This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/am-H2T7Ww6jJ95ZGxjcLz-wLU1Q.roa File: am-H2T7Ww6jJ95ZGxjcLz-wLU1Q.roa (raw, json) Hash identifier: 2kQQ9mXqE14fd45u6l3SdSU3Gho7WxKdsdIPxleaIU8= Subject key identifier: 6A:6F:87:D9:3E:D6:C3:A8:C9:F7:96:46:C6:37:0B:CF:EC:0B:53:54 Certificate issuer: /CN=ca1efd8e63169d8fdbf98b7139fcddedaf016cb2 Certificate serial: 019B7DCAFD171E7EDF968E43CB7B4DE72C19 Authority key identifier: CA:1E:FD:8E:63:16:9D:8F:DB:F9:8B:71:39:FC:DD:ED:AF:01:6C:B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh79jmMWnY_b-YtxOfzd7a8BbLI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/am-H2T7Ww6jJ95ZGxjcLz-wLU1Q.roa Signing time: Fri 02 Jan 2026 08:20:13 +0000 ROA not before: Fri 02 Jan 2026 08:20:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29003 IP address blocks: 81.90.48.0/20 maxlen: 20 185.95.220.0/22 maxlen: 22 2a02:8f0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/yh79jmMWnY_b-YtxOfzd7a8BbLI.crl rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/yh79jmMWnY_b-YtxOfzd7a8BbLI.mft rsync://rpki.ripe.net/repository/DEFAULT/yh79jmMWnY_b-YtxOfzd7a8BbLI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:fd:17:1e:7e:df:96:8e:43:cb:7b:4d:e7:2c:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca1efd8e63169d8fdbf98b7139fcddedaf016cb2 Validity Not Before: Jan 2 08:20:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a6f87d93ed6c3a8c9f79646c6370bcfec0b5354 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b5:0d:57:4e:14:9e:aa:95:96:bc:64:ed:c8: 59:72:9c:23:c9:e1:ec:53:2f:cd:2a:dd:f3:9e:dd: 4e:09:63:a1:78:f3:8c:16:30:6c:15:c6:ab:16:70: 43:48:5d:92:da:86:68:78:26:54:71:8a:3d:e3:e8: 88:ce:ab:a7:3d:16:1b:77:72:c7:4c:86:e3:c9:5f: f3:d4:e0:8e:34:c5:00:1e:b3:33:cb:b7:7a:c1:f9: 68:d6:70:a9:80:a6:19:a3:cd:f1:da:41:55:db:f9: 6d:e7:9d:28:37:bb:6b:8b:2a:a0:15:ee:c6:8a:6c: de:ab:50:0e:64:f8:1a:15:23:dd:60:74:e4:a0:f7: 5f:c6:de:54:7b:4b:f9:46:88:11:2b:7c:f3:ad:6b: 61:0f:69:b5:4b:d6:b0:1c:4b:ae:99:09:67:8c:cc: 33:54:d1:2d:2c:43:f9:de:02:c9:95:3f:a0:5f:17: e9:61:ee:78:17:f7:2c:6e:bb:25:75:fe:f4:04:82: 40:6d:c2:c0:77:2b:27:28:c6:72:65:f6:85:3a:3f: df:f5:9d:ff:15:32:ef:c0:bd:16:ec:ca:fe:ce:ca: 44:81:27:e0:0c:57:1c:5e:9b:7d:ab:56:60:94:17: 4d:20:16:62:f8:ac:3c:3f:97:34:f2:d7:60:ba:1f: 9b:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:6F:87:D9:3E:D6:C3:A8:C9:F7:96:46:C6:37:0B:CF:EC:0B:53:54 X509v3 Authority Key Identifier: keyid:CA:1E:FD:8E:63:16:9D:8F:DB:F9:8B:71:39:FC:DD:ED:AF:01:6C:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh79jmMWnY_b-YtxOfzd7a8BbLI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/am-H2T7Ww6jJ95ZGxjcLz-wLU1Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/yh79jmMWnY_b-YtxOfzd7a8BbLI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.90.48.0/20 