:F8:6A:47:33:5B Certificate issuer: /CN=0c05ca111c0093b56514215be467b515dda56c06 Certificate serial: 019B12BDD5E34D5A11E904DA0DA870F66BB6 Authority key identifier: 0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/Uf3rnLD2FeTDGBhV4auB-GpHM1s.roa Signing time: Fri 12 Dec 2025 13:26:29 +0000 ROA not before: Fri 12 Dec 2025 13:26:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 209824 IP address blocks: 91.221.223.0/24 maxlen: 24 217.113.54.0/23 maxlen: 23 217.113.54.0/24 maxlen: 24 2a13:e700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.mft rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:bd:d5:e3:4d:5a:11:e9:04:da:0d:a8:70:f6:6b:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c05ca111c0093b56514215be467b515dda56c06 Validity Not Before: Dec 12 13:26:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=51fdeb9cb0f615e4c3181855e1ab81f86a47335b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c1:7c:51:e4:f2:13:2e:e3:38:19:aa:c3:ac: c2:2f:98:99:77:ec:8a:57:d0:a2:cb:24:2e:e4:1a: a0:19:38:5a:72:b1:78:bf:53:a5:7e:a6:d7:e0:c1: 5e:ba:f0:23:92:42:78:1a:b4:2c:59:08:50:36:80: 64:36:c5:e9:2d:0e:07:5b:6f:29:0e:d5:cc:a0:31: 5e:c5:12:4d:26:6a:e6:af:61:11:94:8f:ea:d0:24: 55:f0:63:ce:7d:2e:1b:f2:59:58:c2:6f:91:52:a9: 9e:ba:2d:9c:44:d4:52:f2:56:75:ba:ad:00:9e:da: d5:2a:73:40:50:be:62:44:80:04:fc:4d:22:8f:6d: 17:1f:0f:8b:a1:7a:10:c2:c7:51:fe:c8:b4:1d:8a: e9:57:91:d9:9d:39:ee:72:90:cb:0e:75:bb:63:fd: 3a:a0:d1:82:55:e6:65:6d:1e:6d:7a:79:00:b2:0f: 7d:f2:43:70:ba:31:67:61:45:1b:e6:49:73:7e:bc: e7:00:85:99:df:52:7a:85:54:f4:58:62:42:4f:1c: 4e:9c:c0:b9:da:4c:76:36:a4:40:3b:52:7b:7e:d3: c7:ee:99:02:ee:20:3c:09:73:31:83:8d:ff:75:77: 3f:f7:07:34:fa:17:a0:24:d2:a1:db:2d:4e:65:78: 13:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:FD:EB:9C:B0:F6:15:E4:C3:18:18:55:E1:AB:81:F8:6A:47:33:5B X509v3 Authority Key Identifier: keyid:0C:05:CA:11:1C:00:93:B5:65:14:21:5B:E4:67:B5:15:DD:A5:6C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/Uf3rnLD2FeTDGBhV4auB-GpHM1s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0fbf48-5db7-49fe-bf44-6a36705bba6f/1/DAXKERwAk7VlFCFb5Ge1Fd2lbAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.221.223.0/24 217.113.54.0/23 IPv6: 2a13:e700::/48 Signature Algorithm: sha256WithRSAEncryption 80:0d:e5:ba:de:d4:e0:9c:3a:a4:4f:32:e3:b2:99:07:b9:f2: