This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ErkKH6MUBHRVA_nBjtsiyqWCAj8.roa File: ErkKH6MUBHRVA_nBjtsiyqWCAj8.roa (raw, json) Hash identifier: +GEFf3sO1jcZVczTX3bbHhRh/j9uZS4RLbwd9ar0tJ8= Subject key identifier: 12:B9:0A:1F:A3:14:04:74:55:03:F9:C1:8E:DB:22:CA:A5:82:02:3F Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019BC3B4B873E99F774E967903820C0B883C Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ErkKH6MUBHRVA_nBjtsiyqWCAj8.roa Signing time: Thu 15 Jan 2026 22:09:19 +0000 ROA not before: Thu 15 Jan 2026 22:09:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213520 IP address blocks: 2a12:bec4:1b50::/44 maxlen: 44 2a12:bec4:1bb0::/44 maxlen: 44 2a12:bec4:1d60::/44 maxlen: 44 2a12:bec4:1d70::/44 maxlen: 44 2a12:bec4:1de0::/44 maxlen: 44 2a12:bec4:1e50::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c3:b4:b8:73:e9:9f:77:4e:96:79:03:82:0c:0b:88:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 15 22:09:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=12b90a1fa31404745503f9c18edb22caa582023f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d9:88:b0:ba:05:50:75:18:a9:44:c4:67:10: b5:42:d4:ac:1b:8c:72:ba:5f:59:e4:46:1f:bd:a5: 24:62:3f:23:b9:47:9f:93:ad:08:f3:ce:e9:7e:04: f8:78:9d:db:92:a5:0c:96:21:63:8d:d4:14:32:9d: 64:28:43:bb:b4:bb:18:8a:63:94:f8:b2:46:3c:5a: 5d:d3:6a:6c:2e:f7:94:4f:bc:cf:42:78:d7:99:8a: 57:5d:31:32:86:71:fa:5b:3f:fa:9e:31:5f:3c:d6: 0a:33:71:ef:98:e7:06:a9:6d:4c:65:c8:f3:95:f0: df:c6:58:06:fd:71:10:8b:b9:ee:0e:a0:56:a4:25: f4:65:a9:2e:a1:1f:c1:9d:a2:93:84:18:d5:47:08: 7a:fc:85:e8:31:72:d1:30:a1:48:aa:fb:38:8f:bb: 30:b6:e5:f9:52:fb:9f:4b:b7:47:a6:a6:44:cf:a9: e9:9a:a3:85:2c:46:10:46:93:41:ea:5a:75:b2:9d: ce:e8:45:99:80:24:38:c1:e0:5f:5f:2a:49:69:a7: a7:58:77:76:22:91:96:79:71:be:0b:64:12:cf:59: e5:a7:0d:9f:34:fd:25:f5:ca:ef:39:71:34:05:0a: 9e:f1:08:81:87:ec:ac:4d:05:11:ea:0d:9e:7f:61: 46:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:B9:0A:1F:A3:14:04:74:55:03:F9:C1:8E:DB:22:CA:A5:82:02:3F X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/ErkKH6MUBHRVA_nBjtsiyqWCAj8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:1b50::/44 2a12:bec4:1bb0::/44 2a12:bec4:1d60::/43 2a12:bec4:1de0::/44 2a12:bec4:1e50::/44 Signature Algorithm: sha256WithRSAEncryption 71:fb:36:e9:98:65:87:ca:63:ee:01:73:fe:ca:7c:53:6a:ac: 05:28:66:bf:34:0a:19:8d:20:bb:5a:8e:4e:78:0a:5f:3f:70: b7:09:c0:c3:bb:96:35:a7:bf:29:27:d5:1f:d7:c7:fb:6d:4f: 84:57:e3:4a:3c:23:ed:5c:35:8f:af:17:4e:ff:c3:72:62:f4: 97:c9:e7:f3:66:ea:6b:40:93:15:87:61:20:2b:a3:5d:30:bd: d4:e2:b1:77:1f:db:7f:0c:d8:c9:df:e2:5d:89:dc:e2:4b:28: 14:5f:15:f5:0c:32:c8:f8:cc:4f:2c:51:42:5b:34:98:44:8c: f2:5a:5e:dd:99:d4:05:a4:1d:ab:e5:14:b0:90:70:8e:4f:7f: 81:bb:d2:a2:b0:2e:67:9e:eb:a2:e4:13:80:52:f6:b5:aa:77: 2f:c7:5a:35:80:2c:0d:75:d7:1c:62:30:80:09:25:01:02:5e: 0e:c4:c5:f8:65:f0:f4:7d:ca:2f:fe:4f:29:aa:f1:60:37:a7: 99:af:10:9e:22:31:ce:ec:8c:9c:bf:14:26:af:7c:ca:8f:62: 1d:91:9b:3f:a5:5f:82:24:75:87:f7:1e:71:36:9a:13:3d:33: d3:8d:39:2d:1c:a6:8a:ad:28:06:96:07:c3:a5:37:b2:d9:1b: a5:77:0a:b9 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZvDtLhz6Z93TpZ5A4IMC4g8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTE1MjIwOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMmI5MGExZmEzMTQwNDc0NTUwM2Y5YzE4ZWRiMjJjYWE1ODIwMjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9mIsLoFUHUYqUTEZxC1QtSsG4xy ul9Z5EYfvaUkYj8juUefk60I887pfgT4eJ3bkqUMliFjjdQUMp1kKEO7tLsYimOU +LJGPFpd02psLveUT7zPQnjXmYpXXTEyhnH6Wz/6njFfPNYKM3HvmOcGqW1MZcjz lfDfxlgG/XEQi7nuDqBWpCX0ZakuoR/BnaKThBjVRwh6/IXoMXLRMKFIqvs4j7sw tuX5UvufS7dHpqZEz6npmqOFLEYQRpNB6lp1sp3O6EWZgCQ4weBfXypJaaenWHd2 IpGWeXG+C2QSz1nlpw2fNP0l9crvOXE0BQqe8QiBh+ysTQUR6g2ef2FGNwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFBK5Ch+jFAR0VQP5wY7bIsqlggI/MB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvRXJrS0g2TVVCSFJWQV9uQmp0c2l5cVdDQWo4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcEKhK+xBtQ AwcEKhK+xBuwAwcFKhK+xB1gAwcEKhK+xB3gAwcEKhK+xB5QMA0GCSqGSIb3DQEB CwUAA4IBAQBx+zbpmGWHymPuAXP+ynxTaqwFKGa/NAoZjSC7Wo5OeApfP3C3CcDD u5Y1p78pJ9Uf18f7bU+EV+NKPCPtXDWPrxdO/8NyYvSXyefzZuprQJMVh2EgK6Nd ML3U4rF3H9t/DNjJ3+JdidziSygUXxX1DDLI+MxPLFFCWzSYRIzyWl7dmdQFpB2r 5RSwkHCOT3+Bu9KisC5nnuui5BOAUva1qncvx1o1gCwNddccYjCACSUBAl4OxMX4 ZfD0fcov/k8pqvFgN6eZrxCeIjHO7IycvxQmr3zKj2IdkZs/pV+CJHWH9x5xNpoT PTPTjTktHKaKrSgGlgfDpTey2Ruldwq5 -----END CERTIFICATE-----Generated at Tue Jan 20 02:49:14 2026 by rpki-client