This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/EiEKEI95auMCB7NfQVwo9byU814.roa File: EiEKEI95auMCB7NfQVwo9byU814.roa (raw, json) Hash identifier: qJa+m44cB1n22XnwN3TBLrmdvt3RH9NDFwUuAESZSTE= Subject key identifier: 12:21:0A:10:8F:79:6A:E3:02:07:B3:5F:41:5C:28:F5:BC:94:F3:5E Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF27B20AF3F3E7675EB3947A2295AD5 Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/EiEKEI95auMCB7NfQVwo9byU814.roa Signing time: Fri 02 Jan 2026 18:22:36 +0000 ROA not before: Fri 02 Jan 2026 18:22:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211526 IP address blocks: 85.14.56.0/24 maxlen: 24 85.14.57.0/24 maxlen: 24 89.252.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:7b:20:af:3f:3e:76:75:eb:39:47:a2:29:5a:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=12210a108f796ae30207b35f415c28f5bc94f35e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:30:ae:7f:eb:00:c3:8f:98:14:7b:3e:9c:c3: 75:8c:08:e5:68:38:2f:28:40:ce:16:ce:5a:41:a3: 8d:0b:af:ed:5c:55:59:77:51:73:1f:9e:f9:82:38: db:b4:5f:e9:8e:83:08:2a:33:ee:14:94:d5:e1:ce: cc:7d:de:a1:72:9a:61:83:db:31:2a:0c:f5:0d:63: a4:d0:2f:fa:3c:f4:46:4b:31:75:23:8f:e6:b5:9a: e4:66:dc:00:93:64:a5:9e:30:57:13:54:b8:9f:13: 35:42:38:1b:b9:ad:54:7e:9b:f3:03:f4:78:f1:d6: 7d:ab:c4:2f:8c:27:b7:8e:4e:2b:af:53:89:ae:39: 0f:da:5d:fd:2f:45:04:88:78:b9:68:f9:6d:a1:db: 1c:aa:b9:54:3f:8a:01:78:d7:42:0c:c3:94:67:94: b8:74:b2:35:88:fb:9d:0d:ea:07:c6:98:e5:aa:ba: b1:ee:3f:d3:0c:5c:69:98:6c:27:ae:5d:13:15:61: 7e:20:dd:f6:a6:cc:b9:98:15:4a:44:18:0d:96:8c: 52:18:85:38:43:32:48:a3:fd:c4:c8:1d:99:8c:73: 51:0d:c5:c5:88:e4:fa:61:61:cd:bc:ac:ce:c9:2f: 43:53:0e:2b:2d:ce:ae:68:de:ae:8c:ca:71:21:cb: e5:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:21:0A:10:8F:79:6A:E3:02:07:B3:5F:41:5C:28:F5:BC:94:F3:5E X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/EiEKEI95auMCB7NfQVwo9byU814.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.14.56.0/23 89.252.198.0/24 Signature Algorithm: sha256WithRSAEncryption 80:11:66:e6:f0:14:c9:47:e0:d4:c2:3e:ec:1e:77:ef:a4:26: b1:5b:63:8e:85:0f:0b:8c:c7:eb:43:b7:42:c1:b2:18:59:c7: d4:3d:18:46:6f:ec:a2:4d:52:d2:41:fe:b7:e1:78:99:71:9f: 3e:02:ca:95:35:20:53:62:8b:e6:6d:1c:67:94:f4:b1:61:ea: 65:3b:f7:2d:49:87:a7:e4:b6:f5:95:bc:a6:9b:a7:1c:fc:f7: 88:5e:83:e3:bc:28:0c:a8:c4:1c:81:7c:b2:89:46:d8:33:9c: c9:86:2a:3b:5c:03:00:3d:1f:12:76:54:02:cd:cb:03:1a:c8: a3:67:97:5c:c4:61:a8:43:0b:bd:e3:12:e1:9e:0d:0c:93:fa: dc:6e:8b:30:36:e5:7a:a0:ce:35:e1:51:38:29:9c:e3:4a:d8: 99:8c:dc:ae:2f:6f:b4:e5:30:2a:c8:13:e0:44:6d:87:93:b6: b8:ac:05:27:b3:3b:21:eb:6f:b5:db:eb:fd:df:84:b2:16:dd: f7:4b:6a:b8:48:47:d6:9c:8d:55:9b:ed:d3:b2:15:7e:50:ed: f4:04:62:c6:32:3e:78:26:b9:77:c3:ea:a9:aa:ad:58:ce:67: df:2b:8f:02:df:76:07:2e:05:cb:61:9e:eb:1b:e1:a8:af:cc: 9a:f6:96:bc -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/8nsgrz8+dnXrOUeiKVrVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMjIxMGExMDhmNzk2YWUzMDIwN2IzNWY0MTVjMjhmNWJjOTRmMzVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTCuf+sAw4+YFHs+nMN1jAjlaDgv KEDOFs5aQaONC6/tXFVZd1FzH575gjjbtF/pjoMIKjPuFJTV4c7Mfd6hcpphg9sx Kgz1DWOk0C/6PPRGSzF1I4/mtZrkZtwAk2SlnjBXE1S4nxM1Qjgbua1UfpvzA/R4 8dZ9q8QvjCe3jk4rr1OJrjkP2l39L0UEiHi5aPltodscqrlUP4oBeNdCDMOUZ5S4 dLI1iPudDeoHxpjlqrqx7j/TDFxpmGwnrl0TFWF+IN32psy5mBVKRBgNloxSGIU4 QzJIo/3EyB2ZjHNRDcXFiOT6YWHNvKzOyS9DUw4rLc6uaN6ujMpxIcvlHwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBIhChCPeWrjAgezX0FcKPW8lPNeMB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEvRWlFS0VJOTVhdU1DQjdOZlFWd285YnlVODE0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVQ44AwQA WfzGMA0GCSqGSIb3DQEBCwUAA4IBAQCAEWbm8BTJR+DUwj7sHnfvpCaxW2OOhQ8L jMfrQ7dCwbIYWcfUPRhGb+yiTVLSQf634XiZcZ8+AsqVNSBTYovmbRxnlPSxYepl O/ctSYen5Lb1lbymm6cc/PeIXoPjvCgMqMQcgXyyiUbYM5zJhio7XAMAPR8SdlQC zcsDGsijZ5dcxGGoQwu94xLhng0Mk/rcboswNuV6oM414VE4KZzjStiZjNyuL2+0 5TAqyBPgRG2Hk7a4rAUnszsh62+12+v934SyFt33S2q4SEfWnI1Vm+3TshV+UO30 BGLGMj54Jrl3w+qpqq1YzmffK48C33YHLgXLYZ7rG+Gor8ya9pa8 -----END CERTIFICATE-----Generated at Sun Jan 25 23:16:28 2026 by rpki-client