This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/EAHkC7o9VL-S2-gmEhIR8E0Rx9o.roa File: EAHkC7o9VL-S2-gmEhIR8E0Rx9o.roa (raw, json) Hash identifier: OdYtd2ANkkqc8l4EyXlFU9oU1QIesxnnDbHz973YpsU= Subject key identifier: 10:01:E4:0B:BA:3D:54:BF:92:DB:E8:26:12:12:11:F0:4D:11:C7:DA Certificate issuer: /CN=5960e6cd1b1b0063b1890f780745c245606dcf73 Certificate serial: 019B7CEDE223311D8B5B6E095594B9D50F4D Authority key identifier: 59:60:E6:CD:1B:1B:00:63:B1:89:0F:78:07:45:C2:45:60:6D:CF:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WWDmzRsbAGOxiQ94B0XCRWBtz3M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/EAHkC7o9VL-S2-gmEhIR8E0Rx9o.roa Signing time: Fri 02 Jan 2026 04:18:43 +0000 ROA not before: Fri 02 Jan 2026 04:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42160 IP address blocks: 195.225.221.0/24 maxlen: 24 195.225.222.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/WWDmzRsbAGOxiQ94B0XCRWBtz3M.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/WWDmzRsbAGOxiQ94B0XCRWBtz3M.mft rsync://rpki.ripe.net/repository/DEFAULT/WWDmzRsbAGOxiQ94B0XCRWBtz3M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:e2:23:31:1d:8b:5b:6e:09:55:94:b9:d5:0f:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5960e6cd1b1b0063b1890f780745c245606dcf73 Validity Not Before: Jan 2 04:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1001e40bba3d54bf92dbe826121211f04d11c7da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ea:54:dc:b2:49:4f:9b:24:6f:b0:36:11:3e: 20:5a:82:5a:4b:97:23:20:17:d0:fd:17:2a:8c:8f: 7d:bd:73:63:91:5e:43:23:de:b7:7b:2c:81:f6:3a: 23:d5:14:f7:db:74:13:a2:e3:e8:8e:af:40:47:e0: be:6c:8a:c8:6f:3b:76:68:6e:90:d6:b8:ec:a1:67: e5:1e:ac:c7:98:0a:4b:05:e0:d1:6d:a1:80:3b:5e: 51:4c:37:7d:11:21:a0:ec:32:c1:d4:79:6b:21:db: 00:8e:5d:a7:97:ea:63:e9:06:e6:cb:91:f1:e4:80: 5e:38:fa:6c:f8:29:2b:d9:07:d3:ff:db:27:09:c9: ee:14:5d:f7:1f:b3:1e:63:5c:66:9f:68:16:98:62: 65:5c:d9:05:7f:99:0c:8f:8a:74:18:dc:be:70:87: 16:21:9c:10:2d:31:8b:2c:6c:ef:6b:c3:b9:e2:a0: c6:4e:e4:8a:8d:8a:90:06:43:ba:ab:99:43:ab:9e: 4a:75:24:3f:59:e6:78:a6:87:a3:aa:da:ed:35:0c: 7d:3d:47:46:fa:e9:6b:93:46:d6:7d:80:cc:18:1f: 60:11:34:46:f2:c5:43:05:aa:24:5c:5e:50:8b:83: 5c:c0:ab:de:35:4a:70:52:61:8b:02:57:80:36:4b: 55:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:01:E4:0B:BA:3D:54:BF:92:DB:E8:26:12:12:11:F0:4D:11:C7:DA X509v3 Authority Key Identifier: keyid:59:60:E6:CD:1B:1B:00:63:B1:89:0F:78:07:45:C2:45:60:6D:CF:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WWDmzRsbAGOxiQ94B0XCRWBtz3M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/EAHkC7o9VL-S2-gmEhIR8E0Rx9o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/WWDmzRsbAGOxiQ94B0XCRWBtz3M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.225.221.0-195.225.223.255 