This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/EgZw9prYM48BikMrmIquBFUeyCY.roa File: EgZw9prYM48BikMrmIquBFUeyCY.roa (raw, json) Hash identifier: ctCXPXYhr5UMOKpyrvlkfwGqe62m7LyduahfprfYDD4= Subject key identifier: 12:06:70:F6:9A:D8:33:8F:01:8A:43:2B:98:8A:AE:04:55:1E:C8:26 Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6 Certificate serial: 019B7C80D4BC88068D9D0BBDDFFA590AFE10 Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/EgZw9prYM48BikMrmIquBFUeyCY.roa Signing time: Fri 02 Jan 2026 02:19:36 +0000 ROA not before: Fri 02 Jan 2026 02:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48348 IP address blocks: 89.248.96.0/20 maxlen: 24 89.248.96.0/24 maxlen: 24 89.248.97.0/24 maxlen: 24 89.248.98.0/24 maxlen: 24 89.248.99.0/24 maxlen: 24 89.248.100.0/24 maxlen: 24 89.248.101.0/24 maxlen: 24 89.248.102.0/24 maxlen: 24 89.248.103.0/24 maxlen: 24 89.248.104.0/24 maxlen: 24 89.248.105.0/24 maxlen: 24 89.248.106.0/24 maxlen: 24 89.248.107.0/24 maxlen: 24 89.248.108.0/24 maxlen: 24 89.248.109.0/24 maxlen: 24 89.248.110.0/24 maxlen: 24 93.174.0.0/21 maxlen: 24 93.174.1.0/24 maxlen: 24 93.174.2.0/24 maxlen: 24 93.174.3.0/24 maxlen: 24 93.174.4.0/24 maxlen: 24 93.174.5.0/24 maxlen: 24 93.174.6.0/24 maxlen: 24 93.174.7.0/24 maxlen: 24 185.15.76.0/22 maxlen: 24 185.15.76.0/24 maxlen: 24 185.15.77.0/24 maxlen: 24 185.80.4.0/22 maxlen: 24 185.80.4.0/24 maxlen: 24 185.80.5.0/24 maxlen: 24 185.80.6.0/24 maxlen: 24 185.80.7.0/24 maxlen: 24 185.86.248.0/22 maxlen: 22 2a05:7900::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.mft rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:d4:bc:88:06:8d:9d:0b:bd:df:fa:59:0a:fe:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6 Validity Not Before: Jan 2 02:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=120670f69ad8338f018a432b988aae04551ec826 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:f6:e0:25:7d:09:a0:0a:8a:3a:fb:4a:84:e9: 8e:74:79:52:6b:40:71:7a:86:7d:55:13:26:eb:a6: bd:4a:b7:10:d3:2b:fb:be:5c:19:25:49:ba:f4:9d: 5d:4e:b6:9f:a7:29:6b:d6:f9:ea:c7:5c:fd:88:75: 99:71:aa:bd:0d:dc:bd:87:9b:9d:ab:97:a9:65:e6: fd:55:7c:b5:af:93:91:6d:7f:f7:09:7a:bd:83:b3: 93:d9:9b:f1:1e:a5:98:aa:8d:45:06:3d:38:ad:12: b4:c6:ee:b8:3d:d1:c9:94:7b:8d:68:32:e6:10:6d: 10:19:69:d4:80:1d:7c:26:f8:1e:5a:f1:f8:f3:36: 6f:3a:1b:87:9e:0f:80:68:1f:a1:fe:63:14:a0:47: 1b:25:9a:14:36:92:1d:ed:ca:a6:b1:64:9d:fa:ec: 7d:9f:7a:71:be:53:35:c9:bc:04:2e:bb:71:6f:22: af:17:9b:4e:35:5b:3a:73:bb:fa:b2:7a:11:6a:57: 93:e5:a6:b1:cc:50:dd:6d:8e:ba:7b:5f:31:50:ab: 0a:b7:2c:04:fc:80:6a:37:aa:0a:83:db:ca:15:9e: 5c:44:1a:7e:94:71:20:35:be:0f:fd:ff:41:f6:a2: 41:3b:71:cf:40:32:cd:0f:fe:4a:79:48:75:59:4f: 