This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/Vi8I4MkCYQcd0rGXc9xuEZAFofI.roa File: Vi8I4MkCYQcd0rGXc9xuEZAFofI.roa (raw, json) Hash identifier: P7eM54+hvOkGLmFDM1sHFQzbHZ9ga56vNG5gdNovG80= Subject key identifier: 56:2F:08:E0:C9:02:61:07:1D:D2:B1:97:73:DC:6E:11:90:05:A1:F2 Certificate issuer: /CN=35e84c063a2180b23f5f6d3162a75b3092f5c18d Certificate serial: 019B7F844F7B3A28D1FF265F5E07D7C6ED6E Authority key identifier: 35:E8:4C:06:3A:21:80:B2:3F:5F:6D:31:62:A7:5B:30:92:F5:C1:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/Vi8I4MkCYQcd0rGXc9xuEZAFofI.roa Signing time: Fri 02 Jan 2026 16:22:15 +0000 ROA not before: Fri 02 Jan 2026 16:22:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201085 IP address blocks: 157.97.136.0/21 maxlen: 21 185.86.168.0/22 maxlen: 22 2a03:77a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.crl rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.mft rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:4f:7b:3a:28:d1:ff:26:5f:5e:07:d7:c6:ed:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35e84c063a2180b23f5f6d3162a75b3092f5c18d Validity Not Before: Jan 2 16:22:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=562f08e0c90261071dd2b19773dc6e119005a1f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:5d:82:3c:74:63:33:6b:eb:55:2f:2c:01:ee: c4:25:22:5d:a2:26:76:6a:2c:af:df:b9:e8:93:22: 40:64:33:d4:96:96:9e:69:af:7a:a7:38:9a:f7:ca: c2:cb:3b:78:33:0b:bb:42:47:d3:34:37:d9:1f:af: 2e:03:5d:28:4a:5b:3e:d4:bb:af:90:1d:c9:b9:6b: 57:af:c5:65:3e:e1:4d:31:12:cc:95:f0:61:4b:58: 5c:46:e9:c7:5b:4f:2b:87:3c:be:ec:37:15:cd:92: a1:b9:3d:63:02:b8:02:43:70:66:45:37:48:7f:ee: 44:57:7c:a4:2a:ca:f2:b7:09:98:f4:e7:fc:cd:d2: 08:4c:53:f7:0e:55:b4:f1:b1:d3:53:6d:ac:83:ed: b0:88:56:32:bd:77:b4:11:15:d4:8a:94:7d:4e:43: cb:ab:fa:3c:b3:15:f2:52:58:a4:ac:ad:7e:7d:47: 0a:58:f0:fd:8c:52:b7:c4:6f:78:39:ec:a5:fe:09: a0:d9:ec:fb:7f:12:56:39:d7:b6:8d:04:f3:c2:f7: 06:fd:90:f2:74:f5:1c:53:3e:5d:0b:42:27:66:95: 3a:63:61:1e:f8:27:b6:05:c5:fd:01:e6:f5:b4:36: c8:94:18:80:c8:22:f9:2d:3e:f2:ad:3b:ce:5d:cd: 27:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:2F:08:E0:C9:02:61:07:1D:D2:B1:97:73:DC:6E:11:90:05:A1:F2 X509v3 Authority Key Identifier: keyid:35:E8:4C:06:3A:21:80:B2:3F:5F:6D:31:62:A7:5B:30:92:F5:C1:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NehMBjohgLI_X20xYqdbMJL1wY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/Vi8I4MkCYQcd0rGXc9xuEZAFofI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6ca852-ed4b-41d1-a7b6-84a71cc32d48/1/NehMBjohgLI_X20xYqdbMJL1wY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.97.136.0/21 