This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/JVFUq5KdyBpCJdJgzP_0x89RQvY.roa File: JVFUq5KdyBpCJdJgzP_0x89RQvY.roa (raw, json) Hash identifier: 4K24EermhkvKc1wTbUW/fuk5LfbUsg7DBpKwL6i/nlM= Subject key identifier: 25:51:54:AB:92:9D:C8:1A:42:25:D2:60:CC:FF:F4:C7:CF:51:42:F6 Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf Certificate serial: 019B7C127B127147395FB0BA0AB900A97FEA Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/JVFUq5KdyBpCJdJgzP_0x89RQvY.roa Signing time: Fri 02 Jan 2026 00:19:04 +0000 ROA not before: Fri 02 Jan 2026 00:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202940 IP address blocks: 89.208.0.0/21 maxlen: 24 89.208.4.0/22 maxlen: 24 89.208.56.0/21 maxlen: 24 89.208.128.0/21 maxlen: 24 89.208.134.0/23 maxlen: 24 141.226.120.0/22 maxlen: 24 147.234.23.0/24 maxlen: 24 147.236.104.0/21 maxlen: 24 147.236.116.0/23 maxlen: 24 147.236.120.0/21 maxlen: 24 147.236.125.0/24 maxlen: 24 147.236.148.0/22 maxlen: 24 147.236.152.0/23 maxlen: 23 147.236.154.0/24 maxlen: 24 147.236.176.0/20 maxlen: 24 147.236.183.0/24 maxlen: 24 185.108.80.0/22 maxlen: 24 185.149.252.0/22 maxlen: 24 185.167.108.0/22 maxlen: 24 185.175.32.0/22 maxlen: 24 185.180.100.0/22 maxlen: 24 185.180.100.0/24 maxlen: 24 185.180.100.0/27 maxlen: 32 185.180.102.0/24 maxlen: 24 185.180.103.0/24 maxlen: 24 185.182.76.0/22 maxlen: 24 185.184.244.0/22 maxlen: 24 188.191.224.0/21 maxlen: 24 188.191.224.0/22 maxlen: 22 188.191.224.0/24 maxlen: 24 188.191.224.0/27 maxlen: 32 188.191.228.0/22 maxlen: 22 217.175.80.0/20 maxlen: 24 217.175.84.0/22 maxlen: 22 217.175.88.0/21 maxlen: 23 2a00:7c40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.mft rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:7b:12:71:47:39:5f:b0:ba:0a:b9:00:a9:7f:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf Validity Not Before: Jan 2 00:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=255154ab929dc81a4225d260ccfff4c7cf5142f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:06:89:63:1f:8b:e4:99:32:ab:1a:fd:7d:79: 06:5d:70:5b:cd:19:c1:7e:be:51:01:ec:54:01:4f: aa:f5:29:f6:16:9b:57:6d:3c:e7:19:0f:a4:98:d5: a3:03:05:1e:b2:97:82:48:ff:2a:8b:13:03:9b:05: 55:16:40:66:62:07:10:5f:d4:b8:85:79:6e:60:7a: 73:e1:18:a3:e6:1c:09:ab:67:02:3a:20:f7:7b:6f: c5:2c:cf:e6:cb:80:09:48:55:b7:88:45:e0:3d:09: 7a:db:a9:dd:88:b8:da:bc:d4:74:b3:da:da:f4:19: 70:81:c2:c8:bb:03:1a:df:77:cd:f1:28:fd:7f:6f: c6:28:04:01:cc:10:cb:c0:8e:53:e3:58:c8:d5:04: 85:a7:37:53:76:30:2b:5c:27:f1:34:e2:99:8b:2b: 93:14:49:3c:cd:09:11:59:55:b7:5d:fb:22:ad:0e: 0d:dc:c8:f8:1a:10:73:90:f8:68:f0:5e:79:b7:b6: b3:1d:dc:e1:1b:d7:47:32:15:4b:1b:46:b3:9d:a7: c5:bc:0e:d2:04:f5:95:bc:5e:57:b9:83:2a:36:03: 36:bf:4a:29:f0:c8:17:25:05:39:82:38:6e:14:51: 44:0e:15:0e:2b:9f:e8:cf:5b:dc:d0:9a:58:5f:f0: 9c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:51:54:AB:92:9D:C8:1A:42:25:D2:60:CC:FF:F4:C7:CF:51:42:F6 X509v3 Authority Key