This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/IehXfhpPn3dEnZKsKI0F4aPgIJw.roa File: IehXfhpPn3dEnZKsKI0F4aPgIJw.roa (raw, json) Hash identifier: 1JowsJbpz4yi5Kd0RwN5YPzQlbBst/1as7STi6Wlb1k= Subject key identifier: 21:E8:57:7E:1A:4F:9F:77:44:9D:92:AC:28:8D:05:E1:A3:E0:20:9C Certificate issuer: /CN=db9bfce35824f6ec9b5c9f39a81150ce16181227 Certificate serial: 019B7BA3372C29F4C29B592026B97D504C85 Authority key identifier: DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/IehXfhpPn3dEnZKsKI0F4aPgIJw.roa Signing time: Thu 01 Jan 2026 22:17:32 +0000 ROA not before: Thu 01 Jan 2026 22:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35765 IP address blocks: 87.247.192.0/22 maxlen: 22 87.247.196.0/22 maxlen: 22 87.247.200.0/22 maxlen: 22 87.247.204.0/22 maxlen: 22 87.247.208.0/20 maxlen: 20 195.128.104.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.mft rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:37:2c:29:f4:c2:9b:59:20:26:b9:7d:50:4c:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db9bfce35824f6ec9b5c9f39a81150ce16181227 Validity Not Before: Jan 1 22:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21e8577e1a4f9f77449d92ac288d05e1a3e0209c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:98:ac:6a:ab:17:01:51:44:3f:fd:88:10:3a: 0b:6d:8f:50:85:10:61:30:22:5f:60:a3:9a:de:ab: ee:5c:34:2f:70:b9:20:09:9b:91:b4:a4:fd:57:e3: 74:70:df:11:37:00:bc:68:c0:c4:f4:22:54:ee:47: 44:79:63:70:e9:99:80:26:ae:77:8e:70:78:f3:86: b4:b2:6d:c4:46:7d:0f:52:93:fd:f6:9b:01:43:79: 96:22:c8:1a:4f:19:f1:97:d8:6c:6a:32:8c:60:ce: 77:f9:60:cb:df:be:15:9a:87:1b:72:52:be:ab:00: b1:f9:72:10:b8:31:2e:99:83:93:b3:bc:9d:55:b3: d1:96:52:82:27:65:13:54:d3:c3:83:16:40:4e:00: f3:89:bf:db:e2:5b:6e:a5:9c:b7:29:ed:ea:4c:0e: 7e:48:76:c6:f5:00:35:68:ad:48:7c:dd:d2:05:4f: e9:bb:93:e4:2a:5d:ea:8a:26:20:8e:a7:c5:8b:3b: fa:e9:d4:a5:21:1d:d2:4a:73:72:6b:e9:f0:b2:0e: 6f:11:0a:13:2d:dd:e7:90:05:15:83:92:b8:b4:b7: 3e:53:bf:48:38:88:e1:69:5a:0f:80:db:66:26:cd: 34:4d:b2:e8:4e:80:01:88:a4:f7:69:89:c0:28:2c: 3d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:E8:57:7E:1A:4F:9F:77:44:9D:92:AC:28:8D:05:E1:A3:E0:20:9C X509v3 Authority Key Identifier: keyid:DB:9B:FC:E3:58:24:F6:EC:9B:5C:9F:39:A8:11:50:CE:16:18:12:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25v841gk9uybXJ85qBFQzhYYEic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/IehXfhpPn3dEnZKsKI0F4aPgIJw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/b38707-39ce-4ccb-97a0-9b70d60c4800/1/25v841gk9uybXJ85qBFQzhYYEic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.247.192.0/19 