This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/4cEbZyGTiXOZXHaL9I_GyZuWxeo.roa File: 4cEbZyGTiXOZXHaL9I_GyZuWxeo.roa (raw, json) Hash identifier: /JIcjCA6J39aPzl4BN6PJ2GEofJcaDGHfJZieQt1fcA= Subject key identifier: E1:C1:1B:67:21:93:89:73:99:5C:76:8B:F4:8F:C6:C9:9B:96:C5:EA Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B3D20AA96890DD8937AFD91BB4E057327 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/4cEbZyGTiXOZXHaL9I_GyZuWxeo.roa Signing time: Sat 20 Dec 2025 18:58:29 +0000 ROA not before: Sat 20 Dec 2025 18:58:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 51722 IP address blocks: 2a03:f7c0::/29 maxlen: 29 2a06:ddc0::/29 maxlen: 29 2a0b:e9c0::/29 maxlen: 29 2a0c:5c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:20:aa:96:89:0d:d8:93:7a:fd:91:bb:4e:05:73:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Dec 20 18:58:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=e1c11b6721938973995c768bf48fc6c99b96c5ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:07:1c:97:8e:99:9a:31:98:c2:fe:36:c1:61: 93:2f:20:56:66:b6:3a:12:14:47:bf:4e:b5:83:c7: 41:50:b5:26:ec:30:7a:63:20:28:70:de:81:d7:5b: 03:1a:09:35:e6:5e:2c:bd:d2:87:59:c9:b7:99:a1: 4e:6c:9f:03:51:62:e8:c5:e4:6f:7a:0f:82:2e:02: 93:fc:2b:d4:ef:c9:2d:61:bc:37:8a:10:9c:60:55: 0b:c4:92:a1:53:df:f7:58:b8:16:f6:6d:47:4b:c2: f6:c9:cb:24:19:62:6a:fe:f2:c9:ea:3a:4a:7f:10: c7:00:e4:9a:6c:81:b6:71:9f:f2:58:31:b4:69:19: 00:14:c8:a2:8c:dd:e0:b2:ae:d8:63:6f:6b:3c:b2: be:9a:df:c6:f5:4f:21:41:9f:84:b4:ee:6e:a1:cb: e4:58:bf:77:d6:01:09:0c:e0:de:6a:96:3b:87:be: f3:47:c0:c3:61:4f:e0:5e:2f:6c:89:b4:c5:20:f1: 93:af:ef:e4:79:66:67:79:a8:7f:3e:9a:fc:62:c3: 76:90:23:55:42:0a:88:bb:1b:a1:9a:57:88:22:d1: e3:11:72:ea:b4:d8:75:f7:05:97:5d:92:f9:11:99: df:6e:e1:97:ea:af:40:35:67:ec:a5:f7:fa:43:66: 6f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:C1:1B:67:21:93:89:73:99:5C:76:8B:F4:8F:C6:C9:9B:96:C5:EA X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/4cEbZyGTiXOZXHaL9I_GyZuWxeo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:f7c0::/29 2a06:ddc0::/29 2a0b:e9c0::/29 2a0c:5c0::/29 Signature Algorithm: sha256WithRSAEncryption ab:db:4d:f4:a3:11:46:f3:e3:31:de:40:c3:cf:6b:fc:ea:b8: 94:04:46:da:84:e4:ae:96:da:56:af:09:d4:19:7f:bb:9e:5d: 92:65:65:14:30:e0:02:0e:28:43:c9:7d:9b:7f:8e:25:17:0c: 36:31:87:80:85:65:8b:3b:81:9b:af:78:10:12:eb:67:fc:67: 1c:7d:54:41:9e:a0:db:c9:20:05:46:33:a4:a5:78:4f:7c:22: 8b:6f:a1:7e:54:4f:ba:a9:70:f6:83:db:fc:25:f4:da:42:2f: 22:a3:67:83:33:09:e6:ad:7e:3c:38:46:3e:9b:04:97:60:e4: f3:7f:00:50:7a:d9:4b:5b:c8:ac:a4:9f:25:73:8a:af:4c:e2: 42:73:be:e4:6f:7f:f0:d3:9a:44:23:95:c6:fc:03:fe:b3:1c: f1:36:6b:1b:04:f9:3f:b0:73:fc:5b:51:ec:e1:bf:8e:3d:a2: 9c:ad:33:ee:49:d7:1d:53:0c:4b:bc:ba:25:d9:27:f3:c4:64: dd:ec:8c:f5:27:78:d9:ba:c3:25:45:c8:59:9f:77:fc:ba:97: 47:ba:e8:c9:98:5e:49:42:b7:64:ee:50:88:bb:12:46:36:ee: 61:98:28:90:6c:f3:a6:30:7a:f3:98:8e:5c:ac:72:81:4b:5c: 08:5f:bf:2d -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZs9IKqWiQ3Yk3r9kbtOBXMnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjUxMjIwMTg1ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWMxMWI2NzIxOTM4OTczOTk1Yzc2OGJmNDhmYzZjOTliOTZjNWVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Qccl46ZmjGYwv42wWGTLyBWZrY6 EhRHv061g8dBULUm7DB6YyAocN6B11sDGgk15l4svdKHWcm3maFObJ8DUWLoxeRv eg+CLgKT/CvU78ktYbw3ihCcYFULxJKhU9/3WLgW9m1HS8L2ycskGWJq/vLJ6jpK fxDHAOSabIG2cZ/yWDG0aRkAFMiijN3gsq7YY29rPLK+mt/G9U8hQZ+EtO5uocvk WL931gEJDODeapY7h77zR8DDYU/gXi9sibTFIPGTr+/keWZneah/Ppr8YsN2kCNV QgqIuxuhmleIItHjEXLqtNh19wWXXZL5EZnfbuGX6q9ANWfspff6Q2ZvYQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFOHBG2chk4lzmVx2i/SPxsmblsXqMB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvNGNFYlp5R1RpWE9aWEhhTDlJX0d5WnVXeGVvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgP3wAMF AyoG3cADBQMqC+nAAwUDKgwFwDANBgkqhkiG9w0BAQsFAAOCAQEAq9tN9KMRRvPj Md5Aw89r/Oq4lARG2oTkrpbaVq8J1Bl/u55dkmVlFDDgAg4oQ8l9m3+OJRcMNjGH gIVlizuBm694EBLrZ/xnHH1UQZ6g28kgBUYzpKV4T3wii2+hflRPuqlw9oPb/CX0 2kIvIqNngzMJ5q1+PDhGPpsEl2Dk838AUHrZS1vIrKSfJXOKr0ziQnO+5G9/8NOa RCOVxvwD/rMc8TZrGwT5P7Bz/FtR7OG/jj2inK0z7knXHVMMS7y6Jdkn88Rk3eyM 9Sd42brDJUXIWZ93/LqXR7royZheSUK3ZO5QiLsSRjbuYZgokGzzpjB685iOXKxy gUtcCF+/LQ== -----END CERTIFICATE-----Generated at Sun Dec 21 03:20:18 2025 by rpki-client