This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/IE5A6p3ihCrcbMxKq92_b0wXLO4.roa File: IE5A6p3ihCrcbMxKq92_b0wXLO4.roa (raw, json) Hash identifier: V9HxeCXOTsCIR19CGoeLkRMuI9i6B2h8bj5VYOFXyYk= Subject key identifier: 20:4E:40:EA:9D:E2:84:2A:DC:6C:CC:4A:AB:DD:BF:6F:4C:17:2C:EE Certificate issuer: /CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933 Certificate serial: 019B7BA4E709EFA69E9DDD30BCED60CD8F5E Authority key identifier: 18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/IE5A6p3ihCrcbMxKq92_b0wXLO4.roa Signing time: Thu 01 Jan 2026 22:19:23 +0000 ROA not before: Thu 01 Jan 2026 22:19:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34993 IP address blocks: 37.148.252.0/22 maxlen: 22 89.248.208.0/24 maxlen: 24 89.248.210.0/23 maxlen: 23 141.98.220.0/22 maxlen: 22 185.57.148.0/22 maxlen: 22 185.151.188.0/22 maxlen: 22 193.25.122.0/23 maxlen: 23 193.25.168.0/23 maxlen: 23 2a0a:1580::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.mft rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 16:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:e7:09:ef:a6:9e:9d:dd:30:bc:ed:60:cd:8f:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18e0e9a3d20cfac6cbe3ccf74ab5784a77682933 Validity Not Before: Jan 1 22:19:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=204e40ea9de2842adc6ccc4aabddbf6f4c172cee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7f:45:7f:a7:9f:9f:7a:2f:e2:c5:36:11:f9: 0d:a3:0f:09:6d:60:28:db:ee:23:77:eb:2e:59:de: 3d:d5:e9:1f:e1:12:04:49:2c:4a:d3:a9:db:38:97: e4:f7:44:c8:2b:2b:fc:ef:0b:b7:e1:42:b7:62:73: cd:0e:31:55:a7:7c:ac:aa:48:7b:35:5a:63:2b:bf: 4b:cf:d9:74:54:0e:bd:7d:d5:dd:38:73:57:c2:3d: 7a:40:8a:d0:a5:fd:d3:2d:23:fa:71:39:f8:ff:80: 10:f9:38:4a:52:6f:ac:65:38:90:d6:8f:4e:ee:e8: 71:81:ea:af:ab:0b:fb:88:31:77:19:8e:31:af:42: e4:15:43:83:e9:61:96:37:a8:4f:82:40:44:60:98: 1e:20:57:5c:4a:85:4b:fc:4d:fe:6c:b8:fb:e0:33: 62:be:25:42:f6:0e:13:a2:0d:46:e9:ad:d7:c7:bb: 80:63:a4:5b:77:33:4b:05:bd:d4:26:39:ab:6c:d7: 48:d5:97:52:a5:d1:3d:cc:0b:5d:51:f0:33:66:8e: 80:54:bb:9d:7e:df:74:47:bc:f2:b4:2c:60:a5:77: 65:44:bd:2f:19:86:eb:19:91:c7:a6:38:47:14:18: 80:a5:00:49:3b:3d:92:0b:d4:17:33:9e:ab:2e:1c: 8b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:4E:40:EA:9D:E2:84:2A:DC:6C:CC:4A:AB:DD:BF:6F:4C:17:2C:EE X509v3 Authority Key Identifier: keyid:18:E0:E9:A3:D2:0C:FA:C6:CB:E3:CC:F7:4A:B5:78:4A:77:68:29:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GODpo9IM-sbL48z3SrV4SndoKTM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/IE5A6p3ihCrcbMxKq92_b0wXLO4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a763ed-beb0-43cb-baa3-95ab81b77691/1/GODpo9IM-sbL48z3SrV4SndoKTM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.148.252.0/22 