This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/efcP8-qp6rGIDUknP6ranBAFenc.roa File: efcP8-qp6rGIDUknP6ranBAFenc.roa (raw, json) Hash identifier: eCznaG89xquMPr3uYbjxlMYwYWoDIZp7pfe+xehKenM= Subject key identifier: 79:F7:0F:F3:EA:A9:EA:B1:88:0D:49:27:3F:AA:DA:9C:10:05:7A:77 Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Certificate serial: 019B7D5B4C4ECB12EBE9C66AD67060A73DB1 Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/efcP8-qp6rGIDUknP6ranBAFenc.roa Signing time: Fri 02 Jan 2026 06:18:13 +0000 ROA not before: Fri 02 Jan 2026 06:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 137409 IP address blocks: 158.173.34.0/24 maxlen: 24 158.173.42.0/24 maxlen: 24 158.173.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:4c:4e:cb:12:eb:e9:c6:6a:d6:70:60:a7:3d:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Validity Not Before: Jan 2 06:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=79f70ff3eaa9eab1880d49273faada9c10057a77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9b:9d:56:62:98:3d:8e:6f:19:c5:b9:c2:7c: 14:ee:e5:b6:e7:37:b3:38:55:9e:36:0e:f3:bc:fe: 20:cd:5e:43:ea:86:3e:d5:c4:19:d3:7a:3c:4e:c3: 4b:8c:22:1b:1e:b4:77:a3:f3:fd:b6:34:a1:dd:f9: 07:fc:29:9b:eb:0c:70:e0:b2:38:f5:ee:d0:a3:46: e0:f7:89:8b:04:f9:c8:da:8e:54:0e:3b:9f:56:d3: b1:b4:49:d2:c4:52:71:2e:d3:c8:17:1c:93:39:7d: 7e:5f:bb:f8:fd:f6:80:fc:a2:44:c7:ee:9a:c3:73: b5:de:67:3f:97:34:b5:ce:8a:06:98:83:c8:d8:90: f4:1c:0a:fc:54:63:13:7f:9d:44:56:be:5c:dd:d0: 9a:d0:65:3f:fc:71:15:48:3f:71:69:4e:34:41:21: ff:bf:17:a5:ba:80:6b:3e:d0:bf:28:13:9d:3a:b6: f9:ca:0e:02:47:41:53:83:10:f1:8f:5e:83:b7:4d: b6:17:44:23:31:70:0f:26:22:61:19:3a:11:be:1e: 65:a0:7d:49:a9:9d:04:98:d1:3c:9c:41:91:17:a1: 31:e5:16:5a:c1:46:2e:b9:f2:04:fe:6f:c7:0c:b6: e3:89:ca:cd:90:08:7d:70:f9:9e:69:49:83:22:87: 1d:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:F7:0F:F3:EA:A9:EA:B1:88:0D:49:27:3F:AA:DA:9C:10:05:7A:77 X509v3 Authority Key Identifier: keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/efcP8-qp6rGIDUknP6ranBAFenc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.34.0/24 158.173.42.0/23 Signature Algorithm: sha256WithRSAEncryption 72:ff:45:2f:a7:23:25:92:b5:52:d3:3b:e4:5d:38:18:82:7b: 3e:96:ae:2c:29:c9:5c:e4:76:cd:6d:fa:0d:55:56:8d:31:84: 55:eb:cc:c8:00:40:71:b4:d3:e3:73:3d:99:5c:2a:3b:e4:1e: 9f:13:e4:a5:5c:c7:62:21:64:a4:00:00:fa:5b:40:35:04:2e: fe:8a:85:dc:88:d5:25:8f:24:aa:07:71:19:90:21:72:dd:92: 9d:9b:1c:7c:e6:57:0d:d8:8a:d4:22:00:18:4a:db:17:90:76: 44:ea:19:7f:d8:7b:5d:37:a0:f8:ae:3f:35:86:e3:6b:d6:87: 60:5e:27:bb:57:e1:c5:98:fb:80:2e:91:12:a7:06:d9:02:92: 96:83:ef:49:8f:e6:b8:eb:47:14:07:b9:e7:60:be:b7:d6:7d: 16:aa:dc:ed:97:59:a9:95:9c:1b:79:7a:a7:b3:6c:1f:39:11: 59:33:ce:da:1b:8e:fd:2c:10:5c:32:50:ff:9e:b5:3e:60:00: 2f:45:9e:f6:c5:ce:5b:f4:65:73:41:a1:73:00:37:e9:79:00: 76:b3:90:7d:44:5b:1d:2a:19:2f:5e:ed:cb:e9:b6:23:41:a8: fa:be:44:11:27:6d:d1:76:62:fe:51:76:3d:4a:14:f0:36:bf: 5b:c0:32:0f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9W0xOyxLr6cZq1nBgpz2xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh NDA4MjMwHhcNMjYwMTAyMDYxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3OWY3MGZmM2VhYTllYWIxODgwZDQ5MjczZmFhZGE5YzEwMDU3YTc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJudVmKYPY5vGcW5wnwU7uW25zez OFWeNg7zvP4gzV5D6oY+1cQZ03o8TsNLjCIbHrR3o/P9tjSh3fkH/Cmb6wxw4LI4 9e7Qo0bg94mLBPnI2o5UDjufVtOxtEnSxFJxLtPIFxyTOX1+X7v4/faA/KJEx+6a w3O13mc/lzS1zooGmIPI2JD0HAr8VGMTf51EVr5c3dCa0GU//HEVSD9xaU40QSH/ vxeluoBrPtC/KBOdOrb5yg4CR0FTgxDxj16Dt022F0QjMXAPJiJhGToRvh5loH1J qZ0EmNE8nEGRF6Ex5RZawUYuufIE/m/HDLbjicrNkAh9cPmeaUmDIocd0wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHn3D/PqqeqxiA1JJz+q2pwQBXp3MB8GA1UdIwQY MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt ZDJjZDI2YjY5ZGYxLzEvZWZjUDgtcXA2ckdJRFVrblA2cmFuQkFGZW5jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnq0iAwQB nq0qMA0GCSqGSIb3DQEBCwUAA4IBAQBy/0UvpyMlkrVS0zvkXTgYgns+lq4sKclc 5HbNbfoNVVaNMYRV68zIAEBxtNPjcz2ZXCo75B6fE+SlXMdiIWSkAAD6W0A1BC7+ ioXciNUljySqB3EZkCFy3ZKdmxx85lcN2IrUIgAYStsXkHZE6hl/2HtdN6D4rj81 huNr1odgXie7V+HFmPuALpESpwbZApKWg+9Jj+a460cUB7nnYL631n0Wqtztl1mp lZwbeXqns2wfORFZM87aG479LBBcMlD/nrU+YAAvRZ72xc5b9GVzQaFzADfpeQB2 s5B9RFsdKhkvXu3L6bYjQaj6vkQRJ23RdmL+UXY9ShTwNr9bwDIP -----END CERTIFICATE-----Generated at Mon Jan 19 16:50:41 2026 by rpki-client