This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/6NONc_8xaiQmvjYt7rkEcj2oLuk.roa File: 6NONc_8xaiQmvjYt7rkEcj2oLuk.roa (raw, json) Hash identifier: tpA340Padvl7KxHr9u275vIN4v3p3VBb8wA5QsMAizc= Subject key identifier: E8:D3:8D:73:FF:31:6A:24:26:BE:36:2D:EE:B9:04:72:3D:A8:2E:E9 Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Certificate serial: 019B7F858B4BF9D43296D471A66E5E64022D Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/6NONc_8xaiQmvjYt7rkEcj2oLuk.roa Signing time: Fri 02 Jan 2026 16:23:36 +0000 ROA not before: Fri 02 Jan 2026 16:23:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31898 IP address blocks: 2a0f:b240:11::/48 maxlen: 48 2a0f:b240:5d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 12:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:8b:4b:f9:d4:32:96:d4:71:a6:6e:5e:64:02:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Validity Not Before: Jan 2 16:23:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e8d38d73ff316a2426be362deeb904723da82ee9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:22:ed:ec:36:43:7d:9f:f6:ca:56:32:55:24: 6e:c8:8e:e5:67:da:4e:dc:4a:b2:f6:f0:91:3c:45: eb:ed:fa:4b:53:39:0a:e3:4b:24:65:0b:fd:31:23: 50:90:81:96:08:6c:83:38:f6:7e:9d:9f:0a:39:20: c5:fb:41:2b:21:fc:37:d6:a0:c8:a7:c0:97:6c:45: 12:cf:fc:e6:aa:60:01:fc:75:48:58:2f:e5:99:da: d9:58:aa:26:b4:ee:0d:e7:18:56:59:60:46:2e:04: 7b:97:14:38:24:b6:42:ca:3e:d3:b5:c8:48:bb:eb: 27:d5:2f:7a:e8:87:a7:e2:b5:f2:f7:82:36:13:7c: 5e:67:ba:31:37:f7:61:b4:1f:37:cf:3f:b8:6e:a5: 01:88:d4:74:07:b4:16:52:15:09:39:68:f6:19:85: 72:93:aa:81:f2:19:11:5d:4a:52:57:6a:5b:5e:51: 7d:b6:fd:4b:73:2e:09:5c:0e:90:3a:e0:55:d8:6f: ed:ab:1e:86:e6:ed:77:a6:37:d3:ef:77:34:14:a1: a3:b2:e3:b8:d2:62:51:20:89:6f:9e:f4:50:53:74: 3a:f7:fd:a5:88:52:5b:fd:02:0a:9c:25:38:2e:7f: 36:b7:3a:15:95:50:20:72:37:83:fd:15:dd:d3:7e: f1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:D3:8D:73:FF:31:6A:24:26:BE:36:2D:EE:B9:04:72:3D:A8:2E:E9 X509v3 Authority Key Identifier: keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/6NONc_8xaiQmvjYt7rkEcj2oLuk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:b240:11::/48 2a0f:b240:5d00::/40 Signature Algorithm: sha256WithRSAEncryption 77:46:93:85:0b:44:35:0c:f7:19:5e:71:59:00:d4:50:23:7f: da:aa:9e:c1:8b:04:26:43:66:7b:10:6c:2e:91:f1:39:b1:99: 64:57:4e:9b:41:8a:ea:0b:a3:dd:59:84:57:00:45:cf:38:88: 57:34:f9:16:54:ea:64:72:02:47:e4:36:18:58:d9:3b:7d:67: ca:0d:92:ee:64:01:1c:63:fb:69:0f:23:18:07:7e:69:41:cd: 5b:64:c2:76:9b:da:49:9e:25:ca:8f:d8:c6:b9:00:50:93:e6: f7:ff:71:07:30:da:f4:e0:be:22:37:ec:00:60:0a:64:a4:fd: aa:d8:b6:55:72:fa:aa:4e:d4:cd:63:cf:e1:d0:f7:cc:e1:66: f5:c6:46:27:4d:b6:11:46:0e:ca:4c:4d:82:97:be:ff:71:fc: 18:2b:e9:46:54:b4:de:fd:89:48:fe:7b:5c:df:67:0b:a2:5f: ca:9d:f8:63:4e:15:88:d2:07:32:d1:4f:a1:b8:56:18:36:71: bc:be:08:b1:2f:a0:89:d3:a3:0f:4a:55:38:8f:b6:fc:2e:9a: 3b:8a:fb:cf:22:84:48:6d:41:2d:8b:ca:cd:58:eb:e4:da:56: 8b:33:7f:52:89:cf:06:c2:20:27:b4:6a:1b:3d:68:8f:a9:bd: 39:f1:2f:a6 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt/hYtL+dQyltRxpm5eZAItMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk ZmUyMGYwHhcNMjYwMTAyMTYyMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlOGQzOGQ3M2ZmMzE2YTI0MjZiZTM2MmRlZWI5MDQ3MjNkYTgyZWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSLt7DZDfZ/2ylYyVSRuyI7lZ9pO 3Eqy9vCRPEXr7fpLUzkK40skZQv9MSNQkIGWCGyDOPZ+nZ8KOSDF+0ErIfw31qDI p8CXbEUSz/zmqmAB/HVIWC/lmdrZWKomtO4N5xhWWWBGLgR7lxQ4JLZCyj7TtchI u+sn1S966Ien4rXy94I2E3xeZ7oxN/dhtB83zz+4bqUBiNR0B7QWUhUJOWj2GYVy k6qB8hkRXUpSV2pbXlF9tv1Lcy4JXA6QOuBV2G/tqx6G5u13pjfT73c0FKGjsuO4 0mJRIIlvnvRQU3Q69/2liFJb/QIKnCU4Ln82tzoVlVAgcjeD/RXd037xlQIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFOjTjXP/MWokJr42Le65BHI9qC7pMB8GA1UdIwQY MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct YjcxNzk4MGU0YWQ2LzEvNk5PTmNfOHhhaVFtdmpZdDdya0VjajJvTHVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2 LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKg+yQAAR AwYAKg+yQF0wDQYJKoZIhvcNAQELBQADggEBAHdGk4ULRDUM9xlecVkA1FAjf9qq nsGLBCZDZnsQbC6R8TmxmWRXTptBiuoLo91ZhFcARc84iFc0+RZU6mRyAkfkNhhY 2Tt9Z8oNku5kARxj+2kPIxgHfmlBzVtkwnab2kmeJcqP2Ma5AFCT5vf/cQcw2vTg viI37ABgCmSk/arYtlVy+qpO1M1jz+HQ98zhZvXGRidNthFGDspMTYKXvv9x/Bgr 6UZUtN79iUj+e1zfZwuiX8qd+GNOFYjSBzLRT6G4Vhg2cby+CLEvoInTow9KVTiP tvwumjuK+88ihEhtQS2Lys1Y6+TaVoszf1KJzwbCICe0ahs9aI+pvTnxL6Y= -----END CERTIFICATE-----Generated at Sat Jan 10 20:50:13 2026 by rpki-client