This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/vsmnrTln0FKIYbUICJTrn_gYJUQ.roa File: vsmnrTln0FKIYbUICJTrn_gYJUQ.roa (raw, json) Hash identifier: 8GWosWzTHZxxvdZfNNXEvhtfiz2Ewi4ZMP6/Lvtvauc= Subject key identifier: BE:C9:A7:AD:39:67:D0:52:88:61:B5:08:08:94:EB:9F:F8:18:25:44 Certificate issuer: /CN=965a6abfdb0874f2fec2262cdea3373adcb2dc55 Certificate serial: 019B7AC8458891B7CA4555F551E95A048EC3 Authority key identifier: 96:5A:6A:BF:DB:08:74:F2:FE:C2:26:2C:DE:A3:37:3A:DC:B2:DC:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/vsmnrTln0FKIYbUICJTrn_gYJUQ.roa Signing time: Thu 01 Jan 2026 18:18:23 +0000 ROA not before: Thu 01 Jan 2026 18:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12511 IP address blocks: 84.246.232.0/21 maxlen: 22 138.189.0.0/16 maxlen: 16 138.191.0.0/16 maxlen: 16 194.41.128.0/17 maxlen: 18 2a00:17c8::/32 maxlen: 32 2a00:17c9::/32 maxlen: 32 2a00:17cf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.crl rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.mft rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:45:88:91:b7:ca:45:55:f5:51:e9:5a:04:8e:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=965a6abfdb0874f2fec2262cdea3373adcb2dc55 Validity Not Before: Jan 1 18:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bec9a7ad3967d0528861b5080894eb9ff8182544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:74:0c:7b:af:ba:44:b8:89:57:91:0e:c1:c3: 5c:b1:53:7f:80:a3:32:4a:48:66:7c:27:9e:2f:ad: a8:80:a0:a1:da:c5:93:99:82:1a:48:d3:67:6e:c4: 96:ec:10:dd:52:f1:a0:40:0b:70:d7:59:c1:7a:4f: 34:6c:0a:4f:f2:2a:25:81:18:9f:37:05:8b:7d:ff: cd:af:6a:70:91:c1:e1:0c:bd:60:05:b1:36:eb:43: d8:10:a7:ab:fc:f0:44:10:df:d8:db:b9:b7:32:44: 01:ac:8c:89:ba:84:8c:05:d9:13:d2:61:42:aa:15: 41:2a:d0:70:80:e1:64:33:86:8f:7c:5b:ec:dd:f2: 65:61:62:79:8e:2b:71:a7:5b:a0:5a:b8:12:39:a0: a4:19:92:06:61:49:fd:06:c9:de:2a:cc:10:f6:4e: fd:dd:3d:ce:db:cf:3d:1f:c0:33:8b:b8:62:c3:1b: dc:bf:96:74:68:97:bc:c1:6e:7a:0d:ca:ff:40:ee: 31:e5:22:25:25:c8:12:f7:8a:7e:ce:c8:83:ff:7b: 3d:35:57:8c:80:96:26:61:f0:c6:9b:08:65:f2:6a: be:6d:b9:3a:c4:f0:b6:e0:f0:5a:c0:f3:f1:5c:15: 61:ac:8c:05:f0:29:e6:0d:ae:94:8e:64:9c:d6:00: c3:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:C9:A7:AD:39:67:D0:52:88:61:B5:08:08:94:EB:9F:F8:18:25:44 X509v3 Authority Key Identifier: keyid:96:5A:6A:BF:DB:08:74:F2:FE:C2:26:2C:DE:A3:37:3A:DC:B2:DC:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/vsmnrTln0FKIYbUICJTrn_gYJUQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.246.232.0/21 138.189.0.0/16 138.191.0.0/16 194.41.128.0/17 IPv6: 2a00:17c8::/31 2a00:17cf::/32 