185.86.168.0/22 IPv6: 2a03:77a0::/32 Signature Algorithm: sha256WithRSAEncryption 88:90:d5:24:9d:ca:f0:71:1c:17:73:88:04:cf:a6:bd:02:ea: 82:d5:cb:9a:d1:d3:09:98:1c:0e:4c:41:b9:38:c6:3f:9d:e2: 24:73:21:b8:6d:cd:be:55:6f:e7:b4:a5:88:54:36:18:17:a7: bc:1c:7d:9f:9a:de:04:1b:89:c2:78:37:30:b7:80:49:e2:e6: b5:c7:c6:2b:3d:2a:1c:32:56:da:d3:27:9d:84:a1:eb:00:cf: b1:b0:30:e1:28:ef:f3:db:ac:e9:f8:cd:04:0c:cd:55:a2:da: 71:dc:cf:46:19:08:fc:af:82:be:f3:c7:da:dc:f8:bc:cb:d4: 51:ca:24:e0:5b:04:98:56:50:db:80:c6:d4:ed:00:93:52:63: 51:bb:21:a1:c8:56:ac:a4:de:5a:8c:0b:02:91:46:d3:85:4b: 55:aa:36:ba:c8:3c:2f:58:0e:02:bb:28:e9:ea:61:ce:6b:ca: a7:03:9d:68:6e:a1:55:59:f0:09:59:7a:14:8a:88:2e:57:c9: ff:1e:cc:92:a2:c7:45:a7:a7:c5:91:e6:0b:20:86:9f:16:03: ad:15:e3:53:0e:87:d8:f0:b4:8a:18:d3:d0:08:f4:c3:d7:a2: 16:3b:28:1a:6a:43:35:35:31:9d:0e:f8:ac:d2:ec:e5:57:db: 50:e6:02:3d -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/hE97OijR/yZfXgfXxu1uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1ZTg0YzA2M2EyMTgwYjIzZjVmNmQzMTYyYTc1YjMwOTJm NWMxOGQwHhcNMjYwMTAyMTYyMjE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NjJmMDhlMGM5MDI2MTA3MWRkMmIxOTc3M2RjNmUxMTkwMDVhMWYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp12CPHRjM2vrVS8sAe7EJSJdoiZ2 aiyv37nokyJAZDPUlpaeaa96pzia98rCyzt4Mwu7QkfTNDfZH68uA10oSls+1Luv kB3JuWtXr8VlPuFNMRLMlfBhS1hcRunHW08rhzy+7DcVzZKhuT1jArgCQ3BmRTdI f+5EV3ykKsrytwmY9Of8zdIITFP3DlW08bHTU22sg+2wiFYyvXe0ERXUipR9TkPL q/o8sxXyUlikrK1+fUcKWPD9jFK3xG94Oeyl/gmg2ez7fxJWOde2jQTzwvcG/ZDy dPUcUz5dC0InZpU6Y2Ee+Ce2BcX9Aeb1tDbIlBiAyCL5LT7yrTvOXc0n2QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFYvCODJAmEHHdKxl3PcbhGQBaHyMB8GA1UdIwQY MBaAFDXoTAY6IYCyP19tMWKnWzCS9cGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82Y2E4NTItZWQ0Yi00MWQxLWE3YjYt ODRhNzFjYzMyZDQ4LzEvVmk4STRNa0NZUWNkMHJHWGM5eHVFWkFGb2ZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC82Y2E4NTItZWQ0Yi00MWQxLWE3YjYtODRhNzFjYzMyZDQ4 LzEvTmVoTUJqb2hnTElfWDIweFlxZGJNSkwxd1kwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnWGIAwQC uVaoMA0EAgACMAcDBQAqA3egMA0GCSqGSIb3DQEBCwUAA4IBAQCIkNUkncrwcRwX c4gEz6a9AuqC1cua0dMJmBwOTEG5OMY/neIkcyG4bc2+VW/ntKWIVDYYF6e8HH2f mt4EG4nCeDcwt4BJ4ua1x8YrPSocMlba0yedhKHrAM+xsDDhKO/z26zp+M0EDM1V otpx3M9GGQj8r4K+88fa3Pi8y9RRyiTgWwSYVlDbgMbU7QCTUmNRuyGhyFaspN5a jAsCkUbThUtVqja6yDwvWA4Cuyjp6mHOa8qnA51obqFVWfAJWXoUioguV8n/HsyS osdFp6fFkeYLIIafFgOtFeNTDofY8LSKGNPQCPTD16IWOygaakM1NTGdDvis0uzl V9tQ5gI9 -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:27 2026 by rpki-client