This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/IqxH3JajxxOgQEu-6-bn0fiHI6U.roa File: IqxH3JajxxOgQEu-6-bn0fiHI6U.roa (raw, json) Hash identifier: ip4MjHNGltMdo7ZxwOUoNCvQ8qc1AE6glydXpR+4JSs= Subject key identifier: 22:AC:47:DC:96:A3:C7:13:A0:40:4B:BE:EB:E6:E7:D1:F8:87:23:A5 Certificate issuer: /CN=8dc8972b4dba0d2049d37c848a4a21d4a43b2e3b Certificate serial: 019ADDF4EF974BB70C034142AB0CDC56D7BB Authority key identifier: 8D:C8:97:2B:4D:BA:0D:20:49:D3:7C:84:8A:4A:21:D4:A4:3B:2E:3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jciXK026DSBJ03yEikoh1KQ7Ljs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/IqxH3JajxxOgQEu-6-bn0fiHI6U.roa Signing time: Tue 02 Dec 2025 07:26:48 +0000 ROA not before: Tue 02 Dec 2025 07:26:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215264 IP address blocks: 89.187.93.0/24 maxlen: 24 91.234.238.0/24 maxlen: 24 2a14:2540::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/jciXK026DSBJ03yEikoh1KQ7Ljs.crl rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/jciXK026DSBJ03yEikoh1KQ7Ljs.mft rsync://rpki.ripe.net/repository/DEFAULT/jciXK026DSBJ03yEikoh1KQ7Ljs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:dd:f4:ef:97:4b:b7:0c:03:41:42:ab:0c:dc:56:d7:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8dc8972b4dba0d2049d37c848a4a21d4a43b2e3b Validity Not Before: Dec 2 07:26:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=22ac47dc96a3c713a0404bbeebe6e7d1f88723a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:d0:95:a7:ce:ce:20:8d:99:42:fd:72:f7:c5: 08:e9:02:ad:a1:16:36:40:f7:71:fc:aa:3c:2f:52: a0:c8:1c:fe:01:c0:3c:44:c9:96:26:60:92:40:88: af:01:eb:0e:2f:28:44:a8:ae:e4:cf:66:d7:24:73: 90:77:a0:e0:02:72:ef:e7:f7:b5:0e:f6:9a:96:62: d8:c3:d2:c1:51:a1:e4:ce:a3:e0:5a:da:89:02:7f: 6f:76:5e:e1:62:1c:eb:b9:06:7f:ce:25:5d:a3:dd: fe:6e:68:94:9c:eb:30:47:52:7e:21:cb:49:98:82: 15:72:88:52:df:fe:ac:7e:b9:21:dd:6f:ad:e4:fa: 2e:d7:fe:58:02:d5:f7:a2:be:42:67:3f:ae:54:84: 3a:87:f9:8e:5b:51:fa:16:98:b9:5e:a1:25:70:be: 23:59:36:fa:5c:7c:74:05:5d:2e:5b:57:d3:b1:fc: 69:f1:8e:27:dd:6a:29:2f:10:73:f7:27:b5:d9:68: 97:10:de:72:3d:59:af:b1:d0:e2:94:d2:28:12:53: a0:ef:97:89:81:5d:5f:f9:07:fc:d6:14:d4:e4:81: a3:09:d6:41:41:d6:8f:5b:35:89:ab:25:4a:75:83: f6:48:2b:d7:19:bc:4b:a2:de:f7:24:47:37:61:b2: 73:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:AC:47:DC:96:A3:C7:13:A0:40:4B:BE:EB:E6:E7:D1:F8:87:23:A5 X509v3 Authority Key Identifier: keyid:8D:C8:97:2B:4D:BA:0D:20:49:D3:7C:84:8A:4A:21:D4:A4:3B:2E:3B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jciXK026DSBJ03yEikoh1KQ7Ljs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/IqxH3JajxxOgQEu-6-bn0fiHI6U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/jciXK026DSBJ03yEikoh1KQ7Ljs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.187.93.0/24 