This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/jeh4vYD8SS_iRYnBFEthez5BxZA.roa File: jeh4vYD8SS_iRYnBFEthez5BxZA.roa (raw, json) Hash identifier: K8fVnsJwSRZ/NZDiy45rPMJ2FNI6AFvB3GzV4XzCGYY= Subject key identifier: 8D:E8:78:BD:80:FC:49:2F:E2:45:89:C1:14:4B:61:7B:3E:41:C5:90 Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986 Certificate serial: 019B7F810798DC172B6D0EB9FB29458DC405 Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/jeh4vYD8SS_iRYnBFEthez5BxZA.roa Signing time: Fri 02 Jan 2026 16:18:41 +0000 ROA not before: Fri 02 Jan 2026 16:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 212.87.200.0/24 maxlen: 24 212.87.202.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:07:98:dc:17:2b:6d:0e:b9:fb:29:45:8d:c4:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986 Validity Not Before: Jan 2 16:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8de878bd80fc492fe24589c1144b617b3e41c590 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:65:6d:ab:1e:00:61:bb:07:90:a0:35:7e:34: bf:43:57:c4:45:11:16:0a:29:e7:c7:03:63:51:cc: ce:27:d2:fc:ea:ad:d8:9c:1d:25:7b:fd:56:55:63: e6:8d:9c:02:eb:10:ea:c3:29:3f:d6:02:44:e8:dd: c4:19:f9:86:ee:9e:35:23:37:ca:1d:2a:45:a7:c3: e4:96:c7:8d:3c:9a:65:a6:0b:26:ee:ff:fa:a0:15: 2d:62:fd:76:98:f8:09:98:94:d3:6d:f9:26:07:44: bb:f5:3e:ed:1d:75:23:6a:65:ad:1d:c2:42:cc:c7: 96:0d:b6:c6:b3:46:95:10:a1:48:59:68:e3:6b:06: d6:71:7e:50:aa:f6:88:d7:87:5d:8f:e8:5d:30:bf: fa:9f:26:ec:5e:7d:e9:37:63:79:bb:ba:55:dd:06: e5:6d:e4:91:21:86:de:02:77:6d:77:cb:6e:d9:f4: 5a:5f:fe:c1:73:ac:dc:63:fc:42:32:3d:d7:24:3c: 4a:aa:55:84:ef:ff:4d:40:d2:6e:df:19:a4:c9:55: 35:6b:8f:94:08:01:f6:95:19:b6:5c:53:2f:9d:b3: 26:a6:68:a2:9c:02:29:3f:1c:40:cf:33:64:ab:12: 76:4a:13:07:4e:d7:01:c6:23:08:3e:fa:d8:74:ce: a0:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:E8:78:BD:80:FC:49:2F:E2:45:89:C1:14:4B:61:7B:3E:41:C5:90 X509v3 Authority Key Identifier: keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/jeh4vYD8SS_iRYnBFEthez5BxZA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.87.200.0/24 212.87.202.0/23 Signature Algorithm: sha256WithRSAEncryption 18:9b:84:15:49:34:a7:3b:62:3f:3a:69:78:32:a9:8b:fb:e1: e1:43:8c:84:5e:ba:a6:28:6b:d2:e8:5b:19:c5:23:9b:9d:15: 69:22:d8:49:d7:88:64:4a:48:38:39:76:2e:25:59:b1:59:d8: 84:e8:d2:7c:79:24:91:dd:25:59:f1:42:81:3e:b2:6b:74:75: 02:7d:bc:48:95:d5:5c:61:d5:e6:db:9c:10:35:97:9d:0c:92: f9:da:21:75:f0:31:43:5f:27:5e:67:a3:5c:ef:4d:7a:cc:df: 7c:e8:e8:ba:cf:10:ea:c7:46:f4:95:5f:1a:a7:9d:75:40:4a: b1:75:01:eb:a8:cd:28:65:75:29:c7:04:87:19:b5:0f:8d:6c: 59:ea:8b:b5:06:34:ec:2b:83:c0:17:5c:f9:cf:c0:26:fc:30: b7:8c:e7:c4:ab:b2:cd:8d:6e:62:06:24:da:5a:e6:40:44:23: a0:db:3f:81:61:9d:ee:ab:02:a9:08:8d:d7:25:03:2b:80:3e: 77:55:fd:6c:9b:36:28:2b:5a:64:6d:da:ed:6d:75:7c:e7:7d: 91:e3:6b:75:dd:42:98:5f:69:5f:3e:2a:24:fd:de:ca:4a:1c: f3:21:49:1b:92:26:c0:e7:07:42:8b:30:3e:34:24:be:f1:e8: 4f:ad:08:5a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/gQeY3BcrbQ65+ylFjcQFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw YmQ5ODYwHhcNMjYwMTAyMTYxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZGU4NzhiZDgwZmM0OTJmZTI0NTg5YzExNDRiNjE3YjNlNDFjNTkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmVtqx4AYbsHkKA1fjS/Q1fERREW CinnxwNjUczOJ9L86q3YnB0le/1WVWPmjZwC6xDqwyk/1gJE6N3EGfmG7p41IzfK HSpFp8PklseNPJplpgsm7v/6oBUtYv12mPgJmJTTbfkmB0S79T7tHXUjamWtHcJC zMeWDbbGs0aVEKFIWWjjawbWcX5QqvaI14ddj+hdML/6nybsXn3pN2N5u7pV3Qbl beSRIYbeAndtd8tu2fRaX/7Bc6zcY/xCMj3XJDxKqlWE7/9NQNJu3xmkyVU1a4+U CAH2lRm2XFMvnbMmpmiinAIpPxxAzzNkqxJ2ShMHTtcBxiMIPvrYdM6gUwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFI3oeL2A/Ekv4kWJwRRLYXs+QcWQMB8GA1UdIwQY MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt ZjUyNTgxNjQwMmJkLzEvamVoNHZZRDhTU19pUlluQkZFdGhlejVCeFpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1FfIAwQB 1FfKMA0GCSqGSIb3DQEBCwUAA4IBAQAYm4QVSTSnO2I/Oml4MqmL++HhQ4yEXrqm KGvS6FsZxSObnRVpIthJ14hkSkg4OXYuJVmxWdiE6NJ8eSSR3SVZ8UKBPrJrdHUC fbxIldVcYdXm25wQNZedDJL52iF18DFDXydeZ6Nc7016zN986Oi6zxDqx0b0lV8a p511QEqxdQHrqM0oZXUpxwSHGbUPjWxZ6ou1BjTsK4PAF1z5z8Am/DC3jOfEq7LN jW5iBiTaWuZARCOg2z+BYZ3uqwKpCI3XJQMrgD53Vf1smzYoK1pkbdrtbXV8532R 42t13UKYX2lfPiok/d7KShzzIUkbkibA5wdCizA+NCS+8ehPrQha -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:26 2026 by rpki-client