This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ehC04eDurG--NxqYOKej5J5_Mkc.roa File: ehC04eDurG--NxqYOKej5J5_Mkc.roa (raw, json) Hash identifier: awoH3KlHVYA/xFgpcE34EbkUxOAICljJqKoGjg1R2VI= Subject key identifier: 7A:10:B4:E1:E0:EE:AC:6F:BE:37:1A:98:38:A7:A3:E4:9E:7F:32:47 Certificate issuer: /CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8 Certificate serial: 019B7BA5111D6537FDBB52F82B8C8934EBE3 Authority key identifier: 66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ehC04eDurG--NxqYOKej5J5_Mkc.roa Signing time: Thu 01 Jan 2026 22:19:33 +0000 ROA not before: Thu 01 Jan 2026 22:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3170 IP address blocks: 185.208.88.0/22 maxlen: 24 2a0b:32c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.mft rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:11:1d:65:37:fd:bb:52:f8:2b:8c:89:34:eb:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66634f14586e399cd3802d9c88b1e67d8ddb03a8 Validity Not Before: Jan 1 22:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7a10b4e1e0eeac6fbe371a9838a7a3e49e7f3247 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:e9:70:53:73:a8:37:af:fc:98:8a:06:bc:ff: a1:f0:96:14:76:2f:e6:9d:91:eb:bd:7d:71:14:6d: aa:02:21:cb:84:03:0f:cc:5d:0f:da:a2:47:e3:00: 4b:ec:90:02:c9:8c:a6:c4:24:5b:ed:80:4d:ff:63: 80:cd:00:91:2c:90:79:e7:86:14:da:13:a6:0b:b7: 0d:f8:d4:c6:f7:38:88:cc:7e:d0:47:9d:c1:a6:97: 10:b3:b1:96:b2:17:23:19:80:14:b5:4d:c5:71:ac: e6:b2:7b:41:91:d6:57:56:4c:de:51:43:e8:e6:02: 97:7d:13:49:16:d4:06:ca:28:78:c8:2e:05:e5:a4: 35:da:40:7d:68:36:9f:0d:a5:58:a7:68:73:6b:2d: c0:78:52:7d:af:8e:97:54:8c:14:d1:e2:56:dc:a0: e1:f3:a7:19:73:0e:b5:28:fb:f2:86:d0:1f:c8:0a: a1:14:d1:38:d5:38:7d:5a:82:ed:a1:32:37:96:14: 6e:d3:b2:11:b5:3b:ff:0e:d6:2c:fb:f8:7c:9e:86: b5:d6:ae:44:0a:96:69:fa:fc:85:ca:7f:5f:9c:d7: a1:41:2d:98:ed:20:09:8a:d6:0c:4e:99:d1:f3:f6: b6:72:66:30:7a:d1:58:bf:13:06:a4:95:12:3f:19: 76:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:10:B4:E1:E0:EE:AC:6F:BE:37:1A:98:38:A7:A3:E4:9E:7F:32:47 X509v3 Authority Key Identifier: keyid:66:63:4F:14:58:6E:39:9C:D3:80:2D:9C:88:B1:E6:7D:8D:DB:03:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ehC04eDurG--NxqYOKej5J5_Mkc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/2c2d33-a367-449b-9c47-171db4690c0a/1/ZmNPFFhuOZzTgC2ciLHmfY3bA6g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.208.88.0/22 IPv6: 2a0b:32c0::/29 Signature