This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/wCh-pphXrFlnVedivymKoSdB-PQ.roa File: wCh-pphXrFlnVedivymKoSdB-PQ.roa (raw, json) Hash identifier: RWZ4wkHC1VRgI9WF5HxhbBtNjKgc6U0S8oWX6yGUEvk= Subject key identifier: C0:28:7E:A6:98:57:AC:59:67:55:E7:62:BF:29:8A:A1:27:41:F8:F4 Certificate issuer: /CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071 Certificate serial: 019B7CED395509CF6159D249C53A5249D9E6 Authority key identifier: 7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/wCh-pphXrFlnVedivymKoSdB-PQ.roa Signing time: Fri 02 Jan 2026 04:17:59 +0000 ROA not before: Fri 02 Jan 2026 04:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31236 IP address blocks: 82.112.64.0/19 maxlen: 24 94.198.48.0/23 maxlen: 23 160.20.214.0/23 maxlen: 23 2a00:92c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.mft rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 07:01:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:39:55:09:cf:61:59:d2:49:c5:3a:52:49:d9:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d57b153eed110bcbd14dc7e33fd47f02e2fe071 Validity Not Before: Jan 2 04:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c0287ea69857ac596755e762bf298aa12741f8f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:74:d3:43:5a:4b:7c:57:2d:8a:2b:70:24:03: d3:7d:a6:af:a6:3f:bc:7c:18:d9:62:f1:5d:99:5c: 8d:73:bd:ca:b3:59:c8:aa:0f:47:54:87:aa:ff:35: 7a:ea:61:e7:a3:75:fe:63:7e:76:da:10:39:7f:b7: c6:a7:69:b6:e7:9a:09:5f:de:0e:a3:ea:86:a4:54: f2:90:77:7f:39:4d:72:0e:6c:ea:bb:59:c5:4d:86: 60:c0:a3:47:a6:60:51:a4:34:df:4d:ed:05:3a:a3: 8f:73:24:de:20:42:41:c0:46:3b:ec:f6:42:38:0c: 5e:15:15:a1:d9:a4:2e:44:d4:de:a8:94:4d:45:d4: 76:cd:18:d6:63:8d:46:0f:5c:a9:6d:4b:c5:53:78: c8:cf:53:55:d9:5f:8a:05:c3:6a:08:7a:d9:4e:88: bd:ce:4f:12:b8:75:eb:37:24:2e:54:72:a4:33:c5: 26:e7:3e:b6:88:90:0e:3f:9c:3f:72:3b:65:5b:ad: 8d:07:22:1c:9f:6c:67:3f:e0:d5:19:85:f6:72:46: b6:59:61:2c:76:a2:71:82:60:29:17:71:7f:67:3c: 7e:a3:1d:32:92:bc:c1:88:ce:8e:6d:8f:0e:68:6c: 7d:23:64:e8:c1:d5:a5:3b:e4:79:30:61:68:7d:69: c6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:28:7E:A6:98:57:AC:59:67:55:E7:62:BF:29:8A:A1:27:41:F8:F4 X509v3 Authority Key Identifier: keyid:7D:57:B1:53:EE:D1:10:BC:BD:14:DC:7E:33:FD:47:F0:2E:2F:E0:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVexU-7RELy9FNx-M_1H8C4v4HE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/wCh-pphXrFlnVedivymKoSdB-PQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a8d6d8-d2a5-4af2-bb44-0807091aa77d/1/fVexU-7RELy9FNx-M_1H8C4v4HE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.112.64.0/19 