This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/2861EryPsrS4a-CLsyIstAV7F9w.roa File: 2861EryPsrS4a-CLsyIstAV7F9w.roa (raw, json) Hash identifier: +qUAh0c2VsbVAzUE8hPQZ3Z3n7oYsSBDx7kw6q6WdmE= Subject key identifier: DB:CE:B5:12:BC:8F:B2:B4:B8:6B:E0:8B:B3:22:2C:B4:05:7B:17:DC Certificate issuer: /CN=ef583686464c533d4152bca2edf3a01b487eea92 Certificate serial: 019B79111BC03C0FD9B2D98C180271C6733D Authority key identifier: EF:58:36:86:46:4C:53:3D:41:52:BC:A2:ED:F3:A0:1B:48:7E:EA:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71g2hkZMUz1BUryi7fOgG0h-6pI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/2861EryPsrS4a-CLsyIstAV7F9w.roa Signing time: Thu 01 Jan 2026 10:18:42 +0000 ROA not before: Thu 01 Jan 2026 10:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205844 IP address blocks: 178.157.88.0/23 maxlen: 24 185.204.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/71g2hkZMUz1BUryi7fOgG0h-6pI.crl rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/71g2hkZMUz1BUryi7fOgG0h-6pI.mft rsync://rpki.ripe.net/repository/DEFAULT/71g2hkZMUz1BUryi7fOgG0h-6pI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:1b:c0:3c:0f:d9:b2:d9:8c:18:02:71:c6:73:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ef583686464c533d4152bca2edf3a01b487eea92 Validity Not Before: Jan 1 10:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbceb512bc8fb2b4b86be08bb3222cb4057b17dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:32:fa:eb:f2:67:be:06:85:f8:cd:f9:07:d3: 34:15:4e:ad:b2:c1:0a:c6:8b:27:0e:0c:e3:51:97: ad:09:6b:f4:ea:0a:bf:9e:f1:e1:31:0f:5c:2d:c9: 82:51:27:f5:d8:ab:90:4a:8d:55:05:ba:d8:8d:9b: bf:08:56:71:64:0a:2b:cd:77:28:f8:0a:ec:94:49: 12:43:5b:f0:4f:bf:56:64:44:32:1f:66:cb:60:87: 7b:84:bb:e4:d1:0c:ac:9e:27:33:fb:45:ce:4b:42: c8:c1:e3:f4:96:04:f7:f3:5d:1a:42:0e:74:4a:99: 0c:d1:38:a4:0c:d0:0b:54:29:20:cd:89:70:41:11: 2e:fb:05:ea:3d:d7:69:d3:ec:01:46:45:b7:9f:e7: cd:8e:40:f5:70:ed:06:1a:be:df:94:10:23:de:42: 9a:d0:36:8d:ca:dc:88:f1:76:55:6e:e0:79:c4:ba: 23:af:65:22:ce:48:3a:04:14:f9:a0:db:4d:a6:41: f3:04:aa:ba:9b:8c:58:16:40:4a:8d:94:16:73:47: 58:9f:16:0d:c3:e0:e4:c0:45:39:7f:49:13:5e:39: 52:b2:64:68:2a:9a:32:13:9a:a4:d3:c0:b4:ff:b2: 36:30:eb:cc:0b:40:a2:b9:0b:eb:ca:04:aa:d3:39: 8e:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:CE:B5:12:BC:8F:B2:B4:B8:6B:E0:8B:B3:22:2C:B4:05:7B:17:DC X509v3 Authority Key Identifier: keyid:EF:58:36:86:46:4C:53:3D:41:52:BC:A2:ED:F3:A0:1B:48:7E:EA:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71g2hkZMUz1BUryi7fOgG0h-6pI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/2861EryPsrS4a-CLsyIstAV7F9w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6a754e-58f6-4c10-9d5e-f43aa27003c5/1/71g2hkZMUz1BUryi7fOgG0h-6pI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.157.88.0/23 185.204.128.