This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/0xwfSsFkb05U4ozVSEb8hCqR4ZM.roa File: 0xwfSsFkb05U4ozVSEb8hCqR4ZM.roa (raw, json) Hash identifier: wDnxCrMW737wBP0bFwNqAOo1oxv3iXJSRvzrJ/qp1Dc= Subject key identifier: D3:1C:1F:4A:C1:64:6F:4E:54:E2:8C:D5:48:46:FC:84:2A:91:E1:93 Certificate issuer: /CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d Certificate serial: 019B7F84A606EC68031FF84ED23EBB1D4B2D Authority key identifier: 6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/0xwfSsFkb05U4ozVSEb8hCqR4ZM.roa Signing time: Fri 02 Jan 2026 16:22:38 +0000 ROA not before: Fri 02 Jan 2026 16:22:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 188.172.137.0/24 maxlen: 24 188.172.138.0/24 maxlen: 24 2a03:7d40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.crl rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.mft rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 13:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:a6:06:ec:68:03:1f:f8:4e:d2:3e:bb:1d:4b:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d Validity Not Before: Jan 2 16:22:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d31c1f4ac1646f4e54e28cd54846fc842a91e193 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:0e:94:16:a9:e3:b2:a1:e6:52:81:37:9c:bf: 85:e2:1f:1d:a7:bd:15:a4:c1:a9:2d:35:b6:f2:78: d3:cf:3f:9a:a4:aa:2e:22:51:5c:87:f8:dd:f3:c8: 16:9f:1e:8f:03:07:6d:9c:7e:5a:39:66:a4:b0:58: 0b:15:dd:40:02:52:7c:f8:5b:d6:90:18:a3:54:84: 9f:f8:f6:13:c2:af:a8:01:c9:c4:38:6a:f5:35:f2: 13:21:b0:5c:e0:8c:da:df:b8:9a:df:4c:dc:2f:4a: f6:a5:3c:56:c8:b0:cf:50:b5:b0:e5:09:27:84:09: d8:0f:8e:31:08:3f:0c:14:86:48:1e:a1:ae:18:a7: fd:0e:42:6a:f8:56:ee:2c:d4:28:34:4a:01:71:b5: 87:aa:41:db:b9:30:ad:7b:c0:91:75:30:da:01:b0: e6:64:8d:08:c9:b5:29:14:cf:3f:a2:0d:69:cd:d5: ed:79:91:a4:09:c2:c8:80:74:fb:ca:03:85:8a:d2: 04:f2:f3:ba:5b:3c:6d:21:22:2f:12:bd:86:7e:12: 1b:9d:02:36:4d:a0:f9:5d:14:82:15:27:ff:6b:67: 8c:4b:de:64:91:ea:82:e0:4d:13:6f:1c:35:05:d6: 5d:6a:cc:40:59:cb:b0:43:2d:aa:05:85:7a:38:f7: 7f:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:1C:1F:4A:C1:64:6F:4E:54:E2:8C:D5:48:46:FC:84:2A:91:E1:93 X509v3 Authority Key Identifier: keyid:6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/0xwfSsFkb05U4ozVSEb8hCqR4ZM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.172.137.0-188.172.138.255 IPv6: 2a03:7d40::/32 Signature Algorithm: sha256WithRSAEncryption 8f:b0:92:dd:e2:c9:43:d8:3e:e4:82:6f:06:a4:d2:82:9d:e9: cf:73:12:93:47:76:81:60:c1:99:04:09:6e:6e:9b:d9:21:db: 4b:94:fb:c6:b3:19:52:1f:d9:67:05:eb:1b:63:5f:0c:4f:2e: ad:e1:59:e6:f8:0e:e3:32:c1:60:e0:cc:ee:63:1d:22:34:8f: ea:f8:ba:18:5d:19:fc:2d:88:50:72:0c:6a:6d:9a:5e:25:6a: e8:28:6d:a3:c1:4a:45:32:85:d1:2f:85:84:db:c5:07:86:0d: d3:f5:0f:00:ec:b7:45:f6:1f:67:f2:a8:f0:0b:5a:78:ff:22: 16:38:df:84:22:2d:11:21:4c:60:1e:d5:97:53:7a:6e:92:39: bc:39:a7:a4:98:15:55:b0:58:55:28:eb:0e:b0:88:18:3f:25: 17:cd:54:e2:73:12:4d:9b:b3:01:ba:b8:27:6c:82:74:af:de: b6:c3:62:e8:4d:f6:1d:10:03:b1:b8:51:54:8a:ae:e2:ec:d1: 65:9c:d9:e3:c8:c6:15:0d:0e:31:d4:b8:27:9d:9f:d5:0d:7d: de:42:56:0a:cb:28:d4:8c:31:0a:14:b4:6d:aa:7e:68:43:e1: d2:37:22:16:c7:c8:35:cd:42:fa:bd:ab:a3:d6:17:2d:01:a9: 7e:f9:0f:04 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt/hKYG7GgDH/hO0j67HUstMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiYjk1Y2ZjMmQxODdmNDA1MzBlZjA4M2JiZDEwYzg4YzQ5 NTZjMWQwHhcNMjYwMTAyMTYyMjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzFjMWY0YWMxNjQ2ZjRlNTRlMjhjZDU0ODQ2ZmM4NDJhOTFlMTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjg6UFqnjsqHmUoE3nL+F4h8dp70V pMGpLTW28njTzz+apKouIlFch/jd88gWnx6PAwdtnH5aOWaksFgLFd1AAlJ8+FvW kBijVISf+PYTwq+oAcnEOGr1NfITIbBc4Iza37ia30zcL0r2pTxWyLDPULWw5Qkn hAnYD44xCD8MFIZIHqGuGKf9DkJq+FbuLNQoNEoBcbWHqkHbuTCte8CRdTDaAbDm ZI0IybUpFM8/og1pzdXteZGkCcLIgHT7ygOFitIE8vO6WzxtISIvEr2GfhIbnQI2 TaD5XRSCFSf/a2eMS95kkeqC4E0Tbxw1BdZdasxAWcuwQy2qBYV6OPd/RQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFNMcH0rBZG9OVOKM1UhG/IQqkeGTMB8GA1UdIwQY MBaAFGu5XPwtGH9AUw7wg7vRDIjElWwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgt NDY2MDEzNDM1MDc5LzEvMHh3ZlNzRmtiMDVVNG96VlNFYjhoQ3FSNFpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgtNDY2MDEzNDM1MDc5 LzEvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC8rIkD BAC8rIowDQQCAAIwBwMFACoDfUAwDQYJKoZIhvcNAQELBQADggEBAI+wkt3iyUPY PuSCbwak0oKd6c9zEpNHdoFgwZkECW5um9kh20uU+8azGVIf2WcF6xtjXwxPLq3h Web4DuMywWDgzO5jHSI0j+r4uhhdGfwtiFByDGptml4laugobaPBSkUyhdEvhYTb xQeGDdP1DwDst0X2H2fyqPALWnj/IhY434QiLREhTGAe1ZdTem6SObw5p6SYFVWw WFUo6w6wiBg/JRfNVOJzEk2bswG6uCdsgnSv3rbDYuhN9h0QA7G4UVSKruLs0WWc 2ePIxhUNDjHUuCedn9UNfd5CVgrLKNSMMQoUtG2qfmhD4dI3IhbHyDXNQvq9q6PW Fy0BqX75DwQ= -----END CERTIFICATE-----Generated at Wed Jan 7 23:51:48 2026 by rpki-client