This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ehLpb_okv_BKobTR4Ea4FDdQ0sY.roa File: ehLpb_okv_BKobTR4Ea4FDdQ0sY.roa (raw, json) Hash identifier: I1WYCShbHEPI2HusxnlSCkC9MRLR9xdS/4nGH0vILW4= Subject key identifier: 7A:12:E9:6F:FA:24:BF:F0:4A:A1:B4:D1:E0:46:B8:14:37:50:D2:C6 Certificate issuer: /CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e Certificate serial: 019B7F14D582EB2439FE0A4ACE9B6BB8574A Authority key identifier: B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ehLpb_okv_BKobTR4Ea4FDdQ0sY.roa Signing time: Fri 02 Jan 2026 14:20:30 +0000 ROA not before: Fri 02 Jan 2026 14:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1257 IP address blocks: 2a11:cd40:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.mft rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:d5:82:eb:24:39:fe:0a:4a:ce:9b:6b:b8:57:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9c3633acbf63c2ecb10205b9b92580abb4eb87e Validity Not Before: Jan 2 14:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7a12e96ffa24bff04aa1b4d1e046b8143750d2c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3f:03:2c:b5:e4:96:2c:a5:24:13:07:1c:ac: 78:0d:5c:34:de:14:33:4f:8b:58:ed:1c:e2:e1:00: f5:f0:c2:c1:88:07:1a:15:64:f0:37:9c:3a:1b:fb: 4c:c1:07:7c:b2:0f:6c:97:b2:55:76:38:c1:0a:95: c3:10:a3:2b:0c:8a:d4:46:34:8d:7d:0b:36:bd:1f: 8d:0e:65:30:4e:e5:d7:6b:c3:61:18:0b:df:e7:99: 68:1c:a0:e1:95:06:da:09:e8:3a:65:5e:03:00:d6: 1e:b4:1d:93:4f:fc:e8:d2:51:dd:f8:70:a4:82:64: cf:d5:3a:a4:05:49:5b:a5:6d:ed:0c:19:4d:bb:de: 83:cf:56:ac:c7:24:f0:db:a9:ca:86:31:3f:84:94: 40:a6:da:09:7a:ec:3f:a4:8b:a5:9e:79:91:35:b4: 99:c1:d3:a2:c0:3c:f7:61:d5:cc:dd:26:18:2b:fe: e2:aa:51:58:a3:b5:72:4d:77:d3:83:a6:31:a6:9a: 8e:90:ed:c3:20:4e:82:3e:22:f1:dd:2b:36:23:8a: 95:a6:4c:88:b7:5a:87:53:c5:6e:2a:49:4b:37:49: 65:34:f7:2c:97:70:b5:e5:4e:2d:8b:fc:d5:b5:65: 78:49:61:36:a5:ba:c2:e6:00:41:6b:e2:92:d1:ff: 5c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:12:E9:6F:FA:24:BF:F0:4A:A1:B4:D1:E0:46:B8:14:37:50:D2:C6 X509v3 Authority Key Identifier: keyid:B9:C3:63:3A:CB:F6:3C:2E:CB:10:20:5B:9B:92:58:0A:BB:4E:B8:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ucNjOsv2PC7LECBbm5JYCrtOuH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ehLpb_okv_BKobTR4Ea4FDdQ0sY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0cd2f3-0f6a-4eaa-9845-99eca5651023/1/ucNjOsv2PC7LECBbm5JYCrtOuH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:cd40:1000::/48 