91.234.238.0/24 IPv6: 2a14:2540::/29 Signature Algorithm: sha256WithRSAEncryption 5d:39:ae:c2:97:4d:b5:d3:ef:bc:64:4e:31:5a:39:f1:1c:94: 4f:8e:04:13:13:c6:fb:d6:e6:a0:36:47:47:b9:87:d9:25:4d: 29:62:20:a2:d9:3d:c0:30:a7:2f:d0:c0:4c:5d:09:b2:b4:3b: 60:23:f4:2f:cb:44:a2:33:04:00:15:66:a8:50:8d:33:f5:11: 22:62:95:77:a8:8c:7e:e8:3d:04:07:af:aa:83:bc:ff:14:97: 14:4e:ea:48:79:d9:37:17:93:b1:92:e6:4f:03:41:47:2d:a9: b0:48:dc:d6:2f:7d:b7:c8:11:21:cb:53:4c:3f:cf:40:a8:21: 4c:18:38:af:f2:d7:c8:d4:8e:b8:af:57:bb:e4:4b:31:e6:b0: bb:7a:09:a2:9a:54:7e:e1:99:84:9f:e8:eb:64:6f:37:2a:e1: 79:73:24:04:32:f9:db:b5:46:a6:16:7b:58:09:59:f8:b4:29: 97:8a:97:78:96:d0:f4:57:dd:42:0c:1e:e7:49:6a:be:02:20: ec:37:49:e6:ca:bc:dc:9c:b9:38:a2:84:4a:ec:71:d1:5b:11: 4b:1a:33:0e:5f:b3:e9:2a:15:7e:cf:84:36:c6:be:9e:15:0b: f4:e1:6e:ee:dd:9b:f7:c1:a2:25:d0:d2:07:ec:7b:82:18:62: ed:c0:2c:ec -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZrd9O+XS7cMA0FCqwzcVte7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkYzg5NzJiNGRiYTBkMjA0OWQzN2M4NDhhNGEyMWQ0YTQz YjJlM2IwHhcNMjUxMjAyMDcyNjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMmFjNDdkYzk2YTNjNzEzYTA0MDRiYmVlYmU2ZTdkMWY4ODcyM2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNCVp87OII2ZQv1y98UI6QKtoRY2 QPdx/Ko8L1KgyBz+AcA8RMmWJmCSQIivAesOLyhEqK7kz2bXJHOQd6DgAnLv5/e1 DvaalmLYw9LBUaHkzqPgWtqJAn9vdl7hYhzruQZ/ziVdo93+bmiUnOswR1J+IctJ mIIVcohS3/6sfrkh3W+t5Pou1/5YAtX3or5CZz+uVIQ6h/mOW1H6Fpi5XqElcL4j WTb6XHx0BV0uW1fTsfxp8Y4n3WopLxBz9ye12WiXEN5yPVmvsdDilNIoElOg75eJ gV1f+Qf81hTU5IGjCdZBQdaPWzWJqyVKdYP2SCvXGbxLot73JEc3YbJz0wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCKsR9yWo8cToEBLvuvm59H4hyOlMB8GA1UdIwQY MBaAFI3IlytNug0gSdN8hIpKIdSkOy47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamNpWEswMjZEU0JKMDN5RWlrb2gxS1E3TGpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84NzE2ZDEtZWVkYS00NTA1LWEwYzkt MDc4ZmQzOTU4NTlmLzEvSXF4SDNKYWp4eE9nUUV1LTYtYm4wZmlISTZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84NzE2ZDEtZWVkYS00NTA1LWEwYzktMDc4ZmQzOTU4NTlm LzEvamNpWEswMjZEU0JKMDN5RWlrb2gxS1E3TGpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWbtdAwQA W+ruMA0EAgACMAcDBQMqFCVAMA0GCSqGSIb3DQEBCwUAA4IBAQBdOa7Cl0210++8 ZE4xWjnxHJRPjgQTE8b71uagNkdHuYfZJU0pYiCi2T3AMKcv0MBMXQmytDtgI/Qv y0SiMwQAFWaoUI0z9REiYpV3qIx+6D0EB6+qg7z/FJcUTupIedk3F5OxkuZPA0FH LamwSNzWL323yBEhy1NMP89AqCFMGDiv8tfI1I64r1e75Esx5rC7egmimlR+4ZmE n+jrZG83KuF5cyQEMvnbtUamFntYCVn4tCmXipd4ltD0V91CDB7nSWq+AiDsN0nm yrzcnLk4ooRK7HHRWxFLGjMOX7PpKhV+z4Q2xr6eFQv04W7u3Zv3waIl0NIH7HuC GGLtwCzs -----END CERTIFICATE-----Generated at Sat Dec 6 17:17:59 2025 by rpki-client