185.95.220.0/22 IPv6: 2a02:8f0::/32 Signature Algorithm: sha256WithRSAEncryption 89:c7:b7:aa:96:88:8c:5b:f5:8c:8e:76:b7:d5:31:05:81:46: 50:37:fa:ef:dc:e1:c6:31:7f:2c:2a:19:19:23:5a:86:67:50: 39:de:23:ea:83:48:28:4c:19:b5:7d:b9:9c:3a:3c:42:fa:c0: 46:da:09:53:da:95:a0:6d:4b:01:21:bd:c7:c8:b0:2e:1a:af: fe:92:a6:41:62:89:ee:ad:84:f2:65:3b:f4:78:9e:64:ba:46: 42:85:cc:2a:de:db:f6:b3:a7:b6:9a:27:e0:b3:c9:83:4f:a4: 28:78:2e:2a:14:aa:40:2d:39:7b:c7:91:4c:09:ef:10:2e:9d: 0b:37:b9:88:63:91:6c:bc:c5:4d:82:c3:f5:fc:fc:5d:ef:52: d4:03:74:68:cd:d5:43:15:be:1d:0d:bb:67:bd:43:9d:84:c3: bc:d4:f1:5f:01:ee:a0:aa:9e:d0:5e:ea:1f:14:09:d6:79:46: 0a:3f:c3:0d:0d:f4:ca:85:14:37:b5:9f:27:08:30:ce:5d:b9: 8e:54:b8:1a:b7:8a:0d:d8:ce:a9:ee:4e:89:3f:5a:65:20:3c: 22:12:ca:57:bd:b4:05:7f:91:f0:d4:a5:d2:e8:dc:19:e5:e7: 2f:05:29:94:25:51:34:b1:2c:48:94:eb:62:95:a2:99:cf:d1: 88:87:76:9c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9yv0XHn7flo5Dy3tN5ywZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhMWVmZDhlNjMxNjlkOGZkYmY5OGI3MTM5ZmNkZGVkYWYw MTZjYjIwHhcNMjYwMTAyMDgyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTZmODdkOTNlZDZjM2E4YzlmNzk2NDZjNjM3MGJjZmVjMGI1MzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubUNV04UnqqVlrxk7chZcpwjyeHs Uy/NKt3znt1OCWOhePOMFjBsFcarFnBDSF2S2oZoeCZUcYo94+iIzqunPRYbd3LH TIbjyV/z1OCONMUAHrMzy7d6wflo1nCpgKYZo83x2kFV2/lt550oN7triyqgFe7G imzeq1AOZPgaFSPdYHTkoPdfxt5Ue0v5RogRK3zzrWthD2m1S9awHEuumQlnjMwz VNEtLEP53gLJlT+gXxfpYe54F/csbrsldf70BIJAbcLAdysnKMZyZfaFOj/f9Z3/ FTLvwL0W7Mr+zspEgSfgDFccXpt9q1ZglBdNIBZi+Kw8P5c08tdguh+bUQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGpvh9k+1sOoyfeWRsY3C8/sC1NUMB8GA1UdIwQY MBaAFMoe/Y5jFp2P2/mLcTn83e2vAWyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWg3OWptTVduWV9iLVl0eE9memQ3YThCYkxJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kOTYxZmUtZDhhYS00OGU1LTk2ZmQt ZjA3ZjA2Y2JlYTJkLzEvYW0tSDJUN1d3NmpKOTVaR3hqY0x6LXdMVTFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZC9kOTYxZmUtZDhhYS00OGU1LTk2ZmQtZjA3ZjA2Y2JlYTJk LzEveWg3OWptTVduWV9iLVl0eE9memQ3YThCYkxJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVowAwQC uV/cMA0EAgACMAcDBQAqAgjwMA0GCSqGSIb3DQEBCwUAA4IBAQCJx7eqloiMW/WM jna31TEFgUZQN/rv3OHGMX8sKhkZI1qGZ1A53iPqg0goTBm1fbmcOjxC+sBG2glT 2pWgbUsBIb3HyLAuGq/+kqZBYonurYTyZTv0eJ5kukZChcwq3tv2s6e2mifgs8mD T6QoeC4qFKpALTl7x5FMCe8QLp0LN7mIY5FsvMVNgsP1/Pxd71LUA3RozdVDFb4d DbtnvUOdhMO81PFfAe6gqp7QXuofFAnWeUYKP8MNDfTKhRQ3tZ8nCDDOXbmOVLga t4oN2M6p7k6JP1plIDwiEspXvbQFf5Hw1KXS6NwZ5ecvBSmUJVE0sSxIlOtilaKZ z9GIh3ac -----END CERTIFICATE-----Generated at Tue Jan 27 11:30:30 2026 by rpki-client