This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iHwdh7RQbqHYXi1tV5PT6-9KMZc.roa File: iHwdh7RQbqHYXi1tV5PT6-9KMZc.roa (raw, json) Hash identifier: Vt5thfBB9WwucwEL2pJBtrKMfJA6iF3TBVYycl0yvI0= Subject key identifier: 88:7C:1D:87:B4:50:6E:A1:D8:5E:2D:6D:57:93:D3:EB:EF:4A:31:97 Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3 Certificate serial: 019B77C672ADD74D6624B63E48627E800696 Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iHwdh7RQbqHYXi1tV5PT6-9KMZc.roa Signing time: Thu 01 Jan 2026 04:17:32 +0000 ROA not before: Thu 01 Jan 2026 04:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39396 IP address blocks: 212.21.129.0/24 maxlen: 24 212.21.133.0/24 maxlen: 24 212.21.159.0/24 maxlen: 24 2a00:e200:100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:72:ad:d7:4d:66:24:b6:3e:48:62:7e:80:06:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3 Validity Not Before: Jan 1 04:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=887c1d87b4506ea1d85e2d6d5793d3ebef4a3197 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8a:d4:ac:25:3d:40:2c:75:09:b6:71:f8:f4: a7:0f:54:45:4d:9f:89:cc:72:65:8d:7c:60:85:60: bc:46:0e:2e:c0:c8:26:ef:7f:72:fb:7e:1c:76:99: 6c:c3:07:2c:47:f1:c8:50:bc:0c:35:ec:60:51:47: 4d:8e:3a:17:24:5e:4e:f2:24:36:89:98:83:8d:7c: 2a:11:49:cc:13:a2:1c:73:f6:a8:99:d6:05:00:51: 21:07:fc:0e:a2:89:b1:c6:69:4d:20:04:8a:9a:9e: bb:f2:d3:0c:c7:31:59:69:9c:4a:15:b0:a6:a4:a9: 62:f1:2c:c2:27:98:46:ad:5c:63:ca:c5:dc:c2:6c: 17:0b:49:72:c0:f2:57:9e:4a:4b:45:10:b1:b3:9a: 5f:a2:6b:e7:6e:50:c9:36:c6:38:b3:ac:5a:bf:6e: c9:9a:30:de:35:21:41:8a:84:a7:87:18:99:7a:eb: 3d:76:b2:f8:e0:6f:1b:c5:32:f4:48:e2:46:9d:9d: 37:00:88:16:0f:74:9b:fc:b7:e7:48:a0:b9:b2:fa: a3:14:49:ec:76:fc:62:b9:b8:00:43:b2:c2:eb:b3: 29:06:5e:3d:9b:95:e3:d5:f3:ed:3e:86:80:94:bb: dd:89:a8:f4:9b:8e:a3:70:7e:d9:3c:a9:fc:3f:b7: f5:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:7C:1D:87:B4:50:6E:A1:D8:5E:2D:6D:57:93:D3:EB:EF:4A:31:97 X509v3 Authority Key Identifier: keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iHwdh7RQbqHYXi1tV5PT6-9KMZc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.21.129.0/24 212.21.133.0/24 212.21.159.0/24 IPv6: 2a00:e200:100::/48 Signature Algorithm: sha256WithRSAEncryption 3f:33:6c:3e:54:e2:81:16:3d:ff:6d:89:3f:4a:2b:11:49:f2: 65:f2:c5:6d:bd:8f:97:61:e6:ec:87:a0:ae:da:ab:15:60:a1: f6:42:03:fd:c5:f2:a2:f1:6e:93:4a:96:1b:ef:d2:ae:0c:1a: ae:1d:ef:bc:89:a4:1c:69:79:9f:47:e9:ba:c5:55:3e:af:41: 20:47:91:ac:56:98:82:e3:7a:01:6e:9d:ec:10:bb:88:5b:4e: ba:ae:a7:b5:2b:44:13:71:46:0c:4e:d9:38:38:8d:8a:da:b0: ba:ec:e7:96:00:45:a6:72:a2:fe:34:69:71:6b:28:e5:66:64: 7e:3a:d5:e2:6c:b9:e2:fa:18:8f:12:e4:d6:7a:d1:ab:6f:06: 1c:2c:8d:6d:3c:3a:a7:5f:14:4c:f5:c0:aa:de:f5:16:aa:8f: 00:01:14:59:79:8f:22:9f:36:0f:aa:3a:8d:a6:a8:bf:ff:af: 17:a0:69:ba:7a:14:8f:c6:bf:1d:17:f8:dc:06:49:ae:ef:f9: 85:4c:08:94:1f:8c:3b:95:98:d7:01:4b:ca:83:41:9d:22:f0: 5b:73:51:b8:55:2f:4f:5f:cd:61:60:fb:0d:44:57:58:e8:7a: 87:6b:69:13:4f:22:3d:12:8e:d4:ca:ea:c0:b0:e3:45:80:2d: f0:ae:d6:ff -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt3xnKt101mJLY+SGJ+gAaWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0 MzQwYjMwHhcNMjYwMTAxMDQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODdjMWQ4N2I0NTA2ZWExZDg1ZTJkNmQ1NzkzZDNlYmVmNGEzMTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIrUrCU9QCx1CbZx+PSnD1RFTZ+J zHJljXxghWC8Rg4uwMgm739y+34cdplswwcsR/HIULwMNexgUUdNjjoXJF5O8iQ2 iZiDjXwqEUnME6Icc/aomdYFAFEhB/wOoomxxmlNIASKmp678tMMxzFZaZxKFbCm pKli8SzCJ5hGrVxjysXcwmwXC0lywPJXnkpLRRCxs5pfomvnblDJNsY4s6xav27J mjDeNSFBioSnhxiZeus9drL44G8bxTL0SOJGnZ03AIgWD3Sb/LfnSKC5svqjFEns dvxiubgAQ7LC67MpBl49m5Xj1fPtPoaAlLvdiaj0m46jcH7ZPKn8P7f1/wIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFIh8HYe0UG6h2F4tbVeT0+vvSjGXMB8GA1UdIwQY MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt NGE2Zjg2ODMyNjVjLzEvaUh3ZGg3UlFicUhZWGkxdFY1UFQ2LTlLTVpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQA1BWBAwQA 1BWFAwQA1BWfMA8EAgACMAkDBwAqAOIAAQAwDQYJKoZIhvcNAQELBQADggEBAD8z bD5U4oEWPf9tiT9KKxFJ8mXyxW29j5dh5uyHoK7aqxVgofZCA/3F8qLxbpNKlhvv 0q4MGq4d77yJpBxpeZ9H6brFVT6vQSBHkaxWmILjegFunewQu4hbTrqup7UrRBNx RgxO2Tg4jYrasLrs55YARaZyov40aXFrKOVmZH461eJsueL6GI8S5NZ60atvBhws jW08OqdfFEz1wKre9RaqjwABFFl5jyKfNg+qOo2mqL//rxegabp6FI/Gvx0X+NwG Sa7v+YVMCJQfjDuVmNcBS8qDQZ0i8FtzUbhVL09fzWFg+w1EV1joeodraRNPIj0S jtTK6sCw40WALfCu1v8= -----END CERTIFICATE-----Generated at Sun Jan 25 13:53:42 2026 by rpki-client