This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/iGkSpEtRhmta32w1pp6Q48amLSo.roa File: iGkSpEtRhmta32w1pp6Q48amLSo.roa (raw, json) Hash identifier: CdL3W5v/3RUr7mpXWOhcMEDfXo5lXkDMDv5p58Jb5/8= Subject key identifier: 88:69:12:A4:4B:51:86:6B:5A:DF:6C:35:A6:9E:90:E3:C6:A6:2D:2A Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1 Certificate serial: 019B797E0793BCA7BC2F8569C21F63CAE5D5 Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/iGkSpEtRhmta32w1pp6Q48amLSo.roa Signing time: Thu 01 Jan 2026 12:17:41 +0000 ROA not before: Thu 01 Jan 2026 12:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214504 IP address blocks: 89.125.254.0/24 maxlen: 24 212.192.2.0/24 maxlen: 24 212.192.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:07:93:bc:a7:bc:2f:85:69:c2:1f:63:ca:e5:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1 Validity Not Before: Jan 1 12:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=886912a44b51866b5adf6c35a69e90e3c6a62d2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:79:76:6a:76:de:28:b1:b8:a0:e7:87:ce:60: 7b:17:e7:5b:0e:ac:fc:7a:64:49:7b:c7:4a:a7:7a: e1:c0:84:c3:d5:72:55:9d:91:08:2e:e4:46:7c:11: 9f:5d:ba:7d:7f:eb:15:33:4a:c1:4a:57:24:bf:40: f1:7d:5c:67:f1:d6:f2:b4:73:8f:97:50:c3:df:0f: 8c:8b:47:76:97:66:63:cc:1a:d8:f2:f9:41:8e:8c: 84:ab:3d:2f:0a:1c:d4:db:b3:43:5c:f8:d6:0d:3a: 01:e4:f7:4d:82:81:db:06:a0:26:a9:38:bf:a7:84: 0d:1d:9b:46:09:3e:f5:e9:a1:e4:ab:57:48:6b:8e: c0:ac:44:1f:b9:ba:77:53:ee:27:a5:9e:71:72:40: 22:5b:57:a3:54:4c:f0:23:a8:fd:2c:32:df:24:2b: 9f:4c:e0:d2:f9:68:55:96:d0:63:f1:40:50:09:6c: 8e:d2:59:d9:97:19:c7:99:bb:50:4f:9b:33:4b:84: b8:2d:e9:17:ab:3d:97:0e:1b:46:19:be:8a:c1:a2: a3:16:d6:08:b3:58:38:8a:c0:db:78:28:74:49:ae: cc:4d:8c:9a:7b:77:f1:b8:45:98:ce:81:c8:a8:11: 51:72:70:7c:97:2a:fe:54:53:2b:78:70:cb:2e:70: f7:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:69:12:A4:4B:51:86:6B:5A:DF:6C:35:A6:9E:90:E3:C6:A6:2D:2A X509v3 Authority Key Identifier: keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/iGkSpEtRhmta32w1pp6Q48amLSo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.125.254.0/24 212.192.2.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:ac:0c:d4:1b:b5:3c:4f:5d:98:3f:1a:09:bd:6b:63:f1:45: f2:43:6f:09:5c:fc:c2:fb:09:e6:47:06:54:42:e2:6d:a8:41: c7:fe:b8:4b:17:ff:84:74:a2:93:f3:64:c6:81:76:8e:88:35: 0a:04:8a:fb:5f:e6:9d:7c:54:83:1e:9f:f8:e2:0c:7d:40:ba: 51:17:48:b0:8f:a1:5a:d9:ee:23:61:31:be:e1:bf:55:65:c5: 03:65:d5:bb:78:5f:87:b4:ea:ae:26:b9:e2:b9:4e:40:1d:3b: df:04:e8:01:9d:0f:0c:5b:16:c4:b0:85:2a:01:d3:7d:65:26: b1:f7:8b:ed:96:ba:4f:c1:a1:15:9d:c5:d1:0c:4e:8e:56:bb: 01:b2:36:ac:b8:c5:f6:eb:aa:24:2a:6b:48:9f:13:13:0a:47: c2:5e:f4:af:d7:0e:a6:61:9f:bb:42:d0:31:3f:33:5d:fd:fd: 94:2f:ed:2c:d0:44:3b:a7:3c:42:c2:c4:3c:e9:f9:e2:f3:ab: 9d:79:50:40:3c:c7:a1:f0:67:0f:21:55:50:c7:8a:9c:68:15: 1b:0c:00:ac:55:c4:4d:d0:71:24:a0:7a:6e:96:62:e9:9f:44: a7:8c:b4:dc:dc:05:37:08:fc:0d:a1:bd:9e:4b:52:8f:ff:0b: 3c:a7:26:54 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5fgeTvKe8L4Vpwh9jyuXVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm Y2ZlZDEwHhcNMjYwMTAxMTIxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODY5MTJhNDRiNTE4NjZiNWFkZjZjMzVhNjllOTBlM2M2YTYyZDJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3l2anbeKLG4oOeHzmB7F+dbDqz8 emRJe8dKp3rhwITD1XJVnZEILuRGfBGfXbp9f+sVM0rBSlckv0DxfVxn8dbytHOP l1DD3w+Mi0d2l2ZjzBrY8vlBjoyEqz0vChzU27NDXPjWDToB5PdNgoHbBqAmqTi/ p4QNHZtGCT716aHkq1dIa47ArEQfubp3U+4npZ5xckAiW1ejVEzwI6j9LDLfJCuf TODS+WhVltBj8UBQCWyO0lnZlxnHmbtQT5szS4S4LekXqz2XDhtGGb6KwaKjFtYI s1g4isDbeCh0Sa7MTYyae3fxuEWYzoHIqBFRcnB8lyr+VFMreHDLLnD3fQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIhpEqRLUYZrWt9sNaaekOPGpi0qMB8GA1UdIwQY MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt ZTU4MzlmNDNlNTgzLzEvaUdrU3BFdFJobXRhMzJ3MXBwNlE0OGFtTFNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWX3+AwQB 1MACMA0GCSqGSIb3DQEBCwUAA4IBAQBMrAzUG7U8T12YPxoJvWtj8UXyQ28JXPzC +wnmRwZUQuJtqEHH/rhLF/+EdKKT82TGgXaOiDUKBIr7X+adfFSDHp/44gx9QLpR F0iwj6Fa2e4jYTG+4b9VZcUDZdW7eF+HtOquJrniuU5AHTvfBOgBnQ8MWxbEsIUq AdN9ZSax94vtlrpPwaEVncXRDE6OVrsBsjasuMX266okKmtInxMTCkfCXvSv1w6m YZ+7QtAxPzNd/f2UL+0s0EQ7pzxCwsQ86fni86udeVBAPMeh8GcPIVVQx4qcaBUb DACsVcRN0HEkoHpulmLpn0SnjLTc3AU3CPwNob2eS1KP/ws8pyZU -----END CERTIFICATE-----Generated at Mon Jan 19 14:37:36 2026 by rpki-client