This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/cRkpuRyG0zhhGQbjsE_A8YfRNQ0.roa File: cRkpuRyG0zhhGQbjsE_A8YfRNQ0.roa (raw, json) Hash identifier: 4rEqZhA0GfuCAYMPrptrHJxFbCbgz4cowu0vbJKFg/I= Subject key identifier: 71:19:29:B9:1C:86:D3:38:61:19:06:E3:B0:4F:C0:F1:87:D1:35:0D Certificate issuer: /CN=e7f9a8a239683263e755e12c97d2d7a432d0b377 Certificate serial: 019B7F15D7EF37A74A2DA2372936B406C894 Authority key identifier: E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/cRkpuRyG0zhhGQbjsE_A8YfRNQ0.roa Signing time: Fri 02 Jan 2026 14:21:36 +0000 ROA not before: Fri 02 Jan 2026 14:21:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48220 IP address blocks: 217.198.64.0/21 maxlen: 21 217.198.72.0/21 maxlen: 21 2a00:1de8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.mft rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:d7:ef:37:a7:4a:2d:a2:37:29:36:b4:06:c8:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e7f9a8a239683263e755e12c97d2d7a432d0b377 Validity Not Before: Jan 2 14:21:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=711929b91c86d338611906e3b04fc0f187d1350d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:ad:6b:4e:54:49:02:d6:1e:45:b1:cd:fc:63: a6:07:51:54:f2:b1:78:46:fd:a9:a4:da:03:1b:b7: 40:2d:2f:3d:71:39:dc:e5:34:3d:80:cb:c9:98:c0: 05:b0:20:07:23:e5:23:51:ce:89:e0:17:f5:e0:eb: 04:c2:de:e7:94:1d:5f:85:57:06:59:c2:66:75:6d: 73:01:c0:9c:03:14:a6:fd:cc:86:34:fd:c9:f4:85: 35:4c:04:45:17:77:3c:0c:8f:aa:ea:09:5b:7d:9b: 25:cd:53:83:67:bd:c0:f2:1d:41:47:4d:71:ab:9d: 15:67:99:1c:73:cf:1a:5c:79:53:2a:1d:ce:6f:0c: d8:33:c4:af:ff:09:69:0c:0c:7d:3f:5a:b0:96:0f: f8:84:ab:2f:50:eb:2a:06:da:5b:10:32:af:c3:99: 16:09:7b:e0:27:b4:06:56:f1:ed:2b:96:62:1f:cb: 34:8f:c9:33:ad:1a:f5:48:a2:f2:c7:44:eb:cb:4a: ba:15:b3:6f:9f:65:8b:c0:57:41:65:ae:3c:32:f2: 82:2b:26:3e:cc:e3:12:4e:c3:2a:64:2d:c1:55:a0: 00:6b:17:11:11:0b:f0:29:92:4e:e3:14:9d:ab:db: 72:a7:06:22:5b:1f:41:d6:ae:f6:90:71:12:d8:b1: 47:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:19:29:B9:1C:86:D3:38:61:19:06:E3:B0:4F:C0:F1:87:D1:35:0D X509v3 Authority Key Identifier: keyid:E7:F9:A8:A2:39:68:32:63:E7:55:E1:2C:97:D2:D7:A4:32:D0:B3:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_moojloMmPnVeEsl9LXpDLQs3c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/cRkpuRyG0zhhGQbjsE_A8YfRNQ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/2548a4-7715-4134-8132-2bf0a3bcc4f1/1/5_moojloMmPnVeEsl9LXpDLQs3c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.198.64.0/20 IPv6: 2a00:1de8::/32 Signature