This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/oHEBA-lXef_j9s4SCfpwpVno2AY.roa File: oHEBA-lXef_j9s4SCfpwpVno2AY.roa (raw, json) Hash identifier: zRL1PawgLvTgljcNtHgtXDKVwMniivvDxGH5MXBaSOA= Subject key identifier: A0:71:01:03:E9:57:79:FF:E3:F6:CE:12:09:FA:70:A5:59:E8:D8:06 Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb Certificate serial: 019B1D62726670B4662C7FF0A0E73A80375D Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/oHEBA-lXef_j9s4SCfpwpVno2AY.roa Signing time: Sun 14 Dec 2025 15:02:29 +0000 ROA not before: Sun 14 Dec 2025 15:02:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 8069 IP address blocks: 145.190.0.0/23 maxlen: 23 145.190.2.0/24 maxlen: 24 145.190.3.0/24 maxlen: 24 145.190.4.0/23 maxlen: 23 145.190.6.0/24 maxlen: 24 145.190.7.0/24 maxlen: 24 145.190.8.0/21 maxlen: 21 145.190.16.0/21 maxlen: 21 145.190.24.0/21 maxlen: 21 145.190.32.0/22 maxlen: 22 145.190.36.0/24 maxlen: 24 145.190.37.0/24 maxlen: 24 145.190.38.0/23 maxlen: 23 145.190.40.0/23 maxlen: 23 145.190.42.0/24 maxlen: 24 145.190.43.0/24 maxlen: 24 145.190.44.0/22 maxlen: 22 145.190.48.0/22 maxlen: 22 145.190.52.0/23 maxlen: 23 145.190.54.0/24 maxlen: 24 145.190.55.0/24 maxlen: 24 145.190.56.0/23 maxlen: 23 145.190.58.0/24 maxlen: 24 145.190.59.0/24 maxlen: 24 145.190.60.0/24 maxlen: 24 145.190.61.0/24 maxlen: 24 145.190.62.0/24 maxlen: 24 145.190.63.0/24 maxlen: 24 145.190.64.0/24 maxlen: 24 145.190.65.0/24 maxlen: 24 145.190.66.0/24 maxlen: 24 145.190.67.0/24 maxlen: 24 145.190.68.0/24 maxlen: 24 145.190.128.0/24 maxlen: 24 145.190.129.0/24 maxlen: 24 145.190.130.0/24 maxlen: 24 145.190.131.0/24 maxlen: 24 145.190.132.0/24 maxlen: 24 145.190.133.0/24 maxlen: 24 145.190.134.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.mft rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1d:62:72:66:70:b4:66:2c:7f:f0:a0:e7:3a:80:37:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb Validity Not Before: Dec 14 15:02:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a0710103e95779ffe3f6ce1209fa70a559e8d806 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:d9:ee:a3:ed:87:29:25:2c:42:1c:02:ae:dd: 1b:30:d3:cf:4f:fd:67:bd:45:86:15:39:ad:ce:f2: d4:09:d2:a6:6b:7e:42:f4:b6:5f:a8:7e:81:07:71: be:79:f6:5a:ec:db:b8:fd:8a:fb:bf:8c:d4:6e:fd: a3:dc:e6:95:75:b3:7a:36:98:a3:bc:2f:98:67:93: 34:56:9e:67:87:82:c1:d6:49:4d:1f:46:02:27:cd: 56:19:39:a5:d2:f9:97:fd:29:6c:e3:69:33:93:b8: fc:c1:0d:ec:a8:82:a3:f6:db:ec:d5:40:7b:50:ba: 9c:69:ae:f7:1d:3b:77:cf:4c:ed:55:87:33:27:ad: cf:51:81:8b:e6:6b:19:95:3d:87:42:17:39:6a:e6: ca:d1:fb:97:1b:68:e2:cf:85:34:6d:b0:a4:b2:a8: 2c:b3:39:c2:6b:e6:81:d7:33:7f:f0:8b:e4:98:49: 9e:a2:7c:ec:0d:78:a5:e2:a0:85:a0:f4:39:f6:75: f7:6d:b5:23:22:ee:d8:e9:93:93:32:91:3e:c5:fa: