This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/EK98MbFFSSPIZHcJY-ZW_UF_ED0.roa File: EK98MbFFSSPIZHcJY-ZW_UF_ED0.roa (raw, json) Hash identifier: Ug1DIE2wtnkuxo6OV5HarCRpdJ5eCoWMxa7DhgeBQVc= Subject key identifier: 10:AF:7C:31:B1:45:49:23:C8:64:77:09:63:E6:56:FD:41:7F:10:3D Certificate issuer: /CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56 Certificate serial: 019B7DCB5D59F10D764D32B641AAC9423B70 Authority key identifier: BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/EK98MbFFSSPIZHcJY-ZW_UF_ED0.roa Signing time: Fri 02 Jan 2026 08:20:38 +0000 ROA not before: Fri 02 Jan 2026 08:20:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8767 IP address blocks: 46.244.128.0/17 maxlen: 17 62.216.192.0/19 maxlen: 19 62.245.128.0/17 maxlen: 17 80.81.0.0/19 maxlen: 19 82.135.0.0/17 maxlen: 17 83.171.128.0/18 maxlen: 18 88.217.0.0/16 maxlen: 16 93.104.0.0/16 maxlen: 16 185.17.204.0/22 maxlen: 22 188.174.0.0/16 maxlen: 16 212.18.0.0/19 maxlen: 19 212.114.128.0/17 maxlen: 17 212.204.64.0/18 maxlen: 18 212.204.75.0/24 maxlen: 24 213.179.128.0/19 maxlen: 19 2001:a60::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.crl rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.mft rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:5d:59:f1:0d:76:4d:32:b6:41:aa:c9:42:3b:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56 Validity Not Before: Jan 2 08:20:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=10af7c31b1454923c864770963e656fd417f103d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:8b:4b:28:9f:04:36:29:45:aa:8d:09:ea:ab: 71:84:44:53:90:13:4c:16:29:fa:c5:b8:eb:c5:fc: 03:f9:69:59:da:ba:9e:dd:a3:16:57:2a:69:30:27: e0:af:80:a1:bd:a6:dc:5f:1b:63:7c:4d:9c:c9:98: 11:62:57:c6:da:18:cf:dc:5b:8a:fd:56:df:80:7a: cd:0c:dc:7f:1c:0d:54:4b:5f:f9:be:69:35:f5:28: a0:3a:57:24:35:ef:48:c6:03:73:4a:67:d8:f6:42: a1:2f:14:a3:83:26:1a:4c:26:5c:7b:a9:ac:67:e1: d7:5f:6e:12:49:ce:91:cc:0a:ea:0b:bd:3b:f3:06: 48:91:73:d4:60:37:cf:93:2e:ec:26:18:3a:33:bc: b1:b1:35:f2:d2:d1:94:3f:6b:a9:25:f3:48:cd:80: e5:9c:84:ac:f8:79:26:29:f9:9d:e8:76:a0:b0:72: 6d:d7:6f:45:9a:8c:7d:80:3f:c6:8c:51:a6:6c:95: fd:6b:99:1c:64:8e:5e:b4:b3:5e:45:48:a3:ef:d8: 1b:11:46:45:d2:4f:39:ff:55:f1:3c:d0:1c:96:cd: 24:a1:61:91:89:b8:a1:a2:83:2d:bd:8c:9c:88:78: 9b:ea:53:f4:28:a6:86:56:0d:6c:e7:57:90:ce:2f: a0:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:AF:7C:31:B1:45:49:23:C8:64:77:09:63:E6:56:FD:41:7F:10:3D X509v3 Authority Key Identifier: keyid:BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/EK98MbFFSSPIZHcJY-ZW_UF_ED0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.244.128.0/17 62.216.192.0/19 62.245.128.0/17 80.81.0.0/19 82.135.0.0/17 83.171.128.0/18 88.217.0.0/16 93.104.0.0/16 185.17.204.0/22 