This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/wJhrCbB9HaKVaJIOdovc6nXak8I.roa File: wJhrCbB9HaKVaJIOdovc6nXak8I.roa (raw, json) Hash identifier: DNB7tfiEdhadZKuh5CRqn/FIXhNGqeMKaW1BhhcXm8Y= Subject key identifier: C0:98:6B:09:B0:7D:1D:A2:95:68:92:0E:76:8B:DC:EA:75:DA:93:C2 Certificate issuer: /CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0 Certificate serial: 019B7DCA71ACF7CEB375664735FFFAA5D2D7 Authority key identifier: A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/wJhrCbB9HaKVaJIOdovc6nXak8I.roa Signing time: Fri 02 Jan 2026 08:19:37 +0000 ROA not before: Fri 02 Jan 2026 08:19:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34867 IP address blocks: 95.67.0.0/17 maxlen: 17 95.67.0.0/18 maxlen: 18 95.67.64.0/18 maxlen: 18 185.48.196.0/22 maxlen: 22 2a00:17a0::/29 maxlen: 29 2a00:17a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.mft rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:71:ac:f7:ce:b3:75:66:47:35:ff:fa:a5:d2:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a6947681da0db7fe79315ec6dbda28bf8d660fc0 Validity Not Before: Jan 2 08:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c0986b09b07d1da29568920e768bdcea75da93c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:79:19:89:f0:67:82:c7:80:19:72:cb:f9:e0: 36:b6:b4:3f:fa:bc:9c:c6:50:59:aa:e2:f6:63:d6: 41:af:98:59:cf:bd:05:f1:46:c1:d7:b5:d5:b8:98: b4:7d:40:46:11:d0:a7:36:aa:4b:c8:f7:aa:b3:af: b1:f5:9a:f5:df:0c:77:ce:3c:64:0d:93:99:6d:d7: b8:aa:e5:f2:8b:ee:1d:02:55:8c:63:f2:e5:da:fd: 0d:87:f3:41:64:6f:bd:41:6a:c5:25:95:66:56:84: 10:34:95:18:07:a9:a7:d2:70:0f:7c:47:58:e0:6c: 12:81:ae:9f:69:80:e7:ea:6d:13:fd:b3:08:c9:1f: de:2e:c2:b6:08:e5:f0:14:a7:75:aa:e0:3b:53:a0: a3:23:f3:04:da:bf:ee:7d:a2:46:60:7f:cb:3b:08: 19:92:c2:ff:cc:6c:cc:7c:90:1d:75:21:50:84:ec: ad:a4:f2:44:f8:ec:bf:1b:3b:ee:85:fb:22:65:35: cf:44:d6:dc:f4:a4:05:f6:ee:d9:4c:06:15:ab:96: 18:f6:f5:2d:1b:6c:02:9a:a1:a1:f4:e4:40:1b:79: 2c:b1:37:65:99:a7:0b:cb:9d:c4:d7:fa:df:6b:3a: 1a:94:6b:84:92:c1:48:44:02:9a:3b:64:e6:a4:27: 99:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:98:6B:09:B0:7D:1D:A2:95:68:92:0E:76:8B:DC:EA:75:DA:93:C2 X509v3 Authority Key Identifier: keyid:A6:94:76:81:DA:0D:B7:FE:79:31:5E:C6:DB:DA:28:BF:8D:66:0F:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppR2gdoNt_55MV7G29oov41mD8A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/wJhrCbB9HaKVaJIOdovc6nXak8I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/f649a2-518d-4456-98a7-23c3df82c230/1/ppR2gdoNt_55MV7G29oov41mD8A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.67.0.0/17 