This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/eklUJS2_Djtss2ru717v4kYti3g.roa File: eklUJS2_Djtss2ru717v4kYti3g.roa (raw, json) Hash identifier: xWdnp26vNQdhZX81YBA2whAixTtQ8EpVFLanadkwW6U= Subject key identifier: 7A:49:54:25:2D:BF:0E:3B:6C:B3:6A:EE:EF:5E:EF:E2:46:2D:8B:78 Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2 Certificate serial: 019B7F82E6C2521177A453FF6573B029F76F Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/eklUJS2_Djtss2ru717v4kYti3g.roa Signing time: Fri 02 Jan 2026 16:20:43 +0000 ROA not before: Fri 02 Jan 2026 16:20:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208136 IP address blocks: 2a01:b960:230d::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:e6:c2:52:11:77:a4:53:ff:65:73:b0:29:f7:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2 Validity Not Before: Jan 2 16:20:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7a4954252dbf0e3b6cb36aeeef5eefe2462d8b78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:47:e5:aa:17:62:5e:d5:b5:d1:05:5a:ec:bc: 54:86:3d:6c:2f:45:ca:5e:c3:d5:01:97:14:00:e4: 4a:40:59:7e:cb:61:60:3f:73:e9:b7:c5:d8:7c:75: 7c:12:ac:88:51:dd:2d:8a:38:74:dd:3c:77:20:64: 89:99:71:17:f3:8e:11:a2:dd:53:26:bf:e9:ae:24: 8d:06:81:4a:2b:5a:c2:2c:13:0d:64:8d:f5:07:fc: 04:d6:40:f5:83:20:17:e8:ed:06:ad:9d:33:94:cb: 8b:2a:18:db:8b:ff:11:29:1c:5d:5b:ad:4a:d6:d0: ac:45:c7:3a:6d:f6:1a:84:55:fa:46:1d:88:d6:a3: 6f:25:f8:41:71:5a:b9:6b:3d:fb:cb:07:eb:05:de: f0:2d:b7:1c:ac:c4:f7:87:c8:f6:41:7b:70:ca:48: 87:36:5b:a9:7a:5f:86:17:f2:53:0f:8a:80:dc:bb: 86:dd:68:81:a3:74:ab:4d:16:84:a9:ed:4f:03:ae: 78:0e:de:01:64:40:9f:c7:42:73:fe:b2:83:3b:99: ea:6b:43:c9:cb:43:ab:2b:3f:7c:85:0f:c8:c4:13: 17:be:04:11:f4:e1:33:d9:b4:3f:01:c4:53:5d:03: 74:64:fd:0b:3b:b4:05:6b:70:e1:a3:77:2c:1e:02: 75:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:49:54:25:2D:BF:0E:3B:6C:B3:6A:EE:EF:5E:EF:E2:46:2D:8B:78 X509v3 Authority Key Identifier: keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/eklUJS2_Djtss2ru717v4kYti3g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:b960:230d::/48 Signature Algorithm: sha256WithRSAEncryption 40:02:94:b6:0b:97:9d:c4:39:2e:a7:d5:70:d3:fe:48:fa:fa: 84:fc:f0:e0:a1:95:e3:d5:09:a6:b5:ed:5a:85:9e:e5:e3:e3: 56:fb:17:dd:2e:42:ed:01:80:04:0a:28:ec:a5:b8:f6:65:ef: 17:83:eb:5a:cf:ae:f1:58:7b:df:27:87:0e:2d:86:5e:63:e6: 7b:23:8a:f6:f1:3c:5f:0d:77:46:3b:1d:a3:20:3a:29:22:92: b4:ca:56:b7:51:5d:8d:a5:c1:9b:67:0c:b3:20:63:ec:59:05: 53:11:a7:b4:7e:80:38:3e:c7:d2:11:be:1c:3c:a1:f9:4e:b5: ef:13:5c:4e:bf:56:7b:6b:c4:b7:9c:80:6e:1e:23:b9:e5:26: 80:92:33:cb:9c:9c:1d:27:37:5b:15:76:d4:86:97:97:4c:53: b5:a4:42:0d:36:85:28:52:4c:4d:30:3a:09:fe:b0:b1:2f:f6: f3:c4:05:22:5a:98:12:d2:08:39:a0:a7:96:8e:6c:60:5c:d3: 8e:bd:e3:9a:a3:d4:8a:0d:0b:11:9c:be:5e:c5:1c:67:44:a1: e6:25:87:35:73:92:b2:a3:cf:6f:8f:43:98:1e:af:66:ba:11: e2:f2:7b:c7:1c:c4:fb:9f:ad:cd:ef:33:c4:1c:c0:14:75:3e: 10:61:49:fd -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/gubCUhF3pFP/ZXOwKfdvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl MzU5YTIwHhcNMjYwMTAyMTYyMDQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YTQ5NTQyNTJkYmYwZTNiNmNiMzZhZWVlZjVlZWZlMjQ2MmQ4Yjc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UflqhdiXtW10QVa7LxUhj1sL0XK XsPVAZcUAORKQFl+y2FgP3Ppt8XYfHV8EqyIUd0tijh03Tx3IGSJmXEX844Rot1T Jr/priSNBoFKK1rCLBMNZI31B/wE1kD1gyAX6O0GrZ0zlMuLKhjbi/8RKRxdW61K 1tCsRcc6bfYahFX6Rh2I1qNvJfhBcVq5az37ywfrBd7wLbccrMT3h8j2QXtwykiH Nlupel+GF/JTD4qA3LuG3WiBo3SrTRaEqe1PA654Dt4BZECfx0Jz/rKDO5nqa0PJ y0OrKz98hQ/IxBMXvgQR9OEz2bQ/AcRTXQN0ZP0LO7QFa3Dho3csHgJ1sQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHpJVCUtvw47bLNq7u9e7+JGLYt4MB8GA1UdIwQY MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt ZThlOGQyZmU3MGZlLzEvZWtsVUpTMl9EanRzczJydTcxN3Y0a1l0aTNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMN MA0GCSqGSIb3DQEBCwUAA4IBAQBAApS2C5edxDkup9Vw0/5I+vqE/PDgoZXj1Qmm te1ahZ7l4+NW+xfdLkLtAYAECijspbj2Ze8Xg+taz67xWHvfJ4cOLYZeY+Z7I4r2 8TxfDXdGOx2jIDopIpK0yla3UV2NpcGbZwyzIGPsWQVTEae0foA4PsfSEb4cPKH5 TrXvE1xOv1Z7a8S3nIBuHiO55SaAkjPLnJwdJzdbFXbUhpeXTFO1pEINNoUoUkxN MDoJ/rCxL/bzxAUiWpgS0gg5oKeWjmxgXNOOveOao9SKDQsRnL5exRxnRKHmJYc1 c5Kyo89vj0OYHq9muhHi8nvHHMT7n63N7zPEHMAUdT4QYUn9 -----END CERTIFICATE-----Generated at Mon Jan 26 03:57:07 2026 by rpki-client