This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/S0f6ldR7ma4WBAE-dRr9WopLDdU.roa File: S0f6ldR7ma4WBAE-dRr9WopLDdU.roa (raw, json) Hash identifier: H3wJKu7aKl/QyocGnlCHOBSPgMe8CiKy49N+Fdk99WU= Subject key identifier: 4B:47:FA:95:D4:7B:99:AE:16:04:01:3E:75:1A:FD:5A:8A:4B:0D:D5 Certificate issuer: /CN=6611a57d2a03b7065fa8c17b313735bdcda390e9 Certificate serial: 019B7DCAEF9AC67F384539E708354F1604E0 Authority key identifier: 66:11:A5:7D:2A:03:B7:06:5F:A8:C1:7B:31:37:35:BD:CD:A3:90:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/S0f6ldR7ma4WBAE-dRr9WopLDdU.roa Signing time: Fri 02 Jan 2026 08:20:10 +0000 ROA not before: Fri 02 Jan 2026 08:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31027 IP address blocks: 91.238.206.0/24 maxlen: 24 2001:67c:2a78::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.mft rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 14:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:ef:9a:c6:7f:38:45:39:e7:08:35:4f:16:04:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6611a57d2a03b7065fa8c17b313735bdcda390e9 Validity Not Before: Jan 2 08:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4b47fa95d47b99ae1604013e751afd5a8a4b0dd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:81:01:f8:e5:21:7b:23:6f:54:00:1a:f5:b1: a8:9e:98:5b:b6:fc:23:b3:59:68:ce:0c:9f:14:a7: e0:ac:cc:7f:77:28:8a:cd:fa:14:f9:fa:72:62:11: c8:51:7f:89:e6:d0:45:03:4f:2d:87:86:5d:00:95: 34:64:06:90:4a:67:8d:b1:e4:5c:d0:97:35:57:0d: 46:fa:b0:42:24:73:59:40:63:45:8b:b1:56:5e:d9: 6b:c8:85:7b:0f:5f:26:0a:3f:3c:a1:67:99:08:65: 00:7a:a7:ef:d0:39:5d:5d:8e:d6:76:dc:d3:85:5b: d8:31:d7:52:c0:f5:10:7e:5c:dd:06:66:2a:bf:d1: 9f:40:cc:a2:2f:16:f8:f3:70:81:fe:74:fd:1a:fe: c1:ce:44:6e:8f:64:53:81:91:79:da:a2:ac:08:bd: b9:28:6e:81:7d:31:59:cf:07:4c:53:78:c0:84:34: d8:ec:58:77:fb:33:21:51:fb:55:7c:25:17:9a:53: 57:d5:67:b7:8c:88:2c:3d:26:d9:00:c4:bf:96:7a: dd:24:ca:84:be:43:e7:bb:b2:90:96:38:d4:80:45: 0a:08:69:5a:ec:04:53:fd:6f:fc:66:d2:9b:93:be: 27:7f:53:23:8f:0f:8d:8d:dd:7f:49:7b:86:2c:d3: a8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:47:FA:95:D4:7B:99:AE:16:04:01:3E:75:1A:FD:5A:8A:4B:0D:D5 X509v3 Authority Key Identifier: keyid:66:11:A5:7D:2A:03:B7:06:5F:A8:C1:7B:31:37:35:BD:CD:A3:90:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/S0f6ldR7ma4WBAE-dRr9WopLDdU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/edb208-6fed-44e4-b1ab-df0ca4d41955/1/ZhGlfSoDtwZfqMF7MTc1vc2jkOk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.238.206.0/24 IPv6: 2001:67c:2a78::/48 Signature