188.174.0.0/16 212.18.0.0/19 212.114.128.0/17 212.204.64.0/18 213.179.128.0/19 IPv6: 2001:a60::/29 Signature Algorithm: sha256WithRSAEncryption ae:9f:05:65:97:45:c7:b7:45:a3:34:fd:61:91:50:ba:fb:e4: 73:53:4e:0d:fa:04:3d:e9:1f:ac:0c:a4:44:33:cc:6a:29:bb: 5f:d8:01:12:0e:72:72:36:57:4b:0c:d0:df:5f:a4:72:be:81: 67:49:70:a5:0e:ca:61:f4:1c:af:f9:1f:ab:b9:d5:a8:0f:c5: 58:1f:b4:d0:58:f5:da:15:86:4a:b6:b1:17:a5:3b:fa:c6:2b: fc:4d:b6:ef:75:1c:55:d7:71:4f:ac:db:c6:80:0a:e9:ec:45: f7:29:11:bb:3a:2c:3e:fd:73:0a:01:b5:f2:07:5a:f7:00:6e: 7f:1c:02:1f:ca:8d:0b:5c:ca:64:e7:90:5a:a2:39:c2:28:dd: 56:cb:b8:ba:01:74:d2:30:67:ee:65:db:e3:40:98:c8:96:69: 8a:f9:10:e2:9f:58:ea:23:46:e1:59:e6:52:27:50:6b:98:d7: 2e:54:76:71:08:ea:ac:d2:67:1b:e9:80:2d:db:48:7c:3e:4b: c4:27:ac:c6:d6:de:e0:18:13:fc:12:c7:08:3f:8d:7b:17:63: 09:48:fb:95:29:02:b5:c9:47:9c:df:91:92:35:86:31:d6:b6: 94:5a:bf:8f:2b:98:fc:64:9d:cc:cb:05:f7:53:85:f7:6f:16: 42:25:42:ba -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISAZt9y11Z8Q12TTK2QarJQjtwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiOGUyZjVhYzdjYmU2MjExN2RhNDc4YWMwYzAyN2FkNmQ4 NDNjNTYwHhcNMjYwMTAyMDgyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMGFmN2MzMWIxNDU0OTIzYzg2NDc3MDk2M2U2NTZmZDQxN2YxMDNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArItLKJ8ENilFqo0J6qtxhERTkBNM Fin6xbjrxfwD+WlZ2rqe3aMWVyppMCfgr4ChvabcXxtjfE2cyZgRYlfG2hjP3FuK /VbfgHrNDNx/HA1US1/5vmk19SigOlckNe9IxgNzSmfY9kKhLxSjgyYaTCZce6ms Z+HXX24SSc6RzArqC7078wZIkXPUYDfPky7sJhg6M7yxsTXy0tGUP2upJfNIzYDl nISs+HkmKfmd6HagsHJt129Fmox9gD/GjFGmbJX9a5kcZI5etLNeRUij79gbEUZF 0k85/1XxPNAcls0koWGRibihooMtvYyciHib6lP0KKaGVg1s51eQzi+gKwIDAQAB o4ICYzCCAl8wHQYDVR0OBBYEFBCvfDGxRUkjyGR3CWPmVv1BfxA9MB8GA1UdIwQY MBaAFLuOL1rHy+YhF9pHisDAJ61thDxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTQ0dldzZkw1aUVYMmtlS3dNQW5yVzJFUEZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kMjA4YTAtZTQzNi00ODk2LWJlZjIt M2I5ZGIwNWQyMzg0LzEvRUs5OE1iRkZTU1BJWkhjSlktWldfVUZfRUQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS9kMjA4YTAtZTQzNi00ODk2LWJlZjItM2I5ZGIwNWQyMzg0 LzEvdTQ0dldzZkw1aUVYMmtlS3dNQW5yVzJFUEZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBXBAIAATBRAwQHLvSAAwQF PtjAAwQHPvWAAwQFUFEAAwQHUocAAwQGU6uAAwMAWNkDAwBdaAMEArkRzAMDALyu AwQF1BIAAwQH1HKAAwQG1MxAAwQF1bOAMA0EAgACMAcDBQMgAQpgMA0GCSqGSIb3 DQEBCwUAA4IBAQCunwVll0XHt0WjNP1hkVC6++RzU04N+gQ96R+sDKREM8xqKbtf 2AESDnJyNldLDNDfX6RyvoFnSXClDsph9Byv+R+rudWoD8VYH7TQWPXaFYZKtrEX pTv6xiv8TbbvdRxV13FPrNvGgArp7EX3KRG7Oiw+/XMKAbXyB1r3AG5/HAIfyo0L XMpk55BaojnCKN1Wy7i6AXTSMGfuZdvjQJjIlmmK+RDin1jqI0bhWeZSJ1BrmNcu VHZxCOqs0mcb6YAt20h8PkvEJ6zG1t7gGBP8EscIP417F2MJSPuVKQK1yUec35GS NYYx1raUWr+PK5j8ZJ3MywX3U4X3bxZCJUK6 -----END CERTIFICATE-----Generated at Tue Jan 27 05:32:43 2026 by rpki-client