This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/uTawXit8aKEj4eVxiOZXv6mDUXQ.roa File: uTawXit8aKEj4eVxiOZXv6mDUXQ.roa (raw, json) Hash identifier: XkBO6tOwqDjqwxQC1w04z4HLKY8F+H0OZu2mmN1+iAs= Subject key identifier: B9:36:B0:5E:2B:7C:68:A1:23:E1:E5:71:88:E6:57:BF:A9:83:51:74 Certificate issuer: /CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b Certificate serial: 019B78352A7E53F79FB95C0BDB450354BA44 Authority key identifier: EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/uTawXit8aKEj4eVxiOZXv6mDUXQ.roa Signing time: Thu 01 Jan 2026 06:18:28 +0000 ROA not before: Thu 01 Jan 2026 06:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13335 IP address blocks: 80.64.220.0/24 maxlen: 24 80.64.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.mft rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:2a:7e:53:f7:9f:b9:5c:0b:db:45:03:54:ba:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b Validity Not Before: Jan 1 06:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b936b05e2b7c68a123e1e57188e657bfa9835174 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:52:6f:cc:db:d7:2c:f0:97:17:59:38:dd:67: 5d:24:e0:86:21:29:67:e7:3a:a6:d7:4b:7b:a2:dd: fd:51:9d:49:9b:83:1a:75:7d:44:40:7d:15:14:4d: f2:2d:d7:b3:6c:54:fc:2c:0a:15:df:d3:6e:cc:4f: c2:2e:b9:12:c4:50:1e:a9:42:0e:55:87:50:71:94: e9:15:4e:d8:a6:a1:bf:a7:36:d8:2b:6e:2d:6e:cb: 9a:87:81:ee:d7:ef:96:02:7e:bf:0a:47:9e:dd:07: 71:12:d8:a5:2d:29:2f:5a:22:ed:eb:30:23:4f:8f: 59:1b:20:e6:8b:eb:e9:6d:44:32:cb:f9:28:d8:98: 91:b1:83:e2:fd:02:c5:cf:93:3f:b8:33:85:40:0a: cc:da:62:22:c6:fa:1e:48:34:0f:54:88:9d:b1:5b: a2:b1:ef:81:f7:e5:90:2f:71:ff:5c:72:87:a4:64: 7c:c1:38:7c:c0:52:b2:e6:22:4d:1a:27:27:0e:5d: e7:05:6f:e1:56:00:cf:70:c9:91:3a:1d:bc:c4:a7: b8:5d:ca:04:5e:d8:13:8a:fd:58:89:e9:b8:c5:11: 98:7e:52:15:80:11:a2:26:b0:fa:77:fe:0c:fb:66: 61:67:27:ca:4e:48:0c:6b:a3:9f:f2:87:6b:16:9e: f0:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:36:B0:5E:2B:7C:68:A1:23:E1:E5:71:88:E6:57:BF:A9:83:51:74 X509v3 Authority Key Identifier: keyid:EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/uTawXit8aKEj4eVxiOZXv6mDUXQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.64.220.0/24 80.64.223.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:c3:b4:ce:86:00:ee:a6:d2:31:a4:e8:ba:cc:e6:a8:2e:77: e3:e4:8f:96:9e:9a:c7:32:76:2d:0a:f1:c9:d2:8f:bb:4f:99: a4:98:f6:1b:ec:dd:37:7b:0e:9c:43:7d:2a:c7:69:00:80:31: ab:98:20:62:5f:8d:57:22:4e:5c:95:27:b7:97:7b:41:f0:09: 83:dd:dd:c4:c7:8d:d1:a4:0f:03:a6:8f:73:ac:c3:7d:3a:c0: 96:e4:c5:fd:d9:ae:6f:be:d8:67:35:af:fa:bb:7e:93:11:de: e1:ab:2d:fd:6b:45:b6:c5:f8:55:22:86:27:e8:5f:5b:6d:4c: b8:84:d2:31:45:8f:10:06:8c:59:c3:ec:9d:97:d7:81:d2:95: ae:99:ca:69:11:d9:b0:06:f2:3e:30:4d:94:6c:5c:42:73:a5: 94:fd:fb:43:25:79:61:94:68:61:d7:70:4a:7f:ae:6c:47:3f: 6a:b5:80:44:ea:d6:ea:ad:1d:42:62:99:0f:3e:10:65:09:69: 5e:a4:15:67:c6:7a:1b:86:f5:90:6c:34:25:f5:cb:85:4f:69: 49:6d:b3:b0:80:5f:b7:95:4c:0c:9d:17:a2:43:fa:26:58:e1: c3:a5:26:0b:97:0b:47:96:2f:9e:39:a6:cf:1f:16:5f:1a:73: d9:14:b3:03 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4NSp+U/efuVwL20UDVLpEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmN2YzMWJkNmQ5ODVlNDUyOTljMzFkMDUyY2E0YThlYmVm NTU3OGIwHhcNMjYwMTAxMDYxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiOTM2YjA1ZTJiN2M2OGExMjNlMWU1NzE4OGU2NTdiZmE5ODM1MTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1JvzNvXLPCXF1k43WddJOCGISln 5zqm10t7ot39UZ1Jm4MadX1EQH0VFE3yLdezbFT8LAoV39NuzE/CLrkSxFAeqUIO VYdQcZTpFU7YpqG/pzbYK24tbsuah4Hu1++WAn6/Ckee3QdxEtilLSkvWiLt6zAj T49ZGyDmi+vpbUQyy/ko2JiRsYPi/QLFz5M/uDOFQArM2mIixvoeSDQPVIidsVui se+B9+WQL3H/XHKHpGR8wTh8wFKy5iJNGicnDl3nBW/hVgDPcMmROh28xKe4XcoE XtgTiv1Yiem4xRGYflIVgBGiJrD6d/4M+2ZhZyfKTkgMa6Of8odrFp7wvwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLk2sF4rfGihI+HlcYjmV7+pg1F0MB8GA1UdIwQY MBaAFO9/Mb1tmF5FKZwx0FLKSo6+9VeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQt YTc2M2RmM2FlZTZkLzEvdVRhd1hpdDhhS0VqNGVWeGlPWlh2Nm1EVVhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQtYTc2M2RmM2FlZTZk LzEvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEDcAwQA UEDfMA0GCSqGSIb3DQEBCwUAA4IBAQALw7TOhgDuptIxpOi6zOaoLnfj5I+WnprH MnYtCvHJ0o+7T5mkmPYb7N03ew6cQ30qx2kAgDGrmCBiX41XIk5clSe3l3tB8AmD 3d3Ex43RpA8Dpo9zrMN9OsCW5MX92a5vvthnNa/6u36TEd7hqy39a0W2xfhVIoYn 6F9bbUy4hNIxRY8QBoxZw+ydl9eB0pWumcppEdmwBvI+ME2UbFxCc6WU/ftDJXlh lGhh13BKf65sRz9qtYBE6tbqrR1CYpkPPhBlCWlepBVnxnobhvWQbDQl9cuFT2lJ bbOwgF+3lUwMnReiQ/omWOHDpSYLlwtHli+eOabPHxZfGnPZFLMD -----END CERTIFICATE-----Generated at Sat Jan 10 03:55:23 2026 by rpki-client