This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lFzE84Ba-cnZ3qEAYMvcQCDiO34.roa File: lFzE84Ba-cnZ3qEAYMvcQCDiO34.roa (raw, json) Hash identifier: V62bNhR9vu/fBt/3q6nLFoE+BtmtHTkWBQTH+NaKnlo= Subject key identifier: 94:5C:C4:F3:80:5A:F9:C9:D9:DE:A1:00:60:CB:DC:40:20:E2:3B:7E Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Certificate serial: 019B7F85AAAF71342EE45515D231E6EE1421 Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lFzE84Ba-cnZ3qEAYMvcQCDiO34.roa Signing time: Fri 02 Jan 2026 16:23:45 +0000 ROA not before: Fri 02 Jan 2026 16:23:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215607 IP address blocks: 2a0f:b240:12::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 02:24:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:aa:af:71:34:2e:e4:55:15:d2:31:e6:ee:14:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f Validity Not Before: Jan 2 16:23:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=945cc4f3805af9c9d9dea10060cbdc4020e23b7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:25:3b:94:28:56:f5:6a:cb:f0:cc:a0:80:21: 11:5b:26:91:a2:99:80:9a:d0:df:c9:f1:f8:eb:1c: 4a:76:a4:59:d2:8c:19:ae:7e:ec:dd:d0:9f:b4:78: 65:20:53:53:bc:c5:01:52:7a:0e:ab:16:ab:e1:b9: 03:42:6b:cb:28:02:f3:50:78:1d:fb:97:64:2e:4e: 0b:7d:97:ed:f6:5a:5e:9e:4f:7c:3f:1f:90:1a:1f: 62:fe:5a:9e:29:26:95:3b:60:30:83:03:d1:61:19: 2a:20:c2:36:73:63:83:1c:7a:7c:98:52:b1:c5:0f: fa:e1:76:5b:a4:99:d4:41:72:f5:e5:0d:e2:f7:4d: a5:59:dd:89:9f:42:c7:33:5c:9b:b2:fc:e5:16:29: f5:88:99:a0:d7:a4:b6:25:45:25:02:d7:e1:d2:9a: f8:8b:bc:2b:01:37:00:3b:07:ea:14:26:d7:aa:d8: b8:a6:f7:81:ca:54:1d:2b:47:87:bf:9f:62:44:80: 4e:8c:be:61:49:c0:30:c6:57:f6:5c:80:79:2a:a0: ba:8d:e7:35:26:d0:9a:b1:9e:16:37:c9:92:6f:78: 1f:22:68:a5:7a:e4:4d:45:aa:4f:23:11:32:d3:49: 25:60:45:c7:1f:30:08:c1:ac:0d:b9:22:31:1d:77: a1:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:5C:C4:F3:80:5A:F9:C9:D9:DE:A1:00:60:CB:DC:40:20:E2:3B:7E X509v3 Authority Key Identifier: keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lFzE84Ba-cnZ3qEAYMvcQCDiO34.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:b240:12::/48 Signature Algorithm: sha256WithRSAEncryption 6e:1c:65:3a:e2:b9:5d:fb:c0:79:a0:3c:e2:56:e0:84:bd:6f: 65:12:20:46:c1:1b:f4:d5:51:33:dd:78:58:be:6a:2b:53:17: eb:85:05:78:68:3d:2a:c4:18:66:99:f7:c0:77:4a:9c:fe:67: f7:51:1b:53:55:c6:43:1b:e9:a0:8e:82:5b:4c:ef:f7:10:61: 28:33:68:cd:69:f0:59:51:19:ea:15:e4:80:fd:b0:00:ac:78: c0:8b:bd:4b:71:ad:be:0d:a8:99:ba:8a:ce:a4:5c:d5:53:e6: 82:6d:ac:41:59:eb:26:a0:eb:b8:46:ee:fb:cf:62:cb:da:d2: 28:85:5b:1f:83:bd:78:31:ed:cb:23:09:db:33:d5:67:ff:00: 76:2c:d6:d5:8f:4f:c7:da:64:0c:e5:db:12:16:df:89:ee:a2: d3:12:2b:d4:00:f0:e8:23:64:c7:cd:75:d8:4f:82:d3:2e:b2: ad:94:63:d5:b8:07:1d:4c:91:2d:86:c5:29:47:83:a3:a4:22: 82:75:98:33:b1:d6:fd:bf:ec:19:ca:c7:fd:38:72:3b:70:ab: be:c8:b5:ad:2c:69:0f:6d:c7:87:88:27:4f:8b:09:ea:f6:81: e1:fe:06:a2:e2:85:4e:5d:75:58:bf:f7:e9:f5:8c:94:1d:2f: 03:05:78:53 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/haqvcTQu5FUV0jHm7hQhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk ZmUyMGYwHhcNMjYwMTAyMTYyMzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDVjYzRmMzgwNWFmOWM5ZDlkZWExMDA2MGNiZGM0MDIwZTIzYjdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCU7lChW9WrL8MyggCERWyaRopmA mtDfyfH46xxKdqRZ0owZrn7s3dCftHhlIFNTvMUBUnoOqxar4bkDQmvLKALzUHgd +5dkLk4LfZft9lpenk98Px+QGh9i/lqeKSaVO2AwgwPRYRkqIMI2c2ODHHp8mFKx xQ/64XZbpJnUQXL15Q3i902lWd2Jn0LHM1ybsvzlFin1iJmg16S2JUUlAtfh0pr4 i7wrATcAOwfqFCbXqti4pveBylQdK0eHv59iRIBOjL5hScAwxlf2XIB5KqC6jec1 JtCasZ4WN8mSb3gfImileuRNRapPIxEy00klYEXHHzAIwawNuSIxHXehNQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFJRcxPOAWvnJ2d6hAGDL3EAg4jt+MB8GA1UdIwQY MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct YjcxNzk4MGU0YWQ2LzEvbEZ6RTg0QmEtY25aM3FFQVlNdmNRQ0RpTzM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2 LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQAAS MA0GCSqGSIb3DQEBCwUAA4IBAQBuHGU64rld+8B5oDziVuCEvW9lEiBGwRv01VEz 3XhYvmorUxfrhQV4aD0qxBhmmffAd0qc/mf3URtTVcZDG+mgjoJbTO/3EGEoM2jN afBZURnqFeSA/bAArHjAi71Lca2+DaiZuorOpFzVU+aCbaxBWesmoOu4Ru77z2LL 2tIohVsfg714Me3LIwnbM9Vn/wB2LNbVj0/H2mQM5dsSFt+J7qLTEivUAPDoI2TH zXXYT4LTLrKtlGPVuAcdTJEthsUpR4OjpCKCdZgzsdb9v+wZysf9OHI7cKu+yLWt LGkPbceHiCdPiwnq9oHh/gai4oVOXXVYv/fp9YyUHS8DBXhT -----END CERTIFICATE-----Generated at Wed Jan 21 11:58:58 2026 by rpki-client