This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ZknLlp2vh9WJk0H7iXXLOw9c2pU.roa File: ZknLlp2vh9WJk0H7iXXLOw9c2pU.roa (raw, json) Hash identifier: S6ynW8hTvcrSOBVEp2ULNqC2ZlGWhPVxKi1FBjbkc4c= Subject key identifier: 66:49:CB:96:9D:AF:87:D5:89:93:41:FB:89:75:CB:3B:0F:5C:DA:95 Certificate issuer: /CN=cac21641bdbcfac24c54b6a4859483c5e41640b6 Certificate serial: 019B7C80DC81779407A1FE23078928C97ACB Authority key identifier: CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ZknLlp2vh9WJk0H7iXXLOw9c2pU.roa Signing time: Fri 02 Jan 2026 02:19:38 +0000 ROA not before: Fri 02 Jan 2026 02:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 45.56.224.0/21 maxlen: 21 45.56.236.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.mft rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:dc:81:77:94:07:a1:fe:23:07:89:28:c9:7a:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cac21641bdbcfac24c54b6a4859483c5e41640b6 Validity Not Before: Jan 2 02:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6649cb969daf87d5899341fb8975cb3b0f5cda95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d0:de:e6:5f:bc:3e:27:c5:ab:1d:ff:a6:71: 70:e0:6a:ae:c1:fb:b1:1d:8a:8c:79:6b:7e:4e:52: 68:3b:6b:6a:c2:9b:bf:19:a8:b0:b1:41:87:34:7f: 4d:07:01:ed:30:b7:2f:cf:c9:bb:b9:ee:47:e4:dc: 5b:3b:b7:c6:65:1f:1e:38:15:76:bb:4b:2e:e7:01: 0a:7c:e4:d3:01:27:ec:97:62:00:14:e6:6a:53:d5: 0c:f4:2c:38:4a:e0:44:0d:d7:96:53:67:cd:b7:07: 83:45:12:ee:ab:a2:14:11:6e:97:0b:cb:49:1c:fe: e7:a9:77:31:c7:90:69:79:1a:3b:94:b7:e5:c4:a5: 58:b4:2a:00:a2:78:13:9d:ce:ae:d1:83:76:b1:44: f6:ce:19:42:b6:44:f1:a4:1b:f3:02:c3:7c:db:e2: 92:45:4d:7d:33:8c:02:67:e8:23:9a:e3:76:46:c9: cc:d0:23:65:4d:69:44:97:63:95:12:c2:3b:0b:27: 71:20:1f:f7:46:a8:b9:31:f5:58:7b:89:60:cd:36: 25:6d:cf:78:cc:e7:7d:3b:01:7b:6f:70:61:b1:f5: 5f:75:87:5f:c7:25:d9:b2:d6:77:be:c5:05:08:f6: ec:38:32:8b:08:ad:47:4b:25:09:5e:6e:2d:ad:e2: 4d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:49:CB:96:9D:AF:87:D5:89:93:41:FB:89:75:CB:3B:0F:5C:DA:95 X509v3 Authority Key Identifier: keyid:CA:C2:16:41:BD:BC:FA:C2:4C:54:B6:A4:85:94:83:C5:E4:16:40:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysIWQb28-sJMVLakhZSDxeQWQLY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ZknLlp2vh9WJk0H7iXXLOw9c2pU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/877e40-6ca1-4a2b-89a5-8abf5ee6c4ad/1/ysIWQb28-sJMVLakhZSDxeQWQLY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.56.224.0/21 