89.248.208.0/24 89.248.210.0/23 141.98.220.0/22 185.57.148.0/22 185.151.188.0/22 193.25.122.0/23 193.25.168.0/23 IPv6: 2a0a:1580::/29 Signature Algorithm: sha256WithRSAEncryption 00:a8:f6:2e:44:ed:93:cf:1c:b1:5a:ae:e6:5d:59:43:9e:4f: 0a:56:90:ae:06:b3:1d:a3:ea:59:5e:ee:69:9e:40:17:c6:fb: 47:11:9e:e9:14:1b:f3:19:0d:f6:f0:af:6b:e2:44:aa:9d:3e: 44:eb:84:03:e4:e4:34:bc:4c:d3:34:1a:05:ec:f7:06:cb:88: 2a:ca:10:a1:c0:4b:6a:44:9f:db:36:0c:e2:d0:0c:f3:57:b2: 35:e4:9b:15:67:f1:67:21:1d:66:c5:b3:44:f0:bc:a8:10:9b: f4:59:e2:f2:cc:fe:a7:39:07:65:6e:66:e1:92:d7:47:5b:bf: 24:91:40:0c:fb:06:31:85:7c:15:1a:3c:08:58:77:98:93:da: bf:ef:65:47:bf:c7:57:d2:34:cb:c6:c5:9a:60:32:06:3c:30: 86:75:ed:41:c2:85:41:dc:92:50:6d:5d:08:16:29:35:69:27: ee:dd:8a:a7:16:9a:e4:18:c5:b4:39:d4:ef:c5:67:c9:26:57: 74:0a:71:13:74:ec:7d:f5:d7:e3:f4:8f:c4:ec:49:88:20:bb: 6c:13:45:c1:8f:44:c5:2f:ef:72:7e:48:ac:17:79:17:dc:a0: de:b5:ad:2a:1f:03:b2:36:e7:c5:c1:f3:fc:57:7b:9f:c4:33: ef:0b:21:47 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt7pOcJ76aend0wvO1gzY9eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE4ZTBlOWEzZDIwY2ZhYzZjYmUzY2NmNzRhYjU3ODRhNzc2 ODI5MzMwHhcNMjYwMTAxMjIxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDRlNDBlYTlkZTI4NDJhZGM2Y2NjNGFhYmRkYmY2ZjRjMTcyY2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX9Ff6efn3ov4sU2EfkNow8JbWAo 2+4jd+suWd491ekf4RIESSxK06nbOJfk90TIKyv87wu34UK3YnPNDjFVp3ysqkh7 NVpjK79Lz9l0VA69fdXdOHNXwj16QIrQpf3TLSP6cTn4/4AQ+ThKUm+sZTiQ1o9O 7uhxgeqvqwv7iDF3GY4xr0LkFUOD6WGWN6hPgkBEYJgeIFdcSoVL/E3+bLj74DNi viVC9g4Tog1G6a3Xx7uAY6RbdzNLBb3UJjmrbNdI1ZdSpdE9zAtdUfAzZo6AVLud ft90R7zytCxgpXdlRL0vGYbrGZHHpjhHFBiApQBJOz2SC9QXM56rLhyLnwIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFCBOQOqd4oQq3GzMSqvdv29MFyzuMB8GA1UdIwQY MBaAFBjg6aPSDPrGy+PM90q1eEp3aCkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMt OTVhYjgxYjc3NjkxLzEvSUU1QTZwM2loQ3JjYk14S3E5Ml9iMHdYTE80LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9hNzYzZWQtYmViMC00M2NiLWJhYTMtOTVhYjgxYjc3Njkx LzEvR09EcG85SU0tc2JMNDh6M1NyVjRTbmRvS1RNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCJZT8AwQA WfjQAwQBWfjSAwQCjWLcAwQCuTmUAwQCuZe8AwQBwRl6AwQBwRmoMA0EAgACMAcD BQMqChWAMA0GCSqGSIb3DQEBCwUAA4IBAQAAqPYuRO2TzxyxWq7mXVlDnk8KVpCu BrMdo+pZXu5pnkAXxvtHEZ7pFBvzGQ328K9r4kSqnT5E64QD5OQ0vEzTNBoF7PcG y4gqyhChwEtqRJ/bNgzi0AzzV7I15JsVZ/FnIR1mxbNE8LyoEJv0WeLyzP6nOQdl bmbhktdHW78kkUAM+wYxhXwVGjwIWHeYk9q/72VHv8dX0jTLxsWaYDIGPDCGde1B woVB3JJQbV0IFik1aSfu3YqnFprkGMW0OdTvxWfJJld0CnETdOx99dfj9I/E7EmI ILtsE0XBj0TFL+9yfkisF3kX3KDeta0qHwOyNufFwfP8V3ufxDPvCyFH -----END CERTIFICATE-----Generated at Mon Jan 12 00:03:30 2026 by rpki-client