This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/EcWTWsW7l7pSDkzIfszK-ABUpsY.roa File: EcWTWsW7l7pSDkzIfszK-ABUpsY.roa (raw, json) Hash identifier: psJpT6d58TfpqU9qeBsatlA8wNIaL/3bQDwy3Orowzs= Subject key identifier: 11:C5:93:5A:C5:BB:97:BA:52:0E:4C:C8:7E:CC:CA:F8:00:54:A6:C6 Certificate issuer: /CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00 Certificate serial: 019B7EA6C2D8F848AB95483A311FEA66D31E Authority key identifier: 67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/EcWTWsW7l7pSDkzIfszK-ABUpsY.roa Signing time: Fri 02 Jan 2026 12:20:16 +0000 ROA not before: Fri 02 Jan 2026 12:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212047 IP address blocks: 45.157.0.0/24 maxlen: 24 212.2.240.0/21 maxlen: 21 2a10:c880::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:c2:d8:f8:48:ab:95:48:3a:31:1f:ea:66:d3:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67e24c7284ef4887e45d4ccd9bde679cd9ab4f00 Validity Not Before: Jan 2 12:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=11c5935ac5bb97ba520e4cc87ecccaf80054a6c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a3:eb:95:32:6d:79:0e:4f:c2:4d:26:e4:2f: 11:bc:2b:1f:ec:54:53:f7:3a:35:80:04:7d:d7:a8: d3:18:5c:db:4b:df:94:c0:e0:20:3e:a3:53:59:ce: 8a:63:0e:44:e3:c3:94:ab:c1:7f:ed:ea:30:16:50: 68:fd:48:be:9d:2a:bb:15:71:23:1e:f7:74:ee:6a: 6d:ec:bb:7e:29:49:d0:ad:45:6c:95:7f:ae:6e:e1: f3:8d:2e:08:3f:cf:a3:e7:20:5a:45:9f:96:85:24: 11:32:25:61:cf:bb:c8:b7:65:95:fb:62:7a:18:0c: 63:c8:b2:57:fd:14:0b:ac:27:0d:09:0b:d8:0b:bd: 89:79:19:7c:5c:fa:7d:57:34:37:df:0e:25:ca:a2: 27:2e:97:cd:46:8a:0b:fa:be:3f:c2:c4:65:af:50: 1f:15:bb:28:5f:e7:47:e9:02:7f:86:e2:95:c1:7e: 6c:a2:8c:88:33:3f:29:bb:28:90:da:29:d2:d5:cc: 77:8b:ea:37:de:3d:de:9c:9b:51:d8:fc:c5:d8:86: 45:88:9b:1e:0f:cd:20:1a:92:69:53:b3:be:24:8d: 0b:a6:35:73:46:60:18:d7:24:b8:6d:2a:07:e4:4b: 02:d6:19:13:2b:f0:33:64:40:e8:2e:8c:f8:b3:21: 3f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:C5:93:5A:C5:BB:97:BA:52:0E:4C:C8:7E:CC:CA:F8:00:54:A6:C6 X509v3 Authority Key Identifier: keyid:67:E2:4C:72:84:EF:48:87:E4:5D:4C:CD:9B:DE:67:9C:D9:AB:4F:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-JMcoTvSIfkXUzNm95nnNmrTwA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/EcWTWsW7l7pSDkzIfszK-ABUpsY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/02d3f6-4301-4be5-8c37-0375a9c32b00/1/Z-JMcoTvSIfkXUzNm95nnNmrTwA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.157.0.0/24 212.2.240.0/21 