This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/3AB4ABWLvkMBLhXbVPQ47Et_IPE.roa File: 3AB4ABWLvkMBLhXbVPQ47Et_IPE.roa (raw, json) Hash identifier: 7TTeY9RzcNuOB9ePCi+NTRAM5DwBMiMi62WzvEoHHl8= Subject key identifier: DC:00:78:00:15:8B:BE:43:01:2E:15:DB:54:F4:38:EC:4B:7F:20:F1 Certificate issuer: /CN=d031655023bd141731d56fb8453ff0514f728865 Certificate serial: 019B76EB4A3110961E38F143A0324F7D9371 Authority key identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/3AB4ABWLvkMBLhXbVPQ47Et_IPE.roa Signing time: Thu 01 Jan 2026 00:18:09 +0000 ROA not before: Thu 01 Jan 2026 00:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59862 IP address blocks: 84.247.36.0/22 maxlen: 22 85.8.172.0/22 maxlen: 22 85.204.172.0/22 maxlen: 22 85.204.172.0/24 maxlen: 24 85.204.173.0/24 maxlen: 24 85.204.174.0/24 maxlen: 24 85.204.175.0/24 maxlen: 24 93.119.20.0/23 maxlen: 23 93.119.20.0/24 maxlen: 24 93.119.21.0/24 maxlen: 24 93.119.22.0/24 maxlen: 24 153.92.176.0/22 maxlen: 22 153.92.176.0/24 maxlen: 24 153.92.177.0/24 maxlen: 24 153.92.178.0/24 maxlen: 24 153.92.179.0/24 maxlen: 24 176.223.88.0/21 maxlen: 21 176.223.88.0/22 maxlen: 22 176.223.92.0/22 maxlen: 22 185.63.88.0/22 maxlen: 22 185.63.88.0/24 maxlen: 24 185.63.89.0/24 maxlen: 24 185.63.90.0/24 maxlen: 24 185.63.91.0/24 maxlen: 24 185.195.4.0/22 maxlen: 22 188.215.20.0/22 maxlen: 22 188.215.20.0/24 maxlen: 24 188.215.21.0/24 maxlen: 24 188.215.22.0/24 maxlen: 24 188.215.23.0/24 maxlen: 24 2a03:a60::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:4a:31:10:96:1e:38:f1:43:a0:32:4f:7d:93:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d031655023bd141731d56fb8453ff0514f728865 Validity Not Before: Jan 1 00:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc007800158bbe43012e15db54f438ec4b7f20f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:dc:1f:b1:6f:0d:34:56:da:32:3b:41:49:54: 24:b9:00:44:8e:86:2f:0c:73:f9:8f:d9:2a:24:b9: 60:cb:88:74:9d:2d:ad:93:88:38:2b:00:a7:7b:8c: de:7e:42:6e:18:99:70:6e:36:8e:58:8d:79:41:43: e4:f9:23:5f:f0:48:06:c8:20:55:0e:7b:67:1c:b2: 25:4d:53:66:ce:a3:51:87:5e:7a:c5:de:9c:9d:43: 4d:1f:a4:31:87:86:61:b6:ca:6f:4d:10:c7:9b:45: 6f:42:01:6f:97:67:94:e0:f7:82:ef:27:a5:29:99: 96:c8:7b:a5:0b:47:1c:d3:00:9c:ff:d5:2a:9a:bf: e8:fa:16:ce:02:95:61:13:1f:51:64:7c:81:92:62: 65:fe:ab:fd:20:e0:b4:7c:88:36:f9:5d:17:7b:5e: 24:97:1e:a1:d7:d6:6c:3b:58:fb:2d:b1:88:e6:4e: 0b:28:49:5b:fa:0f:fd:81:ae:91:93:28:55:97:e5: 4e:16:fe:77:8f:da:05:b9:40:e1:57:e1:c0:06:29: 81:25:41:62:ef:c7:64:4e:46:e1:9e:7e:a0:2a:57: e1:e5:e1:24:dc:73:2c:71:b3:13:c9:0b:00:91:d3: b9:e9:d2:cb:c6:e6:25:4f:21:c0:25:d5:62:75:27: a0:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:00:78:00:15:8B:BE:43:01:2E:15:DB:54:F4:38:EC:4B:7F:20:F1 X509v3 Authority Key