This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/EHyHz9gbiIWU2Q5sl0TdaoAfeVE.roa File: EHyHz9gbiIWU2Q5sl0TdaoAfeVE.roa (raw, json) Hash identifier: xvfiNAM8dce9pnD+OcgFDuIEl8iG5dBrERTSonUjoY8= Subject key identifier: 10:7C:87:CF:D8:1B:88:85:94:D9:0E:6C:97:44:DD:6A:80:1F:79:51 Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a Certificate serial: 019B77C6D901EDC4C0AC4B3E692F9823191D Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/EHyHz9gbiIWU2Q5sl0TdaoAfeVE.roa Signing time: Thu 01 Jan 2026 04:17:59 +0000 ROA not before: Thu 01 Jan 2026 04:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209372 IP address blocks: 85.28.32.0/20 maxlen: 24 85.28.32.0/23 maxlen: 23 85.28.32.0/24 maxlen: 24 85.28.33.0/24 maxlen: 24 85.28.34.0/24 maxlen: 24 85.28.35.0/24 maxlen: 24 85.28.36.0/22 maxlen: 22 85.28.40.0/23 maxlen: 23 85.28.42.0/24 maxlen: 24 85.28.43.0/24 maxlen: 24 85.28.44.0/23 maxlen: 23 85.28.48.0/20 maxlen: 24 85.28.48.0/22 maxlen: 22 85.28.52.0/23 maxlen: 23 85.28.54.0/23 maxlen: 23 85.28.56.0/24 maxlen: 24 85.28.57.0/24 maxlen: 24 85.28.58.0/24 maxlen: 24 85.28.59.0/24 maxlen: 24 85.28.60.0/22 maxlen: 22 85.28.60.0/24 maxlen: 24 85.28.62.0/24 maxlen: 24 109.238.192.0/20 maxlen: 24 109.238.192.0/22 maxlen: 24 109.238.200.0/24 maxlen: 24 109.238.203.0/24 maxlen: 24 109.238.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d9:01:ed:c4:c0:ac:4b:3e:69:2f:98:23:19:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a Validity Not Before: Jan 1 04:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=107c87cfd81b888594d90e6c9744dd6a801f7951 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:0a:75:3c:dc:ee:3f:10:4d:56:a8:f9:cd:00: 86:96:7a:3a:3d:d6:43:0e:69:11:bb:5f:9d:6d:da: f4:d6:b9:72:56:a3:96:be:8a:20:ba:cb:86:ae:9d: ca:7f:45:7d:d7:fb:eb:5a:46:91:a9:44:59:6a:4a: e6:16:fe:88:95:bb:5d:b0:06:70:48:bd:22:37:4f: 1f:f6:ac:b7:19:42:fd:42:e6:71:1b:8d:44:5c:a4: 31:14:89:9d:49:c4:51:05:4a:bb:33:34:32:a3:52: b2:59:58:91:33:3c:0a:e3:78:1c:20:d0:34:3e:32: 50:6d:6b:06:b2:86:04:64:09:48:d0:82:c4:37:e4: 6d:46:cb:31:3a:bb:6a:52:d8:b7:6b:b6:1f:f3:40: a8:41:d9:c5:05:34:a7:25:89:de:62:30:8f:87:6e: 59:f9:42:bb:d4:2e:56:54:12:20:4c:da:3d:c8:b9: d4:cb:55:3e:5c:97:a6:17:99:bf:88:08:f9:b6:1f: 82:08:0f:8e:8f:c1:01:ad:7e:03:43:10:e0:64:09: 50:0e:fd:aa:6b:99:ee:fa:c5:ba:3d:73:dc:87:5c: ad:d4:47:cb:7f:44:1b:8e:24:26:ce:fa:1e:75:67: c9:fb:d8:90:00:4f:af:90:1e:d6:3b:5a:13:de:5f: ed:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:7C:87:CF:D8:1B:88:85:94:D9:0E:6C:97:44:DD:6A:80:1F:79:51 