This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/EsvahZdQZVhluZsLSr98J_sMDK4.roa File: EsvahZdQZVhluZsLSr98J_sMDK4.roa (raw, json) Hash identifier: DNS5SQ17LOTRnwWYUw1eb+IWwNLBZu1qV/4r+8SuduY= Subject key identifier: 12:CB:DA:85:97:50:65:58:65:B9:9B:0B:4A:BF:7C:27:FB:0C:0C:AE Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c Certificate serial: 019B78A32EB35C9B9BD0776902588176476F Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/EsvahZdQZVhluZsLSr98J_sMDK4.roa Signing time: Thu 01 Jan 2026 08:18:38 +0000 ROA not before: Thu 01 Jan 2026 08:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51554 IP address blocks: 185.157.8.0/22 maxlen: 22 185.157.8.0/23 maxlen: 23 185.157.10.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:2e:b3:5c:9b:9b:d0:77:69:02:58:81:76:47:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c Validity Not Before: Jan 1 08:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=12cbda859750655865b99b0b4abf7c27fb0c0cae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b5:e0:88:b8:af:fa:98:1d:f0:a9:85:ef:95: d4:aa:fa:38:fb:bd:f7:c8:16:37:a1:be:6c:4e:3d: 1e:c1:1f:10:90:dc:a6:d6:9e:cf:07:9a:00:e1:e8: 5f:78:47:74:03:d4:ce:ca:05:5e:03:14:7a:ed:6e: 0c:9d:04:35:39:e0:0d:be:be:d2:01:b4:8f:79:27: d7:af:3b:1c:d3:d6:12:90:9c:60:7b:7e:e5:fe:0a: 7c:37:6f:87:c4:4f:04:ab:7d:fb:53:72:e2:53:82: 5a:ac:62:26:9f:de:8e:b7:bf:a3:7e:12:bd:ba:03: 17:70:22:4d:6d:2a:a8:50:4b:5e:3d:37:c1:e3:e4: 7e:2c:4a:e7:67:bf:ce:9c:e5:88:ae:ea:8c:7f:cb: 99:bf:48:3e:b1:e3:68:92:1e:3a:bb:71:e8:13:2d: a9:f8:1e:1c:70:f8:9f:4d:c8:0a:13:c5:aa:04:00: 67:73:dc:92:05:f4:94:17:6e:15:2b:56:99:f7:92: b9:e2:19:91:af:68:78:c2:96:36:20:73:3d:c0:f9: e9:e8:a2:29:09:d4:d5:a1:bd:c6:6b:50:68:5d:ae: ab:91:aa:49:04:c4:3e:57:15:d5:c5:84:c4:d9:4b: 64:ae:62:64:a9:e7:b2:e0:e1:05:8d:25:26:d9:e3: 41:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:CB:DA:85:97:50:65:58:65:B9:9B:0B:4A:BF:7C:27:FB:0C:0C:AE X509v3 Authority Key Identifier: keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/EsvahZdQZVhluZsLSr98J_sMDK4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.157.8.0/22 Signature Algorithm: sha256WithRSAEncryption b7:34:26:73:08:1f:12:c0:fe:3b:cb:92:5c:68:a2:f0:72:6c: 43:86:92:a6:bb:87:98:6c:fd:5a:e9:5e:a3:25:85:8a:80:8e: 5c:09:4e:64:cd:fc:7e:80:c3:58:44:05:b3:f7:29:e3:f1:4e: 3b:e8:c9:90:fc:41:e9:50:e9:be:c6:5e:07:33:ed:92:fa:72: 71:70:f2:3c:82:02:5e:7b:bb:04:97:6f:6c:21:1a:43:61:c1: 89:45:dc:c7:b4:cc:55:23:13:03:22:0d:19:d3:20:27:56:dc: 59:86:35:58:b7:30:bd:e2:29:06:a6:ef:a2:22:88:ad:98:1b: 7c:5e:f3:5a:7e:2f:03:cb:85:60:7e:58:f3:f1:67:f9:82:60: e9:bd:f4:3f:52:8e:22:04:f1:ec:ef:b8:e6:d4:3b:45:ae:29: c6:d6:bc:0a:d4:b3:a0:26:67:cf:2e:23:af:f9:7c:29:86:53: a1:e4:9c:bb:8e:de:9a:c2:cd:38:4e:32:d6:6d:4b:38:aa:52: 0d:1f:44:54:75:f9:12:e9:82:58:8a:bf:69:72:ff:d0:09:c5: 58:35:46:e0:59:d3:65:46:6e:41:22:a3:35:17:6d:3b:f7:b6: 50:9b:01:b2:e5:4a:4c:04:3a:e8:07:2e:8a:c5:40:c0:b0:3c: 22:b6:fd:49 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4oy6zXJub0HdpAliBdkdvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3 NTYyMGMwHhcNMjYwMTAxMDgxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxMmNiZGE4NTk3NTA2NTU4NjViOTliMGI0YWJmN2MyN2ZiMGMwY2FlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrXgiLiv+pgd8KmF75XUqvo4+733 yBY3ob5sTj0ewR8QkNym1p7PB5oA4ehfeEd0A9TOygVeAxR67W4MnQQ1OeANvr7S AbSPeSfXrzsc09YSkJxge37l/gp8N2+HxE8Eq337U3LiU4JarGImn96Ot7+jfhK9 ugMXcCJNbSqoUEtePTfB4+R+LErnZ7/OnOWIruqMf8uZv0g+seNokh46u3HoEy2p +B4ccPifTcgKE8WqBABnc9ySBfSUF24VK1aZ95K54hmRr2h4wpY2IHM9wPnp6KIp CdTVob3Ga1BoXa6rkapJBMQ+VxXVxYTE2UtkrmJkqeey4OEFjSUm2eNBLQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFBLL2oWXUGVYZbmbC0q/fCf7DAyuMB8GA1UdIwQY MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt NmY1ZDhhNzRhMGU0LzEvRXN2YWhaZFFaVmhsdVpzTFNyOThKX3NNREs0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0 LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ0IMA0G CSqGSIb3DQEBCwUAA4IBAQC3NCZzCB8SwP47y5JcaKLwcmxDhpKmu4eYbP1a6V6j JYWKgI5cCU5kzfx+gMNYRAWz9ynj8U476MmQ/EHpUOm+xl4HM+2S+nJxcPI8ggJe e7sEl29sIRpDYcGJRdzHtMxVIxMDIg0Z0yAnVtxZhjVYtzC94ikGpu+iIoitmBt8 XvNafi8Dy4Vgfljz8Wf5gmDpvfQ/Uo4iBPHs77jm1DtFrinG1rwK1LOgJmfPLiOv +XwphlOh5Jy7jt6aws04TjLWbUs4qlINH0RUdfkS6YJYir9pcv/QCcVYNUbgWdNl Rm5BIqM1F20797ZQmwGy5UpMBDroBy6KxUDAsDwitv1J -----END CERTIFICATE-----Generated at Wed Jan 21 07:47:17 2026 by rpki-client