This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/ekrqCKLizVAMKQXSGPD3DpBP_OY.roa File: ekrqCKLizVAMKQXSGPD3DpBP_OY.roa (raw, json) Hash identifier: s5CParuuwC3JvXqHExuQ7yQFo1a7fTuNWPzfjB6dlrk= Subject key identifier: 7A:4A:EA:08:A2:E2:CD:50:0C:29:05:D2:18:F0:F7:0E:90:4F:FC:E6 Certificate issuer: /CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc Certificate serial: 019B7A5AF80E2D62CDCEDAB6079DE9BE7572 Authority key identifier: 6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/ekrqCKLizVAMKQXSGPD3DpBP_OY.roa Signing time: Thu 01 Jan 2026 16:19:00 +0000 ROA not before: Thu 01 Jan 2026 16:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210017 IP address blocks: 193.58.112.0/22 maxlen: 24 2a0d:e640::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.mft rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:f8:0e:2d:62:cd:ce:da:b6:07:9d:e9:be:75:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6cf9b24f2c0847d041c1e66a12f01eaba478b4fc Validity Not Before: Jan 1 16:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7a4aea08a2e2cd500c2905d218f0f70e904ffce6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:b7:3e:80:eb:65:0c:3c:3e:3f:d0:9a:0b:8c: a9:b8:a9:97:6d:af:c6:22:aa:f5:83:b5:31:c2:99: da:4a:3e:e4:f9:ff:ed:b7:8a:26:58:36:ab:b4:55: 5c:6b:39:b3:e9:69:26:33:e0:8d:82:fc:d6:76:c4: 52:01:1e:04:67:07:5d:14:0d:b0:71:94:4d:4a:c8: 83:86:43:b5:94:ac:92:ee:7c:8d:4e:23:f4:5e:31: 89:4f:cc:07:e4:7b:6c:8d:65:f1:e2:88:de:35:cf: c1:57:77:f8:93:8d:db:22:dc:9d:d1:e8:96:70:4b: 33:12:31:0c:1a:da:4a:1d:5e:21:ea:35:e5:17:e8: af:3a:b9:6a:9b:b5:54:04:84:40:21:90:68:f7:64: 06:34:93:e4:cf:9d:4d:c0:c0:be:87:a5:7b:a6:b7: d2:c6:fb:b8:74:65:4d:d1:03:41:76:c9:cb:5a:7e: 46:9c:0b:7e:22:3e:4a:f9:e3:2d:ca:a3:62:a6:c1: 94:65:05:8f:28:cb:ee:43:d2:03:d6:4d:3e:4d:37: 40:70:d5:63:4e:5a:47:ab:26:c5:e9:6b:4e:19:30: dc:1f:25:d1:62:b4:1d:21:ed:b1:54:72:32:89:94: 1f:10:dc:a9:2f:95:d1:86:97:c7:15:73:af:2f:95: cd:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:4A:EA:08:A2:E2:CD:50:0C:29:05:D2:18:F0:F7:0E:90:4F:FC:E6 X509v3 Authority Key Identifier: keyid:6C:F9:B2:4F:2C:08:47:D0:41:C1:E6:6A:12:F0:1E:AB:A4:78:B4:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bPmyTywIR9BBweZqEvAeq6R4tPw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/ekrqCKLizVAMKQXSGPD3DpBP_OY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b45765-2c33-4a49-91eb-946892f88beb/1/bPmyTywIR9BBweZqEvAeq6R4tPw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.58.112.0/22 