X509v3 Authority Key Identifier: keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/EHyHz9gbiIWU2Q5sl0TdaoAfeVE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.28.32.0/19 109.238.192.0/20 Signature Algorithm: sha256WithRSAEncryption 47:c6:ac:08:41:67:78:79:79:dc:58:ce:e6:38:11:23:ce:a0: d1:87:c5:a1:ab:ec:94:e7:81:80:8f:66:db:f8:8f:bd:b0:44: 89:58:db:4c:e0:f4:e2:fc:d3:13:ed:e9:0d:c1:7c:7d:09:a4: 0b:43:d7:87:db:5b:4a:c5:8d:d2:64:7c:04:f2:d5:87:07:1a: 6e:fd:63:a5:b5:bf:0a:8c:6d:21:ca:60:3d:a8:5b:65:63:7d: 6f:c9:1b:43:df:0b:1e:54:9d:a4:a5:a6:24:b9:c8:23:ab:c0: 84:bb:13:71:bc:7f:a7:f2:d7:d8:05:f6:2b:47:b4:8a:69:f3: 5c:8f:3c:b8:14:a9:47:8c:1c:c3:42:1d:93:58:48:33:32:ce: b1:52:4a:27:9e:64:85:79:d4:88:a3:65:79:27:2c:f4:4c:ac: af:d3:3f:88:a4:e1:d1:69:40:a5:b7:c7:61:e7:e6:e7:e0:a6: c2:aa:35:9b:7a:0f:c5:1d:b2:0d:66:fb:1d:73:ba:72:11:dc: 9f:24:0f:d6:27:26:d0:0f:d8:3e:61:1d:de:72:d9:a1:36:0d: 5f:c6:4d:12:f2:b2:b3:8f:85:93:ce:37:f7:a4:67:a0:ee:cb: 0b:99:4d:4c:71:40:b1:ef:a6:a7:85:21:3b:6e:f2:78:ba:67: cf:ab:63:53 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xtkB7cTArEs+aS+YIxkdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2 NTg4MWEwHhcNMjYwMTAxMDQxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMDdjODdjZmQ4MWI4ODg1OTRkOTBlNmM5NzQ0ZGQ2YTgwMWY3OTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ap1PNzuPxBNVqj5zQCGlno6PdZD DmkRu1+dbdr01rlyVqOWvoogusuGrp3Kf0V91/vrWkaRqURZakrmFv6IlbtdsAZw SL0iN08f9qy3GUL9QuZxG41EXKQxFImdScRRBUq7MzQyo1KyWViRMzwK43gcINA0 PjJQbWsGsoYEZAlI0ILEN+RtRssxOrtqUti3a7Yf80CoQdnFBTSnJYneYjCPh25Z +UK71C5WVBIgTNo9yLnUy1U+XJemF5m/iAj5th+CCA+Oj8EBrX4DQxDgZAlQDv2q a5nu+sW6PXPch1yt1EfLf0QbjiQmzvoedWfJ+9iQAE+vkB7WO1oT3l/tsQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBB8h8/YG4iFlNkObJdE3WqAH3lRMB8GA1UdIwQY MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct ZmViYjY0YjVlMTY0LzEvRUh5SHo5Z2JpSVdVMlE1c2wwVGRhb0FmZVZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0 LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFVRwgAwQE be7AMA0GCSqGSIb3DQEBCwUAA4IBAQBHxqwIQWd4eXncWM7mOBEjzqDRh8Whq+yU 54GAj2bb+I+9sESJWNtM4PTi/NMT7ekNwXx9CaQLQ9eH21tKxY3SZHwE8tWHBxpu /WOltb8KjG0hymA9qFtlY31vyRtD3wseVJ2kpaYkucgjq8CEuxNxvH+n8tfYBfYr R7SKafNcjzy4FKlHjBzDQh2TWEgzMs6xUkonnmSFedSIo2V5Jyz0TKyv0z+IpOHR aUClt8dh5+bn4KbCqjWbeg/FHbINZvsdc7pyEdyfJA/WJybQD9g+YR3ectmhNg1f xk0S8rKzj4WTzjf3pGeg7ssLmU1McUCx76anhSE7bvJ4umfPq2NT -----END CERTIFICATE-----Generated at Sun Jan 25 16:28:29 2026 by rpki-client