Signature Algorithm: sha256WithRSAEncryption 01:53:0a:69:92:e8:e2:74:fe:fb:16:dd:8e:11:7c:e9:5d:53: 9d:1b:ae:b6:a1:a9:56:4b:17:c6:d1:4e:86:07:62:a7:12:b6: d5:63:b2:ef:60:1c:93:5f:26:ba:1e:ca:6d:26:1d:42:f9:96: d7:0e:f4:de:d7:43:ca:8d:14:8d:c7:e1:92:e0:4f:d8:7c:cc: 37:83:71:5f:18:f1:b1:ba:f9:b3:59:cc:7a:7a:73:d7:c6:a3: 7f:91:98:d8:89:5e:be:ba:32:5a:ff:c4:45:56:7b:58:1c:49: 66:92:01:a4:40:40:98:c1:aa:c0:36:19:1f:09:b7:49:1c:98: b8:b6:e0:63:3a:f9:ee:aa:f7:3b:21:38:66:f7:c9:54:d3:23: a4:78:a0:dc:cd:47:c2:0d:6d:44:74:76:5b:a6:9e:4a:4a:b6: 7b:c5:ce:ac:8d:da:57:52:1b:cb:a3:c0:91:70:db:63:65:7c: af:1e:46:69:e6:e3:3d:ad:9b:ed:ad:8b:de:8c:a2:2a:c6:de: 74:ff:fc:5c:b2:7b:fa:51:50:cf:9d:ac:11:92:23:5a:02:a4: 21:0b:72:f3:4d:37:49:ff:c3:27:c4:6d:3a:c1:07:c1:2c:16: be:7a:e9:9e:01:50:ec:32:00:ef:08:83:1a:c0:93:97:9c:b0: cc:c0:a9:99 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt87eIjMR2LW24JVZS51Q9NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU5NjBlNmNkMWIxYjAwNjNiMTg5MGY3ODA3NDVjMjQ1NjA2 ZGNmNzMwHhcNMjYwMTAyMDQxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMDAxZTQwYmJhM2Q1NGJmOTJkYmU4MjYxMjEyMTFmMDRkMTFjN2RhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1upU3LJJT5skb7A2ET4gWoJaS5cj IBfQ/RcqjI99vXNjkV5DI963eyyB9joj1RT323QTouPojq9AR+C+bIrIbzt2aG6Q 1rjsoWflHqzHmApLBeDRbaGAO15RTDd9ESGg7DLB1HlrIdsAjl2nl+pj6Qbmy5Hx 5IBeOPps+Ckr2QfT/9snCcnuFF33H7MeY1xmn2gWmGJlXNkFf5kMj4p0GNy+cIcW IZwQLTGLLGzva8O54qDGTuSKjYqQBkO6q5lDq55KdSQ/WeZ4poejqtrtNQx9PUdG +ulrk0bWfYDMGB9gETRG8sVDBaokXF5Qi4NcwKveNUpwUmGLAleANktVsQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFBAB5Au6PVS/ktvoJhISEfBNEcfaMB8GA1UdIwQY MBaAFFlg5s0bGwBjsYkPeAdFwkVgbc9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV1dEbXpSc2JBR094aVE5NEIwWENSV0J0ejNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kNmQxYmUtMTBkOS00YTNhLWJkMTQt MGE4MzBkMDFhZmQxLzEvRUFIa0M3bzlWTC1TMi1nbUVoSVI4RTBSeDlvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi9kNmQxYmUtMTBkOS00YTNhLWJkMTQtMGE4MzBkMDFhZmQx LzEvV1dEbXpSc2JBR094aVE5NEIwWENSV0J0ejNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADD4d0D BAXD4cAwDQYJKoZIhvcNAQELBQADggEBAAFTCmmS6OJ0/vsW3Y4RfOldU50brrah qVZLF8bRToYHYqcSttVjsu9gHJNfJroeym0mHUL5ltcO9N7XQ8qNFI3H4ZLgT9h8 zDeDcV8Y8bG6+bNZzHp6c9fGo3+RmNiJXr66Mlr/xEVWe1gcSWaSAaRAQJjBqsA2 GR8Jt0kcmLi24GM6+e6q9zshOGb3yVTTI6R4oNzNR8INbUR0dlumnkpKtnvFzqyN 2ldSG8ujwJFw22NlfK8eRmnm4z2tm+2ti96MoirG3nT//Fyye/pRUM+drBGSI1oC pCELcvNNN0n/wyfEbTrBB8EsFr566Z4BUOwyAO8IgxrAk5ecsMzAqZk= -----END CERTIFICATE-----Generated at Sun Jan 25 17:39:56 2026 by rpki-client