IPv6: 2a10:c880::/32 Signature Algorithm: sha256WithRSAEncryption 03:fe:3b:d7:e8:66:3a:31:96:26:5c:2d:37:17:8f:4e:7f:eb: 74:c0:ce:cc:f5:8e:7f:d2:9c:1e:ec:c7:66:8e:6f:53:c9:f8: 53:b4:e9:9c:71:31:6e:f6:0f:28:b6:fb:a1:c2:8f:75:93:b1: 4f:7f:9b:c5:89:c3:5e:63:f7:2c:d7:b6:43:93:d3:fb:82:73: 7a:dd:a5:4a:e5:8e:a6:cb:79:ea:9a:0c:80:0d:52:26:03:d6: 14:df:72:7d:62:7a:e8:9b:2e:80:67:ff:34:9f:63:77:cb:82: 89:d0:db:ad:c2:e0:d8:5a:da:5d:9b:97:08:bd:6a:7e:db:4c: 16:41:01:ee:63:5a:2b:c0:52:c7:3d:2c:ed:29:45:05:fc:61: b8:e2:e4:36:f4:58:98:97:11:8f:03:66:64:86:f0:f2:2c:34: d9:94:d7:d0:6f:4a:c6:89:43:b8:9f:4a:3d:c9:b6:d2:be:c3: 7f:ad:a5:08:2e:70:f0:9a:28:bb:17:46:2d:73:f8:8a:25:0b: d8:e0:52:e0:07:0f:03:8e:69:4a:f6:24:53:c3:36:9a:a7:0d: 9f:6b:e9:f6:bf:b7:be:4a:6f:c9:fc:db:6f:0a:c4:27:d3:83: 64:26:f9:a6:12:87:48:32:34:f5:8f:53:e5:8f:cf:1f:5b:e6: df:54:f3:34 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+psLY+EirlUg6MR/qZtMeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZTI0YzcyODRlZjQ4ODdlNDVkNGNjZDliZGU2NzljZDlh YjRmMDAwHhcNMjYwMTAyMTIyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMWM1OTM1YWM1YmI5N2JhNTIwZTRjYzg3ZWNjY2FmODAwNTRhNmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaPrlTJteQ5Pwk0m5C8RvCsf7FRT 9zo1gAR916jTGFzbS9+UwOAgPqNTWc6KYw5E48OUq8F/7eowFlBo/Ui+nSq7FXEj Hvd07mpt7Lt+KUnQrUVslX+ubuHzjS4IP8+j5yBaRZ+WhSQRMiVhz7vIt2WV+2J6 GAxjyLJX/RQLrCcNCQvYC72JeRl8XPp9VzQ33w4lyqInLpfNRooL+r4/wsRlr1Af FbsoX+dH6QJ/huKVwX5sooyIMz8puyiQ2inS1cx3i+o33j3enJtR2PzF2IZFiJse D80gGpJpU7O+JI0LpjVzRmAY1yS4bSoH5EsC1hkTK/AzZEDoLoz4syE/fwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFBHFk1rFu5e6Ug5MyH7MyvgAVKbGMB8GA1UdIwQY MBaAFGfiTHKE70iH5F1MzZveZ5zZq08AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzct MDM3NWE5YzMyYjAwLzEvRWNXVFdzVzdsN3BTRGt6SWZzekstQUJVcHNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC8wMmQzZjYtNDMwMS00YmU1LThjMzctMDM3NWE5YzMyYjAw LzEvWi1KTWNvVHZTSWZrWFV6Tm05NW5uTm1yVHdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALZ0AAwQD 1ALwMA0EAgACMAcDBQAqEMiAMA0GCSqGSIb3DQEBCwUAA4IBAQAD/jvX6GY6MZYm XC03F49Of+t0wM7M9Y5/0pwe7Mdmjm9TyfhTtOmccTFu9g8otvuhwo91k7FPf5vF icNeY/cs17ZDk9P7gnN63aVK5Y6my3nqmgyADVImA9YU33J9Ynromy6AZ/80n2N3 y4KJ0NutwuDYWtpdm5cIvWp+20wWQQHuY1orwFLHPSztKUUF/GG44uQ29FiYlxGP A2ZkhvDyLDTZlNfQb0rGiUO4n0o9ybbSvsN/raUILnDwmii7F0Ytc/iKJQvY4FLg Bw8DjmlK9iRTwzaapw2fa+n2v7e+Sm/J/NtvCsQn04NkJvmmEodIMjT1j1Plj88f W+bfVPM0 -----END CERTIFICATE-----Generated at Mon Jan 26 04:39:16 2026 by rpki-client