This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/EaAMsvwoHBe4yq1jbHkVSMOCcms.roa File: EaAMsvwoHBe4yq1jbHkVSMOCcms.roa (raw, json) Hash identifier: tCewwDnNFA4yqzd0eb5IKas5uAfl5Rr1tmwDJ4VUURI= Subject key identifier: 11:A0:0C:B2:FC:28:1C:17:B8:CA:AD:63:6C:79:15:48:C3:82:72:6B Certificate issuer: /CN=27df042824273fcff3f093d0f9b1dec6960bae6a Certificate serial: 019B7B36BE02822833E82CE5F526616C4048 Authority key identifier: 27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/EaAMsvwoHBe4yq1jbHkVSMOCcms.roa Signing time: Thu 01 Jan 2026 20:19:03 +0000 ROA not before: Thu 01 Jan 2026 20:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2852 IP address blocks: 78.128.128.0/17 maxlen: 24 185.8.160.0/22 maxlen: 24 193.84.80.0/22 maxlen: 24 195.113.0.0/16 maxlen: 24 195.178.64.0/19 maxlen: 24 2001:718::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.mft rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:be:02:82:28:33:e8:2c:e5:f5:26:61:6c:40:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=27df042824273fcff3f093d0f9b1dec6960bae6a Validity Not Before: Jan 1 20:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=11a00cb2fc281c17b8caad636c791548c382726b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:46:8d:1e:fe:c8:25:a8:aa:d1:5f:d4:75:9a: 7d:d9:4e:f9:f0:bf:0f:e4:ad:6a:ab:3a:d0:1e:b4: 5d:1b:9a:28:8a:42:04:38:98:8f:f6:1b:6b:e0:10: d6:58:88:46:e4:8d:89:3e:e1:c9:10:ed:ae:7e:a1: 4c:91:1c:47:b7:ce:f6:50:95:63:c5:d5:30:5b:49: 02:98:48:23:d0:7b:dd:1f:a0:b5:c9:e7:fe:28:6a: 39:f5:b9:ac:33:c2:e7:06:61:98:d9:fb:5d:33:76: 0b:5c:6a:b4:e4:7a:b4:6d:6f:0d:96:52:21:c5:3e: 13:76:f6:0f:8d:87:02:ec:53:b5:e3:04:6a:24:25: 80:71:df:ff:73:3e:3b:0d:c0:5e:38:77:22:91:ea: 4c:43:38:80:87:12:55:40:8a:7d:81:b8:37:23:c8: 2b:62:62:93:8c:e0:81:88:04:b7:16:dc:51:2f:43: 70:8c:bd:ae:a2:6e:98:1b:af:01:f4:22:00:ca:1c: 14:a0:e3:25:a3:bc:66:2a:0e:8d:48:96:6f:3a:70: 33:fa:cc:59:db:c4:34:de:6a:cc:9d:7c:fb:07:9b: 77:b7:85:df:9f:c8:4b:54:94:62:43:54:75:76:46: 2f:19:74:51:52:a5:1c:4f:25:8b:43:ee:89:e0:c1: a1:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:A0:0C:B2:FC:28:1C:17:B8:CA:AD:63:6C:79:15:48:C3:82:72:6B X509v3 Authority Key Identifier: keyid:27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/EaAMsvwoHBe4yq1jbHkVSMOCcms.