This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/0e4GauzDmn8kMomw7oCsTJu7m8Q.roa File: 0e4GauzDmn8kMomw7oCsTJu7m8Q.roa (raw, json) Hash identifier: vhyIGyttSh6EEj+o9giIX+19O/xI+MdDj+HOEVvUjJ4= Subject key identifier: D1:EE:06:6A:EC:C3:9A:7F:24:32:89:B0:EE:80:AC:4C:9B:BB:9B:C4 Certificate issuer: /CN=33fbdbb20c2d97073c0de8b7caa75ec1eeb191b8 Certificate serial: 019B7B3685EE897FC2621557748415C78933 Authority key identifier: 33:FB:DB:B2:0C:2D:97:07:3C:0D:E8:B7:CA:A7:5E:C1:EE:B1:91:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_vbsgwtlwc8Dei3yqdewe6xkbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/0e4GauzDmn8kMomw7oCsTJu7m8Q.roa Signing time: Thu 01 Jan 2026 20:18:49 +0000 ROA not before: Thu 01 Jan 2026 20:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20571 IP address blocks: 217.169.64.0/20 maxlen: 24 2a0a:b7c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/M_vbsgwtlwc8Dei3yqdewe6xkbg.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/M_vbsgwtlwc8Dei3yqdewe6xkbg.mft rsync://rpki.ripe.net/repository/DEFAULT/M_vbsgwtlwc8Dei3yqdewe6xkbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 20:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:85:ee:89:7f:c2:62:15:57:74:84:15:c7:89:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33fbdbb20c2d97073c0de8b7caa75ec1eeb191b8 Validity Not Before: Jan 1 20:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d1ee066aecc39a7f243289b0ee80ac4c9bbb9bc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:cf:62:34:da:16:ee:d1:a7:e8:a1:24:51:38: 49:1a:8e:53:0d:6f:2d:38:92:00:ee:7f:5a:31:5b: de:97:08:7f:fa:b4:95:b4:fb:21:2b:ac:ff:f5:0f: e5:5b:4c:eb:c9:06:62:dc:c8:0d:9d:f7:a8:4d:5e: ab:f4:82:71:35:69:d9:95:9e:5d:f0:f3:b7:8b:91: b8:bf:d8:fd:a4:13:bb:65:c7:7b:72:e3:36:43:1f: 94:94:d6:33:fb:96:42:06:ce:bb:ad:24:d1:d8:d5: b7:9a:06:76:f4:ce:2b:b0:67:c5:d0:a8:e8:95:04: 8d:88:c2:7e:75:db:91:3c:5a:04:31:f6:6a:b6:e5: 1f:01:d5:64:b2:fa:5c:23:89:e8:c4:ec:be:00:18: 77:52:17:3b:06:b7:08:33:0a:7b:02:21:32:48:a6: 91:d8:c8:1e:4e:bd:38:c1:5c:b3:42:03:a1:91:fb: e3:aa:3e:6c:c4:f8:df:ea:0f:72:47:82:60:8d:3b: ea:04:db:fa:ab:3d:29:c5:2a:d6:82:79:b3:f0:6d: a5:35:c9:69:e9:35:6a:c6:36:19:f9:96:43:03:2c: 7b:b5:64:b9:59:90:9a:09:ad:0d:b9:8c:35:01:87: 9c:d2:c7:97:11:ed:4a:1f:9a:16:8b:59:1c:ba:91: e4:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:EE:06:6A:EC:C3:9A:7F:24:32:89:B0:EE:80:AC:4C:9B:BB:9B:C4 X509v3 Authority Key Identifier: keyid:33:FB:DB:B2:0C:2D:97:07:3C:0D:E8:B7:CA:A7:5E:C1:EE:B1:91:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_vbsgwtlwc8Dei3yqdewe6xkbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/0e4GauzDmn8kMomw7oCsTJu7m8Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/3a362d-4198-4b08-bb0a-dbe41fc8399e/1/M_vbsgwtlwc8Dei3yqdewe6xkbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.169.64.0/20 