This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/4eHXKjznACVbndG6iFpTFVUVkDU.roa File: 4eHXKjznACVbndG6iFpTFVUVkDU.roa (raw, json) Hash identifier: OQWOo0J8qNH07VKmKOXFET9I4K0zlOhgBlJo3WSTOP8= Subject key identifier: E1:E1:D7:2A:3C:E7:00:25:5B:9D:D1:BA:88:5A:53:15:55:15:90:35 Certificate issuer: /CN=124f16479e4b72aca589baa01039fc8e923b4cc3 Certificate serial: 019B7CEDE9101EFDD9E9282D86ACC11310DE Authority key identifier: 12:4F:16:47:9E:4B:72:AC:A5:89:BA:A0:10:39:FC:8E:92:3B:4C:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ek8WR55LcqylibqgEDn8jpI7TMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/4eHXKjznACVbndG6iFpTFVUVkDU.roa Signing time: Fri 02 Jan 2026 04:18:45 +0000 ROA not before: Fri 02 Jan 2026 04:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58010 IP address blocks: 185.71.124.0/22 maxlen: 22 185.71.124.0/24 maxlen: 24 185.71.124.128/25 maxlen: 25 185.71.125.0/24 maxlen: 24 185.71.126.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/Ek8WR55LcqylibqgEDn8jpI7TMM.crl rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/Ek8WR55LcqylibqgEDn8jpI7TMM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ek8WR55LcqylibqgEDn8jpI7TMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:e9:10:1e:fd:d9:e9:28:2d:86:ac:c1:13:10:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=124f16479e4b72aca589baa01039fc8e923b4cc3 Validity Not Before: Jan 2 04:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1e1d72a3ce700255b9dd1ba885a531555159035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0e:03:f7:09:d6:66:45:7b:dc:97:b8:11:3e: 1c:dd:23:a8:1c:0f:c2:8f:58:8d:93:5d:2f:10:30: ed:84:18:ca:7b:07:67:89:19:c7:e3:3d:a2:1b:1c: 7e:c8:4d:0d:9e:44:56:dd:d7:ac:f6:fd:ed:5c:0a: 38:9a:50:b3:7f:76:5e:c3:e6:83:af:33:53:a0:59: c9:33:d8:fa:6f:94:15:d9:74:15:36:1d:2e:c9:9e: 5c:b5:73:c9:ed:f6:1a:1a:fd:58:32:64:8e:49:32: 63:c8:7a:40:49:0c:6d:c1:88:8c:27:f7:d4:16:0a: c9:ae:72:4c:f9:19:57:84:a8:e7:4b:d4:d2:c5:f3: 93:22:7b:fe:fd:65:48:c9:de:0d:ca:d0:12:6a:fd: 3f:c8:fe:3a:e9:47:b4:79:34:a8:24:ea:6d:61:8b: 9b:fd:ff:0e:4d:bb:15:20:ab:49:65:31:08:01:e8: 90:0a:d4:c3:9d:b8:72:b5:42:a8:1d:83:79:4b:ce: 2f:d8:93:2c:9c:db:15:48:d3:ef:53:13:a6:b4:1c: d3:d1:a5:25:d4:e6:e3:05:01:0c:68:1d:eb:d2:6f: ab:11:61:05:3a:4f:28:31:34:68:38:6d:58:f7:5c: 49:e2:f2:a5:de:7b:20:81:37:53:1d:47:15:10:b3: df:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:E1:D7:2A:3C:E7:00:25:5B:9D:D1:BA:88:5A:53:15:55:15:90:35 X509v3 Authority Key Identifier: keyid:12:4F:16:47:9E:4B:72:AC:A5:89:BA:A0:10:39:FC:8E:92:3B:4C:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ek8WR55LcqylibqgEDn8jpI7TMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/4eHXKjznACVbndG6iFpTFVUVkDU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/60c7c1-8f0f-4b80-8630-3e4f35b66461/1/Ek8WR55LcqylibqgEDn8jpI7TMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.71.124.0/22 