This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/kEa8o2UnqelmH_ygtilQKIay4-U.roa File: kEa8o2UnqelmH_ygtilQKIay4-U.roa (raw, json) Hash identifier: wdOm+SKzMVc+6qYyPwtZWi4vySs728OYrMlkH8naows= Subject key identifier: 90:46:BC:A3:65:27:A9:E9:66:1F:FC:A0:B6:29:50:28:86:B2:E3:E5 Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900 Certificate serial: 019B7E383AD30773E2626BA4C8C853799972 Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/kEa8o2UnqelmH_ygtilQKIay4-U.roa Signing time: Fri 02 Jan 2026 10:19:32 +0000 ROA not before: Fri 02 Jan 2026 10:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204137 IP address blocks: 134.19.128.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:3a:d3:07:73:e2:62:6b:a4:c8:c8:53:79:99:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900 Validity Not Before: Jan 2 10:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9046bca36527a9e9661ffca0b629502886b2e3e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ec:ae:d9:88:e5:dd:b2:df:f9:11:0a:08:3e: 06:da:75:dd:7d:13:63:a4:4f:09:0e:79:83:8b:51: 42:66:2d:cf:8d:6f:8e:fb:aa:10:c3:a2:99:e2:14: b2:11:7f:22:22:1d:86:5c:8c:ce:d6:de:15:15:a2: 3b:1e:a1:2b:1c:f7:d7:b7:1d:52:5d:51:8b:fe:6b: 8a:52:69:68:c4:46:b1:9a:9c:70:20:fa:95:57:d9: be:45:22:aa:ee:92:2e:63:6a:96:6e:60:3e:8d:17: b1:ee:d3:f8:e6:fc:5f:f8:6d:9d:a1:c7:73:06:b6: 13:6d:96:f3:2c:ab:c1:0a:11:de:ff:94:77:5a:d8: 40:bd:47:6c:ca:58:a1:99:3a:d2:99:ce:61:3e:86: b3:5a:a0:8e:f6:f0:ad:3d:67:71:dc:5b:97:9f:a0: b7:ce:c8:ea:bb:23:db:39:54:1d:a1:08:a8:12:b6: cd:2c:8f:40:1a:ba:f3:6c:49:31:ee:92:37:01:e6: 43:dd:f1:c7:88:8c:56:70:58:3d:a4:58:db:a5:de: 0a:80:0f:5b:8d:4a:5a:46:a2:a3:88:e4:3f:44:4c: 6a:7a:5b:4d:1d:82:d6:6d:f0:25:91:c5:7c:c5:2a: d7:cc:9a:e4:ce:5a:0a:37:98:92:84:fc:46:a2:8b: b1:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:46:BC:A3:65:27:A9:E9:66:1F:FC:A0:B6:29:50:28:86:B2:E3:E5 X509v3 Authority Key Identifier: keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/kEa8o2UnqelmH_ygtilQKIay4-U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 134.19.128.0/21 Signature Algorithm: sha256WithRSAEncryption 8d:b5:02:5a:4c:e9:53:5f:2d:9c:58:b3:63:dd:72:c6:15:a9: 4e:6f:ca:a1:82:4d:3d:ce:d9:54:f1:d3:52:65:8e:7d:49:d1: ef:9b:7b:13:9d:df:a3:e6:3a:ed:16:1a:43:4f:56:21:f6:32: c1:bf:c6:82:ac:aa:fc:29:2d:87:43:4e:0a:ab:17:d7:18:34: 92:c7:dd:76:90:93:49:7a:78:59:e3:29:90:c7:3e:a6:35:b4: fa:20:45:c8:af:9f:7a:65:03:8e:e3:fa:37:ca:2c:52:89:3c: e0:16:1a:79:f9:88:43:ac:e8:42:e7:1a:6d:54:68:f8:36:78: 83:a5:19:07:a9:7f:20:59:8c:1c:e5:8e:1b:ba:f5:05:30:80: 67:fb:55:83:84:22:bc:31:cb:5a:46:1c:27:ec:41:d3:8d:d3: 7d:04:be:82:57:00:46:f5:ae:96:ef:a6:f2:17:22:ce:6e:ea: ab:3d:63:d9:3d:35:eb:92:5f:46:b2:58:4e:ff:df:4b:22:43: 43:d5:04:60:d6:14:50:77:78:8a:b8:2e:0f:36:dd:bf:99:cf: ab:1d:7a:8d:c2:72:0b:48:d6:55:2a:c9:46:17:e9:b2:e6:73: 30:61:0d:23:b7:ec:91:e2:ea:b9:d2:83:c3:b5:a3:28:eb:b1: d7:f8:f6:d0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+ODrTB3PiYmukyMhTeZlyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1 M2U5MDAwHhcNMjYwMTAyMTAxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDQ2YmNhMzY1MjdhOWU5NjYxZmZjYTBiNjI5NTAyODg2YjJlM2U1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuyu2Yjl3bLf+REKCD4G2nXdfRNj pE8JDnmDi1FCZi3PjW+O+6oQw6KZ4hSyEX8iIh2GXIzO1t4VFaI7HqErHPfXtx1S XVGL/muKUmloxEaxmpxwIPqVV9m+RSKq7pIuY2qWbmA+jRex7tP45vxf+G2docdz BrYTbZbzLKvBChHe/5R3WthAvUdsylihmTrSmc5hPoazWqCO9vCtPWdx3FuXn6C3 zsjquyPbOVQdoQioErbNLI9AGrrzbEkx7pI3AeZD3fHHiIxWcFg9pFjbpd4KgA9b jUpaRqKjiOQ/RExqeltNHYLWbfAlkcV8xSrXzJrkzloKN5iShPxGoouxcQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJBGvKNlJ6npZh/8oLYpUCiGsuPlMB8GA1UdIwQY MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et YzZmMWU2YWM5YmE5LzEva0VhOG8yVW5xZWxtSF95Z3RpbFFLSWF5NC1VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5 LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDhhOAMA0G CSqGSIb3DQEBCwUAA4IBAQCNtQJaTOlTXy2cWLNj3XLGFalOb8qhgk09ztlU8dNS ZY59SdHvm3sTnd+j5jrtFhpDT1Yh9jLBv8aCrKr8KS2HQ04KqxfXGDSSx912kJNJ enhZ4ymQxz6mNbT6IEXIr596ZQOO4/o3yixSiTzgFhp5+YhDrOhC5xptVGj4NniD pRkHqX8gWYwc5Y4buvUFMIBn+1WDhCK8MctaRhwn7EHTjdN9BL6CVwBG9a6W76by FyLObuqrPWPZPTXrkl9GslhO/99LIkND1QRg1hRQd3iKuC4PNt2/mc+rHXqNwnIL SNZVKslGF+my5nMwYQ0jt+yR4uq50oPDtaMo67HX+PbQ -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:48 2026 by rpki-client