This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EHgktTf6m7_fov1qGoLd_G4GBHE.roa File: EHgktTf6m7_fov1qGoLd_G4GBHE.roa (raw, json) Hash identifier: qTES87h7tbtM80VYUBu7n7wmyWPsetKC04PB5cOHzdk= Subject key identifier: 10:78:24:B5:37:FA:9B:BF:DF:A2:FD:6A:1A:82:DD:FC:6E:06:04:71 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84E5DA06ECBB052C3A4AA8992869F7 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EHgktTf6m7_fov1qGoLd_G4GBHE.roa Signing time: Fri 02 Jan 2026 16:22:54 +0000 ROA not before: Fri 02 Jan 2026 16:22:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61317 IP address blocks: 2.58.171.0/24 maxlen: 24 88.209.192.0/24 maxlen: 24 88.209.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:e5:da:06:ec:bb:05:2c:3a:4a:a8:99:28:69:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=107824b537fa9bbfdfa2fd6a1a82ddfc6e060471 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:af:2c:4f:f1:e6:d5:32:02:3b:81:ad:2f:d3: fc:eb:ad:14:c3:0a:f1:3b:9e:2b:e6:e6:f2:2c:fd: 59:d5:eb:6d:4b:ae:fc:ef:da:7d:62:e5:3d:db:90: 47:ba:c0:61:c1:f9:93:60:bf:a1:e0:d7:5a:d1:b5: 0b:68:47:70:64:49:70:5b:9c:36:bf:85:6c:0e:ef: 2d:60:a3:16:2f:8a:8f:5c:78:fc:21:a2:6a:01:1e: a3:e5:4d:fb:6e:25:67:9a:37:55:39:87:78:47:80: dd:29:fd:af:c8:c7:78:ad:c6:29:f1:8e:f7:89:e5: 24:5d:87:10:1f:df:84:da:44:60:1a:80:9c:4f:0e: 4d:d0:89:31:27:ed:39:d7:fe:7b:95:ac:a8:3b:a7: 17:37:d5:83:45:f2:3a:b9:f7:ca:70:27:d7:98:09: c5:d9:91:ec:eb:5c:22:e7:5a:d2:ac:d2:6d:ac:27: c7:42:cd:48:f4:7a:17:01:32:20:85:3b:c8:de:65: 11:91:ad:0d:3a:a7:5c:c0:06:7c:32:62:86:ab:2d: 63:72:a9:14:d7:4a:a7:8f:82:69:13:3d:f6:a1:65: 61:20:0d:2a:58:c4:5d:c9:99:89:e6:cf:d9:ce:13: 22:54:be:68:8b:31:f5:ff:b6:98:75:b9:6e:1e:63: c3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:78:24:B5:37:FA:9B:BF:DF:A2:FD:6A:1A:82:DD:FC:6E:06:04:71 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/EHgktTf6m7_fov1qGoLd_G4GBHE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.171.0/24 88.209.192.0/24 88.209.222.0/24 Signature Algorithm: sha256WithRSAEncryption 29:dc:60:b7:18:0a:8e:d4:b3:f6:34:20:f1:14:24:45:bb:49: d6:7d:da:50:0c:3f:42:6d:bd:a4:da:5e:ec:9a:1f:3a:aa:74: d3:b0:c3:21:6c:47:a7:3f:3d:e7:70:b8:12:48:23:6d:b6:be: 5d:35:e6:53:42:4c:82:37:ee:19:34:02:91:c4:47:e8:19:a8: 51:8d:12:78:a1:51:e3:a3:4f:59:f4:68:06:98:e5:38:f1:46: 0f:44:30:7a:3e:da:d7:6d:38:18:78:89:04:7b:81:9b:ca:27: f5:b8:d4:02:da:b1:77:b4:a4:f0:e3:0e:dc:5e:e6:9f:b8:8c: 9f:13:bb:bc:fb:33:77:9a:3d:f2:66:61:1d:88:7e:dd:ea:ba: eb:29:5f:dc:84:1b:56:f5:6a:26:9a:bc:e7:23:95:74:0b:42: 2f:6f:97:89:dc:66:15:d4:23:97:4e:d3:67:1b:75:b3:04:33: 4e:4d:22:33:34:73:0e:ce:c9:df:9f:cb:bb:79:46:fe:ad:a4: 97:0d:81:48:49:4a:16:dc:40:3e:79:67:38:de:0e:b6:20:c2: 26:0d:c5:d8:d5:c3:a7:9a:b0:72:ed:09:54:10:82:d0:b6:8e: b6:71:c2:92:24:3c:ab:56:90:b5:df:7a:88:89:95:d6:38:9c: 2c:f5:c8:9b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hOXaBuy7BSw6SqiZKGn3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMDc4MjRiNTM3ZmE5YmJmZGZhMmZkNmExYTgyZGRmYzZlMDYwNDcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq8sT/Hm1TICO4GtL9P8660Uwwrx O54r5ubyLP1Z1ettS67879p9YuU925BHusBhwfmTYL+h4Nda0bULaEdwZElwW5w2 v4VsDu8tYKMWL4qPXHj8IaJqAR6j5U37biVnmjdVOYd4R4DdKf2vyMd4rcYp8Y73 ieUkXYcQH9+E2kRgGoCcTw5N0IkxJ+051/57layoO6cXN9WDRfI6uffKcCfXmAnF 2ZHs61wi51rSrNJtrCfHQs1I9HoXATIghTvI3mURka0NOqdcwAZ8MmKGqy1jcqkU 10qnj4JpEz32oWVhIA0qWMRdyZmJ5s/ZzhMiVL5oizH1/7aYdbluHmPDzQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFBB4JLU3+pu/36L9ahqC3fxuBgRxMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvRUhna3RUZjZtN19mb3YxcUdvTGRfRzRHQkhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjqrAwQA WNHAAwQAWNHeMA0GCSqGSIb3DQEBCwUAA4IBAQAp3GC3GAqO1LP2NCDxFCRFu0nW fdpQDD9Cbb2k2l7smh86qnTTsMMhbEenPz3ncLgSSCNttr5dNeZTQkyCN+4ZNAKR xEfoGahRjRJ4oVHjo09Z9GgGmOU48UYPRDB6PtrXbTgYeIkEe4Gbyif1uNQC2rF3 tKTw4w7cXuafuIyfE7u8+zN3mj3yZmEdiH7d6rrrKV/chBtW9WommrznI5V0C0Iv b5eJ3GYV1COXTtNnG3WzBDNOTSIzNHMOzsnfn8u7eUb+raSXDYFISUoW3EA+eWc4 3g62IMImDcXY1cOnmrBy7QlUEILQto62ccKSJDyrVpC133qIiZXWOJws9cib -----END CERTIFICATE-----Generated at Thu Jan 8 12:58:25 2026 by rpki-client