Signature Algorithm: sha256WithRSAEncryption 7f:46:7f:9a:32:f8:66:ee:02:c9:6d:c6:74:1a:48:12:48:41: 74:ed:9e:e0:c9:67:01:69:0f:8c:0b:ba:7e:e7:f3:e5:ff:49: 22:5c:55:8b:c3:10:0c:0c:24:9f:d4:d6:78:69:ee:3b:f0:80: e1:8d:42:47:34:1e:ef:72:ac:d8:c0:6e:70:5f:df:4f:4b:43: d2:f6:9d:fe:e8:01:14:0a:86:df:f3:28:c6:c5:04:ea:81:b0: e0:d2:57:bc:b7:83:ba:02:38:95:94:d3:88:f1:93:31:f5:ef: 8c:05:f5:ef:d0:e1:6a:e0:c8:a8:ac:ee:c5:87:50:1f:b6:bf: 52:0a:c7:25:c8:79:d8:d2:39:8d:07:35:f0:76:68:fa:0a:7b: ed:f8:19:08:1f:20:98:5b:4a:df:7f:9a:8e:e9:d3:4b:d1:bb: 55:2a:94:06:7c:d0:13:d0:f1:a3:aa:07:98:9a:9a:4a:a5:2b: c9:bb:53:46:70:4d:5d:d7:99:f2:88:bc:5f:0d:91:f3:9e:06: 33:98:e2:2a:d5:1b:f1:e1:c7:79:e4:23:a0:25:54:d9:1d:f4: 00:5e:c0:de:0d:3e:54:67:08:cf:e5:6c:9b:46:ce:c7:47:85: 35:00:8a:90:a2:f1:1a:06:57:8e:87:57:74:ea:b9:17:b3:e8: 22:37:dd:6e -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt6yEWIkbfKRVX1UelaBI7DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2NWE2YWJmZGIwODc0ZjJmZWMyMjYyY2RlYTMzNzNhZGNi MmRjNTUwHhcNMjYwMTAxMTgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZWM5YTdhZDM5NjdkMDUyODg2MWI1MDgwODk0ZWI5ZmY4MTgyNTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHQMe6+6RLiJV5EOwcNcsVN/gKMy SkhmfCeeL62ogKCh2sWTmYIaSNNnbsSW7BDdUvGgQAtw11nBek80bApP8iolgRif NwWLff/Nr2pwkcHhDL1gBbE260PYEKer/PBEEN/Y27m3MkQBrIyJuoSMBdkT0mFC qhVBKtBwgOFkM4aPfFvs3fJlYWJ5jitxp1ugWrgSOaCkGZIGYUn9BsneKswQ9k79 3T3O2889H8Azi7hiwxvcv5Z0aJe8wW56Dcr/QO4x5SIlJcgS94p+zsiD/3s9NVeM gJYmYfDGmwhl8mq+bbk6xPC24PBawPPxXBVhrIwF8CnmDa6UjmSc1gDDeQIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFL7Jp605Z9BSiGG1CAiU65/4GCVEMB8GA1UdIwQY MBaAFJZaar/bCHTy/sImLN6jNzrcstxVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGxwcXY5c0lkUEwtd2lZczNxTTNPdHl5M0ZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xMjQxN2YtNzY2NS00MDk4LWEzMzgt NDk0OWIxZTJiNjBmLzEvdnNtbnJUbG4wRktJWWJVSUNKVHJuX2dZSlVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC8xMjQxN2YtNzY2NS00MDk4LWEzMzgtNDk0OWIxZTJiNjBm LzEvbGxwcXY5c0lkUEwtd2lZczNxTTNPdHl5M0ZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAcBAIAATAWAwQDVPboAwMA ir0DAwCKvwMEB8IpgDAUBAIAAjAOAwUBKgAXyAMFACoAF88wDQYJKoZIhvcNAQEL BQADggEBAH9Gf5oy+GbuAsltxnQaSBJIQXTtnuDJZwFpD4wLun7n8+X/SSJcVYvD EAwMJJ/U1nhp7jvwgOGNQkc0Hu9yrNjAbnBf309LQ9L2nf7oARQKht/zKMbFBOqB sODSV7y3g7oCOJWU04jxkzH174wF9e/Q4WrgyKis7sWHUB+2v1IKxyXIedjSOY0H NfB2aPoKe+34GQgfIJhbSt9/mo7p00vRu1UqlAZ80BPQ8aOqB5iamkqlK8m7U0Zw TV3XmfKIvF8NkfOeBjOY4irVG/Hhx3nkI6AlVNkd9ABewN4NPlRnCM/lbJtGzsdH hTUAipCi8RoGV46HV3TquRez6CI33W4= -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:42 2026 by rpki-client