This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/5zEkxsehYVrSBWS8R6vq4w7gVtY.roa File: 5zEkxsehYVrSBWS8R6vq4w7gVtY.roa (raw, json) Hash identifier: y9Gfd8AbrZdX5+SsYIumelvvyPK5gzC9wuMjV0Ywdgw= Subject key identifier: E7:31:24:C6:C7:A1:61:5A:D2:05:64:BC:47:AB:EA:E3:0E:E0:56:D6 Certificate issuer: /CN=aa70fbb3db228437d605799ac4f4598d22e13e1b Certificate serial: 019B7F8381A2EDAB22ED3C9A7D6799FD0008 Authority key identifier: AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/5zEkxsehYVrSBWS8R6vq4w7gVtY.roa Signing time: Fri 02 Jan 2026 16:21:23 +0000 ROA not before: Fri 02 Jan 2026 16:21:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35223 IP address blocks: 82.117.0.0/19 maxlen: 19 193.168.168.0/22 maxlen: 22 2a03:5480::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.mft rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:81:a2:ed:ab:22:ed:3c:9a:7d:67:99:fd:00:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa70fbb3db228437d605799ac4f4598d22e13e1b Validity Not Before: Jan 2 16:21:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e73124c6c7a1615ad20564bc47abeae30ee056d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:43:25:64:e1:d2:55:23:24:f9:8d:3d:85:84: bf:6d:37:8c:f9:03:02:cc:79:22:8b:6c:1f:fc:1b: 78:06:0c:e8:38:e5:8d:bd:39:fb:fd:3f:93:54:d2: 32:c1:1a:9d:4f:ae:8b:45:33:db:5d:11:9f:cb:e1: e9:9a:3a:f8:38:76:2a:da:a9:33:21:87:0f:b9:61: 8c:b2:20:62:5f:0f:2c:ec:f2:84:82:3e:17:5d:b8: 71:9f:7b:57:d9:54:e0:b0:4a:55:e4:51:b6:ce:ca: 0c:01:2e:78:6c:12:38:7f:83:4b:6d:4d:aa:1e:45: ba:47:ec:40:44:87:8d:9f:0c:8c:e4:16:a9:25:9d: fb:31:e6:72:95:d7:f3:f0:a4:76:1e:70:7f:ab:93: 12:74:f8:b7:d1:5f:f0:80:61:7d:4f:4f:da:9f:71: 13:8c:98:d7:da:bf:25:81:9a:44:6c:df:fa:8d:cb: fd:b5:3d:69:9e:26:ce:c6:3f:7b:65:22:a4:a2:f0: ec:43:ef:28:48:bc:5f:b0:7f:13:21:db:61:ee:fb: cf:18:ac:ea:27:78:86:f7:43:d6:90:f4:ea:ba:42: d6:38:35:51:61:e9:42:0e:6b:55:b4:51:76:bf:2f: 59:79:a2:8d:dc:03:21:e9:7c:e0:5f:89:7d:e7:6c: f2:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:31:24:C6:C7:A1:61:5A:D2:05:64:BC:47:AB:EA:E3:0E:E0:56:D6 X509v3 Authority Key Identifier: keyid:AA:70:FB:B3:DB:22:84:37:D6:05:79:9A:C4:F4:59:8D:22:E1:3E:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnD7s9sihDfWBXmaxPRZjSLhPhs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/5zEkxsehYVrSBWS8R6vq4w7gVtY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d8e184-e79b-47fe-96dc-5ba4235ce619/1/qnD7s9sihDfWBXmaxPRZjSLhPhs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.117.0.0/19 