Identifier: keyid:D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/3AB4ABWLvkMBLhXbVPQ47Et_IPE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.247.36.0/22 85.8.172.0/22 85.204.172.0/22 93.119.20.0-93.119.22.255 153.92.176.0/22 176.223.88.0/21 185.63.88.0/22 185.195.4.0/22 188.215.20.0/22 IPv6: 2a03:a60::/32 Signature Algorithm: sha256WithRSAEncryption a8:ba:3b:0c:31:91:06:e3:d8:52:07:9d:48:07:1e:5c:f3:97: 01:2a:29:7f:60:52:c0:a3:68:75:90:ca:13:8c:32:6e:ef:fd: 87:d7:a5:4e:ba:9c:e8:42:44:a8:b4:20:5d:f2:d3:e5:35:1f: e3:3c:20:c7:4b:c2:d5:93:08:71:f7:ef:e3:2f:5e:72:33:db: 69:ee:78:31:d7:a2:0b:ce:3c:9f:dd:d4:02:54:47:d0:3c:88: 5b:c2:38:68:f7:7d:64:2c:b8:45:d1:b3:af:5e:ae:3b:fd:96: 6a:5d:82:10:e5:0b:51:f8:87:37:12:e8:5b:8c:fc:dc:89:5c: ff:a9:ab:27:7f:4b:16:f2:92:78:3b:9f:b7:98:f4:67:b9:d8: cd:39:85:1a:15:5d:57:b9:c7:4e:60:d7:f1:84:7d:f5:e0:70: 6b:20:64:71:bf:76:f1:fc:9f:5c:cc:f1:bf:8c:c1:af:36:71: 1a:95:78:90:cf:01:13:ce:28:bf:2b:ae:36:83:14:88:eb:64: 03:1b:98:ca:dc:57:b0:05:21:85:bc:3a:cc:ff:05:19:2c:33: ed:c1:1b:9c:83:fa:30:41:f3:c0:c6:b3:b1:24:8b:f6:2d:0f: 87:1a:20:d8:53:a0:a0:15:bc:4e:e5:09:95:1b:e7:3a:cd:eb: fe:ba:95:90 -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgISAZt260oxEJYeOPFDoDJPfZNxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMzE2NTUwMjNiZDE0MTczMWQ1NmZiODQ1M2ZmMDUxNGY3 Mjg4NjUwHhcNMjYwMTAxMDAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzAwNzgwMDE1OGJiZTQzMDEyZTE1ZGI1NGY0MzhlYzRiN2YyMGYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdwfsW8NNFbaMjtBSVQkuQBEjoYv DHP5j9kqJLlgy4h0nS2tk4g4KwCne4zefkJuGJlwbjaOWI15QUPk+SNf8EgGyCBV DntnHLIlTVNmzqNRh156xd6cnUNNH6Qxh4ZhtspvTRDHm0VvQgFvl2eU4PeC7yel KZmWyHulC0cc0wCc/9Uqmr/o+hbOApVhEx9RZHyBkmJl/qv9IOC0fIg2+V0Xe14k lx6h19ZsO1j7LbGI5k4LKElb+g/9ga6RkyhVl+VOFv53j9oFuUDhV+HABimBJUFi 78dkTkbhnn6gKlfh5eEk3HMscbMTyQsAkdO56dLLxuYlTyHAJdVidSegCQIDAQAB o4ICUDCCAkwwHQYDVR0OBBYEFNwAeAAVi75DAS4V21T0OOxLfyDxMB8GA1UdIwQY MBaAFNAxZVAjvRQXMdVvuEU/8FFPcohlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5Nzkt ZDhiZDJmNTZiYzhjLzEvM0FCNEFCV0x2a01CTGhYYlZQUTQ3RXRfSVBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5NzktZDhiZDJmNTZiYzhj LzEvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCVPckAwQC VQisAwQCVcysMAwDBAJddxQDBABddxYDBAKZXLADBAOw31gDBAK5P1gDBAK5wwQD BAK81xQwDQQCAAIwBwMFACoDCmAwDQYJKoZIhvcNAQELBQADggEBAKi6OwwxkQbj 2FIHnUgHHlzzlwEqKX9gUsCjaHWQyhOMMm7v/YfXpU66nOhCRKi0IF3y0+U1H+M8 IMdLwtWTCHH37+MvXnIz22nueDHXogvOPJ/d1AJUR9A8iFvCOGj3fWQsuEXRs69e rjv9lmpdghDlC1H4hzcS6FuM/NyJXP+pqyd/Sxbykng7n7eY9Ge52M05hRoVXVe5 x05g1/GEffXgcGsgZHG/dvH8n1zM8b+Mwa82cRqVeJDPARPOKL8rrjaDFIjrZAMb mMrcV7AFIYW8Osz/BRksM+3BG5yD+jBB88DGs7Eki/YtD4caINhToKAVvE7lCZUb 5zrN6/66lZA= -----END CERTIFICATE-----Generated at Fri Jan 2 19:47:48 2026 by rpki-client