94.198.48.0/23 160.20.214.0/23 IPv6: 2a00:92c0::/29 Signature Algorithm: sha256WithRSAEncryption 4b:9e:c5:69:29:92:f4:4a:ab:fe:51:3e:16:83:1d:11:c0:2b: 4a:42:ab:6a:5e:a5:1e:bb:01:23:57:09:5c:f3:1c:ef:89:20: f1:c3:e1:99:b8:71:6f:31:ee:66:e8:db:b4:b4:8a:19:0a:38: 12:f1:28:5a:9c:9f:30:62:9c:8f:47:bf:8e:66:c1:e4:f7:08: 60:7f:71:f2:f1:a3:a7:93:bf:96:b3:c5:5e:1e:29:d0:58:ce: da:90:27:c4:01:02:46:97:2d:36:c6:03:10:26:86:6c:e9:ac: b0:74:fa:1e:93:a7:ef:24:ab:00:b1:d9:7e:83:71:fb:b4:b3: 64:ac:0e:f1:b8:cd:ba:85:f5:15:4d:7f:d3:4a:19:2a:40:7e: 73:8b:59:d8:80:1e:9b:76:3a:83:cf:e8:f0:87:a3:70:af:27: fe:a1:ee:75:d6:c2:5a:f7:3f:6e:66:d8:03:52:06:7e:4c:5d: 77:56:21:7e:53:ae:4d:f8:04:c5:9a:cb:50:03:56:52:b4:86: 24:8b:aa:d2:81:70:b3:f9:5b:c9:44:d8:c4:e0:fc:05:eb:23: 28:a5:60:1e:eb:cd:71:07:30:a5:91:48:1f:f8:43:96:92:22: db:3e:45:62:d4:6c:6d:1b:27:78:d3:08:62:10:34:1a:27:c1: 7c:ae:27:96 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt87TlVCc9hWdJJxTpSSdnmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkNTdiMTUzZWVkMTEwYmNiZDE0ZGM3ZTMzZmQ0N2YwMmUy ZmUwNzEwHhcNMjYwMTAyMDQxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMDI4N2VhNjk4NTdhYzU5Njc1NWU3NjJiZjI5OGFhMTI3NDFmOGY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznTTQ1pLfFctiitwJAPTfaavpj+8 fBjZYvFdmVyNc73Ks1nIqg9HVIeq/zV66mHno3X+Y3522hA5f7fGp2m255oJX94O o+qGpFTykHd/OU1yDmzqu1nFTYZgwKNHpmBRpDTfTe0FOqOPcyTeIEJBwEY77PZC OAxeFRWh2aQuRNTeqJRNRdR2zRjWY41GD1ypbUvFU3jIz1NV2V+KBcNqCHrZToi9 zk8SuHXrNyQuVHKkM8Um5z62iJAOP5w/cjtlW62NByIcn2xnP+DVGYX2cka2WWEs dqJxgmApF3F/Zzx+ox0ykrzBiM6ObY8OaGx9I2TowdWlO+R5MGFofWnGQwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFMAofqaYV6xZZ1XnYr8piqEnQfj0MB8GA1UdIwQY MBaAFH1XsVPu0RC8vRTcfjP9R/AuL+BxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQt MDgwNzA5MWFhNzdkLzEvd0NoLXBwaFhyRmxuVmVkaXZ5bUtvU2RCLVBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi9hOGQ2ZDgtZDJhNS00YWYyLWJiNDQtMDgwNzA5MWFhNzdk LzEvZlZleFUtN1JFTHk5Rk54LU1fMUg4QzR2NEhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUnBAAwQB XsYwAwQBoBTWMA0EAgACMAcDBQMqAJLAMA0GCSqGSIb3DQEBCwUAA4IBAQBLnsVp KZL0Sqv+UT4Wgx0RwCtKQqtqXqUeuwEjVwlc8xzviSDxw+GZuHFvMe5m6Nu0tIoZ CjgS8ShanJ8wYpyPR7+OZsHk9whgf3Hy8aOnk7+Ws8VeHinQWM7akCfEAQJGly02 xgMQJoZs6aywdPoek6fvJKsAsdl+g3H7tLNkrA7xuM26hfUVTX/TShkqQH5zi1nY gB6bdjqDz+jwh6Nwryf+oe511sJa9z9uZtgDUgZ+TF13ViF+U65N+ATFmstQA1ZS tIYki6rSgXCz+VvJRNjE4PwF6yMopWAe681xBzClkUgf+EOWkiLbPkVi1GxtGyd4 0whiEDQaJ8F8rieW -----END CERTIFICATE-----Generated at Wed Jan 21 11:56:06 2026 by rpki-client