This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6vLBlvAYnt5lDDOZcjpwfzHCOik.roa File: 6vLBlvAYnt5lDDOZcjpwfzHCOik.roa (raw, json) Hash identifier: KihGwXVua6pirrjPV5VriwFVirqc9ZJjTQEykToX1o4= Subject key identifier: EA:F2:C1:96:F0:18:9E:DE:65:0C:33:99:72:3A:70:7F:31:C2:3A:29 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019B78A2732C68A788392AC1F8DC36FB8F2F Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6vLBlvAYnt5lDDOZcjpwfzHCOik.roa Signing time: Thu 01 Jan 2026 08:17:50 +0000 ROA not before: Thu 01 Jan 2026 08:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7018 IP address blocks: 63.246.144.0/24 maxlen: 24 103.216.197.0/24 maxlen: 24 162.218.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:73:2c:68:a7:88:39:2a:c1:f8:dc:36:fb:8f:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Jan 1 08:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=eaf2c196f0189ede650c3399723a707f31c23a29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:0a:c4:4c:71:59:3d:c3:c3:fb:9c:39:b5:ce: 3a:84:b3:37:07:5c:e4:f2:28:de:5f:f0:50:c9:2f: e3:0d:6e:43:14:a5:64:1a:14:24:cd:5a:8e:6b:b0: 0d:51:aa:c5:88:a6:1b:66:7d:67:fb:f1:8a:61:1a: 03:11:d7:31:07:11:73:46:d3:e7:b7:bc:39:9b:c5: ef:50:3f:00:ce:8d:31:ca:f6:bf:22:76:77:68:d2: a9:9f:24:36:88:8f:1b:72:0c:cc:09:92:af:4c:a2: c6:32:fd:52:63:be:ce:67:43:fa:9a:b1:4e:4f:37: 60:5f:97:ba:d4:f1:ca:f3:bc:0d:d3:7b:77:23:8e: 41:34:79:e8:32:54:f6:36:32:7e:7f:67:8a:8c:75: f6:4b:eb:2c:c9:77:ad:b3:c4:00:7f:20:38:4d:c7: d7:0e:04:ee:39:52:ef:c8:d3:d1:bc:bd:95:96:8d: 8f:c5:a3:c3:e9:4f:65:85:19:d8:33:0e:a7:e5:90: fe:c6:1a:57:ee:48:25:90:a0:1e:2e:a3:4f:c1:d3: 63:36:bf:d9:0c:13:e0:91:a2:6b:74:99:c4:db:7c: c1:7c:56:c4:18:06:62:0e:38:eb:b3:a9:7c:b6:34: 6c:eb:60:e2:d9:57:42:15:cf:12:47:34:05:81:d5: c1:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:F2:C1:96:F0:18:9E:DE:65:0C:33:99:72:3A:70:7F:31:C2:3A:29 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6vLBlvAYnt5lDDOZcjpwfzHCOik.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 63.246.144.0/24 103.216.197.0/24 162.218.91.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:49:25:83:2f:ce:00:1c:75:e6:ba:d7:5f:2e:9f:be:41:4f: 14:57:44:a8:fe:29:b5:68:97:7b:88:a9:d0:37:83:13:46:c2: 0f:a5:1a:f7:56:e1:df:73:cd:f1:a3:8a:18:d5:98:17:2d:66: 0c:18:63:61:55:e1:63:a1:46:c8:09:39:19:9f:e0:e5:e2:5b: 45:85:c4:bc:9c:b0:fa:81:43:4e:33:d6:35:c2:de:ca:a2:1a: 96:4a:b8:45:5e:29:19:29:3e:c3:8d:a1:59:53:b0:9d:ad:3d: b7:ec:8d:07:1e:b2:de:55:b1:cc:a7:cf:8d:62:9a:53:a9:f6: bc:18:d8:4c:d6:6d:cf:56:3c:97:ed:68:c0:e0:99:97:53:fa: ae:24:12:9b:e9:a9:f8:78:59:4e:d1:53:dc:9c:ff:e2:0c:33: 08:2b:81:a1:33:e9:c2:f6:b4:f1:7b:32:c9:4b:bd:fc:6a:b7: fb:33:b4:d3:32:29:24:54:ab:73:23:a2:33:71:31:21:08:3d: 5a:5f:cd:fb:7a:10:72:d2:93:ab:10:bf:66:29:c9:a8:04:c3: 9a:7a:b4:19:bd:3a:69:44:92:94:2d:7e:ca:fc:dc:96:42:67: cd:41:1e:2e:ba:77:43:ca:7d:79:cc:01:c6:95:de:e5:93:d0: af:ba:e6:06 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4onMsaKeIOSrB+Nw2+48vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjYwMTAxMDgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYWYyYzE5NmYwMTg5ZWRlNjUwYzMzOTk3MjNhNzA3ZjMxYzIzYTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwrETHFZPcPD+5w5tc46hLM3B1zk 8ijeX/BQyS/jDW5DFKVkGhQkzVqOa7ANUarFiKYbZn1n+/GKYRoDEdcxBxFzRtPn t7w5m8XvUD8Azo0xyva/InZ3aNKpnyQ2iI8bcgzMCZKvTKLGMv1SY77OZ0P6mrFO TzdgX5e61PHK87wN03t3I45BNHnoMlT2NjJ+f2eKjHX2S+ssyXets8QAfyA4TcfX DgTuOVLvyNPRvL2Vlo2PxaPD6U9lhRnYMw6n5ZD+xhpX7kglkKAeLqNPwdNjNr/Z DBPgkaJrdJnE23zBfFbEGAZiDjjrs6l8tjRs62Di2VdCFc8SRzQFgdXBYQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOrywZbwGJ7eZQwzmXI6cH8xwjopMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvNnZMQmx2QVludDVsRERPWmNqcHdmekhDT2lrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAP/aQAwQA Z9jFAwQAotpbMA0GCSqGSIb3DQEBCwUAA4IBAQBqSSWDL84AHHXmutdfLp++QU8U V0So/im1aJd7iKnQN4MTRsIPpRr3VuHfc83xo4oY1ZgXLWYMGGNhVeFjoUbICTkZ n+Dl4ltFhcS8nLD6gUNOM9Y1wt7KohqWSrhFXikZKT7DjaFZU7CdrT237I0HHrLe VbHMp8+NYppTqfa8GNhM1m3PVjyX7WjA4JmXU/quJBKb6an4eFlO0VPcnP/iDDMI K4GhM+nC9rTxezLJS738arf7M7TTMikkVKtzI6IzcTEhCD1aX837ehBy0pOrEL9m KcmoBMOaerQZvTppRJKULX7K/NyWQmfNQR4uundDyn15zAHGld7lk9CvuuYG -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:03 2026 by rpki-client