This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/IeiCDVePhxHEq5aHqduCoYRncLM.roa File: IeiCDVePhxHEq5aHqduCoYRncLM.roa (raw, json) Hash identifier: 0vQL+IVJ7CeAzoMZqWscwH7rkD1596Lu7zyfecDusY4= Subject key identifier: 21:E8:82:0D:57:8F:87:11:C4:AB:96:87:A9:DB:82:A1:84:67:70:B3 Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc Certificate serial: 019B8D1E15D41035269F6A9631E5A2E71C19 Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/IeiCDVePhxHEq5aHqduCoYRncLM.roa Signing time: Mon 05 Jan 2026 07:45:17 +0000 ROA not before: Mon 05 Jan 2026 07:45:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214025 IP address blocks: 185.220.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 19:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8d:1e:15:d4:10:35:26:9f:6a:96:31:e5:a2:e7:1c:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc Validity Not Before: Jan 5 07:45:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21e8820d578f8711c4ab9687a9db82a1846770b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:b8:60:f5:b0:5c:df:a2:e7:97:4e:61:ba:6e: d2:57:72:b1:4c:cc:8c:cd:f7:77:a4:0c:e2:8a:ad: 63:c2:0d:fb:d8:cf:f5:15:b8:45:8e:b7:8f:84:93: 89:2f:6e:43:49:31:5a:ca:46:36:a1:11:17:12:3c: 36:95:97:93:21:46:63:48:dd:bd:a1:ae:f4:b1:4d: af:fc:26:d7:fb:0a:3b:7d:48:c9:d0:67:17:01:5b: cd:c0:70:4d:14:82:fc:31:3d:83:bd:95:c4:9b:8a: f8:3d:e5:3a:4f:6d:2e:a3:69:70:2b:70:1a:11:b1: 8e:e5:c9:7c:99:1d:4c:15:aa:15:df:c7:b3:ad:82: 3c:50:c5:3c:2d:5c:60:cd:04:86:39:b9:2a:a9:6f: 0b:26:c9:f5:7d:b5:7f:66:7b:03:46:17:7c:a5:5a: 1a:b1:05:95:8f:04:4f:04:d8:12:3e:a7:dc:e7:c8: ed:11:a7:d0:61:69:9e:4a:74:cc:1a:6f:7c:f0:b3: 47:c1:7c:07:59:01:ff:7d:77:a7:03:35:5f:63:b3: d0:42:bb:4a:31:44:18:e9:56:7a:60:b6:ec:f3:0a: 89:ac:cd:9d:b7:e2:b7:4f:37:8d:44:b7:1b:77:ea: 87:1f:f3:5c:4d:ea:c0:b6:a2:5d:d0:4c:d1:ba:a7: 8d:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:E8:82:0D:57:8F:87:11:C4:AB:96:87:A9:DB:82:A1:84:67:70:B3 X509v3 Authority Key Identifier: keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/IeiCDVePhxHEq5aHqduCoYRncLM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.220.197.0/24 Signature Algorithm: sha256WithRSAEncryption 68:a5:96:bb:8a:ed:d3:9b:ea:24:43:ac:c1:e0:68:ea:7b:29: ea:39:30:a0:95:34:38:c8:80:9a:da:b0:8f:ea:8b:99:ba:03: ad:dd:d0:ab:c5:da:e8:7e:24:89:0e:f5:4e:07:7a:0d:5c:36: 8c:42:b3:8e:0a:b7:db:58:1f:cd:ce:24:7c:68:df:8f:da:ea: 01:8e:f2:ec:f5:73:c9:88:15:63:60:90:12:3a:42:d6:18:1c: f1:e0:b2:dc:6b:bd:41:7c:21:46:8b:39:56:36:ca:b6:40:8d: f4:29:9f:29:cb:93:44:8f:9f:cf:38:73:81:4d:3b:3c:7a:f1: 5c:4e:5a:98:41:9e:9f:da:02:cd:b1:f7:6a:88:ce:88:9a:07: 6e:ed:8b:b0:79:55:62:1c:61:59:a5:85:58:ae:73:9c:f5:36: 02:39:19:52:04:35:56:83:68:fd:fc:d5:b8:10:79:95:55:53: 7c:80:a8:e9:2d:9c:3d:c4:7f:2e:9b:fb:b3:2f:a3:b0:f5:11: f1:28:94:87:74:4f:f8:d7:88:e3:41:81:79:8e:0e:bf:32:ae: 31:b3:fc:d7:81:1e:00:91:e7:16:f3:8b:af:dd:d3:e8:f1:69: 34:b1:c4:5e:d7:c4:4d:3b:00:f2:97:df:30:6e:41:bf:45:83: b1:6b:52:64 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuNHhXUEDUmn2qWMeWi5xwZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4 ZjY2Y2MwHhcNMjYwMTA1MDc0NTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWU4ODIwZDU3OGY4NzExYzRhYjk2ODdhOWRiODJhMTg0Njc3MGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLhg9bBc36Lnl05hum7SV3KxTMyM zfd3pAziiq1jwg372M/1FbhFjrePhJOJL25DSTFaykY2oREXEjw2lZeTIUZjSN29 oa70sU2v/CbX+wo7fUjJ0GcXAVvNwHBNFIL8MT2DvZXEm4r4PeU6T20uo2lwK3Aa EbGO5cl8mR1MFaoV38ezrYI8UMU8LVxgzQSGObkqqW8LJsn1fbV/ZnsDRhd8pVoa sQWVjwRPBNgSPqfc58jtEafQYWmeSnTMGm988LNHwXwHWQH/fXenAzVfY7PQQrtK MUQY6VZ6YLbs8wqJrM2dt+K3TzeNRLcbd+qHH/NcTerAtqJd0EzRuqeNuwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCHogg1Xj4cRxKuWh6nbgqGEZ3CzMB8GA1UdIwQY MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt YTFiOTZiOWI3MGY4LzEvSWVpQ0RWZVBoeEhFcTVhSHFkdUNvWVJuY0xNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4 LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudzFMA0G CSqGSIb3DQEBCwUAA4IBAQBopZa7iu3Tm+okQ6zB4GjqeynqOTCglTQ4yICa2rCP 6ouZugOt3dCrxdrofiSJDvVOB3oNXDaMQrOOCrfbWB/NziR8aN+P2uoBjvLs9XPJ iBVjYJASOkLWGBzx4LLca71BfCFGizlWNsq2QI30KZ8py5NEj5/POHOBTTs8evFc TlqYQZ6f2gLNsfdqiM6Imgdu7YuweVViHGFZpYVYrnOc9TYCORlSBDVWg2j9/NW4 EHmVVVN8gKjpLZw9xH8um/uzL6Ow9RHxKJSHdE/414jjQYF5jg6/Mq4xs/zXgR4A kecW84uv3dPo8Wk0scRe18RNOwDyl98wbkG/RYOxa1Jk -----END CERTIFICATE-----Generated at Mon Jan 19 05:21:28 2026 by rpki-client