193.168.168.0/22 IPv6: 2a03:5480::/29 Signature Algorithm: sha256WithRSAEncryption a4:eb:5a:07:a3:53:ba:55:0a:56:15:dd:fd:47:ed:bd:72:13: 7d:0e:43:b1:81:be:79:b8:62:3e:fd:a1:9e:51:1c:13:4d:d7: 92:91:52:3d:22:02:08:95:8c:c7:4c:7f:cb:25:cd:8d:af:1f: df:db:66:af:27:5d:52:b4:c1:65:b5:4f:9c:f1:5f:12:a2:4c: ba:27:f0:5d:ce:8d:08:bc:01:06:71:76:c1:c3:20:24:48:f9: ad:d8:fe:d8:ce:1a:9e:1a:72:c3:58:e8:9e:ef:9b:92:18:da: 83:64:4e:70:d7:e9:4e:b5:00:3e:d6:94:1a:04:0f:2a:04:0a: 8a:fc:80:6d:17:bf:2f:49:d5:5a:53:5c:c2:86:72:e7:03:61: 96:6f:0b:9e:31:fe:53:e9:94:05:c5:f4:35:67:97:43:e8:8d: b1:7c:a7:29:56:67:0f:17:21:a8:c6:5e:cc:80:a2:73:a9:8d: 7d:c2:e9:18:70:d6:77:6f:fb:1c:e2:7b:3e:f3:68:0e:e8:9c: 64:20:d7:2a:a4:7b:40:2e:8f:cf:23:23:4e:0f:ed:51:02:31: 87:47:93:93:68:d1:8b:79:b9:b2:72:0f:be:15:0a:35:61:52: 0e:18:34:27:a2:4b:f2:03:6f:e4:ad:17:7e:3c:4a:1b:8c:77: 3f:93:4e:ad -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/g4Gi7asi7TyafWeZ/QAIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNzBmYmIzZGIyMjg0MzdkNjA1Nzk5YWM0ZjQ1OThkMjJl MTNlMWIwHhcNMjYwMTAyMTYyMTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNzMxMjRjNmM3YTE2MTVhZDIwNTY0YmM0N2FiZWFlMzBlZTA1NmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUMlZOHSVSMk+Y09hYS/bTeM+QMC zHkii2wf/Bt4BgzoOOWNvTn7/T+TVNIywRqdT66LRTPbXRGfy+Hpmjr4OHYq2qkz IYcPuWGMsiBiXw8s7PKEgj4XXbhxn3tX2VTgsEpV5FG2zsoMAS54bBI4f4NLbU2q HkW6R+xARIeNnwyM5BapJZ37MeZyldfz8KR2HnB/q5MSdPi30V/wgGF9T0/an3ET jJjX2r8lgZpEbN/6jcv9tT1pnibOxj97ZSKkovDsQ+8oSLxfsH8TIdth7vvPGKzq J3iG90PWkPTqukLWODVRYelCDmtVtFF2vy9ZeaKN3AMh6XzgX4l952zySwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOcxJMbHoWFa0gVkvEer6uMO4FbWMB8GA1UdIwQY MBaAFKpw+7PbIoQ31gV5msT0WY0i4T4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMt NWJhNDIzNWNlNjE5LzEvNXpFa3hzZWhZVnJTQldTOFI2dnE0dzdnVnRZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9kOGUxODQtZTc5Yi00N2ZlLTk2ZGMtNWJhNDIzNWNlNjE5 LzEvcW5EN3M5c2loRGZXQlhtYXhQUlpqU0xoUGhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUnUAAwQC waioMA0EAgACMAcDBQMqA1SAMA0GCSqGSIb3DQEBCwUAA4IBAQCk61oHo1O6VQpW Fd39R+29chN9DkOxgb55uGI+/aGeURwTTdeSkVI9IgIIlYzHTH/LJc2Nrx/f22av J11StMFltU+c8V8Soky6J/Bdzo0IvAEGcXbBwyAkSPmt2P7YzhqeGnLDWOie75uS GNqDZE5w1+lOtQA+1pQaBA8qBAqK/IBtF78vSdVaU1zChnLnA2GWbwueMf5T6ZQF xfQ1Z5dD6I2xfKcpVmcPFyGoxl7MgKJzqY19wukYcNZ3b/sc4ns+82gO6JxkINcq pHtALo/PIyNOD+1RAjGHR5OTaNGLebmycg++FQo1YVIOGDQnokvyA2/krRd+PEob jHc/k06t -----END CERTIFICATE-----Generated at Mon Feb 9 21:00:43 2026 by rpki-client