Identifier: keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/JVFUq5KdyBpCJdJgzP_0x89RQvY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.208.0.0/21 89.208.56.0/21 89.208.128.0/21 141.226.120.0/22 147.234.23.0/24 147.236.104.0/21 147.236.116.0/23 147.236.120.0/21 147.236.148.0-147.236.154.255 147.236.176.0/20 185.108.80.0/22 185.149.252.0/22 185.167.108.0/22 185.175.32.0/22 185.180.100.0/22 185.182.76.0/22 185.184.244.0/22 188.191.224.0/21 217.175.80.0/20 IPv6: 2a00:7c40::/29 Signature Algorithm: sha256WithRSAEncryption 0e:e3:cd:6b:a7:ee:2d:9f:48:ba:1f:aa:ab:3d:5a:49:1a:e3: ed:81:77:1d:9a:db:9f:9f:82:c6:24:fd:40:04:9c:f2:2b:eb: 31:95:f9:aa:4f:18:1e:0f:65:7d:e8:19:57:ec:02:6c:42:c1: 00:29:10:ce:23:4e:9d:d1:b4:6c:44:6e:7e:6e:78:01:1e:53: db:bc:98:ba:07:38:10:0e:69:70:89:ca:42:29:27:48:3e:b8: 2a:5c:ce:8b:76:a8:cc:c3:5a:60:4d:63:f6:7c:62:af:f5:fa: 7e:c6:dd:c2:2a:8c:6f:ca:c2:3a:2c:c8:81:78:64:53:d0:db: 32:63:00:d0:49:a7:4a:dc:f8:bf:06:86:cc:81:4b:5e:d0:09: fe:3f:0b:50:7d:64:cf:43:01:65:b4:ed:14:54:0d:50:2a:f7: b8:20:54:f1:3f:ef:34:28:95:40:c3:57:04:c6:fb:0d:31:c2: ae:c2:09:5d:27:65:55:c0:16:26:85:f6:fd:58:49:65:7d:83: 6d:ce:b9:6b:44:8f:b0:86:80:f5:ec:85:90:d3:86:5e:45:5a: 1d:1e:89:de:31:b1:47:8b:53:52:c5:47:33:02:51:cf:fe:77: f4:64:bd:95:de:5f:85:cf:59:c4:d9:1f:51:d1:7a:65:99:ed: e1:1c:e3:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgISAZt8EnsScUc5X7C6CrkAqX/qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1 YWI3Y2YwHhcNMjYwMTAyMDAxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTUxNTRhYjkyOWRjODFhNDIyNWQyNjBjY2ZmZjRjN2NmNTE0MmY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AaJYx+L5Jkyqxr9fXkGXXBbzRnB fr5RAexUAU+q9Sn2FptXbTznGQ+kmNWjAwUespeCSP8qixMDmwVVFkBmYgcQX9S4 hXluYHpz4Rij5hwJq2cCOiD3e2/FLM/my4AJSFW3iEXgPQl626ndiLjavNR0s9ra 9BlwgcLIuwMa33fN8Sj9f2/GKAQBzBDLwI5T41jI1QSFpzdTdjArXCfxNOKZiyuT FEk8zQkRWVW3XfsirQ4N3Mj4GhBzkPho8F55t7azHdzhG9dHMhVLG0aznafFvA7S BPWVvF5XuYMqNgM2v0op8MgXJQU5gjhuFFFEDhUOK5/oz1vc0JpYX/CcIwIDAQAB o4ICkDCCAowwHQYDVR0OBBYEFCVRVKuSncgaQiXSYMz/9MfPUUL2MB8GA1UdIwQY MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt MTEwYzg3OGRjZDI5LzEvSlZGVXE1S2R5QnBDSmRKZ3pQXzB4ODlSUXZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5 LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEA1nQ AAMEA1nQOAMEA1nQgAMEAo3ieAMEAJPqFwMEA5PsaAMEAZPsdAMEA5PseDAMAwQC k+yUAwQAk+yaAwQEk+ywAwQCuWxQAwQCuZX8AwQCuadsAwQCua8gAwQCubRkAwQC ubZMAwQCubj0AwQDvL/gAwQE2a9QMA0EAgACMAcDBQMqAHxAMA0GCSqGSIb3DQEB CwUAA4IBAQAO481rp+4tn0i6H6qrPVpJGuPtgXcdmtufn4LGJP1ABJzyK+sxlfmq TxgeD2V96BlX7AJsQsEAKRDOI06d0bRsRG5+bngBHlPbvJi6BzgQDmlwicpCKSdI PrgqXM6LdqjMw1pgTWP2fGKv9fp+xt3CKoxvysI6LMiBeGRT0NsyYwDQSadK3Pi/ BobMgUte0An+PwtQfWTPQwFltO0UVA1QKve4IFTxP+80KJVAw1cExvsNMcKuwgld J2VVwBYmhfb9WEllfYNtzrlrRI+whoD17IWQ04ZeRVodHoneMbFHi1NSxUczAlHP /nf0ZL2V3l+Fz1nE2R9R0Xplme3hHOO2 -----END CERTIFICATE-----Generated at Sun Jan 25 22:31:20 2026 by rpki-client