45.56.236.0/23 Signature Algorithm: sha256WithRSAEncryption 83:b2:d0:43:99:4d:d7:fe:fc:26:18:50:da:4d:ec:b7:7b:15: 57:cb:1c:4e:1d:ea:64:83:08:d6:75:1f:40:f6:23:e4:43:c7: da:7c:6c:5e:aa:95:ff:20:53:f3:3a:fd:fb:53:9b:e0:4d:e0: 78:26:30:06:16:50:86:1f:53:b6:b9:1d:f4:cb:bc:a4:b3:5f: c8:8a:5f:13:b0:28:ab:68:9f:ff:5b:0a:f7:8a:2d:36:32:71: a8:2c:10:ca:a5:79:bf:75:a5:bb:c3:44:95:cf:85:42:5e:c3: a7:3f:32:9a:da:e0:d2:e1:f8:96:69:e5:29:ca:e7:72:b5:8d: 6e:ba:f4:4f:b5:8d:36:4b:dc:7c:bc:21:02:7d:e3:a5:fb:79: 51:a6:eb:10:e7:3d:74:9d:c5:06:17:45:a3:f6:f9:fd:b5:81: cf:70:91:da:71:70:bd:21:1c:ab:e7:eb:01:db:e7:66:08:7b: 00:ea:57:d3:7a:30:0c:34:6a:d0:80:55:d3:c6:68:6d:26:58: e6:90:c3:6e:ff:38:a4:72:65:7c:19:f0:08:ee:fe:e4:79:37: b1:e4:93:44:9f:6a:97:33:b9:6e:19:24:82:02:56:e5:6f:a8: 01:89:a5:de:ef:32:c7:0d:62:71:13:07:03:f4:db:f3:b9:73: d4:b7:6c:d1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gNyBd5QHof4jB4koyXrLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhYzIxNjQxYmRiY2ZhYzI0YzU0YjZhNDg1OTQ4M2M1ZTQx NjQwYjYwHhcNMjYwMTAyMDIxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2NjQ5Y2I5NjlkYWY4N2Q1ODk5MzQxZmI4OTc1Y2IzYjBmNWNkYTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNDe5l+8PifFqx3/pnFw4Gquwfux HYqMeWt+TlJoO2tqwpu/GaiwsUGHNH9NBwHtMLcvz8m7ue5H5NxbO7fGZR8eOBV2 u0su5wEKfOTTASfsl2IAFOZqU9UM9Cw4SuBEDdeWU2fNtweDRRLuq6IUEW6XC8tJ HP7nqXcxx5BpeRo7lLflxKVYtCoAongTnc6u0YN2sUT2zhlCtkTxpBvzAsN82+KS RU19M4wCZ+gjmuN2RsnM0CNlTWlEl2OVEsI7CydxIB/3Rqi5MfVYe4lgzTYlbc94 zOd9OwF7b3BhsfVfdYdfxyXZstZ3vsUFCPbsODKLCK1HSyUJXm4treJNyQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGZJy5adr4fViZNB+4l1yzsPXNqVMB8GA1UdIwQY MBaAFMrCFkG9vPrCTFS2pIWUg8XkFkC2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUt OGFiZjVlZTZjNGFkLzEvWmtuTGxwMnZoOVdKazBIN2lYWExPdzljMnBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi84NzdlNDAtNmNhMS00YTJiLTg5YTUtOGFiZjVlZTZjNGFk LzEveXNJV1FiMjgtc0pNVkxha2haU0R4ZVFXUUxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLTjgAwQB LTjsMA0GCSqGSIb3DQEBCwUAA4IBAQCDstBDmU3X/vwmGFDaTey3exVXyxxOHepk gwjWdR9A9iPkQ8fafGxeqpX/IFPzOv37U5vgTeB4JjAGFlCGH1O2uR30y7yks1/I il8TsCiraJ//Wwr3ii02MnGoLBDKpXm/daW7w0SVz4VCXsOnPzKa2uDS4fiWaeUp yudytY1uuvRPtY02S9x8vCECfeOl+3lRpusQ5z10ncUGF0Wj9vn9tYHPcJHacXC9 IRyr5+sB2+dmCHsA6lfTejAMNGrQgFXTxmhtJljmkMNu/zikcmV8GfAI7v7keTex 5JNEn2qXM7luGSSCAlblb6gBiaXe7zLHDWJxEwcD9NvzuXPUt2zR -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:31 2026 by rpki-client