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.128.128.0/17 185.8.160.0/22 193.84.80.0/22 195.113.0.0/16 195.178.64.0/19 IPv6: 2001:718::/29 Signature Algorithm: sha256WithRSAEncryption 12:9e:bf:81:a1:7c:ad:b1:a1:0d:3d:d6:76:1d:89:1c:be:72: a5:69:5b:1f:99:9d:a9:bb:85:6d:f1:7a:14:66:a4:5d:88:e3: 15:fa:6e:80:79:4b:a1:77:dd:a7:1a:57:00:a7:af:77:46:65: cb:4b:a7:54:e0:61:51:9a:e1:f6:1f:05:29:79:66:84:d9:f0: 16:fc:c6:50:c8:92:9c:6a:6c:d8:7b:34:f5:4f:45:09:d3:5d: b5:9a:24:0b:d3:02:ed:15:2e:0e:0d:de:f3:39:67:0a:b2:22: 00:fc:49:50:71:cc:5b:b1:c0:06:a0:8b:18:83:8a:46:95:7b: 2a:38:20:5a:53:1f:45:8f:ad:ef:84:a3:be:85:a2:98:3a:e2: 0c:e2:18:24:7e:d8:eb:48:52:d4:91:24:81:ac:e0:01:87:a3: 3e:e6:2a:72:d1:03:15:96:ea:69:50:88:af:41:c5:95:97:1f: e8:2b:53:8f:a5:d5:5c:78:65:cc:1a:73:6b:84:66:2f:4d:40: 70:b7:00:bc:87:9e:a2:93:d6:a8:e0:59:a8:0c:42:f6:1e:e8: 5a:60:28:97:e2:1e:27:1a:9d:1f:5d:82:d4:b4:60:1b:ba:9a: 22:a8:2a:f3:ba:d6:bd:2d:ca:07:ff:75:df:5d:c0:ae:0f:e5: 8a:82:67:51 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt7Nr4Cgigz6Czl9SZhbEBIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3ZGYwNDI4MjQyNzNmY2ZmM2YwOTNkMGY5YjFkZWM2OTYw YmFlNmEwHhcNMjYwMTAxMjAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMWEwMGNiMmZjMjgxYzE3YjhjYWFkNjM2Yzc5MTU0OGMzODI3MjZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEaNHv7IJaiq0V/UdZp92U758L8P 5K1qqzrQHrRdG5ooikIEOJiP9htr4BDWWIhG5I2JPuHJEO2ufqFMkRxHt872UJVj xdUwW0kCmEgj0HvdH6C1yef+KGo59bmsM8LnBmGY2ftdM3YLXGq05Hq0bW8NllIh xT4TdvYPjYcC7FO14wRqJCWAcd//cz47DcBeOHcikepMQziAhxJVQIp9gbg3I8gr YmKTjOCBiAS3FtxRL0NwjL2uom6YG68B9CIAyhwUoOMlo7xmKg6NSJZvOnAz+sxZ 28Q03mrMnXz7B5t3t4Xfn8hLVJRiQ1R1dkYvGXRRUqUcTyWLQ+6J4MGhhQIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFBGgDLL8KBwXuMqtY2x5FUjDgnJrMB8GA1UdIwQY MBaAFCffBCgkJz/P8/CT0Pmx3saWC65qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUt Y2UyMmQ1ZWFiODJmLzEvRWFBTXN2d29IQmU0eXExamJIa1ZTTU9DY21zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9hY2ZmZDYtZGMxZS00ZTBkLThkMjUtY2UyMmQ1ZWFiODJm LzEvSjk4RUtDUW5QOF96OEpQUS1iSGV4cFlMcm1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHToCAAwQC uQigAwQCwVRQAwMAw3EDBAXDskAwDQQCAAIwBwMFAyABBxgwDQYJKoZIhvcNAQEL BQADggEBABKev4GhfK2xoQ091nYdiRy+cqVpWx+Znam7hW3xehRmpF2I4xX6boB5 S6F33acaVwCnr3dGZctLp1TgYVGa4fYfBSl5ZoTZ8Bb8xlDIkpxqbNh7NPVPRQnT XbWaJAvTAu0VLg4N3vM5ZwqyIgD8SVBxzFuxwAagixiDikaVeyo4IFpTH0WPre+E o76Fopg64gziGCR+2OtIUtSRJIGs4AGHoz7mKnLRAxWW6mlQiK9BxZWXH+grU4+l 1Vx4Zcwac2uEZi9NQHC3ALyHnqKT1qjgWagMQvYe6FpgKJfiHicanR9dgtS0YBu6 miKoKvO61r0tygf/dd9dwK4P5YqCZ1E= -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:58 2026 by rpki-client