This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/pEhlZCenhzwa3Q4aA9n257p2vqU.roa File: pEhlZCenhzwa3Q4aA9n257p2vqU.roa (raw, json) Hash identifier: Tj/791INwibHMddVEYstqYRZ0Ic72xk7BVHGx42t0a8= Subject key identifier: A4:48:65:64:27:A7:87:3C:1A:DD:0E:1A:03:D9:F6:E7:BA:76:BE:A5 Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f Certificate serial: 019B2732A76630572BD73CCE27BAC745B94A Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/pEhlZCenhzwa3Q4aA9n257p2vqU.roa Signing time: Tue 16 Dec 2025 12:46:29 +0000 ROA not before: Tue 16 Dec 2025 12:46:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215373 IP address blocks: 37.203.35.0/24 maxlen: 24 37.203.37.0/24 maxlen: 24 37.203.38.0/24 maxlen: 24 89.111.9.0/24 maxlen: 24 89.111.10.0/24 maxlen: 24 89.111.22.0/24 maxlen: 24 89.111.25.0/24 maxlen: 24 89.111.26.0/23 maxlen: 23 89.111.26.0/24 maxlen: 24 89.111.27.0/24 maxlen: 24 89.111.28.0/22 maxlen: 22 89.111.28.0/24 maxlen: 24 89.111.29.0/24 maxlen: 24 89.111.30.0/24 maxlen: 24 89.111.31.0/24 maxlen: 24 185.219.156.0/22 maxlen: 22 185.219.156.0/24 maxlen: 24 185.219.157.0/24 maxlen: 24 185.219.158.0/24 maxlen: 24 185.219.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.mft rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:32:a7:66:30:57:2b:d7:3c:ce:27:ba:c7:45:b9:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f Validity Not Before: Dec 16 12:46:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a448656427a7873c1add0e1a03d9f6e7ba76bea5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:7f:9a:c8:17:5f:39:1d:c8:e9:e9:c2:7e:29: 4f:2c:5b:f1:db:eb:ab:ef:f3:47:63:fc:bd:40:26: 4b:5a:2e:48:e1:99:50:31:be:cc:9d:1d:c2:f6:b8: 70:d2:b6:1a:2a:64:ca:18:c7:3b:00:58:8c:26:3d: 79:af:f9:ed:50:ac:f1:62:0d:51:a5:8d:9d:7a:9d: 4e:8d:22:46:59:bd:4a:9b:c0:51:35:a0:b2:b3:d8: 5a:f0:78:6a:e5:80:d2:e3:a5:4b:de:1d:26:0e:a8: c9:5a:22:7c:d5:31:3f:61:80:22:19:2a:02:0d:10: 96:ed:e8:e2:64:8a:09:8a:42:fa:19:a0:11:36:6e: 4f:f0:f8:6d:bc:2e:30:66:80:25:a3:70:09:7e:6a: 00:a4:aa:2d:84:fb:28:02:de:02:f1:08:5c:73:be: 5b:42:bd:82:16:3e:e1:c4:d9:5d:01:11:e5:0c:f6: 97:95:0f:4a:9b:7a:61:03:5f:91:d9:71:e7:ea:57: bb:34:8b:af:34:f5:9a:fb:e3:6e:62:64:71:2f:ea: b3:33:08:86:6a:71:b8:29:01:c3:e8:fe:d0:5a:0f: 11:99:13:02:23:6a:d9:4f:33:8d:5e:9b:47:66:a1: 2c:85:0b:e2:ff:66:31:61:91:0c:79:fe:ce:b3:be: 3f:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:48:65:64:27:A7:87:3C:1A:DD:0E:1A:03:D9:F6:E7:BA:76:BE:A5 X509v3 Authority Key Identifier: keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/pEhlZCenhzwa3Q4aA9n257p2vqU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.203.35.0/24 37.203.37.0-37.203.38.255 89.111.9.0-89.111.10.255 89.111.22.0/24 89.111.25.0-89.111.31.255 185.219.156.0/22 Signature Algorithm: sha256WithRSAEncryption 88:7d:78:4c:12:e5:59:07:7e:6a:73:7a:5a:7c:6b:d1:81:d5: 5e:84:31:96:a6:04:62:49:3c:45:1c:86:38:35:ad:9d:03:cd: 1d:61:cb:4b:e8:e2:df:2b:d6:bc:61:3d:63:d7:a0:18:4d:f8: 56:23:f4:e1:8b:97:33:c6:72:f0:ce:14:36:1f:f9:9f:eb:f2: a0:82:2e:a7:5d:4a:75:85:b6:86:a3:f9:8d:1e:e8:68:d2:88: 7e:72:79:2b:64:fa:8b:0f:58:08:44:74:40:91:c6:fc:b5:5d: 26:4e:bf:72:ef:e7:5d:a7:99:15:31:5c:12:05:0f:d5:23:9a: 07:42:55:5d:2a:43:5d:fa:e5:1d:fb:cf:f3:bb:ab:42:39:a5: 6c:87:e7:db:e2:2a:13:91:e0:fd:78:5b:cb:80:af:f1:d9:a1: ec:3c:7e:f8:73:3d:ad:8d:96:99:1a:77:93:9d:ae:ac:b5:65: e8:a2:33:b9:1c:e3:8d:3d:75:ec:a0:35:bc:30:e6:fb:a7:d1: 06:3e:b0:fc:1f:fe:a0:b9:be:25:f1:fd:02:b5:b4:f7:93:5f: da:0c:d5:b3:14:ab:12:a8:06:b6:1d:59:fe:f8:d6:a3:1b:3c: e4:11:f2:c3:97:67:8f:d6:bf:be:73:8c:7c:1c:54:a6:ed:4b: 7e:e4:30:94 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZsnMqdmMFcr1zzOJ7rHRblKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3 NGRlMGYwHhcNMjUxMjE2MTI0NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDQ4NjU2NDI3YTc4NzNjMWFkZDBlMWEwM2Q5ZjZlN2JhNzZiZWE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H+ayBdfOR3I6enCfilPLFvx2+ur 7/NHY/y9QCZLWi5I4ZlQMb7MnR3C9rhw0rYaKmTKGMc7AFiMJj15r/ntUKzxYg1R pY2dep1OjSJGWb1Km8BRNaCys9ha8Hhq5YDS46VL3h0mDqjJWiJ81TE/YYAiGSoC DRCW7ejiZIoJikL6GaARNm5P8PhtvC4wZoAlo3AJfmoApKothPsoAt4C8Qhcc75b Qr2CFj7hxNldARHlDPaXlQ9Km3phA1+R2XHn6le7NIuvNPWa++NuYmRxL+qzMwiG anG4KQHD6P7QWg8RmRMCI2rZTzONXptHZqEshQvi/2YxYZEMef7Os74/cQIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFKRIZWQnp4c8Gt0OGgPZ9ue6dr6lMB8GA1UdIwQY MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt YWM2N2EzNmU0YWFiLzEvcEVobFpDZW5oendhM1E0YUE5bjI1N3AydnFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJcsjMAwD BAAlyyUDBAAlyyYwDAMEAFlvCQMEAFlvCgMEAFlvFjAMAwQAWW8ZAwQFWW8AAwQC uducMA0GCSqGSIb3DQEBCwUAA4IBAQCIfXhMEuVZB35qc3pafGvRgdVehDGWpgRi STxFHIY4Na2dA80dYctL6OLfK9a8YT1j16AYTfhWI/Thi5czxnLwzhQ2H/mf6/Kg gi6nXUp1hbaGo/mNHuho0oh+cnkrZPqLD1gIRHRAkcb8tV0mTr9y7+ddp5kVMVwS BQ/VI5oHQlVdKkNd+uUd+8/zu6tCOaVsh+fb4ioTkeD9eFvLgK/x2aHsPH74cz2t jZaZGneTna6stWXoojO5HOONPXXsoDW8MOb7p9EGPrD8H/6gub4l8f0CtbT3k1/a DNWzFKsSqAa2HVn++NajGzzkEfLDl2eP1r++c4x8HFSm7Ut+5DCU -----END CERTIFICATE-----Generated at Fri Dec 19 07:14:08 2025 by rpki-client