This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8B209L8jArLIIyEcMLOzvrTkmtU.roa File: 8B209L8jArLIIyEcMLOzvrTkmtU.roa (raw, json) Hash identifier: p6DLmlDd3pZ+Ktf0A9tm+jqcVCnkci0roW318hSReZI= Subject key identifier: F0:1D:B4:F4:BF:23:02:B2:C8:23:21:1C:30:B3:B3:BE:B4:E4:9A:D5 Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Certificate serial: 019AD0B3FF340583C8A3FE860B7D35EFA12D Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8B209L8jArLIIyEcMLOzvrTkmtU.roa Signing time: Sat 29 Nov 2025 17:40:48 +0000 ROA not before: Sat 29 Nov 2025 17:40:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 210812 IP address blocks: 2a0f:b240:11::/48 maxlen: 48 2a0f:b240:5d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d0:b3:ff:34:05:83:c8:a3:fe:86:0b:7d:35:ef:a1:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Validity Not Before: Nov 29 17:40:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=f01db4f4bf2302b2c823211c30b3b3beb4e49ad5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:35:bb:09:ad:56:f3:6c:fb:e1:16:d4:89:7b: 49:6e:b5:00:bf:2c:16:5c:42:f2:e4:41:0c:82:1b: f7:e7:da:40:68:f4:1f:4a:74:a9:f8:40:7b:6c:8f: d1:6b:03:a7:ca:c4:66:bd:24:3b:0a:8d:d3:b1:2e: a9:91:bc:e7:27:cd:0a:93:c0:98:d6:47:17:e6:fd: e2:7e:43:e5:a3:8f:f3:45:39:40:17:f7:79:40:c5: a7:dd:38:f5:28:b7:fb:37:62:18:b0:e9:4d:1c:ef: c4:53:f6:03:28:ee:1e:62:6d:92:4c:6c:f1:fc:96: df:33:fe:37:75:e7:1d:e1:7b:99:53:43:4e:c4:97: 5e:4f:d7:17:4c:85:cb:5a:87:e7:0b:99:b5:52:00: ff:78:ed:7a:bc:26:fe:58:a1:b1:93:53:29:f2:c1: fc:10:07:99:38:f3:c1:7b:5f:70:16:cb:a1:29:35: e6:3d:8a:be:a2:98:a3:3c:04:0f:62:99:d4:d1:3e: e2:44:22:b1:8b:20:a2:4d:09:37:2a:63:ee:e5:5e: 1c:47:3b:92:1e:32:11:62:00:64:5b:76:8c:69:87: 70:41:13:6f:06:71:df:1e:92:eb:71:44:55:b6:db: cf:28:ef:86:d1:ca:ae:cb:41:fa:7f:57:7c:0d:25: 6a:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:1D:B4:F4:BF:23:02:B2:C8:23:21:1C:30:B3:B3:BE:B4:E4:9A:D5 X509v3 Authority Key Identifier: keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/8B209L8jArLIIyEcMLOzvrTkmtU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:b240:11::/48 2a0f:b240:5d00::/40 Signature Algorithm: sha256WithRSAEncryption 28:03:18:de:08:8b:a8:6b:c2:d6:d5:07:fc:8f:17:a3:77:99: d0:7c:1c:49:72:70:ae:58:8e:31:47:20:eb:c5:37:f1:8c:ff: cd:f3:ff:d5:30:9a:6c:6f:fa:cb:a9:1a:d5:15:28:ea:bc:3c: 29:da:c0:05:0f:fd:26:6a:cb:6d:c4:c1:c4:eb:d9:22:62:86: ec:0f:3a:13:a0:09:51:c8:5d:63:20:a4:ae:29:f5:41:32:5c: d4:53:6d:04:b9:80:a4:98:a6:8e:f5:ac:00:a3:c3:31:b5:a4: 5e:8c:5c:78:78:f2:02:c2:48:3a:20:62:c9:61:ad:43:ad:ed: 99:28:64:66:22:19:f0:4e:6b:33:ec:65:0d:86:3c:11:5d:e2: fa:0a:34:36:dd:29:fd:5d:4a:8f:81:6b:80:b2:e0:ad:e3:ae: a5:79:44:53:bb:83:32:64:14:7d:63:80:2f:49:53:9d:97:97: 4b:c9:c3:b6:34:10:1f:f4:0e:84:c8:e2:39:7c:96:ad:77:f4: a0:9d:d8:06:93:c8:f1:81:91:0a:ba:fb:2f:db:e5:9c:11:0c: 8c:fe:3d:cb:fa:f4:84:85:ed:30:3c:61:a8:b5:4b:31:b2:42: ff:d4:1c:96:05:a5:91:a7:65:9f:9e:50:97:c8:2a:84:11:c2: 17:0e:b0:00 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZrQs/80BYPIo/6GC30176EtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk ZmUyMGYwHhcNMjUxMTI5MTc0MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMDFkYjRmNGJmMjMwMmIyYzgyMzIxMWMzMGIzYjNiZWI0ZTQ5YWQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDW7Ca1W82z74RbUiXtJbrUAvywW XELy5EEMghv359pAaPQfSnSp+EB7bI/RawOnysRmvSQ7Co3TsS6pkbznJ80Kk8CY 1kcX5v3ifkPlo4/zRTlAF/d5QMWn3Tj1KLf7N2IYsOlNHO/EU/YDKO4eYm2STGzx /JbfM/43decd4XuZU0NOxJdeT9cXTIXLWofnC5m1UgD/eO16vCb+WKGxk1Mp8sH8 EAeZOPPBe19wFsuhKTXmPYq+opijPAQPYpnU0T7iRCKxiyCiTQk3KmPu5V4cRzuS HjIRYgBkW3aMaYdwQRNvBnHfHpLrcURVttvPKO+G0cquy0H6f1d8DSVqpwIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFPAdtPS/IwKyyCMhHDCzs7605JrVMB8GA1UdIwQY MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct YjcxNzk4MGU0YWQ2LzEvOEIyMDlMOGpBckxJSXlFY01MT3p2clRrbXRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2 LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKg+yQAAR AwYAKg+yQF0wDQYJKoZIhvcNAQELBQADggEBACgDGN4Ii6hrwtbVB/yPF6N3mdB8 HElycK5YjjFHIOvFN/GM/83z/9Uwmmxv+supGtUVKOq8PCnawAUP/SZqy23EwcTr 2SJihuwPOhOgCVHIXWMgpK4p9UEyXNRTbQS5gKSYpo71rACjwzG1pF6MXHh48gLC SDogYslhrUOt7ZkoZGYiGfBOazPsZQ2GPBFd4voKNDbdKf1dSo+Ba4Cy4K3jrqV5 RFO7gzJkFH1jgC9JU52Xl0vJw7Y0EB/0DoTI4jl8lq139KCd2AaTyPGBkQq6+y/b 5ZwRDIz+Pcv69ISF7TA8Yai1SzGyQv/UHJYFpZGnZZ+eUJfIKoQRwhcOsAA= -----END CERTIFICATE-----Generated at Fri Dec 5 18:11:56 2025 by rpki-client