This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/IJhmUCiFKkEWauTpmApnTpFj-SE.roa File: IJhmUCiFKkEWauTpmApnTpFj-SE.roa (raw, json) Hash identifier: kLeSqMguXmeNnm1rZ9r4cMOYIPZfo29ixEQEwX6dLeM= Subject key identifier: 20:98:66:50:28:85:2A:41:16:6A:E4:E9:98:0A:67:4E:91:63:F9:21 Certificate issuer: /CN=e4ff5bbf540c65954b9913a68c24d174de97d829 Certificate serial: 019B7E38E25AA3D24B75727BDE80539F499E Authority key identifier: E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/IJhmUCiFKkEWauTpmApnTpFj-SE.roa Signing time: Fri 02 Jan 2026 10:20:15 +0000 ROA not before: Fri 02 Jan 2026 10:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49910 IP address blocks: 45.13.24.0/24 maxlen: 24 77.232.224.0/19 maxlen: 24 185.174.36.0/22 maxlen: 24 2a06:3e40::/29 maxlen: 48 2a12:9940::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.crl rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.mft rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 16:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e2:5a:a3:d2:4b:75:72:7b:de:80:53:9f:49:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e4ff5bbf540c65954b9913a68c24d174de97d829 Validity Not Before: Jan 2 10:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2098665028852a41166ae4e9980a674e9163f921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:20:10:0c:79:df:49:c4:80:47:9f:d3:43:bd: 8a:1b:90:71:37:b5:1e:a0:70:9e:7f:f8:5e:71:09: fe:f4:20:f2:01:10:5c:d8:d1:39:db:0f:8b:19:6b: 5e:7f:d2:8d:37:d3:2c:2a:71:c8:4d:27:26:51:cb: db:33:98:b0:31:dd:69:80:76:3a:a3:28:0c:08:19: ac:96:ab:c8:0e:47:b8:49:3d:67:51:fc:01:fd:b5: 30:a2:14:87:0b:cd:40:08:e5:93:6d:ba:88:c1:fb: 71:14:3a:8e:31:d9:7c:a5:6b:44:ab:5c:8f:af:d5: fd:a2:e1:f9:92:5a:0c:7b:89:49:d9:12:f8:15:e9: ee:c2:87:ef:3a:86:fb:9b:85:8c:0a:64:d2:89:86: 56:d8:da:1b:6a:1e:99:ee:7f:f0:95:0e:94:c7:44: b7:e5:ad:d8:28:82:c3:87:1f:6c:01:1a:a6:00:38: d4:3c:79:b7:87:42:4f:71:e1:83:98:9e:1d:8f:a2: 55:4e:ec:67:76:09:eb:bf:65:96:7c:4c:88:61:35: 61:1c:f2:17:7d:6a:d8:6e:ac:17:cc:ba:de:fa:18: bd:8c:e4:1b:6c:b1:7d:50:d7:84:03:09:3d:c7:69: 85:82:3b:0d:76:06:81:cc:57:d3:85:68:65:7c:1d: 2f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:98:66:50:28:85:2A:41:16:6A:E4:E9:98:0A:67:4E:91:63:F9:21 X509v3 Authority Key Identifier: keyid:E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/IJhmUCiFKkEWauTpmApnTpFj-SE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.13.24.0/24 77.232.224.0/19 185.174.36.0/22 