This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6XzwXbTvrVylk-zs2LRFgKouw9Q.roa File: 6XzwXbTvrVylk-zs2LRFgKouw9Q.roa (raw, json) Hash identifier: lHC4HPul/2DSN8soHagQlZ+RDCmwx+lP722cFGP7bfc= Subject key identifier: E9:7C:F0:5D:B4:EF:AD:5C:A5:93:EC:EC:D8:B4:45:80:AA:2E:C3:D4 Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Certificate serial: 019B7F1598767BE4A002C77BE15CA5558E6D Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6XzwXbTvrVylk-zs2LRFgKouw9Q.roa Signing time: Fri 02 Jan 2026 14:21:20 +0000 ROA not before: Fri 02 Jan 2026 14:21:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8966 IP address blocks: 2.16.44.0/24 maxlen: 24 2.20.249.0/24 maxlen: 24 2.21.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:98:76:7b:e4:a0:02:c7:7b:e1:5c:a5:55:8e:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Validity Not Before: Jan 2 14:21:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e97cf05db4efad5ca593ececd8b44580aa2ec3d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c5:3a:42:22:b8:fd:1b:20:44:84:6f:82:86: 99:ba:7b:f4:bc:c8:7c:11:f3:2c:cf:7b:63:e0:93: 54:6a:67:fc:2f:7b:21:0f:81:d4:54:ec:e4:28:7c: 45:f9:b9:a8:84:24:36:29:cd:f2:bc:08:40:c0:7e: 7b:1d:d5:63:9a:86:09:97:99:78:e9:17:cf:a1:37: c7:42:ac:22:56:55:99:b0:ab:e2:a0:c5:7f:b7:92: 56:1e:9c:95:5a:50:15:28:31:2e:95:08:7e:13:4e: 17:31:39:7f:b9:32:38:aa:07:2d:9f:ea:5a:a7:d9: 53:e0:ff:02:16:0a:93:c0:3c:e2:61:ac:b3:39:0b: ac:6e:94:91:ca:88:99:b8:9d:2a:47:6f:d0:a8:b8: 75:e4:b3:c9:00:d4:f3:48:eb:6a:af:a8:b9:14:60: 60:2b:a8:5b:51:4f:af:2e:7d:d0:1c:ba:84:cf:ef: 3c:24:45:ff:50:11:fe:71:f7:ff:60:30:a3:0d:69: b1:fe:7d:ef:16:99:cd:ac:08:ef:1f:be:30:0a:23: 07:94:8d:69:b8:4f:da:06:75:b7:e1:af:d2:bb:ea: a5:aa:d3:70:d3:83:92:59:73:68:31:df:42:9b:52: e7:f8:c9:6a:c4:74:68:14:c8:ae:1c:8b:95:c9:0a: c6:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:7C:F0:5D:B4:EF:AD:5C:A5:93:EC:EC:D8:B4:45:80:AA:2E:C3:D4 X509v3 Authority Key Identifier: keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/6XzwXbTvrVylk-zs2LRFgKouw9Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.16.44.0/24 2.20.249.0/24 2.21.231.0/24 Signature Algorithm: sha256WithRSAEncryption 56:b5:4d:b6:7c:53:d2:e6:56:a1:6d:2e:8b:61:a2:8b:40:f1: 59:c0:68:37:87:50:1b:ed:e9:e7:e8:96:12:77:b4:a1:ff:87: b1:fb:91:48:53:f3:28:e9:43:b7:60:0e:4d:ab:f7:ac:7d:fc: dd:dd:52:04:44:47:54:ad:ff:e2:e7:66:0a:bf:2f:71:fe:87: 3b:de:8e:d1:46:e1:a7:b6:23:2e:f9:c6:bd:49:68:84:19:72: bb:22:2e:ee:02:37:65:c1:aa:3d:00:d4:d0:56:65:f6:f8:d8: 04:da:18:ed:fa:86:af:90:49:59:e0:a0:61:60:1c:84:81:94: ab:ae:2a:18:f5:26:7c:9a:56:b8:9e:66:21:4e:20:48:68:61: c0:3a:a9:1b:0c:db:14:51:c8:aa:f6:10:fd:9e:22:8e:52:60: 2c:b6:c0:73:9c:56:e8:e4:61:f5:db:b5:35:6a:bf:ca:d9:aa: 1c:34:9c:dd:ed:46:33:5b:63:cf:5f:ed:68:1b:97:31:79:0e: a3:65:9a:1c:2c:14:91:af:77:cb:0e:39:a1:67:42:74:68:14: dd:2b:6b:f3:f0:19:bb:2c:df:5b:2e:25:f2:ca:97:eb:19:f2: a2:10:d9:eb:fe:42:e6:29:e4:43:38:bd:70:ec:d9:44:9d:7e: f3:e0:d4:34 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/FZh2e+SgAsd74VylVY5tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5 YmQ2YWEwHhcNMjYwMTAyMTQyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlOTdjZjA1ZGI0ZWZhZDVjYTU5M2VjZWNkOGI0NDU4MGFhMmVjM2Q0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8U6QiK4/RsgRIRvgoaZunv0vMh8 EfMsz3tj4JNUamf8L3shD4HUVOzkKHxF+bmohCQ2Kc3yvAhAwH57HdVjmoYJl5l4 6RfPoTfHQqwiVlWZsKvioMV/t5JWHpyVWlAVKDEulQh+E04XMTl/uTI4qgctn+pa p9lT4P8CFgqTwDziYayzOQusbpSRyoiZuJ0qR2/QqLh15LPJANTzSOtqr6i5FGBg K6hbUU+vLn3QHLqEz+88JEX/UBH+cff/YDCjDWmx/n3vFpnNrAjvH74wCiMHlI1p uE/aBnW34a/Su+qlqtNw04OSWXNoMd9Cm1Ln+MlqxHRoFMiuHIuVyQrGjwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOl88F20761cpZPs7Ni0RYCqLsPUMB8GA1UdIwQY MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt ODhkMWNhYzllNGYxLzEvNlh6d1hiVHZyVnlsay16czJMUkZnS291dzlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAhAsAwQA AhT5AwQAAhXnMA0GCSqGSIb3DQEBCwUAA4IBAQBWtU22fFPS5lahbS6LYaKLQPFZ wGg3h1Ab7enn6JYSd7Sh/4ex+5FIU/Mo6UO3YA5Nq/esffzd3VIEREdUrf/i52YK vy9x/oc73o7RRuGntiMu+ca9SWiEGXK7Ii7uAjdlwao9ANTQVmX2+NgE2hjt+oav kElZ4KBhYByEgZSrrioY9SZ8mla4nmYhTiBIaGHAOqkbDNsUUciq9hD9niKOUmAs tsBznFbo5GH127U1ar/K2aocNJzd7UYzW2PPX+1oG5cxeQ6jZZocLBSRr3fLDjmh Z0J0aBTdK2vz8Bm7LN9bLiXyypfrGfKiENnr/kLmKeRDOL1w7NlEnX7z4NQ0 -----END CERTIFICATE-----Generated at Wed Jan 21 10:29:17 2026 by rpki-client