This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/eJqsemrX4r9IuhcHQVX7WZ3vipk.roa File: eJqsemrX4r9IuhcHQVX7WZ3vipk.roa (raw, json) Hash identifier: EYEupg+CuEQXFJeFdsXHjk15qYcFEa8u1+yv6+YuTRw= Subject key identifier: 78:9A:AC:7A:6A:D7:E2:BF:48:BA:17:07:41:55:FB:59:9D:EF:8A:99 Certificate issuer: /CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615 Certificate serial: 019B79ED2A71D9FDB9A9664BDDD8F0A766D6 Authority key identifier: BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/eJqsemrX4r9IuhcHQVX7WZ3vipk.roa Signing time: Thu 01 Jan 2026 14:19:04 +0000 ROA not before: Thu 01 Jan 2026 14:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.109.96.0/22 maxlen: 24 2a04:a0c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.mft rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 14:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:2a:71:d9:fd:b9:a9:66:4b:dd:d8:f0:a7:66:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615 Validity Not Before: Jan 1 14:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=789aac7a6ad7e2bf48ba17074155fb599def8a99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:85:25:de:e4:c6:f7:16:10:4a:fd:12:8a:dc: 55:8a:58:37:3c:3c:47:58:b5:1c:9b:b3:82:e3:73: 53:52:f9:0f:cf:7d:95:a6:49:f1:40:47:31:a7:d1: ec:0b:aa:56:a5:a3:02:37:18:89:ed:c7:8c:7e:5c: c8:0f:ab:06:02:55:d0:61:48:8d:4e:ac:71:2f:3a: d3:ed:4e:15:bc:c7:af:10:8f:61:16:12:1a:ce:de: b8:74:7e:eb:ec:fb:a5:e4:d5:03:a5:00:0d:bf:01: 69:cc:1c:fd:2c:fd:04:cb:66:27:d6:32:86:7f:09: 2b:dd:f6:16:21:10:db:09:0f:4e:26:7a:c5:8b:d5: 89:0c:db:3d:25:1f:1e:68:07:85:28:b1:01:1d:dc: 35:cd:60:1b:3b:4d:4b:74:25:f5:12:f2:43:fc:ba: 07:85:33:27:2d:ac:e6:f0:e9:25:89:8d:90:14:64: 34:1f:24:19:59:0e:fa:fe:56:b1:67:4f:0a:75:47: ec:d2:06:f1:d8:59:01:14:e7:51:bc:df:66:50:c6: 33:fb:a4:ff:78:de:56:a1:38:72:dc:8b:61:0d:2e: 8b:27:09:05:cf:58:76:fd:e9:ff:b3:9a:74:38:27: 01:82:84:4a:48:4e:a8:c5:98:59:4e:75:ad:d7:3c: 6c:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:9A:AC:7A:6A:D7:E2:BF:48:BA:17:07:41:55:FB:59:9D:EF:8A:99 X509v3 Authority Key Identifier: keyid:BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/eJqsemrX4r9IuhcHQVX7WZ3vipk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.109.96.0/22 IPv6: 2a04:a0c0::/29 Signature Algorithm: sha256WithRSAEncryption 2b:eb:eb:a6:42:e8:33:fb:01:da:3e:45:88:60:d0:9c:5f:c3: f0:35:13:18:2a:5b:b4:8f:f5:dc:1b:79:8b:e5:60:26:8d:c7: d8:6f:eb:51:16:86:c3:9f:fe:56:e0:81:5e:bb:74:6c:e8:85: 4f:b8:02:5b:44:de:6c:37:a3:36:c7:dd:67:b2:a3:2a:3a:52: 64:37:50:b1:1e:9b:17:54:78:30:b4:fc:4f:06:8a:16:50:93: 7c:ac:32:9e:51:c6:e6:73:fa:ef:ba:28:cf:0b:a1:91:86:b1: 69:ab:f4:f9:9f:f9:f0:73:ae:49:e1:71:2a:1e:4f:1c:40:7e: 57:dd:40:6a:08:bc:60:6a:66:73:14:38:c3:96:8a:64:ce:d2: 3c:49:9c:f7:6e:99:6a:2e:b8:11:1d:74:32:ed:80:a5:ee:c1: 8a:20:8f:49:2a:68:77:df:e3:b3:5c:7b:d9:bd:92:f1:d3:af: 07:c6:da:22:0b:9a:e1:9f:63:7d:9b:54:c5:7d:a6:78:e1:8a: 8f:80:85:b9:fd:6a:5f:25:9b:88:b9:7c:35:34:14:a5:83:7a: 40:97:3b:e4:6f:5c:7f:14:db:c0:a3:3d:81:c2:d6:36:2b:4e: 0b:c9:a1:e0:10:bd:1e:f1:bf:3e:76:ee:fe:4f:dc:79:65:9d: e1:33:11:4c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57Spx2f25qWZL3djwp2bWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkOGY5YzAzZTc1N2YzZGI1MTRjYTM4ZDE1YWRhNDUxZmEy ZTk2MTUwHhcNMjYwMTAxMTQxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ODlhYWM3YTZhZDdlMmJmNDhiYTE3MDc0MTU1ZmI1OTlkZWY4YTk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4Ul3uTG9xYQSv0SitxVilg3PDxH WLUcm7OC43NTUvkPz32VpknxQEcxp9HsC6pWpaMCNxiJ7ceMflzID6sGAlXQYUiN TqxxLzrT7U4VvMevEI9hFhIazt64dH7r7Pul5NUDpQANvwFpzBz9LP0Ey2Yn1jKG fwkr3fYWIRDbCQ9OJnrFi9WJDNs9JR8eaAeFKLEBHdw1zWAbO01LdCX1EvJD/LoH hTMnLazm8OkliY2QFGQ0HyQZWQ76/laxZ08KdUfs0gbx2FkBFOdRvN9mUMYz+6T/ eN5WoThy3IthDS6LJwkFz1h2/en/s5p0OCcBgoRKSE6oxZhZTnWt1zxsawIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHiarHpq1+K/SLoXB0FV+1md74qZMB8GA1UdIwQY MBaAFL2PnAPnV/PbUUyjjRWtpFH6LpYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDct ZWNkZDgxNzQwMDdhLzEvZUpxc2Vtclg0cjlJdWhjSFFWWDdXWjN2aXBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDctZWNkZDgxNzQwMDdh LzEvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW1gMA0E AgACMAcDBQMqBKDAMA0GCSqGSIb3DQEBCwUAA4IBAQAr6+umQugz+wHaPkWIYNCc X8PwNRMYKlu0j/XcG3mL5WAmjcfYb+tRFobDn/5W4IFeu3Rs6IVPuAJbRN5sN6M2 x91nsqMqOlJkN1CxHpsXVHgwtPxPBooWUJN8rDKeUcbmc/rvuijPC6GRhrFpq/T5 n/nwc65J4XEqHk8cQH5X3UBqCLxgamZzFDjDlopkztI8SZz3bplqLrgRHXQy7YCl 7sGKII9JKmh33+OzXHvZvZLx068HxtoiC5rhn2N9m1TFfaZ44YqPgIW5/WpfJZuI uXw1NBSlg3pAlzvkb1x/FNvAoz2BwtY2K04LyaHgEL0e8b8+du7+T9x5ZZ3hMxFM -----END CERTIFICATE-----Generated at Wed Jan 7 23:51:44 2026 by rpki-client