Algorithm: sha256WithRSAEncryption 1b:5d:cc:6b:0f:6c:7f:ff:4a:45:58:ad:7c:70:d0:3e:42:0a: 6a:ec:50:b7:b7:94:10:3c:35:c7:cd:b9:f6:49:1e:de:f5:c5: 93:03:3e:8b:a6:7c:73:0b:26:41:a8:42:8b:86:4a:23:e8:7f: e5:e4:fe:ff:18:30:8e:27:b0:06:0f:99:85:6b:3a:4c:81:52: 8e:c2:ad:21:91:0e:17:76:d6:17:d8:25:54:bb:6a:69:af:74: 30:96:66:13:fd:0f:4a:47:a7:28:1e:b4:ef:8d:32:e5:50:6e: ae:89:8b:2c:2d:fa:36:85:98:cf:17:83:37:0b:4a:32:3a:3e: 33:5b:de:15:88:d1:7b:99:ff:06:51:b4:e8:bf:9e:4a:57:dc: 1c:c4:48:3d:42:b3:2e:0c:e9:a5:59:02:66:5d:20:7b:12:72: bf:1f:86:30:b0:27:06:c4:53:12:57:d4:ce:0e:1d:26:f8:2e: 1b:82:8d:60:31:c5:73:00:53:a5:be:c1:d9:25:6c:a9:ca:6d: a6:9f:67:3c:4f:92:c5:fe:50:ca:13:d0:6f:c4:a9:b5:4a:a0: 32:3e:ce:70:5b:51:b4:f4:65:bd:61:4a:5c:9b:9b:3c:1e:52: 14:db:d8:b7:d0:14:2b:34:77:47:7d:67:ee:e9:cc:75:8f:4e: 81:b6:1a:fc -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7pREdZTf9u1L4K4yJNOvjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2NjM0ZjE0NTg2ZTM5OWNkMzgwMmQ5Yzg4YjFlNjdkOGRk YjAzYTgwHhcNMjYwMTAxMjIxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YTEwYjRlMWUwZWVhYzZmYmUzNzFhOTgzOGE3YTNlNDllN2YzMjQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+lwU3OoN6/8mIoGvP+h8JYUdi/m nZHrvX1xFG2qAiHLhAMPzF0P2qJH4wBL7JACyYymxCRb7YBN/2OAzQCRLJB554YU 2hOmC7cN+NTG9ziIzH7QR53BppcQs7GWshcjGYAUtU3FcazmsntBkdZXVkzeUUPo 5gKXfRNJFtQGyih4yC4F5aQ12kB9aDafDaVYp2hzay3AeFJ9r46XVIwU0eJW3KDh 86cZcw61KPvyhtAfyAqhFNE41Th9WoLtoTI3lhRu07IRtTv/DtYs+/h8noa11q5E CpZp+vyFyn9fnNehQS2Y7SAJitYMTpnR8/a2cmYwetFYvxMGpJUSPxl2fwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHoQtOHg7qxvvjcamDino+SefzJHMB8GA1UdIwQY MBaAFGZjTxRYbjmc04AtnIix5n2N2wOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDct MTcxZGI0NjkwYzBhLzEvZWhDMDRlRHVyRy0tTnhxWU9LZWo1SjVfTWtjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8yYzJkMzMtYTM2Ny00NDliLTljNDctMTcxZGI0NjkwYzBh LzEvWm1OUEZGaHVPWnpUZ0MyY2lMSG1mWTNiQTZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudBYMA0E AgACMAcDBQMqCzLAMA0GCSqGSIb3DQEBCwUAA4IBAQAbXcxrD2x//0pFWK18cNA+ Qgpq7FC3t5QQPDXHzbn2SR7e9cWTAz6LpnxzCyZBqEKLhkoj6H/l5P7/GDCOJ7AG D5mFazpMgVKOwq0hkQ4XdtYX2CVUu2ppr3QwlmYT/Q9KR6coHrTvjTLlUG6uiYss Lfo2hZjPF4M3C0oyOj4zW94ViNF7mf8GUbTov55KV9wcxEg9QrMuDOmlWQJmXSB7 EnK/H4YwsCcGxFMSV9TODh0m+C4bgo1gMcVzAFOlvsHZJWypym2mn2c8T5LF/lDK E9BvxKm1SqAyPs5wW1G09GW9YUpcm5s8HlIU29i30BQrNHdHfWfu6cx1j06Bthr8 -----END CERTIFICATE-----Generated at Sun Jan 25 11:40:54 2026 by rpki-client