Signature Algorithm: sha256WithRSAEncryption 4b:df:47:f5:ac:57:ff:fb:27:a4:2e:5f:59:4c:02:91:a2:69: a0:73:7a:f3:81:52:c2:c2:64:0a:c0:f3:68:ae:6b:00:e5:be: 5c:02:41:43:f6:d1:74:73:45:2a:9a:ac:e5:52:f5:92:53:64: f0:dc:8d:2a:cb:8c:f0:a3:71:36:11:38:03:ac:b7:23:4e:76: a6:87:a9:7c:89:26:ff:83:40:0c:37:c4:95:26:66:9c:8a:98: 11:9c:bf:d5:2a:cc:aa:e6:c0:b3:dc:13:d4:55:d5:21:e2:5b: 2e:f6:7a:20:4d:c6:62:34:9c:42:10:5d:53:30:56:7d:7e:0e: cf:f6:63:b8:aa:78:73:d5:b6:82:75:f1:bb:07:4f:66:af:5e: 71:02:a4:49:c1:6c:5d:3b:06:22:7d:fb:76:e3:cb:ca:2f:34: 5a:49:83:35:99:f1:57:65:88:c1:f9:a0:29:de:28:b5:93:8a: da:02:5f:10:b6:2b:b5:d6:9a:c3:17:46:a1:c9:45:e7:93:9f: 28:48:b6:87:db:37:a8:d9:29:50:d5:a4:bb:9c:73:12:21:d1: 2b:2c:66:fc:39:05:6f:2e:79:fd:42:63:f9:0d:a2:3f:2c:6a: b0:20:4e:04:3c:6f:45:4f:fa:74:eb:d5:1f:e8:0f:ed:7d:99: c2:73:13:24 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FNWC6yQ5/gpKzptruFdKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5YzM2MzNhY2JmNjNjMmVjYjEwMjA1YjliOTI1ODBhYmI0 ZWI4N2UwHhcNMjYwMTAyMTQyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YTEyZTk2ZmZhMjRiZmYwNGFhMWI0ZDFlMDQ2YjgxNDM3NTBkMmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvD8DLLXkliylJBMHHKx4DVw03hQz T4tY7Rzi4QD18MLBiAcaFWTwN5w6G/tMwQd8sg9sl7JVdjjBCpXDEKMrDIrURjSN fQs2vR+NDmUwTuXXa8NhGAvf55loHKDhlQbaCeg6ZV4DANYetB2TT/zo0lHd+HCk gmTP1TqkBUlbpW3tDBlNu96Dz1asxyTw26nKhjE/hJRAptoJeuw/pIulnnmRNbSZ wdOiwDz3YdXM3SYYK/7iqlFYo7VyTXfTg6YxppqOkO3DIE6CPiLx3Ss2I4qVpkyI t1qHU8VuKklLN0llNPcsl3C15U4ti/zVtWV4SWE2pbrC5gBBa+KS0f9cWQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFHoS6W/6JL/wSqG00eBGuBQ3UNLGMB8GA1UdIwQY MBaAFLnDYzrL9jwuyxAgW5uSWAq7Trh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUt OTllY2E1NjUxMDIzLzEvZWhMcGJfb2t2X0JLb2JUUjRFYTRGRGRRMHNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi8wY2QyZjMtMGY2YS00ZWFhLTk4NDUtOTllY2E1NjUxMDIz LzEvdWNOak9zdjJQQzdMRUNCYm01SllDcnRPdUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhHNQBAA MA0GCSqGSIb3DQEBCwUAA4IBAQBL30f1rFf/+yekLl9ZTAKRommgc3rzgVLCwmQK wPNormsA5b5cAkFD9tF0c0UqmqzlUvWSU2Tw3I0qy4zwo3E2ETgDrLcjTnamh6l8 iSb/g0AMN8SVJmacipgRnL/VKsyq5sCz3BPUVdUh4lsu9nogTcZiNJxCEF1TMFZ9 fg7P9mO4qnhz1baCdfG7B09mr15xAqRJwWxdOwYifft248vKLzRaSYM1mfFXZYjB +aAp3ii1k4raAl8Qtiu11prDF0ahyUXnk58oSLaH2zeo2SlQ1aS7nHMSIdErLGb8 OQVvLnn9QmP5DaI/LGqwIE4EPG9FT/p069Uf6A/tfZnCcxMk -----END CERTIFICATE-----Generated at Mon Jan 26 14:04:29 2026 by rpki-client