Signature Algorithm: sha256WithRSAEncryption 10:d5:29:f9:21:b6:97:40:52:7e:f1:5b:57:d3:06:8c:30:49: 8e:41:bb:9e:7d:2b:4e:65:78:a3:a8:eb:cc:2f:d4:7e:72:a1: 91:ad:7a:5f:ba:29:b0:8d:07:8d:7b:5c:70:a0:81:8b:e1:f0: 31:68:be:ab:3b:89:b2:da:5c:ee:ce:fc:56:5f:3b:1f:d7:1d: 65:4d:f5:e9:ab:09:90:56:cd:d2:a1:5c:1a:de:c7:11:bd:fa: 05:93:dd:d3:57:09:03:dd:21:3b:f4:cf:93:8d:b3:b0:c6:86: 85:8d:a8:1f:14:1a:bf:0d:50:f8:e2:0a:44:13:81:5e:00:bf: 35:6e:3a:47:b2:23:4d:94:3d:b8:10:e1:59:0f:bd:b1:ce:b9: b4:c5:29:c3:87:f8:01:59:66:85:23:4e:fd:83:9a:17:a5:2b: 0b:ce:cf:df:64:a5:d5:48:6b:23:bb:33:bc:bf:c3:25:89:09: 56:53:44:7d:8a:94:8e:ae:07:e8:fa:6b:6f:2b:95:6b:b8:46: 19:57:4b:9c:de:48:79:a2:15:64:0e:ec:59:84:89:f4:21:c5: 0e:da:d8:c0:d8:8f:2f:a0:3b:ae:38:1f:db:38:37:f8:a4:bb: a3:d9:5f:b5:f0:2a:1e:43:9a:e4:d2:3d:8a:f2:a4:2f:cf:8a: ee:4e:90:9d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87ekQHv3Z6SgthqzBExDeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyNGYxNjQ3OWU0YjcyYWNhNTg5YmFhMDEwMzlmYzhlOTIz YjRjYzMwHhcNMjYwMTAyMDQxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWUxZDcyYTNjZTcwMDI1NWI5ZGQxYmE4ODVhNTMxNTU1MTU5MDM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg4D9wnWZkV73Je4ET4c3SOoHA/C j1iNk10vEDDthBjKewdniRnH4z2iGxx+yE0NnkRW3des9v3tXAo4mlCzf3Zew+aD rzNToFnJM9j6b5QV2XQVNh0uyZ5ctXPJ7fYaGv1YMmSOSTJjyHpASQxtwYiMJ/fU FgrJrnJM+RlXhKjnS9TSxfOTInv+/WVIyd4NytASav0/yP466Ue0eTSoJOptYYub /f8OTbsVIKtJZTEIAeiQCtTDnbhytUKoHYN5S84v2JMsnNsVSNPvUxOmtBzT0aUl 1ObjBQEMaB3r0m+rEWEFOk8oMTRoOG1Y91xJ4vKl3nsggTdTHUcVELPfiwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOHh1yo85wAlW53RuohaUxVVFZA1MB8GA1UdIwQY MBaAFBJPFkeeS3KspYm6oBA5/I6SO0zDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWs4V1I1NUxjcXlsaWJxZ0VEbjhqcEk3VE1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MGM3YzEtOGYwZi00YjgwLTg2MzAt M2U0ZjM1YjY2NDYxLzEvNGVIWEtqem5BQ1ZibmRHNmlGcFRGVlVWa0RVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OS82MGM3YzEtOGYwZi00YjgwLTg2MzAtM2U0ZjM1YjY2NDYx LzEvRWs4V1I1NUxjcXlsaWJxZ0VEbjhqcEk3VE1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUd8MA0G CSqGSIb3DQEBCwUAA4IBAQAQ1Sn5IbaXQFJ+8VtX0waMMEmOQbuefStOZXijqOvM L9R+cqGRrXpfuimwjQeNe1xwoIGL4fAxaL6rO4my2lzuzvxWXzsf1x1lTfXpqwmQ Vs3SoVwa3scRvfoFk93TVwkD3SE79M+TjbOwxoaFjagfFBq/DVD44gpEE4FeAL81 bjpHsiNNlD24EOFZD72xzrm0xSnDh/gBWWaFI079g5oXpSsLzs/fZKXVSGsjuzO8 v8MliQlWU0R9ipSOrgfo+mtvK5VruEYZV0uc3kh5ohVkDuxZhIn0IcUO2tjA2I8v oDuuOB/bODf4pLuj2V+18CoeQ5rk0j2K8qQvz4ruTpCd -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:30 2026 by rpki-client