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:b3:fe:90:42:da:f0:1f:09:f1:1b:f9:37:c7:d0:aa:f3:bd: 6f:b7:bf:21:75:26:b9:a6:76:c9:6e:39:5b:46:26:9f:a8:42: 92:77:4b:67:ff:e9:53:34:17:f5:f5:c4:b9:50:5d:7a:fc:cc: b6:98:cf:ea:e1:bc:aa:75:58:f8:ff:99:53:be:18:e6:a0:42: 0d:9e:d8:e2:3a:a8:7a:83:1c:4d:39:02:32:d5:54:0c:b0:e0: 43:6d:41:d1:1a:5d:d7:e7:b7:1d:c7:38:d0:cf:28:ab:d9:71: 5e:26:78:76:70:68:e2:a7:fd:97:ba:18:3c:30:0f:40:14:2a: ca:0c:39:2d:cb:02:18:ee:28:0d:a1:9e:84:87:ec:dc:96:5d: 3d:47:cc:6e:f5:60:25:2b:91:53:3c:97:20:58:09:8d:c7:be: 55:e8:82:c1:31:ec:3d:a5:3f:0f:ba:f3:2e:96:86:0f:4e:bb: 22:c0:1a:64:66:e9:76:54:01:18:49:18:f0:70:1b:74:e4:fb: 8a:6a:26:17:cc:fe:dd:da:b8:5b:3d:f8:c1:e5:96:ca:ff:01: 39:df:d3:cf:de:fe:a5:c1:a5:a9:10:9c:ce:22:55:f4:29:b1: 2a:43:7e:ef:74:a2:8d:35:5a:83:dc:0b:c1:38:23:c9:37:ee: 97:0b:c4:94 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5ERvAPA/ZstmMGAJxxnM9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmNTgzNjg2NDY0YzUzM2Q0MTUyYmNhMmVkZjNhMDFiNDg3 ZWVhOTIwHhcNMjYwMTAxMTAxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmNlYjUxMmJjOGZiMmI0Yjg2YmUwOGJiMzIyMmNiNDA1N2IxN2RjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DL66/JnvgaF+M35B9M0FU6tssEK xosnDgzjUZetCWv06gq/nvHhMQ9cLcmCUSf12KuQSo1VBbrYjZu/CFZxZAorzXco +ArslEkSQ1vwT79WZEQyH2bLYId7hLvk0Qysnicz+0XOS0LIweP0lgT3810aQg50 SpkM0TikDNALVCkgzYlwQREu+wXqPddp0+wBRkW3n+fNjkD1cO0GGr7flBAj3kKa 0DaNytyI8XZVbuB5xLojr2Uizkg6BBT5oNtNpkHzBKq6m4xYFkBKjZQWc0dYnxYN w+DkwEU5f0kTXjlSsmRoKpoyE5qk08C0/7I2MOvMC0CiuQvrygSq0zmOkQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNvOtRK8j7K0uGvgi7MiLLQFexfcMB8GA1UdIwQY MBaAFO9YNoZGTFM9QVK8ou3zoBtIfuqSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNzFnMmhrWk1VejFCVXJ5aTdmT2dHMGgtNnBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82YTc1NGUtNThmNi00YzEwLTlkNWUt ZjQzYWEyNzAwM2M1LzEvMjg2MUVyeVBzclM0YS1DTHN5SXN0QVY3Rjl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MS82YTc1NGUtNThmNi00YzEwLTlkNWUtZjQzYWEyNzAwM2M1 LzEvNzFnMmhrWk1VejFCVXJ5aTdmT2dHMGgtNnBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsp1YAwQC ucyAMA0GCSqGSIb3DQEBCwUAA4IBAQArs/6QQtrwHwnxG/k3x9Cq871vt78hdSa5 pnbJbjlbRiafqEKSd0tn/+lTNBf19cS5UF16/My2mM/q4byqdVj4/5lTvhjmoEIN ntjiOqh6gxxNOQIy1VQMsOBDbUHRGl3X57cdxzjQzyir2XFeJnh2cGjip/2Xuhg8 MA9AFCrKDDktywIY7igNoZ6Eh+zcll09R8xu9WAlK5FTPJcgWAmNx75V6ILBMew9 pT8PuvMuloYPTrsiwBpkZul2VAEYSRjwcBt05PuKaiYXzP7d2rhbPfjB5ZbK/wE5 39PP3v6lwaWpEJzOIlX0KbEqQ37vdKKNNVqD3AvBOCPJN+6XC8SU -----END CERTIFICATE-----Generated at Mon Jan 12 09:21:22 2026 by rpki-client