1c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:06:70:F6:9A:D8:33:8F:01:8A:43:2B:98:8A:AE:04:55:1E:C8:26 X509v3 Authority Key Identifier: keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/EgZw9prYM48BikMrmIquBFUeyCY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.248.96.0/20 93.174.0.0/21 185.15.76.0/22 185.80.4.0/22 185.86.248.0/22 IPv6: 2a05:7900::/29 Signature Algorithm: sha256WithRSAEncryption a3:02:4e:4e:c4:d4:6c:14:40:d0:9c:e3:4b:54:59:fa:a8:ed: 77:96:5c:b0:3c:fb:fa:9c:6d:2c:b2:06:06:e0:69:78:31:90: 9e:ee:b6:63:19:5b:7b:bf:75:d4:06:7d:0f:00:a9:57:e0:26: 24:66:6f:8c:ae:0c:ee:e2:b0:c0:04:a0:37:90:0b:ec:da:74: 1d:91:62:95:74:9c:e1:ed:91:2f:34:63:37:11:21:fc:6e:15: e5:02:00:ba:48:62:17:e9:10:ff:ef:cd:5a:ed:1e:3b:90:4c: 29:cd:bd:11:69:ad:09:84:bf:30:18:26:d0:bb:87:35:31:85: 8b:e2:ea:72:42:61:71:40:bd:57:fd:fa:64:36:dc:f4:cb:78: 46:28:aa:d3:ec:a1:c7:3a:df:91:fd:d7:47:11:7a:d0:d1:58: dc:3b:88:5e:91:75:fe:4f:09:d4:6f:51:99:73:01:3f:eb:a0: 21:03:98:3a:4f:e8:80:03:04:f3:45:8f:97:86:00:66:69:eb: e4:44:44:2f:b0:c6:c1:77:f6:62:e0:1b:be:8b:77:5c:3a:67: 01:3d:86:f7:4f:3d:d0:37:35:2f:76:09:7b:ff:ac:cf:7f:05: f2:f0:e2:8c:aa:c2:3a:9d:43:1d:b1:c5:17:be:ef:d6:c3:12: 98:e9:e3:90 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt8gNS8iAaNnQu93/pZCv4QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk YzRhYzYwHhcNMjYwMTAyMDIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMjA2NzBmNjlhZDgzMzhmMDE4YTQzMmI5ODhhYWUwNDU1MWVjODI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovbgJX0JoAqKOvtKhOmOdHlSa0Bx eoZ9VRMm66a9SrcQ0yv7vlwZJUm69J1dTrafpylr1vnqx1z9iHWZcaq9Ddy9h5ud q5epZeb9VXy1r5ORbX/3CXq9g7OT2ZvxHqWYqo1FBj04rRK0xu64PdHJlHuNaDLm EG0QGWnUgB18JvgeWvH48zZvOhuHng+AaB+h/mMUoEcbJZoUNpId7cqmsWSd+ux9 n3pxvlM1ybwELrtxbyKvF5tONVs6c7v6snoRaleT5aaxzFDdbY66e18xUKsKtywE /IBqN6oKg9vKFZ5cRBp+lHEgNb4P/f9B9qJBO3HPQDLND/5KeUh1WU8c7wIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFBIGcPaa2DOPAYpDK5iKrgRVHsgmMB8GA1UdIwQY MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt NzczYzBiM2M4OTM1LzEvRWdadzlwcllNNDhCaWtNcm1JcXVCRlVleUNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1 LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEWfhgAwQD Xa4AAwQCuQ9MAwQCuVAEAwQCuVb4MA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEB CwUAA4IBAQCjAk5OxNRsFEDQnONLVFn6qO13llywPPv6nG0ssgYG4Gl4MZCe7rZj GVt7v3XUBn0PAKlX4CYkZm+Mrgzu4rDABKA3kAvs2nQdkWKVdJzh7ZEvNGM3ESH8 bhXlAgC6SGIX6RD/781a7R47kEwpzb0Raa0JhL8wGCbQu4c1MYWL4upyQmFxQL1X /fpkNtz0y3hGKKrT7KHHOt+R/ddHEXrQ0VjcO4hekXX+TwnUb1GZcwE/66AhA5g6 T+iAAwTzRY+XhgBmaevkREQvsMbBd/Zi4Bu+i3dcOmcBPYb3Tz3QNzUvdgl7/6zP fwXy8OKMqsI6nUMdscUXvu/WwxKY6eOQ -----END CERTIFICATE-----Generated at Mon Feb 9 20:55:21 2026 by rpki-client