f6:31:6f:d3:49:b3:59:67:00:0b:4a:e2:c0:18:a0: 9c:6c:33:31:e0:45:0e:05:35:c4:88:bc:ae:96:77: b3:82:8f:76:27:f1:a1:6f:cd:95:3b:33:68:be:fd: 20:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:71:01:03:E9:57:79:FF:E3:F6:CE:12:09:FA:70:A5:59:E8:D8:06 X509v3 Authority Key Identifier: keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/oHEBA-lXef_j9s4SCfpwpVno2AY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 145.190.0.0-145.190.68.255 145.190.128.0-145.190.134.255 Signature Algorithm: sha256WithRSAEncryption 01:7c:51:b1:e5:33:55:35:32:16:19:47:56:0e:03:02:16:f2: 5f:1a:e3:d5:1e:bc:04:1b:62:47:86:ec:95:17:98:08:92:2e: 2b:23:60:1d:0c:98:fc:d9:2d:4a:5d:4c:28:9c:94:7a:6f:fc: 27:8e:31:e5:4e:45:8c:fd:95:8f:bc:d1:6a:8f:07:2f:c4:d3: f1:4f:22:08:f1:c4:b0:b3:e0:16:ff:b5:60:81:82:95:69:33: 96:b6:6f:2d:37:f7:d0:48:45:0c:00:31:fd:c9:a6:3f:bf:96: cb:c4:a6:1c:8e:c9:c5:13:28:23:c1:f4:83:7f:8a:ae:dd:cd: 0e:04:4c:42:fd:4f:50:b5:24:20:05:96:a0:1d:71:63:0e:08: 29:44:79:a8:eb:09:ac:b0:7b:3b:ae:30:56:a7:8a:82:59:02: d6:70:ae:87:f8:77:60:ad:24:e9:c2:a7:e9:ea:5f:b7:86:c3: 12:95:09:12:e8:31:0b:77:eb:ff:75:95:e0:72:53:2d:25:65: 66:1d:c4:65:86:18:f4:9c:9f:3f:6a:0d:05:e6:d9:8f:40:fe: b9:7e:58:07:93:44:8c:55:81:63:c7:f6:8b:c7:3a:0d:79:9e: 2b:ab:39:26:01:e3:f7:3b:78:f4:4b:df:ed:30:f7:10:de:db: bc:2d:0a:af -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZsdYnJmcLRmLH/woOc6gDddMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1 YjhmY2IwHhcNMjUxMjE0MTUwMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDcxMDEwM2U5NTc3OWZmZTNmNmNlMTIwOWZhNzBhNTU5ZThkODA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNnuo+2HKSUsQhwCrt0bMNPPT/1n vUWGFTmtzvLUCdKma35C9LZfqH6BB3G+efZa7Nu4/Yr7v4zUbv2j3OaVdbN6Npij vC+YZ5M0Vp5nh4LB1klNH0YCJ81WGTml0vmX/Sls42kzk7j8wQ3sqIKj9tvs1UB7 ULqcaa73HTt3z0ztVYczJ63PUYGL5msZlT2HQhc5aubK0fuXG2jiz4U0bbCksqgs sznCa+aB1zN/8IvkmEmeonzsDXil4qCFoPQ59nX3bbUjIu7Y6ZOTMpE+xfr2MW/T SbNZZwALSuLAGKCcbDMx4EUOBTXEiLyulnezgo92J/Ghb82VOzNovv0gUwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKBxAQPpV3n/4/bOEgn6cKVZ6NgGMB8GA1UdIwQY MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt MTNhMDZhMjY5YWE4LzEvb0hFQkEtbFhlZl9qOXM0U0NmcHdwVm5vMkFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4 LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwGRvgME AJG+RDAMAwQHkb6AAwQAkb6GMA0GCSqGSIb3DQEBCwUAA4IBAQABfFGx5TNVNTIW GUdWDgMCFvJfGuPVHrwEG2JHhuyVF5gIki4rI2AdDJj82S1KXUwonJR6b/wnjjHl TkWM/ZWPvNFqjwcvxNPxTyII8cSws+AW/7VggYKVaTOWtm8tN/fQSEUMADH9yaY/ v5bLxKYcjsnFEygjwfSDf4qu3c0OBExC/U9QtSQgBZagHXFjDggpRHmo6wmssHs7 rjBWp4qCWQLWcK6H+HdgrSTpwqfp6l+3hsMSlQkS6DELd+v/dZXgclMtJWVmHcRl hhj0nJ8/ag0F5tmPQP65flgHk0SMVYFjx/aLxzoNeZ4rqzkmAeP3O3j0S9/tMPcQ 3tu8LQqv -----END CERTIFICATE-----Generated at Sat Dec 20 10:23:56 2025 by rpki-client