This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/K9H8kXv7xpSPWVP7_Us2tlSMuss.roa File: K9H8kXv7xpSPWVP7_Us2tlSMuss.roa (raw, json) Hash identifier: 6ie703xgTKqD4RyC9CXOrqAgS3GrEQZe927kdauR5t0= Subject key identifier: 2B:D1:FC:91:7B:FB:C6:94:8F:59:53:FB:FD:4B:36:B6:54:8C:BA:CB Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Certificate serial: 019B7F159A4E6BC232F9DE7D9D13067C98FC Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/K9H8kXv7xpSPWVP7_Us2tlSMuss.roa Signing time: Fri 02 Jan 2026 14:21:20 +0000 ROA not before: Fri 02 Jan 2026 14:21:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9924 IP address blocks: 2.18.16.0/23 maxlen: 23 2.21.16.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:9a:4e:6b:c2:32:f9:de:7d:9d:13:06:7c:98:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa Validity Not Before: Jan 2 14:21:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2bd1fc917bfbc6948f5953fbfd4b36b6548cbacb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b2:fd:a4:9c:43:a9:22:2e:aa:4a:f2:4c:d0: 53:b5:fe:98:76:1b:ac:ab:26:6d:7b:19:2c:49:a0: cd:78:e3:e5:17:b6:1b:53:3f:cc:a1:65:9e:58:12: 50:11:a3:f0:4a:8c:55:a3:52:d3:6e:51:aa:5a:6e: 3d:69:65:68:6a:0d:ee:dc:9e:d9:d2:c6:5a:24:9e: 85:37:7c:cf:95:4a:cf:73:44:64:d3:36:5a:98:29: 21:b9:81:8c:ca:0d:33:c7:40:fe:90:8f:de:86:39: ba:eb:4a:ff:e0:69:e3:5b:28:c6:45:41:e3:2e:6f: 98:fa:0b:0f:5f:2b:89:ca:0c:d2:39:f7:f0:be:82: 2b:6c:c8:cf:48:e9:ea:e9:7c:ea:df:f1:f5:ab:54: e9:3d:b1:6e:4b:b3:b1:f4:8b:69:ea:56:d5:20:19: 68:86:a6:37:8b:73:82:94:60:8d:8e:0f:c0:8a:f1: 75:1f:f3:89:00:f0:e1:b8:4f:ed:36:f0:a2:8f:21: 06:a9:77:78:ed:9e:e9:02:32:ca:5c:6b:a4:75:16: 46:86:9f:39:79:5e:2c:07:0c:8c:78:6b:bc:84:b3: 52:54:ce:7b:1f:d1:70:d1:e3:22:ad:87:de:5e:db: e7:0b:05:26:71:0d:8e:1d:3e:18:de:e8:b8:c9:05: 64:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D1:FC:91:7B:FB:C6:94:8F:59:53:FB:FD:4B:36:B6:54:8C:BA:CB X509v3 Authority Key Identifier: keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/K9H8kXv7xpSPWVP7_Us2tlSMuss.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.18.16.0/23 2.21.16.0/22 Signature Algorithm: sha256WithRSAEncryption 17:5e:fe:2d:53:49:da:54:b5:a0:64:3a:39:8e:84:81:d5:cf: 02:2d:e8:60:d9:13:2f:c1:28:c0:3b:76:10:9c:20:cb:e8:b1: a6:fc:c5:c7:e3:08:1f:55:fa:41:f0:54:c3:6c:94:81:41:c8: 13:67:66:df:93:e9:ea:94:50:55:44:f1:ea:3f:1a:e1:0a:c6: 0c:79:97:cb:e0:0d:d9:59:b0:b4:17:0a:b2:38:fe:30:cc:fb: 2f:3a:ba:f9:c4:dd:8b:06:d2:0b:9c:12:7e:62:c9:63:fe:62: 06:d0:c7:40:3d:6d:96:9d:02:1b:ba:2a:06:e4:81:3c:e1:8f: 47:0c:c2:b9:ee:71:f9:52:18:46:cf:ff:68:a4:b3:f0:c4:5f: 2b:88:c9:37:f6:16:58:01:48:be:10:6a:a5:7f:ee:3f:d8:71: 3a:2a:79:59:af:0a:e0:c6:21:89:2f:18:91:65:2d:b9:0e:fe: ef:34:3d:1d:be:9e:2c:1c:f1:cd:3c:02:69:b8:35:57:1f:ca: f9:1d:69:60:e2:bd:30:fd:b5:c1:83:c7:cc:5c:57:7c:bb:8b: 72:da:1f:88:ee:2a:00:3d:46:f5:29:23:88:d1:8d:f3:6c:0f: de:48:28:43:2c:a5:45:ca:e5:39:d9:49:18:90:5e:93:6a:5c: 95:6f:5d:c1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FZpOa8Iy+d59nRMGfJj8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5 YmQ2YWEwHhcNMjYwMTAyMTQyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYmQxZmM5MTdiZmJjNjk0OGY1OTUzZmJmZDRiMzZiNjU0OGNiYWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLL9pJxDqSIuqkryTNBTtf6Ydhus qyZtexksSaDNeOPlF7YbUz/MoWWeWBJQEaPwSoxVo1LTblGqWm49aWVoag3u3J7Z 0sZaJJ6FN3zPlUrPc0Rk0zZamCkhuYGMyg0zx0D+kI/ehjm660r/4GnjWyjGRUHj Lm+Y+gsPXyuJygzSOffwvoIrbMjPSOnq6Xzq3/H1q1TpPbFuS7Ox9Itp6lbVIBlo hqY3i3OClGCNjg/AivF1H/OJAPDhuE/tNvCijyEGqXd47Z7pAjLKXGukdRZGhp85 eV4sBwyMeGu8hLNSVM57H9Fw0eMirYfeXtvnCwUmcQ2OHT4Y3ui4yQVk/QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCvR/JF7+8aUj1lT+/1LNrZUjLrLMB8GA1UdIwQY MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt ODhkMWNhYzllNGYxLzEvSzlIOGtYdjd4cFNQV1ZQN19VczJ0bFNNdXNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAhIQAwQC AhUQMA0GCSqGSIb3DQEBCwUAA4IBAQAXXv4tU0naVLWgZDo5joSB1c8CLehg2RMv wSjAO3YQnCDL6LGm/MXH4wgfVfpB8FTDbJSBQcgTZ2bfk+nqlFBVRPHqPxrhCsYM eZfL4A3ZWbC0FwqyOP4wzPsvOrr5xN2LBtILnBJ+Yslj/mIG0MdAPW2WnQIbuioG 5IE84Y9HDMK57nH5UhhGz/9opLPwxF8riMk39hZYAUi+EGqlf+4/2HE6KnlZrwrg xiGJLxiRZS25Dv7vND0dvp4sHPHNPAJpuDVXH8r5HWlg4r0w/bXBg8fMXFd8u4ty 2h+I7ioAPUb1KSOI0Y3zbA/eSChDLKVFyuU52UkYkF6TalyVb13B -----END CERTIFICATE-----Generated at Wed Jan 21 10:28:34 2026 by rpki-client