Algorithm: sha256WithRSAEncryption 34:b3:3f:59:92:d3:19:03:3b:37:30:aa:93:2e:64:cd:71:b9: 36:92:56:7a:02:f9:4f:f3:20:73:e0:82:c2:2d:48:bf:b6:b7: 52:0c:00:54:9c:df:73:c5:fc:24:56:88:5e:ed:8d:34:b1:1f: dc:6c:95:66:79:fc:a0:ce:9d:ad:ed:88:ee:42:6d:3b:9d:41: a4:bb:10:c4:c6:14:22:08:e0:26:38:f9:51:07:d6:18:16:58: 52:98:d4:1e:16:f8:f0:ba:f7:bf:0f:a5:38:aa:d6:b4:e1:71: 35:c5:65:07:ec:24:41:ad:bc:4a:52:b3:e9:de:7a:7c:46:bd: 23:98:29:d6:48:8a:45:ba:e1:0d:6d:00:e9:33:3d:b5:40:1d: cd:48:33:9c:8f:ad:4f:96:d7:1e:0c:13:04:ed:93:eb:e3:17: fa:38:17:af:5f:c4:8e:93:27:5d:92:d9:c2:12:df:ba:bc:ae: c7:9e:31:d4:86:37:6b:ad:40:ec:33:38:f2:83:34:7f:fb:ac: 4c:90:83:ad:e1:f5:ef:75:63:77:8a:73:ff:a3:84:d9:34:96: ef:ce:7e:ad:c4:4e:5c:ac:79:a1:79:ff:14:04:d5:08:2a:d9: ac:15:de:e8:2f:43:42:03:10:20:59:7b:a5:f3:10:66:af:0b: a4:93:8e:16 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FdfvN6dKLaI3KTa0BsiUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3ZjlhOGEyMzk2ODMyNjNlNzU1ZTEyYzk3ZDJkN2E0MzJk MGIzNzcwHhcNMjYwMTAyMTQyMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTE5MjliOTFjODZkMzM4NjExOTA2ZTNiMDRmYzBmMTg3ZDEzNTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4q1rTlRJAtYeRbHN/GOmB1FU8rF4 Rv2ppNoDG7dALS89cTnc5TQ9gMvJmMAFsCAHI+UjUc6J4Bf14OsEwt7nlB1fhVcG WcJmdW1zAcCcAxSm/cyGNP3J9IU1TARFF3c8DI+q6glbfZslzVODZ73A8h1BR01x q50VZ5kcc88aXHlTKh3ObwzYM8Sv/wlpDAx9P1qwlg/4hKsvUOsqBtpbEDKvw5kW CXvgJ7QGVvHtK5ZiH8s0j8kzrRr1SKLyx0Try0q6FbNvn2WLwFdBZa48MvKCKyY+ zOMSTsMqZC3BVaAAaxcREQvwKZJO4xSdq9typwYiWx9B1q72kHES2LFHxwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHEZKbkchtM4YRkG47BPwPGH0TUNMB8GA1UdIwQY MBaAFOf5qKI5aDJj51XhLJfS16Qy0LN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNV9tb29qbG9NbVBuVmVFc2w5TFhwRExRczNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8yNTQ4YTQtNzcxNS00MTM0LTgxMzIt MmJmMGEzYmNjNGYxLzEvY1JrcHVSeUcwemhoR1FianNFX0E4WWZSTlEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy8yNTQ4YTQtNzcxNS00MTM0LTgxMzItMmJmMGEzYmNjNGYx LzEvNV9tb29qbG9NbVBuVmVFc2w5TFhwRExRczNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2cZAMA0E AgACMAcDBQAqAB3oMA0GCSqGSIb3DQEBCwUAA4IBAQA0sz9ZktMZAzs3MKqTLmTN cbk2klZ6AvlP8yBz4ILCLUi/trdSDABUnN9zxfwkVohe7Y00sR/cbJVmefygzp2t 7YjuQm07nUGkuxDExhQiCOAmOPlRB9YYFlhSmNQeFvjwuve/D6U4qta04XE1xWUH 7CRBrbxKUrPp3np8Rr0jmCnWSIpFuuENbQDpMz21QB3NSDOcj61PltceDBME7ZPr 4xf6OBevX8SOkyddktnCEt+6vK7HnjHUhjdrrUDsMzjygzR/+6xMkIOt4fXvdWN3 inP/o4TZNJbvzn6txE5crHmhef8UBNUIKtmsFd7oL0NCAxAgWXul8xBmrwukk44W -----END CERTIFICATE-----Generated at Sun Jan 25 16:54:41 2026 by rpki-client