This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/6XH2Ydc6wVPa8tkpc3SeHIdYsRQ.roa File: 6XH2Ydc6wVPa8tkpc3SeHIdYsRQ.roa (raw, json) Hash identifier: KSE+FxkNnAUXtMkOMt61+w2teTVIXjXxk/ACFJUvjq4= Subject key identifier: E9:71:F6:61:D7:3A:C1:53:DA:F2:D9:29:73:74:9E:1C:87:58:B1:14 Certificate issuer: /CN=d8915609656f08f7a28d24b7c4ba9b639ca0b009 Certificate serial: 019B7F14F029D9BC1B9C81E97A497F253A2D Authority key identifier: D8:91:56:09:65:6F:08:F7:A2:8D:24:B7:C4:BA:9B:63:9C:A0:B0:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/6XH2Ydc6wVPa8tkpc3SeHIdYsRQ.roa Signing time: Fri 02 Jan 2026 14:20:37 +0000 ROA not before: Fri 02 Jan 2026 14:20:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206150 IP address blocks: 185.205.132.0/22 maxlen: 22 185.205.132.0/24 maxlen: 24 185.205.133.0/24 maxlen: 24 185.205.134.0/24 maxlen: 24 185.205.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.crl rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.mft rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:f0:29:d9:bc:1b:9c:81:e9:7a:49:7f:25:3a:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8915609656f08f7a28d24b7c4ba9b639ca0b009 Validity Not Before: Jan 2 14:20:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e971f661d73ac153daf2d92973749e1c8758b114 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:fb:b9:c8:d4:7c:9e:37:ba:61:58:53:0e:13: 6a:33:4c:3d:62:75:81:25:d8:db:4d:6b:91:b2:26: 80:bf:f5:0e:83:fc:a2:a3:e1:0e:a9:7c:7e:55:97: 74:68:3c:31:06:5e:24:61:5f:66:93:ea:00:d9:30: 03:28:7e:9e:42:3c:a6:51:1b:bb:d3:dd:75:a5:e4: d1:48:a2:48:2c:f3:90:d1:6e:4d:ff:62:18:f0:4b: a9:13:27:4a:99:4d:e7:89:72:55:cc:ae:7f:0c:4b: d3:cc:3a:85:f1:b8:68:e8:2a:9c:14:c3:7c:6a:1a: b3:52:b9:1b:3f:74:18:26:bb:5f:41:c6:fe:ef:05: 31:bd:ba:13:3c:c2:fd:56:cc:14:2b:dd:b4:9d:a0: 0b:f9:52:4f:cd:e5:56:9f:6a:2d:93:50:7a:af:63: 86:96:da:69:db:a1:06:79:20:e4:bd:99:24:85:11: 80:a3:b2:db:c6:74:90:71:58:11:d5:f3:ac:c7:3e: 31:6b:cf:95:52:ab:5c:e9:23:06:90:22:31:04:6d: 78:bf:92:ba:8f:db:fc:19:67:1a:95:d4:03:8e:f5: 7e:a7:b6:78:26:ff:38:26:1f:f0:7e:41:61:24:f9: 05:84:74:9e:58:f8:0b:99:a5:08:76:30:d9:76:ce: 14:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:71:F6:61:D7:3A:C1:53:DA:F2:D9:29:73:74:9E:1C:87:58:B1:14 X509v3 Authority Key Identifier: keyid:D8:91:56:09:65:6F:08:F7:A2:8D:24:B7:C4:BA:9B:63:9C:A0:B0:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/6XH2Ydc6wVPa8tkpc3SeHIdYsRQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.205.132.0/22 