IPv6: 2a0a:b7c0::/32 Signature Algorithm: sha256WithRSAEncryption 51:26:36:7d:c9:be:b9:53:d5:bf:0f:c9:ce:4a:ae:80:e7:0d: 6f:16:f1:0d:f2:5c:56:26:0d:c5:6f:7f:c3:e1:a3:0b:64:62: 46:0d:f7:69:87:0b:64:a2:93:7f:d6:e3:30:02:41:92:34:02: f5:da:9a:0d:84:9c:60:b0:cb:0e:8b:97:5f:00:2f:65:41:6a: db:cd:5e:ba:07:f6:27:b6:66:3f:64:b9:84:92:2b:b9:a6:f6: 06:84:e8:69:88:97:03:4d:b1:e9:35:e1:a7:36:ce:ed:cf:67: 22:ee:d6:d2:97:98:84:40:ac:44:8e:29:d1:1e:95:6b:fb:0f: bb:30:c4:ea:a3:de:de:eb:1c:90:34:de:1f:8d:f2:14:e4:7e: 5b:ad:3a:55:77:62:2b:34:50:93:96:01:a9:a1:05:b2:71:00: 8b:57:98:91:67:b3:58:1b:a4:7e:e9:e7:42:17:c4:c7:ce:04: 04:b4:4c:f3:d9:47:6c:ed:da:63:d0:95:4a:b5:f3:47:5c:da: 93:ad:46:a6:de:97:84:ca:54:6b:98:6c:58:57:86:f6:8d:01: 56:92:77:c1:24:b7:76:c6:ad:7b:d2:b6:60:5d:e4:7b:84:eb: c6:c9:85:ea:f3:2d:01:f7:55:f8:74:8c:8b:95:7a:d2:b3:af: 6a:2b:cf:e4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NoXuiX/CYhVXdIQVx4kzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzZmJkYmIyMGMyZDk3MDczYzBkZThiN2NhYTc1ZWMxZWVi MTkxYjgwHhcNMjYwMTAxMjAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMWVlMDY2YWVjYzM5YTdmMjQzMjg5YjBlZTgwYWM0YzliYmI5YmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7M9iNNoW7tGn6KEkUThJGo5TDW8t OJIA7n9aMVvelwh/+rSVtPshK6z/9Q/lW0zryQZi3MgNnfeoTV6r9IJxNWnZlZ5d 8PO3i5G4v9j9pBO7Zcd7cuM2Qx+UlNYz+5ZCBs67rSTR2NW3mgZ29M4rsGfF0Kjo lQSNiMJ+dduRPFoEMfZqtuUfAdVksvpcI4noxOy+ABh3Uhc7BrcIMwp7AiEySKaR 2MgeTr04wVyzQgOhkfvjqj5sxPjf6g9yR4JgjTvqBNv6qz0pxSrWgnmz8G2lNclp 6TVqxjYZ+ZZDAyx7tWS5WZCaCa0NuYw1AYec0seXEe1KH5oWi1kcupHkpwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNHuBmrsw5p/JDKJsO6ArEybu5vEMB8GA1UdIwQY MBaAFDP727IMLZcHPA3ot8qnXsHusZG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTV92YnNnd3Rsd2M4RGVpM3lxZGV3ZTZ4a2JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zYTM2MmQtNDE5OC00YjA4LWJiMGEt ZGJlNDFmYzgzOTllLzEvMGU0R2F1ekRtbjhrTW9tdzdvQ3NUSnU3bThRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi8zYTM2MmQtNDE5OC00YjA4LWJiMGEtZGJlNDFmYzgzOTll LzEvTV92YnNnd3Rsd2M4RGVpM3lxZGV3ZTZ4a2JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2alAMA0E AgACMAcDBQAqCrfAMA0GCSqGSIb3DQEBCwUAA4IBAQBRJjZ9yb65U9W/D8nOSq6A 5w1vFvEN8lxWJg3Fb3/D4aMLZGJGDfdphwtkopN/1uMwAkGSNAL12poNhJxgsMsO i5dfAC9lQWrbzV66B/YntmY/ZLmEkiu5pvYGhOhpiJcDTbHpNeGnNs7tz2ci7tbS l5iEQKxEjinRHpVr+w+7MMTqo97e6xyQNN4fjfIU5H5brTpVd2IrNFCTlgGpoQWy cQCLV5iRZ7NYG6R+6edCF8THzgQEtEzz2Uds7dpj0JVKtfNHXNqTrUam3peEylRr mGxYV4b2jQFWknfBJLd2xq170rZgXeR7hOvGyYXq8y0B91X4dIyLlXrSs69qK8/k -----END CERTIFICATE-----Generated at Sun Jan 11 03:41:08 2026 by rpki-client