This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/l6d-s6pGrwjzo2MVrYFXt_vj8FQ.roa File: l6d-s6pGrwjzo2MVrYFXt_vj8FQ.roa (raw, json) Hash identifier: GWCGfDBQXbx8zU/9pE2/fyqt5ipxe1FQBrMDGvjciQY= Subject key identifier: 97:A7:7E:B3:AA:46:AF:08:F3:A3:63:15:AD:81:57:B7:FB:E3:F0:54 Certificate issuer: /CN=f32be982060a43734d0ad126ad46da2f395c9def Certificate serial: 019B7E38CEDAF93586AA986A10F2395FF656 Authority key identifier: F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/l6d-s6pGrwjzo2MVrYFXt_vj8FQ.roa Signing time: Fri 02 Jan 2026 10:20:10 +0000 ROA not before: Fri 02 Jan 2026 10:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 185.37.200.0/22 maxlen: 24 2a00:f020::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.crl rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.mft rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ce:da:f9:35:86:aa:98:6a:10:f2:39:5f:f6:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f32be982060a43734d0ad126ad46da2f395c9def Validity Not Before: Jan 2 10:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=97a77eb3aa46af08f3a36315ad8157b7fbe3f054 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:70:99:8e:cc:ae:10:a9:d8:b7:bb:88:4f:bd: 68:07:ed:a9:e2:86:d9:15:03:a0:18:82:06:6c:7b: eb:7f:bd:2d:b7:36:a8:55:89:58:8f:77:88:f6:7f: 2c:0b:ba:75:40:7f:e8:40:85:a9:5c:af:39:ef:73: 2b:cb:15:1f:17:81:51:41:4e:8d:a0:a5:a5:a2:44: 20:2f:74:b6:e2:a5:d4:34:af:a5:e2:d6:ef:c6:b0: fa:54:5a:e0:e0:1a:eb:db:53:90:14:df:b4:99:6c: 58:70:12:50:ee:1e:1a:60:ed:9e:08:1e:0c:c2:76: d6:bf:58:30:72:48:11:60:eb:74:d2:32:06:07:95: 86:60:1c:75:4c:7b:72:f9:48:5b:80:43:c6:42:fd: bf:1b:6f:e0:12:e8:47:6c:1a:47:36:8f:e3:2b:50: cd:a7:cc:64:ed:7b:06:f2:0f:36:e8:5c:d8:f7:a7: 99:fa:e5:61:01:4d:87:1f:a0:9c:4f:b4:9f:83:f2: 68:5c:74:9a:e1:c7:ff:2a:94:25:09:bf:ab:c1:f2: 4a:f0:24:db:4b:28:38:cb:5d:8b:0f:71:2f:c8:ec: e5:9d:92:26:b2:6b:c9:2e:1a:12:86:78:8f:cc:64: 05:b5:09:05:45:41:8f:ab:51:8b:3f:b5:73:57:4c: 53:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:A7:7E:B3:AA:46:AF:08:F3:A3:63:15:AD:81:57:B7:FB:E3:F0:54 X509v3 Authority Key Identifier: keyid:F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/l6d-s6pGrwjzo2MVrYFXt_vj8FQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.37.200.0/22 IPv6: 2a00:f020::/32 Signature Algorithm: sha256WithRSAEncryption 29:57:b3:82:3c:9b:0c:d4:70:a4:72:ed:dc:54:b5:50:2b:f5: d2:e6:85:8c:a9:c3:39:9a:95:c1:f2:86:38:fe:29:9c:ca:d1: ab:d1:7c:bc:f3:59:25:9f:5b:9f:38:e5:67:f1:1a:a1:d0:9b: ea:71:97:55:8d:1c:2d:e7:86:d9:92:71:0d:6b:d5:5e:ee:61: 95:66:d9:f4:5c:e3:81:37:d4:c0:ec:c2:9e:b9:0e:da:bc:d9: 61:b8:b0:f0:ae:e2:74:c9:ed:83:84:f9:92:bb:2a:c8:eb:86: 29:40:aa:71:e0:02:66:91:67:6e:76:77:6a:fa:4d:9b:2a:e2: 97:d9:82:0f:64:f7:33:56:bf:db:f6:a1:e6:d6:e7:13:4b:d3: a5:f5:f2:85:2e:fb:00:95:7f:e7:08:0f:f0:5d:4f:30:6d:5d: 65:33:f8:cd:9e:94:10:45:58:0c:29:8f:e5:69:94:30:37:9a: e1:36:ab:34:ac:38:12:f1:7c:80:db:d8:05:f7:00:da:74:04: 0a:36:8c:43:8c:13:d8:46:35:ad:e6:42:08:6f:16:df:72:1f: 2b:b9:ab:cc:bf:1c:55:f5:09:da:45:38:54:81:94:de:65:12: 19:4b:a5:be:7a:dd:fc:64:8d:36:33:35:18:64:2f:37:1d:a9: 9e:bb:4b:3b -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OM7a+TWGqphqEPI5X/ZWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMmJlOTgyMDYwYTQzNzM0ZDBhZDEyNmFkNDZkYTJmMzk1 YzlkZWYwHhcNMjYwMTAyMTAyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5N2E3N2ViM2FhNDZhZjA4ZjNhMzYzMTVhZDgxNTdiN2ZiZTNmMDU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXCZjsyuEKnYt7uIT71oB+2p4obZ FQOgGIIGbHvrf70ttzaoVYlYj3eI9n8sC7p1QH/oQIWpXK8573MryxUfF4FRQU6N oKWlokQgL3S24qXUNK+l4tbvxrD6VFrg4Brr21OQFN+0mWxYcBJQ7h4aYO2eCB4M wnbWv1gwckgRYOt00jIGB5WGYBx1THty+UhbgEPGQv2/G2/gEuhHbBpHNo/jK1DN p8xk7XsG8g826FzY96eZ+uVhAU2HH6CcT7Sfg/JoXHSa4cf/KpQlCb+rwfJK8CTb Syg4y12LD3EvyOzlnZImsmvJLhoShniPzGQFtQkFRUGPq1GLP7VzV0xTdwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJenfrOqRq8I86NjFa2BV7f74/BUMB8GA1UdIwQY MBaAFPMr6YIGCkNzTQrRJq1G2i85XJ3vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGIt OTliY2JlNmQ3ZjYzLzEvbDZkLXM2cEdyd2p6bzJNVnJZRlh0X3ZqOEZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGItOTliY2JlNmQ3ZjYz LzEvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSXIMA0E AgACMAcDBQAqAPAgMA0GCSqGSIb3DQEBCwUAA4IBAQApV7OCPJsM1HCkcu3cVLVQ K/XS5oWMqcM5mpXB8oY4/imcytGr0Xy881kln1ufOOVn8Rqh0JvqcZdVjRwt54bZ knENa9Ve7mGVZtn0XOOBN9TA7MKeuQ7avNlhuLDwruJ0ye2DhPmSuyrI64YpQKpx 4AJmkWdudndq+k2bKuKX2YIPZPczVr/b9qHm1ucTS9Ol9fKFLvsAlX/nCA/wXU8w bV1lM/jNnpQQRVgMKY/laZQwN5rhNqs0rDgS8XyA29gF9wDadAQKNoxDjBPYRjWt 5kIIbxbfch8ruavMvxxV9QnaRThUgZTeZRIZS6W+et38ZI02MzUYZC83Hameu0s7 -----END CERTIFICATE-----Generated at Fri Jan 9 17:04:38 2026 by rpki-client