Signature Algorithm: sha256WithRSAEncryption 83:8a:f6:c3:cd:f6:df:b9:0b:78:24:01:11:cb:35:d1:6e:6e: 3f:ad:05:07:bc:43:b7:6f:64:45:23:fd:db:26:ea:b0:f4:b1: f5:d6:fb:eb:af:ce:a1:07:1b:3a:d6:68:b7:77:26:66:64:3f: c5:07:eb:41:31:17:0a:c8:89:a7:e3:f0:82:81:b8:5a:0e:e1: 9f:62:68:ef:88:70:65:85:e1:f7:5e:e2:d0:fa:33:a4:ff:ec: bf:94:71:84:c7:1c:50:fa:5b:a4:9b:a1:8b:6f:63:8f:d4:ee: dd:54:cf:9f:c1:da:bb:3e:3a:36:20:2a:ae:3f:58:62:6e:13: 85:ab:f1:fb:c3:ba:6d:e5:39:76:b4:a6:a3:89:6a:d6:71:49: 9d:05:e9:9f:9e:77:0c:4f:1c:e6:58:73:cb:03:b9:f8:be:cf: e6:af:72:e2:9c:51:a9:61:49:42:6e:b2:5d:0a:70:8a:32:70: 73:eb:67:44:12:30:b0:84:10:fe:64:05:af:e3:dd:7c:41:ec: 5d:ef:c6:12:ea:29:b5:f7:d6:50:e5:9e:b0:0f:ef:5e:8b:4d: ee:3f:11:0f:56:75:f0:da:32:80:38:a4:1e:8d:b6:25:62:ec: ae:25:97:10:78:88:dc:c4:87:49:88:ab:da:e5:ae:52:08:06: a6:d8:57:09 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FPAp2bwbnIHpekl/JTotMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4OTE1NjA5NjU2ZjA4ZjdhMjhkMjRiN2M0YmE5YjYzOWNh MGIwMDkwHhcNMjYwMTAyMTQyMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlOTcxZjY2MWQ3M2FjMTUzZGFmMmQ5Mjk3Mzc0OWUxYzg3NThiMTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPu5yNR8nje6YVhTDhNqM0w9YnWB JdjbTWuRsiaAv/UOg/yio+EOqXx+VZd0aDwxBl4kYV9mk+oA2TADKH6eQjymURu7 0911peTRSKJILPOQ0W5N/2IY8EupEydKmU3niXJVzK5/DEvTzDqF8bho6CqcFMN8 ahqzUrkbP3QYJrtfQcb+7wUxvboTPML9VswUK920naAL+VJPzeVWn2otk1B6r2OG ltpp26EGeSDkvZkkhRGAo7LbxnSQcVgR1fOsxz4xa8+VUqtc6SMGkCIxBG14v5K6 j9v8GWcaldQDjvV+p7Z4Jv84Jh/wfkFhJPkFhHSeWPgLmaUIdjDZds4U0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOlx9mHXOsFT2vLZKXN0nhyHWLEUMB8GA1UdIwQY MBaAFNiRVgllbwj3oo0kt8S6m2OcoLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yMGU4ZTAtNjhkMy00ODllLWJjZjMt ZmU0YjVlMzQ2ODQwLzEvNlhIMllkYzZ3VlBhOHRrcGMzU2VISWRZc1JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8yMGU4ZTAtNjhkMy00ODllLWJjZjMtZmU0YjVlMzQ2ODQw LzEvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc2EMA0G CSqGSIb3DQEBCwUAA4IBAQCDivbDzfbfuQt4JAERyzXRbm4/rQUHvEO3b2RFI/3b Juqw9LH11vvrr86hBxs61mi3dyZmZD/FB+tBMRcKyImn4/CCgbhaDuGfYmjviHBl heH3XuLQ+jOk/+y/lHGExxxQ+lukm6GLb2OP1O7dVM+fwdq7Pjo2ICquP1hibhOF q/H7w7pt5Tl2tKajiWrWcUmdBemfnncMTxzmWHPLA7n4vs/mr3LinFGpYUlCbrJd CnCKMnBz62dEEjCwhBD+ZAWv4918Qexd78YS6im199ZQ5Z6wD+9ei03uPxEPVnXw 2jKAOKQejbYlYuyuJZcQeIjcxIdJiKva5a5SCAam2FcJ -----END CERTIFICATE-----Generated at Sun Jan 25 14:31:12 2026 by rpki-client