This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/IbrA5wPv2IINQz5Y_qYnRDqnTY8.roa File: IbrA5wPv2IINQz5Y_qYnRDqnTY8.roa (raw, json) Hash identifier: 25xP3aJw0huQDUJNrczPpt83Eq9nT+OcpQurpUGVuU4= Subject key identifier: 21:BA:C0:E7:03:EF:D8:82:0D:43:3E:58:FE:A6:27:44:3A:A7:4D:8F Certificate issuer: /CN=0eca1d5bdd50344ff5ef884a660e82eba83bc0db Certificate serial: 019B3189A305665083807C27E23EA82E5650 Authority key identifier: 0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/IbrA5wPv2IINQz5Y_qYnRDqnTY8.roa Signing time: Thu 18 Dec 2025 12:57:42 +0000 ROA not before: Thu 18 Dec 2025 12:57:42 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 3327 IP address blocks: 62.128.100.0/22 maxlen: 22 62.128.100.0/23 maxlen: 23 62.128.102.0/23 maxlen: 23 62.128.104.0/21 maxlen: 21 62.128.104.0/23 maxlen: 23 62.128.106.0/24 maxlen: 24 62.128.112.0/20 maxlen: 20 62.128.113.0/24 maxlen: 24 62.128.126.0/24 maxlen: 24 87.98.0.0/18 maxlen: 18 87.98.64.0/19 maxlen: 19 87.98.124.0/22 maxlen: 22 87.98.125.0/24 maxlen: 24 89.219.0.0/24 maxlen: 24 89.219.128.0/22 maxlen: 22 89.219.134.0/23 maxlen: 23 89.219.136.0/21 maxlen: 21 89.219.144.0/21 maxlen: 21 89.219.152.0/23 maxlen: 23 89.219.154.0/24 maxlen: 24 89.219.161.0/24 maxlen: 24 89.219.162.0/24 maxlen: 24 89.219.168.0/24 maxlen: 24 195.222.0.0/19 maxlen: 19 195.222.16.0/24 maxlen: 24 212.27.224.0/19 maxlen: 19 212.27.226.0/24 maxlen: 24 212.27.227.0/24 maxlen: 24 212.27.228.0/24 maxlen: 24 212.27.231.0/24 maxlen: 24 212.27.232.0/24 maxlen: 24 212.47.192.0/19 maxlen: 19 212.49.0.0/19 maxlen: 19 212.49.24.0/24 maxlen: 24 217.28.240.0/20 maxlen: 20 217.28.243.0/24 maxlen: 24 217.28.244.0/22 maxlen: 22 217.28.244.0/24 maxlen: 24 217.28.245.0/24 maxlen: 24 217.28.246.0/24 maxlen: 24 217.28.247.0/24 maxlen: 24 217.28.248.0/24 maxlen: 24 217.28.249.0/24 maxlen: 24 217.28.251.0/24 maxlen: 24 217.28.254.0/24 maxlen: 24 2001:ad0::/32 maxlen: 32 2001:ad0:5000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.mft rsync://rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 06:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:89:a3:05:66:50:83:80:7c:27:e2:3e:a8:2e:56:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0eca1d5bdd50344ff5ef884a660e82eba83bc0db Validity Not Before: Dec 18 12:57:42 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=21bac0e703efd8820d433e58fea627443aa74d8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:08:f8:a8:2d:45:fc:a9:e8:21:23:a5:d2:3b: 3c:7f:68:58:b3:c4:78:39:cb:e2:57:b7:5e:26:c0: cf:4d:85:b2:76:e3:2d:ec:a8:84:a0:56:8d:1e:d5: 32:5c:96:68:de:28:26:18:36:0a:18:be:cb:36:3a: 70:39:3f:76:84:46:e0:a8:e0:00:f1:87:0c:a6:9c: cb:9e:14:ea:d8:cc:ac:d6:b4:e7:99:88:9b:3b:6e: c1:1b:57:1e:50:bb:d1:46:c6:96:ea:ad:29:71:38: a1:c4:d2:76:0a:10:84:2c:6a:54:cb:fe:8e:a4:a3: 89:75:4a:f7:f0:0c:e8:6d:af:09:ca:c7:10:03:93: 8e:d7:8f:31:4a:85:c1:cb:af:e0:6a:80:7f:51:25: 1e:0b:1c:ce:c4:f2:0e:72:b7:f8:6f:af:8e:e2:d6: 6c:2c:39:68:5a:fb:78:ad:65:f5:0a:37:2f:52:6a: d2:0d:a4:22:14:85:f6:a7:d6:0c:cc:fb:03:03:b6: a6:0c:74:b1:35:c5:56:d7:54:d2:ea:27:cb:9b:d3: 51:97:d9:27:a4:6c:d6:1f:ea:10:78:fd:ef:ea:22: 80:8b:a5:f2:06:87:bd:f8:55:7f:58:a1:46:c7:9b: 8e:42:5e:98:bb:22:ee:41:a8:39:9d:4b:fc:41:18: 08:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:BA:C0:E7:03:EF:D8:82:0D:43:3E:58:FE:A6:27:44:3A:A7:4D:8F X509v3 Authority Key Identifier: keyid:0E:CA:1D:5B:DD:50:34:4F:F5:EF:88:4A:66:0E:82:EB:A8:3B:C0:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DsodW91QNE_174hKZg6C66g7wNs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/IbrA5wPv2IINQz5Y_qYnRDqnTY8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/be7fcb-0755-4c1e-ac77-7c7f00a953e1/1/DsodW91QNE_174hKZg6C66g7wNs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.128.100.0-62.128.127.255 87.98.0.0-87.98.95.255 87.98.124.0/22 89.219.0.0/24 89.219.128.0/22 89.219.134.0-89.219.154.255 89.219.161.0-89.219.162.255 89.219.168.0/24 195.222.0.0/19 212.27.224.0/19 212.47.192.0/19 212.49.0.0/19 217.28.240.0/20 IPv6: 2001:ad0::/32 Signature Algorithm: sha256WithRSAEncryption 32:30:cc:7d:f7:47:89:64:bd:14:d0:e2:2e:4e:56:bf:7a:c7: 1e:3b:fa:f9:16:85:cf:26:a4:51:27:fc:b9:55:99:3f:32:c5: 7d:dc:80:e2:41:b6:3f:1a:94:aa:0f:d0:f3:b6:9d:bf:59:2d: 83:08:87:69:1c:50:af:01:74:57:7e:11:56:05:7e:ea:2b:1d: f2:a1:6b:b5:1d:92:b4:36:da:ff:9b:45:a4:0e:1a:35:6e:0b: 7e:a8:c8:91:b8:fe:e9:8f:0e:ea:5e:8b:11:7a:ae:5d:56:f3: e4:bc:91:3e:70:1c:e5:19:8b:38:50:eb:23:b0:ab:7d:cc:ea: b6:a4:34:fe:85:f2:33:5a:7a:e8:d9:37:f6:f0:37:43:cd:2d: 57:ab:e2:45:2a:78:c2:7e:de:7e:77:a2:c1:1f:9b:e3:13:15: c5:ea:92:d6:78:7a:ac:9c:c7:2c:c9:71:14:c7:e9:49:11:9d: 27:3d:82:b1:51:ff:ba:bc:da:98:70:93:1d:7f:71:5f:19:b6: aa:eb:ef:01:55:2c:c0:2b:3a:84:ab:d8:ff:de:22:48:2d:da: b1:eb:0b:b1:6b:6e:08:40:bc:f1:54:7d:cf:93:61:da:e1:a3: 78:c0:47:8a:07:5d:f0:58:3b:18:66:b4:82:78:e2:7c:76:d7: 6b:57:d0:24 -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgISAZsxiaMFZlCDgHwn4j6oLlZQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlY2ExZDViZGQ1MDM0NGZmNWVmODg0YTY2MGU4MmViYTgz YmMwZGIwHhcNMjUxMjE4MTI1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWJhYzBlNzAzZWZkODgyMGQ0MzNlNThmZWE2Mjc0NDNhYTc0ZDhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gj4qC1F/KnoISOl0js8f2hYs8R4 OcviV7deJsDPTYWyduMt7KiEoFaNHtUyXJZo3igmGDYKGL7LNjpwOT92hEbgqOAA 8YcMppzLnhTq2Mys1rTnmYibO27BG1ceULvRRsaW6q0pcTihxNJ2ChCELGpUy/6O pKOJdUr38Azoba8JyscQA5OO148xSoXBy6/gaoB/USUeCxzOxPIOcrf4b6+O4tZs LDloWvt4rWX1CjcvUmrSDaQiFIX2p9YMzPsDA7amDHSxNcVW11TS6ifLm9NRl9kn pGzWH+oQeP3v6iKAi6XyBoe9+FV/WKFGx5uOQl6YuyLuQag5nUv8QRgIrQIDAQAB o4ICgjCCAn4wHQYDVR0OBBYEFCG6wOcD79iCDUM+WP6mJ0Q6p02PMB8GA1UdIwQY MBaAFA7KHVvdUDRP9e+ISmYOguuoO8DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHNvZFc5MVFORV8xNzRoS1pnNkM2Nmc3d05zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZTdmY2ItMDc1NS00YzFlLWFjNzct N2M3ZjAwYTk1M2UxLzEvSWJyQTV3UHYySUlOUXo1WV9xWW5SRHFuVFk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy9iZTdmY2ItMDc1NS00YzFlLWFjNzctN2M3ZjAwYTk1M2Ux LzEvRHNvZFc5MVFORV8xNzRoS1pnNkM2Nmc3d05zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBzBAIAATBtMAwDBAI+ gGQDBAc+gAAwCwMDAVdiAwQFV2JAAwQCV2J8AwQAWdsAAwQCWduAMAwDBAFZ24YD BABZ25owDAMEAFnboQMEAFnbogMEAFnbqAMEBcPeAAMEBdQb4AMEBdQvwAMEBdQx AAMEBNkc8DANBAIAAjAHAwUAIAEK0DANBgkqhkiG9w0BAQsFAAOCAQEAMjDMffdH iWS9FNDiLk5Wv3rHHjv6+RaFzyakUSf8uVWZPzLFfdyA4kG2PxqUqg/Q87adv1kt gwiHaRxQrwF0V34RVgV+6isd8qFrtR2StDba/5tFpA4aNW4LfqjIkbj+6Y8O6l6L EXquXVbz5LyRPnAc5RmLOFDrI7CrfczqtqQ0/oXyM1p66Nk39vA3Q80tV6viRSp4 wn7efneiwR+b4xMVxeqS1nh6rJzHLMlxFMfpSRGdJz2CsVH/urzamHCTHX9xXxm2 quvvAVUswCs6hKvY/94iSC3asesLsWtuCEC88VR9z5Nh2uGjeMBHigdd8Fg7GGa0 gnjifHbXa1fQJA== -----END CERTIFICATE-----Generated at Fri Dec 19 12:18:37 2025 by rpki-client