This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/e8o9eE4Ll42uOW4-5Vfvz5NDkIs.roa File: e8o9eE4Ll42uOW4-5Vfvz5NDkIs.roa (raw, json) Hash identifier: 51N+vFv/j40ASUl/9DN8HQurrtN+zYKS6P9w8wpKe6o= Subject key identifier: 7B:CA:3D:78:4E:0B:97:8D:AE:39:6E:3E:E5:57:EF:CF:93:43:90:8B Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be Certificate serial: 019BDCE4345BEC47EF86C8F537A2A4F548FB Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/e8o9eE4Ll42uOW4-5Vfvz5NDkIs.roa Signing time: Tue 20 Jan 2026 19:31:41 +0000 ROA not before: Tue 20 Jan 2026 19:31:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215590 IP address blocks: 2a01:ecc0:1::/48 maxlen: 48 2a01:ecc0:5::/48 maxlen: 48 2a01:ecc0:8c0::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:dc:e4:34:5b:ec:47:ef:86:c8:f5:37:a2:a4:f5:48:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be Validity Not Before: Jan 20 19:31:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7bca3d784e0b978dae396e3ee557efcf9343908b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:51:3b:bc:30:fb:86:a9:42:e9:71:40:a6:46: b4:5f:8a:e0:80:70:d2:1a:06:4e:01:89:b8:00:bf: 71:aa:f8:ed:f9:d5:c2:eb:4d:18:0a:4a:06:12:3d: c4:5e:4f:a6:89:e6:d1:f0:18:d8:a5:10:0d:e4:20: 62:05:7d:1d:17:57:73:b8:12:d7:3e:a8:be:b1:bc: 69:0b:37:a6:91:77:f8:94:22:d0:e0:4b:fc:20:db: c0:22:c9:04:f0:e6:60:65:f8:10:5c:af:9c:9d:83: 47:59:d0:91:29:fb:9f:ed:4d:df:28:be:8b:73:a6: 35:93:a8:85:4b:e2:be:f6:3a:af:64:9a:45:94:c1: 2a:13:15:3e:69:a8:f5:85:ae:cb:b3:77:99:d5:df: 05:9a:7a:81:3c:42:94:d6:fd:91:54:8e:8d:58:f3: ef:eb:89:29:81:fc:d0:cc:69:66:c7:d6:dd:00:ad: 7b:16:a4:69:f2:56:d5:c3:f8:52:ca:72:f5:ef:7f: e8:2e:62:f7:53:34:cb:dc:79:72:0f:66:dd:32:e2: c8:c6:9d:00:42:13:7c:81:0e:1e:a5:cb:12:96:51: 14:7a:7d:cc:8c:9a:c6:09:f4:6c:0a:87:f4:35:d2: a2:e0:62:0d:df:ce:80:80:62:91:56:6c:6e:6c:da: d6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:CA:3D:78:4E:0B:97:8D:AE:39:6E:3E:E5:57:EF:CF:93:43:90:8B X509v3 Authority Key Identifier: keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/e8o9eE4Ll42uOW4-5Vfvz5NDkIs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:ecc0:1::/48 2a01:ecc0:5::/48 2a01:ecc0:8c0::/42 Signature Algorithm: sha256WithRSAEncryption 11:12:c6:88:64:d8:d6:ba:0e:76:b8:a0:ec:29:fe:5f:4b:ff: 18:dc:4f:cc:6f:05:13:0c:89:11:15:6f:14:4f:4e:bd:c8:fa: 4b:2f:fd:99:56:5e:b8:60:d0:e7:ae:09:22:bc:03:8f:09:7f: f7:d9:a5:39:14:eb:e1:0d:b1:53:75:7e:b2:3a:c1:b5:67:ad: 94:df:14:28:c5:d3:5c:cf:9b:af:46:5a:72:d1:f3:17:7b:0e: a5:3c:ca:ed:9e:39:e3:26:bd:69:8c:1c:4f:e3:0b:6c:7d:ef: 39:7e:61:00:78:bd:c1:01:4a:9c:31:d0:51:ae:8f:49:50:95: 10:6a:8a:3b:85:a0:26:cb:03:cf:95:f3:4c:e4:b2:af:fb:ad: f8:ac:cf:85:92:1b:09:c4:d9:5e:39:12:97:2a:e5:66:51:16: e9:52:45:35:93:67:43:ad:b1:df:ff:08:38:5a:6d:a8:4e:d0: 12:bd:88:3b:32:34:2f:e2:d7:c1:c6:00:32:cf:a3:50:ef:25: 27:63:e2:6f:17:35:87:d3:21:18:e8:68:5c:73:bb:5f:27:a7: 75:42:96:0b:b9:a9:bb:48:26:73:95:9a:f6:62:89:59:84:1b: 20:fa:b1:5f:43:48:56:9d:49:aa:4b:e0:8b:3c:50:05:04:3c: ce:2c:a6:ba -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZvc5DRb7Efvhsj1N6Kk9Uj7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0 ZWU1YmUwHhcNMjYwMTIwMTkzMTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YmNhM2Q3ODRlMGI5NzhkYWUzOTZlM2VlNTU3ZWZjZjkzNDM5MDhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1E7vDD7hqlC6XFApka0X4rggHDS GgZOAYm4AL9xqvjt+dXC600YCkoGEj3EXk+miebR8BjYpRAN5CBiBX0dF1dzuBLX Pqi+sbxpCzemkXf4lCLQ4Ev8INvAIskE8OZgZfgQXK+cnYNHWdCRKfuf7U3fKL6L c6Y1k6iFS+K+9jqvZJpFlMEqExU+aaj1ha7Ls3eZ1d8FmnqBPEKU1v2RVI6NWPPv 64kpgfzQzGlmx9bdAK17FqRp8lbVw/hSynL173/oLmL3UzTL3HlyD2bdMuLIxp0A QhN8gQ4epcsSllEUen3MjJrGCfRsCof0NdKi4GIN386AgGKRVmxubNrWQwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFHvKPXhOC5eNrjluPuVX78+TQ5CLMB8GA1UdIwQY MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt NjM0NTE1NDg5NzlkLzEvZThvOWVFNExsNDJ1T1c0LTVWZnZ6NU5Ea0lzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgHswAAB AwcAKgHswAAFAwcGKgHswAjAMA0GCSqGSIb3DQEBCwUAA4IBAQAREsaIZNjWug52 uKDsKf5fS/8Y3E/MbwUTDIkRFW8UT069yPpLL/2ZVl64YNDnrgkivAOPCX/32aU5 FOvhDbFTdX6yOsG1Z62U3xQoxdNcz5uvRlpy0fMXew6lPMrtnjnjJr1pjBxP4wts fe85fmEAeL3BAUqcMdBRro9JUJUQaoo7haAmywPPlfNM5LKv+634rM+FkhsJxNle ORKXKuVmURbpUkU1k2dDrbHf/wg4Wm2oTtASvYg7MjQv4tfBxgAyz6NQ7yUnY+Jv FzWH0yEY6Ghcc7tfJ6d1QpYLuam7SCZzlZr2YolZhBsg+rFfQ0hWnUmqS+CLPFAF BDzOLKa6 -----END CERTIFICATE-----Generated at Sun Jan 25 14:38:44 2026 by rpki-client