a6:46:b2:48:2d:c4:a7:74:ce:21:82:a3:9e:f6:a8:11:3a:b7: 2f:a1:f2:50:57:4b:71:2c:43:64:e9:eb:34:ea:40:eb:46:76: cc:12:a9:d0:90:cc:3d:ba:85:6e:a3:95:26:ab:04:41:a5:a6: f1:61:6c:ae:70:1f:15:a1:e5:35:c6:93:42:13:c9:cf:e8:e5: 47:29:98:1e:4c:12:72:e8:c0:1f:aa:38:4a:eb:19:a6:a8:d3: 3f:b9:06:46:ce:93:bc:fb:35:e7:0a:74:03:b2:8f:e9:ce:d3: 62:2f:15:3f:4d:e9:e4:80:91:12:45:a7:35:6c:62:ca:cd:72: dc:34:27:7c:bc:ec:7b:20:f5:3c:07:34:87:14:ce:5f:78:3e: 5e:f2:88:76:29:6f:c3:12:11:be:d4:58:18:e7:57:8e:93:0d: e9:ff:1d:3a:87:64:ee:c3:f8:56:43:a4:0d:a9:dc:a1:b6:b3: ce:18:8b:ed:a5:4c:a6:f8:07:14:85:b2:74:12:f9:3a:26:ae: 64:9d:fc:91:4d:4d:94:f6:0c:a7:4d:40:cb:0a:e4:d0:5a:4c: 48:13:15:34:61:01:d9:f5:3e:24:47:a5:8b:7f:4b:2c:cd:98: 6b:96:55:48 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZsSvdXjTVoR6QTaDahw9mu2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjMDVjYTExMWMwMDkzYjU2NTE0MjE1YmU0NjdiNTE1ZGRh NTZjMDYwHhcNMjUxMjEyMTMyNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1MWZkZWI5Y2IwZjYxNWU0YzMxODE4NTVlMWFiODFmODZhNDczMzViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcF8UeTyEy7jOBmqw6zCL5iZd+yK V9CiyyQu5BqgGThacrF4v1OlfqbX4MFeuvAjkkJ4GrQsWQhQNoBkNsXpLQ4HW28p DtXMoDFexRJNJmrmr2ERlI/q0CRV8GPOfS4b8llYwm+RUqmeui2cRNRS8lZ1uq0A ntrVKnNAUL5iRIAE/E0ij20XHw+LoXoQwsdR/si0HYrpV5HZnTnucpDLDnW7Y/06 oNGCVeZlbR5tenkAsg998kNwujFnYUUb5klzfrznAIWZ31J6hVT0WGJCTxxOnMC5 2kx2NqRAO1J7ftPH7pkC7iA8CXMxg43/dXc/9wc0+hegJNKh2y1OZXgTawIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFFH965yw9hXkwxgYVeGrgfhqRzNbMB8GA1UdIwQY MBaAFAwFyhEcAJO1ZRQhW+RntRXdpWwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQt NmEzNjcwNWJiYTZmLzEvVWYzcm5MRDJGZVRER0JoVjRhdUItR3BITTFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wZmJmNDgtNWRiNy00OWZlLWJmNDQtNmEzNjcwNWJiYTZm LzEvREFYS0VSd0FrN1ZsRkNGYjVHZTFGZDJsYkFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW93fAwQB 2XE2MA8EAgACMAkDBwAqE+cAAAAwDQYJKoZIhvcNAQELBQADggEBAIAN5bre1OCc OqRPMuOymQe58qZGskgtxKd0ziGCo572qBE6ty+h8lBXS3EsQ2Tp6zTqQOtGdswS qdCQzD26hW6jlSarBEGlpvFhbK5wHxWh5TXGk0ITyc/o5UcpmB5MEnLowB+qOErr Gaao0z+5BkbOk7z7NecKdAOyj+nO02IvFT9N6eSAkRJFpzVsYsrNctw0J3y87Hsg 9TwHNIcUzl94Pl7yiHYpb8MSEb7UWBjnV46TDen/HTqHZO7D+FZDpA2p3KG2s84Y i+2lTKb4BxSFsnQS+TomrmSd/JFNTZT2DKdNQMsK5NBaTEgTFTRhAdn1PiRHpYt/ SyzNmGuWVUg= -----END CERTIFICATE-----Generated at Sun Dec 21 06:14:20 2025 by rpki-client