IPv6: 2a06:3e40::/29 2a12:9940::/29 Signature Algorithm: sha256WithRSAEncryption 57:6a:e6:c1:8b:a7:c8:81:8a:83:24:36:a5:b7:81:d7:d7:5b: 5e:33:1f:6b:78:31:35:fc:42:4c:e3:54:61:a5:62:2d:f6:66: 6c:dc:d7:a0:0c:9e:88:bd:82:a9:86:31:ab:47:30:ea:bc:8e: 7d:a4:f3:18:6a:a1:d6:c6:c0:14:2b:f3:2c:29:a2:f1:a0:d3: e3:80:8d:4c:59:7c:f4:5e:a3:0d:3d:e9:ec:61:39:db:50:d7: 1c:7f:bf:01:ab:c1:15:3d:c9:b8:44:d6:ba:a6:53:1d:fd:3f: d8:ff:74:1c:8a:24:9a:1c:0d:d9:85:b2:ed:e8:17:e5:b9:c5: 63:52:7d:79:55:ea:94:0f:91:bc:93:0f:57:78:67:cc:8f:e9: d1:b6:58:9b:2b:a9:89:d7:d9:19:e8:92:c1:97:5c:dd:c6:5b: 23:40:41:11:c0:11:d0:75:f9:01:9d:09:e0:c8:2d:73:86:fe: 00:d2:e1:3d:0b:30:40:40:8d:13:87:be:e2:aa:58:d2:09:63: fb:46:d7:6e:bf:50:9b:3d:c4:62:66:f0:39:80:51:a2:ae:30: c5:f5:93:db:f2:24:e8:34:3e:d3:a5:ec:b6:2c:0d:05:18:ef: 49:2f:3a:dd:a8:48:93:ee:37:10:84:55:e1:84:b4:32:67:24: d1:70:d7:91 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt+OOJao9JLdXJ73oBTn0meMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0ZmY1YmJmNTQwYzY1OTU0Yjk5MTNhNjhjMjRkMTc0ZGU5 N2Q4MjkwHhcNMjYwMTAyMTAyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDk4NjY1MDI4ODUyYTQxMTY2YWU0ZTk5ODBhNjc0ZTkxNjNmOTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyAQDHnfScSAR5/TQ72KG5BxN7Ue oHCef/hecQn+9CDyARBc2NE52w+LGWtef9KNN9MsKnHITScmUcvbM5iwMd1pgHY6 oygMCBmslqvIDke4ST1nUfwB/bUwohSHC81ACOWTbbqIwftxFDqOMdl8pWtEq1yP r9X9ouH5kloMe4lJ2RL4FenuwofvOob7m4WMCmTSiYZW2Nobah6Z7n/wlQ6Ux0S3 5a3YKILDhx9sARqmADjUPHm3h0JPceGDmJ4dj6JVTuxndgnrv2WWfEyIYTVhHPIX fWrYbqwXzLre+hi9jOQbbLF9UNeEAwk9x2mFgjsNdgaBzFfThWhlfB0vkQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFCCYZlAohSpBFmrk6ZgKZ06RY/khMB8GA1UdIwQY MBaAFOT/W79UDGWVS5kTpowk0XTel9gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgt NWMwYzQ2ZDA0ZWUxLzEvSUpobVVDaUZLa0VXYXVUcG1BcG5UcEZqLVNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgtNWMwYzQ2ZDA0ZWUx LzEvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALQ0YAwQF TejgAwQCua4kMBQEAgACMA4DBQMqBj5AAwUDKhKZQDANBgkqhkiG9w0BAQsFAAOC AQEAV2rmwYunyIGKgyQ2pbeB19dbXjMfa3gxNfxCTONUYaViLfZmbNzXoAyeiL2C qYYxq0cw6ryOfaTzGGqh1sbAFCvzLCmi8aDT44CNTFl89F6jDT3p7GE521DXHH+/ AavBFT3JuETWuqZTHf0/2P90HIokmhwN2YWy7egX5bnFY1J9eVXqlA+RvJMPV3hn zI/p0bZYmyupidfZGeiSwZdc3cZbI0BBEcAR0HX5AZ0J4Mgtc4b+ANLhPQswQECN E4e+4qpY0glj+0bXbr9Qmz3EYmbwOYBRoq4wxfWT2/Ik6DQ+06XstiwNBRjvSS86 3ahIk+43EIRV4YS0Mmck0XDXkQ== -----END CERTIFICATE-----Generated at Tue Feb 10 02:22:42 2026 by rpki-client