185.48.196.0/22 IPv6: 2a00:17a0::/29 Signature Algorithm: sha256WithRSAEncryption 94:d2:b6:1d:45:89:00:05:78:7c:8f:20:e6:e8:b4:07:ff:87: 91:27:3c:d7:0d:9c:8e:ef:ab:24:ae:d9:04:f4:b1:57:e2:25: 0a:00:15:fe:66:a4:ee:01:df:30:d1:2e:8e:5f:d0:c4:a7:9b: 1e:b2:62:f6:50:0f:7d:3e:ee:c1:0e:d5:a2:58:82:b9:c7:9d: 78:17:39:80:22:9f:82:b2:be:82:17:b3:3d:1b:97:5c:24:3e: 09:b0:c3:f8:03:ad:3b:59:94:03:15:62:a5:44:65:f0:d7:44: e3:ca:72:ce:ad:86:95:c3:74:6a:08:1f:66:d7:f2:2e:41:c9: b0:40:f9:e7:bb:ce:da:42:dd:5e:97:3d:7b:e1:17:c6:4a:c3: 24:f6:25:68:52:9f:b2:87:2d:3d:d6:f4:37:b5:8f:d6:84:c8: 24:5a:24:e3:af:d7:1e:89:9e:0d:57:44:60:fc:be:de:04:8f: 8a:14:6f:d1:34:81:03:74:2f:32:94:96:33:ba:d8:02:c3:96: 43:54:1c:fc:58:4a:22:da:8d:cb:b3:74:47:c6:17:e4:17:e3: 32:97:7f:f5:59:9f:33:93:04:5b:37:e2:25:1b:b0:0b:f4:8e: 28:c7:d8:87:17:73:5c:10:dd:4f:c5:7b:96:94:ed:e7:43:7b: e7:be:6f:e0 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9ynGs986zdWZHNf/6pdLXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2OTQ3NjgxZGEwZGI3ZmU3OTMxNWVjNmRiZGEyOGJmOGQ2 NjBmYzAwHhcNMjYwMTAyMDgxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMDk4NmIwOWIwN2QxZGEyOTU2ODkyMGU3NjhiZGNlYTc1ZGE5M2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nkZifBngseAGXLL+eA2trQ/+ryc xlBZquL2Y9ZBr5hZz70F8UbB17XVuJi0fUBGEdCnNqpLyPeqs6+x9Zr13wx3zjxk DZOZbde4quXyi+4dAlWMY/Ll2v0Nh/NBZG+9QWrFJZVmVoQQNJUYB6mn0nAPfEdY 4GwSga6faYDn6m0T/bMIyR/eLsK2COXwFKd1quA7U6CjI/ME2r/ufaJGYH/LOwgZ ksL/zGzMfJAddSFQhOytpPJE+Oy/GzvuhfsiZTXPRNbc9KQF9u7ZTAYVq5YY9vUt G2wCmqGh9ORAG3kssTdlmacLy53E1/rfazoalGuEksFIRAKaO2TmpCeZuwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFMCYawmwfR2ilWiSDnaL3Op12pPCMB8GA1UdIwQY MBaAFKaUdoHaDbf+eTFextvaKL+NZg/AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTct MjNjM2RmODJjMjMwLzEvd0pockNiQjlIYUtWYUpJT2RvdmM2blhhazhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9mNjQ5YTItNTE4ZC00NDU2LTk4YTctMjNjM2RmODJjMjMw LzEvcHBSMmdkb050XzU1TVY3RzI5b292NDFtRDhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHX0MAAwQC uTDEMA0EAgACMAcDBQMqABegMA0GCSqGSIb3DQEBCwUAA4IBAQCU0rYdRYkABXh8 jyDm6LQH/4eRJzzXDZyO76skrtkE9LFX4iUKABX+ZqTuAd8w0S6OX9DEp5sesmL2 UA99Pu7BDtWiWIK5x514FzmAIp+Csr6CF7M9G5dcJD4JsMP4A607WZQDFWKlRGXw 10TjynLOrYaVw3RqCB9m1/IuQcmwQPnnu87aQt1elz174RfGSsMk9iVoUp+yhy09 1vQ3tY/WhMgkWiTjr9ceiZ4NV0Rg/L7eBI+KFG/RNIEDdC8ylJYzutgCw5ZDVBz8 WEoi2o3Ls3RHxhfkF+Myl3/1WZ8zkwRbN+IlG7AL9I4ox9iHF3NcEN1PxXuWlO3n Q3vnvm/g -----END CERTIFICATE-----Generated at Sun Jan 25 16:37:54 2026 by rpki-client