This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/eHw1Dv0-iPz6cBJwpcSTNw1s2DE.roa File: eHw1Dv0-iPz6cBJwpcSTNw1s2DE.roa (raw, json) Hash identifier: dU4EZvdrDYCqFvrEmWTYqkLKWomor5VqWMAq1E8iu7A= Subject key identifier: 78:7C:35:0E:FD:3E:88:FC:FA:70:12:70:A5:C4:93:37:0D:6C:D8:31 Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d Certificate serial: 019B7AC8333AAF95D0E5BB2A2CC3438456F7 Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/eHw1Dv0-iPz6cBJwpcSTNw1s2DE.roa Signing time: Thu 01 Jan 2026 18:18:19 +0000 ROA not before: Thu 01 Jan 2026 18:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 217.9.247.0/24 maxlen: 24 217.9.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:33:3a:af:95:d0:e5:bb:2a:2c:c3:43:84:56:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d Validity Not Before: Jan 1 18:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=787c350efd3e88fcfa701270a5c493370d6cd831 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:81:86:18:b8:d3:d6:e0:ef:89:f5:ef:0f:30: 5f:d8:df:b6:ca:ed:f8:a8:c2:4f:c4:bf:bd:b4:cd: e1:58:6c:65:17:8d:08:2d:e0:28:8a:01:0f:7f:04: de:20:aa:64:7d:5d:3e:85:64:ed:6a:cb:67:84:e8: 92:3b:b9:14:cb:86:fe:fb:bb:2e:19:0c:77:b9:d6: 67:fd:18:42:f5:ce:67:53:96:9e:8d:6f:5b:31:73: 1b:be:42:8d:19:e9:05:59:a7:af:99:73:73:79:89: 4a:ab:51:b2:72:2c:fe:d0:60:22:34:dd:59:d2:63: 1f:fa:3d:5d:c5:19:a5:50:f3:e5:a3:51:8c:04:11: 16:52:fe:ec:36:e5:0f:ee:74:4d:cd:42:5a:4e:41: 09:3c:c3:ac:3b:f6:04:e5:a7:a8:c7:8c:5e:45:f0: f6:e0:ed:a8:91:15:73:03:a1:48:b9:e7:69:de:df: 85:27:74:a1:da:0e:54:26:3d:ce:62:53:0b:9e:f7: 7d:0c:11:ae:e8:c6:05:09:71:6f:33:b5:ae:6a:7a: f1:bf:58:36:2c:b3:4f:94:d3:72:1b:01:60:f2:5d: a2:e0:d4:04:b3:7e:3e:0d:63:fa:c3:e9:3c:a4:38: 3c:7a:46:b6:44:cd:73:1a:70:ff:9a:6c:98:21:bd: 4a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:7C:35:0E:FD:3E:88:FC:FA:70:12:70:A5:C4:93:37:0D:6C:D8:31 X509v3 Authority Key Identifier: keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/eHw1Dv0-iPz6cBJwpcSTNw1s2DE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.9.247.0/24 217.9.250.0/24 Signature Algorithm: sha256WithRSAEncryption 31:18:b7:e5:76:df:f6:a5:5c:e2:44:48:1c:17:d9:e6:0f:c6: f8:93:4c:d8:51:c2:58:e6:12:33:8b:e6:a5:c8:43:75:31:d6: 84:06:7e:22:9a:0b:1d:20:63:86:3b:32:ba:20:c9:2a:d3:25: 84:1c:8f:d1:45:76:d4:6b:3a:9c:86:93:1c:09:71:52:59:bf: 38:21:36:77:66:0f:da:16:24:dd:35:bc:34:f8:09:95:bf:bd: a2:43:f8:93:18:d8:55:49:47:f4:be:1c:bc:60:07:71:31:d7: 3d:0a:56:47:1a:d8:9c:8a:57:d8:ce:12:f1:a0:51:dc:a5:e3: 24:d2:b5:77:32:c9:66:09:f4:c5:d8:cd:a6:17:ca:b2:3d:2a: d7:02:f1:dd:bb:2a:05:6a:bc:5c:a1:25:83:43:4e:cf:79:72: 18:22:ae:72:38:48:c3:14:19:8c:fa:c5:9a:3d:54:ce:32:fb: ad:b9:a1:26:86:8d:91:c1:e2:c3:63:41:eb:25:7c:04:fc:6f: b4:e7:bb:81:10:3a:1d:b9:30:4e:db:7d:9c:ba:08:8e:58:0c: 3d:ee:2e:c8:9f:59:13:be:18:5e:33:20:a9:88:e6:f0:7d:ff: 86:5c:62:91:a4:14:93:3c:74:e1:c1:db:14:41:ad:7d:82:89: 3f:30:76:58 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6yDM6r5XQ5bsqLMNDhFb3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3 MTE4MGQwHhcNMjYwMTAxMTgxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ODdjMzUwZWZkM2U4OGZjZmE3MDEyNzBhNWM0OTMzNzBkNmNkODMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoGGGLjT1uDvifXvDzBf2N+2yu34 qMJPxL+9tM3hWGxlF40ILeAoigEPfwTeIKpkfV0+hWTtastnhOiSO7kUy4b++7su GQx3udZn/RhC9c5nU5aejW9bMXMbvkKNGekFWaevmXNzeYlKq1Gyciz+0GAiNN1Z 0mMf+j1dxRmlUPPlo1GMBBEWUv7sNuUP7nRNzUJaTkEJPMOsO/YE5aeox4xeRfD2 4O2okRVzA6FIuedp3t+FJ3Sh2g5UJj3OYlMLnvd9DBGu6MYFCXFvM7Wuanrxv1g2 LLNPlNNyGwFg8l2i4NQEs34+DWP6w+k8pDg8eka2RM1zGnD/mmyYIb1KuwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHh8NQ79Poj8+nAScKXEkzcNbNgxMB8GA1UdIwQY MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt MDQ2ODA0MjQ4NmRjLzEvZUh3MUR2MC1pUHo2Y0JKd3BjU1ROdzFzMkRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2Qn3AwQA 2Qn6MA0GCSqGSIb3DQEBCwUAA4IBAQAxGLfldt/2pVziREgcF9nmD8b4k0zYUcJY 5hIzi+alyEN1MdaEBn4imgsdIGOGOzK6IMkq0yWEHI/RRXbUazqchpMcCXFSWb84 ITZ3Zg/aFiTdNbw0+AmVv72iQ/iTGNhVSUf0vhy8YAdxMdc9ClZHGticilfYzhLx oFHcpeMk0rV3MslmCfTF2M2mF8qyPSrXAvHduyoFarxcoSWDQ07PeXIYIq5yOEjD FBmM+sWaPVTOMvutuaEmho2RweLDY0HrJXwE/G+057uBEDoduTBO232cugiOWAw9 7i7In1kTvhheMyCpiObwff+GXGKRpBSTPHThwdsUQa19gok/MHZY -----END CERTIFICATE-----Generated at Sun Jan 25 08:48:43 2026 by rpki-client