This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/EkRuyKFWRjbMdDOcs1dsKgqjrbM.roa File: EkRuyKFWRjbMdDOcs1dsKgqjrbM.roa (raw, json) Hash identifier: 0FQSgLPvp5qGU4zNiDnUwC5JF+/wMdIauGkL3MoX+Ks= Subject key identifier: 12:44:6E:C8:A1:56:46:36:CC:74:33:9C:B3:57:6C:2A:0A:A3:AD:B3 Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6 Certificate serial: 019B78A32067AC5A0A11A9DA7E82A785C2EF Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/EkRuyKFWRjbMdDOcs1dsKgqjrbM.roa Signing time: Thu 01 Jan 2026 08:18:35 +0000 ROA not before: Thu 01 Jan 2026 08:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51396 IP address blocks: 109.205.193.0/24 maxlen: 24 158.94.220.0/24 maxlen: 24 2a01:fb02:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:20:67:ac:5a:0a:11:a9:da:7e:82:a7:85:c2:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6 Validity Not Before: Jan 1 08:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=12446ec8a1564636cc74339cb3576c2a0aa3adb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:3b:9e:b8:e8:cc:5a:d3:46:67:78:c7:41:17: 96:93:ef:44:60:0e:c8:36:cc:ab:b9:ee:55:8e:16: d5:74:83:b4:1b:cb:25:c5:cd:cb:d5:75:c0:22:81: 28:ee:00:08:70:55:e2:9b:4c:a0:47:63:0d:c5:bb: 13:ce:58:cf:06:05:44:fe:13:94:fb:20:63:b7:27: b4:44:83:b9:9f:8c:be:1e:31:ed:1c:59:b0:58:b6: a6:5d:c3:0b:dc:ed:b7:f0:9b:63:f7:6a:9c:3e:04: 0d:ef:c4:f6:10:f6:c2:74:75:3d:59:03:17:b6:69: 80:d9:29:bb:2b:26:ad:15:63:9f:3f:9a:c2:4f:55: 1f:38:86:3c:79:2a:91:fc:ae:02:40:be:ae:a2:41: 31:be:af:82:db:7e:fd:e9:b6:d8:b6:04:27:da:e9: 17:5e:72:8b:73:fd:28:5a:39:11:df:e2:dd:f7:be: 92:be:f2:14:f8:eb:0d:72:9c:b9:05:c4:24:a5:45: de:d5:43:dc:75:e3:40:24:76:b7:45:a5:26:2d:11: cc:1b:6e:44:e2:01:f0:33:ab:a1:1f:6d:57:fd:2f: 68:62:4d:a5:2b:28:5f:de:94:b7:ca:3f:e7:31:22: aa:4b:46:9a:94:5b:20:84:10:98:8d:8d:98:fc:4b: da:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:44:6E:C8:A1:56:46:36:CC:74:33:9C:B3:57:6C:2A:0A:A3:AD:B3 X509v3 Authority Key Identifier: keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/EkRuyKFWRjbMdDOcs1dsKgqjrbM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.205.193.0/24 158.94.220.0/24 IPv6: 2a01:fb02:c000::/34 Signature Algorithm: sha256WithRSAEncryption 89:93:4e:15:42:b2:f9:34:07:19:cf:66:0d:e3:ca:4e:73:09: 2e:c7:2f:dd:1e:16:cf:ab:13:ee:8f:00:5a:d8:b1:70:2e:f6: f9:46:37:44:c8:d7:c2:22:d3:cd:5f:63:b9:e6:9e:3b:3a:5b: 4d:e3:e4:b6:ca:08:60:5c:0a:fe:65:7e:ea:b1:89:87:12:62: dc:c5:e4:28:59:bb:b4:fb:97:43:ce:1e:5e:7c:99:8a:de:05: 7a:13:63:98:60:e8:9f:e2:53:7f:93:2e:f0:a1:01:3e:05:89: 09:5f:61:e6:f5:e6:e3:62:31:9c:2a:81:23:f2:d9:7c:70:03: a4:bc:1b:80:82:5d:89:4e:01:41:a9:53:4b:80:4f:ea:81:7e: fe:00:2f:31:d8:e7:4a:a2:25:0a:07:d3:66:49:c0:68:61:86: 11:c5:68:6b:48:be:c6:21:aa:79:60:b7:cc:ee:c4:11:9c:54: 49:db:6f:b9:b4:dd:31:d8:12:8a:c4:cb:f2:63:69:10:ec:ba: 5b:a9:f3:e7:a0:cb:fe:8e:da:73:a6:96:b3:52:d5:da:cb:62: 1e:71:48:9d:11:39:93:99:00:2a:80:12:6b:86:05:3c:f3:57: e8:37:50:1b:75:42:41:30:81:90:15:9f:8b:bb:5e:1c:4d:ac: 91:2b:0c:73 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt4oyBnrFoKEanafoKnhcLvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0 Yzk1ZTYwHhcNMjYwMTAxMDgxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMjQ0NmVjOGExNTY0NjM2Y2M3NDMzOWNiMzU3NmMyYTBhYTNhZGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8zueuOjMWtNGZ3jHQReWk+9EYA7I Nsyrue5VjhbVdIO0G8slxc3L1XXAIoEo7gAIcFXim0ygR2MNxbsTzljPBgVE/hOU +yBjtye0RIO5n4y+HjHtHFmwWLamXcML3O238Jtj92qcPgQN78T2EPbCdHU9WQMX tmmA2Sm7KyatFWOfP5rCT1UfOIY8eSqR/K4CQL6uokExvq+C23796bbYtgQn2ukX XnKLc/0oWjkR3+Ld976SvvIU+OsNcpy5BcQkpUXe1UPcdeNAJHa3RaUmLRHMG25E 4gHwM6uhH21X/S9oYk2lKyhf3pS3yj/nMSKqS0aalFsghBCYjY2Y/EvapQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFBJEbsihVkY2zHQznLNXbCoKo62zMB8GA1UdIwQY MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt NmUyZDk3Y2ExNWZmLzEvRWtSdXlLRldSamJNZERPY3MxZHNLZ3FqcmJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAbc3BAwQA nl7cMA4EAgACMAgDBgYqAfsCwDANBgkqhkiG9w0BAQsFAAOCAQEAiZNOFUKy+TQH Gc9mDePKTnMJLscv3R4Wz6sT7o8AWtixcC72+UY3RMjXwiLTzV9jueaeOzpbTePk tsoIYFwK/mV+6rGJhxJi3MXkKFm7tPuXQ84eXnyZit4FehNjmGDon+JTf5Mu8KEB PgWJCV9h5vXm42IxnCqBI/LZfHADpLwbgIJdiU4BQalTS4BP6oF+/gAvMdjnSqIl CgfTZknAaGGGEcVoa0i+xiGqeWC3zO7EEZxUSdtvubTdMdgSisTL8mNpEOy6W6nz 56DL/o7ac6aWs1LV2stiHnFInRE5k5kAKoASa4YFPPNX6DdQG3VCQTCBkBWfi7te HE2skSsMcw== -----END CERTIFICATE-----Generated at Mon Jan 19 14:40:15 2026 by rpki-client