IPv6: 2a0d:e640::/29 Signature Algorithm: sha256WithRSAEncryption 15:d4:60:72:61:19:f5:21:40:bc:a4:41:fc:d7:29:56:24:1c: 23:73:83:97:89:69:66:88:78:e8:4f:2c:80:7b:03:6e:84:c5: c3:37:e9:93:cf:ee:15:29:8a:e8:6e:17:cf:4a:f3:ab:8b:e7: d7:48:b5:ed:70:ee:ce:6a:66:cc:f0:d5:17:c2:f4:e8:93:76: 42:0d:50:3b:93:d6:2f:0f:81:53:7f:6d:70:18:b2:f7:e3:75: 56:43:73:89:c0:e5:2a:7a:c9:fc:74:fa:6f:e3:8c:4d:66:f0: cf:d9:c7:9b:99:08:66:b1:a3:c4:f0:5f:80:49:bf:51:67:8a: 68:15:ec:d0:10:44:0b:c4:77:7b:d8:b3:c1:e3:81:fc:02:20: 70:5f:ce:49:f7:88:13:a8:21:cf:8b:e9:a7:8d:3a:51:fb:e5: 1c:3b:4f:ba:8e:93:7e:b2:6e:cd:88:0b:63:1a:65:fc:89:44: b4:1e:cc:5d:6a:a8:e6:1c:bc:16:27:de:33:fb:f4:91:21:09: ca:74:af:bb:8f:93:af:c5:69:bf:02:26:4c:9b:98:43:bb:12: fd:3f:14:0e:28:82:c7:f5:ee:fd:16:64:f1:5e:48:1e:ee:4d: e4:ab:23:7f:02:9a:7d:bc:54:0f:48:bb:3b:a2:03:fa:47:1d: 97:85:54:b4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6WvgOLWLNztq2B53pvnVyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjZjliMjRmMmMwODQ3ZDA0MWMxZTY2YTEyZjAxZWFiYTQ3 OGI0ZmMwHhcNMjYwMTAxMTYxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YTRhZWEwOGEyZTJjZDUwMGMyOTA1ZDIxOGYwZjcwZTkwNGZmY2U2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rc+gOtlDDw+P9CaC4ypuKmXba/G Iqr1g7UxwpnaSj7k+f/tt4omWDartFVcazmz6WkmM+CNgvzWdsRSAR4EZwddFA2w cZRNSsiDhkO1lKyS7nyNTiP0XjGJT8wH5HtsjWXx4ojeNc/BV3f4k43bItyd0eiW cEszEjEMGtpKHV4h6jXlF+ivOrlqm7VUBIRAIZBo92QGNJPkz51NwMC+h6V7prfS xvu4dGVN0QNBdsnLWn5GnAt+Ij5K+eMtyqNipsGUZQWPKMvuQ9ID1k0+TTdAcNVj TlpHqybF6WtOGTDcHyXRYrQdIe2xVHIyiZQfENypL5XRhpfHFXOvL5XN6QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHpK6gii4s1QDCkF0hjw9w6QT/zmMB8GA1UdIwQY MBaAFGz5sk8sCEfQQcHmahLwHqukeLT8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWIt OTQ2ODkyZjg4YmViLzEvZWtycUNLTGl6VkFNS1FYU0dQRDNEcEJQX09ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi9iNDU3NjUtMmMzMy00YTQ5LTkxZWItOTQ2ODkyZjg4YmVi LzEvYlBteVR5d0lSOUJCd2VacUV2QWVxNlI0dFB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwTpwMA0E AgACMAcDBQMqDeZAMA0GCSqGSIb3DQEBCwUAA4IBAQAV1GByYRn1IUC8pEH81ylW JBwjc4OXiWlmiHjoTyyAewNuhMXDN+mTz+4VKYrobhfPSvOri+fXSLXtcO7OambM 8NUXwvTok3ZCDVA7k9YvD4FTf21wGLL343VWQ3OJwOUqesn8dPpv44xNZvDP2ceb mQhmsaPE8F+ASb9RZ4poFezQEEQLxHd72LPB44H8AiBwX85J94gTqCHPi+mnjTpR ++UcO0+6jpN+sm7NiAtjGmX8iUS0HsxdaqjmHLwWJ94z+/SRIQnKdK+7j5OvxWm/ AiZMm5hDuxL9PxQOKILH9e79FmTxXkge7k3kqyN/App9vFQPSLs7ogP6Rx2XhVS0 -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:57 2026 by rpki-client