Algorithm: sha256WithRSAEncryption 76:31:fb:b6:fa:c6:61:b3:40:24:be:e2:06:c7:c6:d3:aa:ac: 2b:83:1a:44:5f:f5:32:9e:8b:c7:bc:42:ca:1c:b4:20:0f:ec: 9b:0f:68:10:0a:6d:ad:85:f9:d4:13:15:cc:72:26:1a:f8:10: 68:df:4a:d9:82:dd:6f:88:09:5c:f3:7f:6e:d0:0a:bc:96:7f: 2e:ce:68:8c:6b:56:b2:33:54:7d:f7:76:9f:92:95:2c:4c:71: 1e:1c:f7:59:a2:ae:b2:1a:ac:b3:fe:b9:61:8d:1f:99:92:1b: e7:54:0d:15:b3:ca:8b:d8:a6:d0:fe:63:6e:04:52:56:c8:42: d4:8a:e8:6f:64:bd:07:8f:90:03:6e:e2:bd:44:d7:67:2e:97: 5c:1f:5d:8e:a1:b0:ef:55:74:4d:12:1e:8b:30:bb:60:fa:80: 69:03:9c:43:36:e3:a4:59:ba:f1:96:7c:87:2a:a6:1e:72:fe: d1:4c:6c:a7:0e:0d:d1:bc:d2:76:e0:40:9d:f7:b1:d1:1d:cd: 55:a3:bc:f9:59:d5:8d:62:8d:01:38:13:a1:fd:72:ef:ff:f5: 40:ee:6d:8b:1e:0e:9e:49:27:a1:d2:52:4f:38:7c:11:83:55: c3:18:ef:76:7d:00:cf:07:47:8f:01:77:e9:a8:e9:3c:3a:c5: f0:04:d7:5b -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9yu+axn84RTnnCDVPFgTgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MTFhNTdkMmEwM2I3MDY1ZmE4YzE3YjMxMzczNWJkY2Rh MzkwZTkwHhcNMjYwMTAyMDgyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YjQ3ZmE5NWQ0N2I5OWFlMTYwNDAxM2U3NTFhZmQ1YThhNGIwZGQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4EB+OUheyNvVAAa9bGonphbtvwj s1lozgyfFKfgrMx/dyiKzfoU+fpyYhHIUX+J5tBFA08th4ZdAJU0ZAaQSmeNseRc 0Jc1Vw1G+rBCJHNZQGNFi7FWXtlryIV7D18mCj88oWeZCGUAeqfv0DldXY7WdtzT hVvYMddSwPUQflzdBmYqv9GfQMyiLxb483CB/nT9Gv7BzkRuj2RTgZF52qKsCL25 KG6BfTFZzwdMU3jAhDTY7Fh3+zMhUftVfCUXmlNX1We3jIgsPSbZAMS/lnrdJMqE vkPnu7KQljjUgEUKCGla7ART/W/8ZtKbk74nf1Mjjw+Njd1/SXuGLNOoQQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFEtH+pXUe5muFgQBPnUa/VqKSw3VMB8GA1UdIwQY MBaAFGYRpX0qA7cGX6jBezE3Nb3No5DpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmhHbGZTb0R0d1pmcU1GN01UYzF2YzJqa09rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lZGIyMDgtNmZlZC00NGU0LWIxYWIt ZGYwY2E0ZDQxOTU1LzEvUzBmNmxkUjdtYTRXQkFFLWRScjlXb3BMRGRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS9lZGIyMDgtNmZlZC00NGU0LWIxYWItZGYwY2E0ZDQxOTU1 LzEvWmhHbGZTb0R0d1pmcU1GN01UYzF2YzJqa09rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+7OMA8E AgACMAkDBwAgAQZ8KngwDQYJKoZIhvcNAQELBQADggEBAHYx+7b6xmGzQCS+4gbH xtOqrCuDGkRf9TKei8e8QsoctCAP7JsPaBAKba2F+dQTFcxyJhr4EGjfStmC3W+I CVzzf27QCryWfy7OaIxrVrIzVH33dp+SlSxMcR4c91mirrIarLP+uWGNH5mSG+dU DRWzyovYptD+Y24EUlbIQtSK6G9kvQePkANu4r1E12cul1wfXY6hsO9VdE0SHosw u2D6gGkDnEM246RZuvGWfIcqph5y/tFMbKcODdG80nbgQJ33sdEdzVWjvPlZ1Y1i jQE4E6H9cu//9UDubYseDp5JJ6HSUk84fBGDVcMY73Z9AM8HR48Bd+mo6Tw6xfAE 11s= -----END CERTIFICATE-----Generated at Mon Jan 26 00:24:33 2026 by rpki-client