195.128.104.0/21 Signature Algorithm: sha256WithRSAEncryption 9a:07:ce:64:74:9a:02:d5:3a:ed:bd:4a:d3:64:5e:d9:02:74: 8c:54:53:12:81:5c:ea:45:18:97:a1:c4:3a:25:92:6c:ed:4a: b4:1d:14:94:77:e1:84:d2:a7:2d:3e:5f:70:35:d0:2c:e0:66: c6:70:bb:ee:a5:3a:89:c7:28:e5:2c:f4:b1:fa:99:d0:ce:f7: 8a:08:0c:2e:30:da:55:d0:45:d7:7e:81:10:b6:44:d2:b9:6c: d8:58:9d:26:73:41:d7:d9:b6:87:ab:52:9b:02:93:6f:5a:ec: 4c:c3:04:a5:d4:3b:34:6e:91:36:0d:11:f1:84:b9:a7:fe:f1: 92:99:35:f7:9b:43:19:ae:6a:c7:a0:da:03:38:3c:9d:d6:42: 9b:ce:b5:f7:b0:fd:6d:e4:e4:74:59:8a:1b:34:84:c7:60:7a: a0:7b:ce:d1:08:a4:c8:0b:a4:67:d7:85:a0:4d:97:7a:cb:63: 2b:9c:4e:07:31:06:ca:a6:3c:a8:0b:34:82:81:5a:2b:76:aa: 8f:f2:d7:9e:2a:02:64:61:16:17:42:ab:b1:6a:58:d5:f5:cc: 84:82:9a:95:3d:e5:da:79:93:26:43:31:f6:f1:68:cc:8e:99: bb:7b:ef:46:9c:dc:ee:42:32:a7:c0:a2:f8:bc:7f:ed:32:1d: a7:17:91:ab -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7ozcsKfTCm1kgJrl9UEyFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiOWJmY2UzNTgyNGY2ZWM5YjVjOWYzOWE4MTE1MGNlMTYx ODEyMjcwHhcNMjYwMTAxMjIxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWU4NTc3ZTFhNGY5Zjc3NDQ5ZDkyYWMyODhkMDVlMWEzZTAyMDljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+JisaqsXAVFEP/2IEDoLbY9QhRBh MCJfYKOa3qvuXDQvcLkgCZuRtKT9V+N0cN8RNwC8aMDE9CJU7kdEeWNw6ZmAJq53 jnB484a0sm3ERn0PUpP99psBQ3mWIsgaTxnxl9hsajKMYM53+WDL374VmocbclK+ qwCx+XIQuDEumYOTs7ydVbPRllKCJ2UTVNPDgxZATgDzib/b4ltupZy3Ke3qTA5+ SHbG9QA1aK1IfN3SBU/pu5PkKl3qiiYgjqfFizv66dSlIR3SSnNya+nwsg5vEQoT Ld3nkAUVg5K4tLc+U79IOIjhaVoPgNtmJs00TbLoToABiKT3aYnAKCw9JwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCHoV34aT593RJ2SrCiNBeGj4CCcMB8GA1UdIwQY MBaAFNub/ONYJPbsm1yfOagRUM4WGBInMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMjV2ODQxZ2s5dXliWEo4NXFCRlF6aFlZRWljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iMzg3MDctMzljZS00Y2NiLTk3YTAt OWI3MGQ2MGM0ODAwLzEvSWVoWGZocFBuM2RFblpLc0tJMEY0YVBnSUp3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9iMzg3MDctMzljZS00Y2NiLTk3YTAtOWI3MGQ2MGM0ODAw LzEvMjV2ODQxZ2s5dXliWEo4NXFCRlF6aFlZRWljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFV/fAAwQD w4BoMA0GCSqGSIb3DQEBCwUAA4IBAQCaB85kdJoC1TrtvUrTZF7ZAnSMVFMSgVzq RRiXocQ6JZJs7Uq0HRSUd+GE0qctPl9wNdAs4GbGcLvupTqJxyjlLPSx+pnQzveK CAwuMNpV0EXXfoEQtkTSuWzYWJ0mc0HX2baHq1KbApNvWuxMwwSl1Ds0bpE2DRHx hLmn/vGSmTX3m0MZrmrHoNoDODyd1kKbzrX3sP1t5OR0WYobNITHYHqge87RCKTI C6Rn14WgTZd6y2MrnE4HMQbKpjyoCzSCgVordqqP8teeKgJkYRYXQquxaljV9cyE gpqVPeXaeZMmQzH28WjMjpm7e+9GnNzuQjKnwKL4vH/tMh2nF5Gr -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:28 2026 by rpki-client