This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/EwPzuIXXAY5u8_S6Cn0AasfKr5Y.roa File: EwPzuIXXAY5u8_S6Cn0AasfKr5Y.roa (raw, json) Hash identifier: ZLQXJBiU/cJ5PgC0zxsFgBpflI2UY+bKrzKvcAF0V1M= Subject key identifier: 13:03:F3:B8:85:D7:01:8E:6E:F3:F4:BA:0A:7D:00:6A:C7:CA:AF:96 Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019B7A5B0F9081DE4917F6B6508516CD55B1 Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/EwPzuIXXAY5u8_S6Cn0AasfKr5Y.roa Signing time: Thu 01 Jan 2026 16:19:06 +0000 ROA not before: Thu 01 Jan 2026 16:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210705 IP address blocks: 212.23.214.0/24 maxlen: 24 2a05:9080:3::/48 maxlen: 48 2a05:9080:11::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:0f:90:81:de:49:17:f6:b6:50:85:16:cd:55:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Jan 1 16:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1303f3b885d7018e6ef3f4ba0a7d006ac7caaf96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a2:9f:a8:ea:cd:a0:b0:f9:69:31:df:47:0d: 7e:cc:6c:e9:62:20:b9:e1:d2:02:1f:fa:46:f0:99: 3d:32:c8:ba:01:b0:c3:b7:cb:07:2c:22:28:b9:e1: 60:ef:4a:f0:5d:a6:3f:80:89:05:9c:19:94:3c:27: f2:17:3b:7e:4e:3e:ad:91:54:f0:b6:1a:24:73:3e: f9:0b:dc:5a:5e:3b:19:49:27:a8:c2:5d:02:e2:4e: df:0b:06:1e:af:27:03:f6:81:7d:96:d0:b3:ed:5a: e0:90:06:33:3b:d2:de:93:ca:21:17:f7:64:43:55: 6c:2b:b7:f1:2f:08:ff:87:03:c3:7f:66:fb:8d:81: af:49:23:13:ed:ba:06:aa:65:0c:ec:7e:53:e6:20: e8:f2:e7:32:a4:97:57:9b:90:28:59:c1:10:e2:a7: 59:ab:76:1f:2c:ce:2a:5f:6a:d3:6d:df:90:d8:12: c1:14:cb:6e:1e:24:46:10:a9:2a:9c:a4:2a:58:19: b8:61:95:90:e4:94:a0:ca:18:f2:4e:e6:29:d8:cf: d0:b8:f7:a2:fe:9d:73:65:e1:76:89:58:01:6a:d5: eb:5c:50:1e:c3:78:a4:4f:84:d1:9f:25:00:a8:8b: b2:b2:ba:23:a7:68:20:2b:89:f4:94:e5:a5:be:43: 86:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:03:F3:B8:85:D7:01:8E:6E:F3:F4:BA:0A:7D:00:6A:C7:CA:AF:96 X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/EwPzuIXXAY5u8_S6Cn0AasfKr5Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.23.214.0/24 IPv6: 2a05:9080:3::/48 2a05:9080:11::/48 Signature Algorithm: sha256WithRSAEncryption 10:51:13:21:10:6e:03:3f:a3:68:72:d3:9b:e1:00:5b:12:df: c1:71:35:19:04:9c:22:bf:9a:49:f8:f5:5d:fe:55:c9:8f:03: c1:2b:03:f8:e1:9e:3b:2f:1e:95:80:1f:06:6b:42:6e:0b:5a: 56:3d:a0:3d:c8:90:77:ca:68:97:32:ca:cc:b7:4a:86:6c:61: a7:30:09:85:87:5c:92:7a:11:9a:33:47:d9:ef:74:f6:a8:c0: d8:00:ae:c6:61:1b:cc:3f:e4:73:04:1c:bc:20:66:e2:60:39: e2:26:11:41:02:63:1d:0f:d9:e8:1d:e9:76:f3:f0:25:01:6b: 6e:99:15:dc:c5:19:ab:89:72:47:93:32:44:e0:00:bb:93:04: aa:21:42:c9:b8:15:c4:d8:45:97:96:f3:fa:d6:cf:db:c0:6a: a1:24:f1:a8:fb:6c:36:5c:30:a6:42:10:73:3e:c6:ea:2b:71: 3f:f2:6d:62:7e:a5:b2:96:92:e7:d1:b9:e3:23:5e:3b:a9:e6: eb:e4:8d:ec:df:b8:ef:3a:76:51:07:43:5b:e0:f8:c3:f6:7a: 0b:f6:20:95:15:f2:cf:3d:48:61:da:d6:80:d3:07:e8:34:75: 6c:08:58:de:66:9e:e6:5c:7f:40:51:9c:fe:d1:df:4e:05:04: eb:5c:9c:61 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt6Ww+Qgd5JF/a2UIUWzVWxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjYwMTAxMTYxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMzAzZjNiODg1ZDcwMThlNmVmM2Y0YmEwYTdkMDA2YWM3Y2FhZjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKKfqOrNoLD5aTHfRw1+zGzpYiC5 4dICH/pG8Jk9Msi6AbDDt8sHLCIoueFg70rwXaY/gIkFnBmUPCfyFzt+Tj6tkVTw thokcz75C9xaXjsZSSeowl0C4k7fCwYerycD9oF9ltCz7VrgkAYzO9Lek8ohF/dk Q1VsK7fxLwj/hwPDf2b7jYGvSSMT7boGqmUM7H5T5iDo8ucypJdXm5AoWcEQ4qdZ q3YfLM4qX2rTbd+Q2BLBFMtuHiRGEKkqnKQqWBm4YZWQ5JSgyhjyTuYp2M/QuPei /p1zZeF2iVgBatXrXFAew3ikT4TRnyUAqIuysrojp2ggK4n0lOWlvkOGAQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFBMD87iF1wGObvP0ugp9AGrHyq+WMB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvRXdQenVJWFhBWTV1OF9TNkNuMEFhc2ZLcjVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQA1BfWMBgE AgACMBIDBwAqBZCAAAMDBwAqBZCAABEwDQYJKoZIhvcNAQELBQADggEBABBREyEQ bgM/o2hy05vhAFsS38FxNRkEnCK/mkn49V3+VcmPA8ErA/jhnjsvHpWAHwZrQm4L WlY9oD3IkHfKaJcyysy3SoZsYacwCYWHXJJ6EZozR9nvdPaowNgArsZhG8w/5HME HLwgZuJgOeImEUECYx0P2egd6Xbz8CUBa26ZFdzFGauJckeTMkTgALuTBKohQsm4 FcTYRZeW8/rWz9vAaqEk8aj7bDZcMKZCEHM+xuorcT/ybWJ+pbKWkufRueMjXjup 5uvkjezfuO86dlEHQ1vg+MP2egv2IJUV8s89SGHa1oDTB+g0dWwIWN5mnuZcf0BR nP7R304FBOtcnGE= -----END CERTIFICATE-----Generated at Mon Jan 5 13:06:12 2026 by rpki-client