This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/ecRzktYrFjLVxOC-GlugSTEtWK0.roa File: ecRzktYrFjLVxOC-GlugSTEtWK0.roa (raw, json) Hash identifier: rKqBSvS82bzwCh2lS4Ae0RGYw1nfUEHFPUJO90hBbGI= Subject key identifier: 79:C4:73:92:D6:2B:16:32:D5:C4:E0:BE:1A:5B:A0:49:31:2D:58:AD Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb Certificate serial: 019B7F15DBF63E08093078190440B551C181 Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/ecRzktYrFjLVxOC-GlugSTEtWK0.roa Signing time: Fri 02 Jan 2026 14:21:37 +0000 ROA not before: Fri 02 Jan 2026 14:21:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20986 IP address blocks: 185.249.140.0/22 maxlen: 22 185.249.140.0/24 maxlen: 24 185.249.141.0/24 maxlen: 24 185.249.142.0/24 maxlen: 24 185.249.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:db:f6:3e:08:09:30:78:19:04:40:b5:51:c1:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb Validity Not Before: Jan 2 14:21:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=79c47392d62b1632d5c4e0be1a5ba049312d58ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:78:f5:87:1d:4e:65:5e:07:54:9a:74:47:80: 05:c1:de:5b:b5:6b:75:d7:57:9f:f5:60:bf:31:b5: be:32:21:44:98:52:f9:bf:49:be:8f:63:1a:6f:44: c2:9b:46:08:07:4a:a7:95:67:ec:9c:c7:91:ab:af: 17:b7:e4:c6:02:f1:5f:33:f4:fa:1a:58:64:69:45: 61:97:c7:ca:5c:c1:9e:b6:72:7b:43:fa:0e:e0:19: 24:fa:2a:71:ef:8a:af:8c:f9:d2:39:4c:8e:4c:e9: 4d:16:a8:66:a4:f0:3e:3f:60:96:b2:87:be:47:6e: e5:46:a5:4f:60:ed:c3:16:dc:6d:96:37:34:95:8e: 21:89:86:10:a0:8f:b7:75:69:7a:1d:c0:0e:fa:f9: 34:86:ef:19:38:2a:11:36:57:3f:2a:11:5c:d6:aa: 96:31:4a:09:c0:15:fb:a8:88:e5:be:ef:da:0a:08: b0:92:1f:c2:eb:ae:be:5f:af:65:21:43:81:3e:1e: ff:52:a5:17:d1:b9:96:df:15:74:11:ac:37:61:1c: a4:6b:6d:38:c5:f8:1f:29:50:2a:ef:f1:db:60:50: 48:8f:6d:d4:43:47:9f:87:4e:b7:4b:05:b4:7c:49: a6:83:91:ac:be:79:ce:22:0f:74:c7:5d:f4:92:de: 36:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:C4:73:92:D6:2B:16:32:D5:C4:E0:BE:1A:5B:A0:49:31:2D:58:AD X509v3 Authority Key Identifier: keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/ecRzktYrFjLVxOC-GlugSTEtWK0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.249.140.0/22 Signature Algorithm: sha256WithRSAEncryption 92:c4:5d:18:77:78:2f:25:20:53:36:b9:4e:1a:c0:5c:ef:56: 98:da:e3:e1:3f:33:35:9f:dd:ff:59:33:b9:5b:ba:b6:6b:11: a3:e9:fd:04:bf:32:b1:7a:4c:a3:05:00:fa:5c:fb:dd:a5:a1: 34:67:7f:25:7f:06:84:26:86:2f:4e:12:72:e4:6f:04:13:df: 7f:55:6d:79:91:0a:0f:a8:31:41:82:f5:73:9d:ad:dc:f6:59: 84:4d:f0:9c:b0:b5:79:28:79:41:5c:f2:57:7d:be:f0:f9:48: 3a:04:38:64:be:82:dd:41:25:13:41:53:f9:dc:e4:1a:1e:a0: e4:19:13:45:04:f0:17:17:21:e4:7e:b0:67:38:51:ac:91:ad: 87:ab:11:bb:cc:41:05:6c:05:b4:a3:64:47:db:47:64:6e:ac: 6e:fb:d5:04:9b:41:51:5f:bd:cf:5b:4d:aa:80:d8:12:ab:99: d1:b9:3f:ed:f0:f4:ce:d8:bf:c0:87:87:ea:79:6b:09:1e:78: 31:15:80:73:1a:63:3d:3c:4e:b0:1e:55:20:b0:61:ba:22:2f: 20:73:72:8c:4b:a8:3a:56:b6:9a:eb:54:17:cf:c5:d8:1e:ae: bd:bb:97:75:95:ce:dc:90:a9:77:b4:38:c2:fc:04:46:0e:f3: 8c:a8:d8:da -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/Fdv2PggJMHgZBEC1UcGBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh MzdlZWIwHhcNMjYwMTAyMTQyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3OWM0NzM5MmQ2MmIxNjMyZDVjNGUwYmUxYTViYTA0OTMxMmQ1OGFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHj1hx1OZV4HVJp0R4AFwd5btWt1 11ef9WC/MbW+MiFEmFL5v0m+j2Mab0TCm0YIB0qnlWfsnMeRq68Xt+TGAvFfM/T6 GlhkaUVhl8fKXMGetnJ7Q/oO4Bkk+ipx74qvjPnSOUyOTOlNFqhmpPA+P2CWsoe+ R27lRqVPYO3DFtxtljc0lY4hiYYQoI+3dWl6HcAO+vk0hu8ZOCoRNlc/KhFc1qqW MUoJwBX7qIjlvu/aCgiwkh/C666+X69lIUOBPh7/UqUX0bmW3xV0Eaw3YRyka204 xfgfKVAq7/HbYFBIj23UQ0efh063SwW0fEmmg5GsvnnOIg90x130kt42xQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHnEc5LWKxYy1cTgvhpboEkxLVitMB8GA1UdIwQY MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt MGM0ODFmMGFkMjBlLzEvZWNSemt0WXJGakxWeE9DLUdsdWdTVEV0V0swLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufmMMA0G CSqGSIb3DQEBCwUAA4IBAQCSxF0Yd3gvJSBTNrlOGsBc71aY2uPhPzM1n93/WTO5 W7q2axGj6f0EvzKxekyjBQD6XPvdpaE0Z38lfwaEJoYvThJy5G8EE99/VW15kQoP qDFBgvVzna3c9lmETfCcsLV5KHlBXPJXfb7w+Ug6BDhkvoLdQSUTQVP53OQaHqDk GRNFBPAXFyHkfrBnOFGska2HqxG7zEEFbAW0o2RH20dkbqxu+9UEm0FRX73PW02q gNgSq5nRuT/t8PTO2L/Ah4fqeWsJHngxFYBzGmM9PE6wHlUgsGG6Ii8gc3KMS6g6 Vraa61QXz8XYHq69u5d1lc7ckKl3tDjC/ARGDvOMqNja -----END CERTIFICATE-----Generated at Mon Feb 9 22:30:50 2026 by rpki-client