This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ihMx3JFEXZVU44rMokr7la0BNmo.roa File: ihMx3JFEXZVU44rMokr7la0BNmo.roa (raw, json) Hash identifier: mVJTg4IPM6cJYUsRGrn71+D1WGJ2CWxz8uyeUewgozE= Subject key identifier: 8A:13:31:DC:91:44:5D:95:54:E3:8A:CC:A2:4A:FB:95:AD:01:36:6A Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745 Certificate serial: 019B797E398EA0882508F066C9AD47C52A33 Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ihMx3JFEXZVU44rMokr7la0BNmo.roa Signing time: Thu 01 Jan 2026 12:17:53 +0000 ROA not before: Thu 01 Jan 2026 12:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205613 IP address blocks: 2a06:8ec6:1::/48 maxlen: 48 2a06:8ec6:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 12:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:39:8e:a0:88:25:08:f0:66:c9:ad:47:c5:2a:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745 Validity Not Before: Jan 1 12:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a1331dc91445d9554e38acca24afb95ad01366a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:09:00:9b:71:8a:85:c1:19:37:09:50:d0:cc: fc:ab:e9:bc:61:32:61:f7:ca:91:6c:04:6c:a6:01: a4:bf:98:01:3c:fd:e6:6f:4d:2a:a3:30:16:6f:56: e2:52:e8:fe:6d:fc:cd:53:6c:a9:14:7b:ba:84:c3: ff:60:df:57:c4:a3:c0:c3:0e:c3:a7:22:5e:d1:c5: eb:35:db:c3:07:7e:b9:bf:dd:39:96:11:4d:89:11: 99:db:58:80:69:72:80:b3:88:9d:01:88:db:6c:95: 0b:23:a3:10:66:28:17:a3:98:9e:98:19:c6:dd:b9: 07:60:ee:94:57:16:e2:7f:d7:08:cd:43:d2:59:99: 60:25:48:be:1e:cc:fa:bd:e2:34:25:92:05:8e:0b: c9:8e:c9:1b:10:e3:45:44:b4:59:4e:5c:5c:61:29: f4:69:25:f1:ab:26:8c:96:e6:30:96:e3:d1:c7:61: 05:a2:10:fb:bf:12:59:c2:4f:b1:b9:86:b0:3f:e8: 79:ee:b4:d5:90:a9:48:26:63:0c:32:c2:ca:4c:48: 20:4f:a6:99:f9:f1:b5:88:9f:0d:30:86:4b:fe:e2: eb:23:52:28:5c:e4:46:9d:8b:d4:fa:67:a9:83:ec: d2:c5:ea:4e:1c:d7:2b:e6:72:18:ee:9d:8a:c9:9d: 92:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:13:31:DC:91:44:5D:95:54:E3:8A:CC:A2:4A:FB:95:AD:01:36:6A X509v3 Authority Key Identifier: keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/ihMx3JFEXZVU44rMokr7la0BNmo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a06:8ec6:1::-2a06:8ec6:2:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3d:83:01:1b:3d:c8:85:5a:4e:b8:f6:74:bc:24:73:9d:97:97: a1:26:b4:cd:b2:ff:af:88:28:c9:20:cb:91:b7:ce:f4:2b:e0: 37:47:49:84:3e:a4:83:da:4a:b8:a7:9a:5b:9c:e5:ba:d9:82: d8:ed:21:a6:d7:ca:2a:df:56:03:f5:a1:62:e5:cf:0b:b2:5c: 8e:9a:af:be:c0:5f:65:9b:47:3e:9b:ef:23:0f:4a:c0:62:c4: 31:fa:c0:03:eb:69:6d:1e:37:98:a7:a4:e1:69:9a:ac:89:df: de:20:2f:42:f1:9a:ac:61:13:d6:b3:ed:21:b2:d0:a0:dc:87: dc:46:94:55:83:e4:da:01:db:71:86:a4:7f:1a:f5:5c:bb:4c: fc:c3:ba:9e:16:ae:67:dc:ed:4a:ce:a8:1c:52:da:f1:2e:5a: 44:f1:10:97:c4:5a:d0:c4:3f:8e:29:26:6f:3b:78:cc:03:91: d1:30:9b:6c:c4:fb:25:3d:05:ca:bf:b1:a3:f9:3a:f7:7a:54: 31:36:92:c4:c7:34:2c:3b:c4:58:f9:6a:20:f7:a9:f5:a8:4c: 2d:4c:d8:e1:19:83:a4:be:e1:68:ce:76:77:48:d4:5c:89:be: c4:d3:cb:42:53:7f:fa:47:ea:cc:f1:4a:af:93:06:74:f8:41: cf:7f:c1:f2 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt5fjmOoIglCPBmya1HxSozMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi YTU3NDUwHhcNMjYwMTAxMTIxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTEzMzFkYzkxNDQ1ZDk1NTRlMzhhY2NhMjRhZmI5NWFkMDEzNjZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQkAm3GKhcEZNwlQ0Mz8q+m8YTJh 98qRbARspgGkv5gBPP3mb00qozAWb1biUuj+bfzNU2ypFHu6hMP/YN9XxKPAww7D pyJe0cXrNdvDB365v905lhFNiRGZ21iAaXKAs4idAYjbbJULI6MQZigXo5iemBnG 3bkHYO6UVxbif9cIzUPSWZlgJUi+Hsz6veI0JZIFjgvJjskbEONFRLRZTlxcYSn0 aSXxqyaMluYwluPRx2EFohD7vxJZwk+xuYawP+h57rTVkKlIJmMMMsLKTEggT6aZ +fG1iJ8NMIZL/uLrI1IoXORGnYvU+mepg+zSxepOHNcr5nIY7p2KyZ2SIQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFIoTMdyRRF2VVOOKzKJK+5WtATZqMB8GA1UdIwQY MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt ZmVhYzI2ZWFlY2MyLzEvaWhNeDNKRkVYWlZVNDRyTW9rcjdsYTBCTm1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqBo7G AAEDBwAqBo7GAAIwDQYJKoZIhvcNAQELBQADggEBAD2DARs9yIVaTrj2dLwkc52X l6EmtM2y/6+IKMkgy5G3zvQr4DdHSYQ+pIPaSrinmluc5brZgtjtIabXyirfVgP1 oWLlzwuyXI6ar77AX2WbRz6b7yMPSsBixDH6wAPraW0eN5inpOFpmqyJ394gL0Lx mqxhE9az7SGy0KDch9xGlFWD5NoB23GGpH8a9Vy7TPzDup4Wrmfc7UrOqBxS2vEu WkTxEJfEWtDEP44pJm87eMwDkdEwm2zE+yU9Bcq/saP5Ovd6VDE2ksTHNCw7xFj5 aiD3qfWoTC1M2OEZg6S+4WjOdndI1FyJvsTTy0JTf/pH6szxSq+TBnT4Qc9/wfI= -----END CERTIFICATE-----Generated at Mon Jan 19 20:23:57 2026 by rpki-client