This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/CkgoFwT2gaRyCRHQ9kf-YZ7WXx4.roa File: CkgoFwT2gaRyCRHQ9kf-YZ7WXx4.roa (raw, json) Hash identifier: ElBC6RLnYPiPMuL0QaxoL/y5M23xIxFx5PXxpI7qDgQ= Subject key identifier: 0A:48:28:17:04:F6:81:A4:72:09:11:D0:F6:47:FE:61:9E:D6:5F:1E Certificate issuer: /CN=30706b2b95588d780e36ef82a8f54a317d5869e2 Certificate serial: 019B7E38EC51165ACD0671A41C36E6BD35B7 Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/CkgoFwT2gaRyCRHQ9kf-YZ7WXx4.roa Signing time: Fri 02 Jan 2026 10:20:18 +0000 ROA not before: Fri 02 Jan 2026 10:20:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 185.64.6.0/24 maxlen: 24 2a10:2307:fffd::/48 maxlen: 48 2a10:2307:fffe::/48 maxlen: 48 2a10:2307:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.mft rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ec:51:16:5a:cd:06:71:a4:1c:36:e6:bd:35:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2 Validity Not Before: Jan 2 10:20:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a48281704f681a4720911d0f647fe619ed65f1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:6b:97:ff:30:11:84:e9:e5:bf:87:ac:f7:33: e0:60:fd:7f:03:54:0b:9a:4a:a2:cf:86:b3:96:c2: ec:09:35:fb:d5:17:4e:1c:85:5d:c1:49:0f:53:f8: 74:25:89:bf:df:d4:26:57:34:82:91:c5:a5:43:bb: 6a:e6:50:80:df:85:69:58:8e:e4:c1:b1:91:d3:da: a5:56:ec:04:33:f2:35:4e:42:9b:5f:a3:71:b8:c6: 9a:e9:7e:d5:02:38:c1:44:4b:eb:46:1b:1b:d0:67: b8:05:73:ab:54:f3:ac:23:74:33:5c:5e:bc:2e:cc: 44:01:62:f1:25:ef:f8:2c:f0:b2:85:a8:23:e6:96: f1:b9:c2:69:8f:84:b7:f0:ff:c5:42:0e:c3:84:b2: ad:6a:bc:a6:96:03:86:c2:c5:fc:06:8f:d3:29:dc: ac:a2:06:bd:ff:80:4a:4a:dd:44:64:85:75:b8:1e: 17:72:64:fe:06:f0:3d:7f:c0:49:35:db:ae:99:e2: 35:39:a7:64:4f:d5:e7:db:dc:af:4e:c9:53:b5:0c: dd:dc:89:bc:de:64:2e:ff:20:cf:8a:b3:ad:2b:26: 28:09:4f:54:31:f2:29:10:4f:e1:05:a6:75:85:93: 4e:1b:36:fe:7b:50:79:32:df:62:b7:1a:af:94:27: 77:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:48:28:17:04:F6:81:A4:72:09:11:D0:F6:47:FE:61:9E:D6:5F:1E X509v3 Authority Key Identifier: keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/CkgoFwT2gaRyCRHQ9kf-YZ7WXx4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.64.6.0/24 IPv6: 2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 35:7a:ba:31:bb:82:20:b0:81:0d:f4:5d:d3:f5:f5:48:ec:6e: be:9d:61:8d:db:d4:60:75:db:a4:32:2a:b1:73:56:87:04:6a: 05:f5:33:04:0b:ac:13:d2:7b:fe:82:9f:39:62:1e:d6:49:96: 01:f8:79:59:46:e5:a8:d0:61:bf:94:6c:2c:33:57:ce:42:d1: 84:b4:96:b6:66:95:31:cb:4d:96:35:6f:d9:3c:c3:cd:54:59: ac:b2:da:1e:6d:55:8d:53:d4:91:d2:d3:a4:b9:98:10:96:e0: 96:6d:7c:5d:34:b0:bd:6d:56:67:07:a9:79:eb:8e:55:ef:c5: 04:1d:82:16:87:0e:2e:84:f9:d5:d7:03:0f:18:fa:6f:90:54: 19:a9:07:e4:83:2e:14:0a:35:8c:e6:55:1f:2f:62:50:5b:7d: 24:87:be:a6:77:1c:3f:81:65:65:2c:9c:8c:95:6b:48:91:af: 12:da:2f:b0:ff:c0:22:4f:e4:92:d5:e4:ad:60:43:c0:cc:55: 56:94:c0:2e:82:d6:a2:a8:89:12:68:65:39:17:a0:9c:a1:d4: 0b:3d:83:20:7f:5c:ee:74:06:de:8c:2c:65:be:65:c0:a8:0e: a6:a8:6c:bf:bf:fb:e4:43:79:1f:a0:1e:83:db:72:c7:89:3c: e1:11:9a:d7 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt+OOxRFlrNBnGkHDbmvTW3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwNzA2YjJiOTU1ODhkNzgwZTM2ZWY4MmE4ZjU0YTMxN2Q1 ODY5ZTIwHhcNMjYwMTAyMTAyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTQ4MjgxNzA0ZjY4MWE0NzIwOTExZDBmNjQ3ZmU2MTllZDY1ZjFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1muX/zARhOnlv4es9zPgYP1/A1QL mkqiz4azlsLsCTX71RdOHIVdwUkPU/h0JYm/39QmVzSCkcWlQ7tq5lCA34VpWI7k wbGR09qlVuwEM/I1TkKbX6NxuMaa6X7VAjjBREvrRhsb0Ge4BXOrVPOsI3QzXF68 LsxEAWLxJe/4LPCyhagj5pbxucJpj4S38P/FQg7DhLKtarymlgOGwsX8Bo/TKdys oga9/4BKSt1EZIV1uB4XcmT+BvA9f8BJNduumeI1OadkT9Xn29yvTslTtQzd3Im8 3mQu/yDPirOtKyYoCU9UMfIpEE/hBaZ1hZNOGzb+e1B5Mt9itxqvlCd3yQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFApIKBcE9oGkcgkR0PZH/mGe1l8eMB8GA1UdIwQY MBaAFDBwayuVWI14Djbvgqj1SjF9WGniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzct ODRlZDkxZWMxYzY1LzEvQ2tnb0Z3VDJnYVJ5Q1JIUTlrZi1ZWjdXWHg0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzctODRlZDkxZWMxYzY1 LzEvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUAGMBgE AgACMBIwEAMHACoQIwf//QMFAyoQIwAwDQYJKoZIhvcNAQELBQADggEBADV6ujG7 giCwgQ30XdP19Ujsbr6dYY3b1GB126QyKrFzVocEagX1MwQLrBPSe/6CnzliHtZJ lgH4eVlG5ajQYb+UbCwzV85C0YS0lrZmlTHLTZY1b9k8w81UWayy2h5tVY1T1JHS 06S5mBCW4JZtfF00sL1tVmcHqXnrjlXvxQQdghaHDi6E+dXXAw8Y+m+QVBmpB+SD LhQKNYzmVR8vYlBbfSSHvqZ3HD+BZWUsnIyVa0iRrxLaL7D/wCJP5JLV5K1gQ8DM VVaUwC6C1qKoiRJoZTkXoJyh1As9gyB/XO50Bt6MLGW+ZcCoDqaobL+/++RDeR+g HoPbcseJPOERmtc= -----END CERTIFICATE-----Generated at Sat Jan 10 06:59:44 2026 by rpki-client