This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/rheKJT6VozdJ-6OrrHVGsqPyjSU.roa File: rheKJT6VozdJ-6OrrHVGsqPyjSU.roa (raw, json) Hash identifier: nZHw8Vm01BgDc6QIcmBLHSr7arMdJKe4ezpmAitne/U= Subject key identifier: AE:17:8A:25:3E:95:A3:37:49:FB:A3:AB:AC:75:46:B2:A3:F2:8D:25 Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019B797F2D20A3EE026459315DB30769C229 Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/rheKJT6VozdJ-6OrrHVGsqPyjSU.roa Signing time: Thu 01 Jan 2026 12:18:56 +0000 ROA not before: Thu 01 Jan 2026 12:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58136 IP address blocks: 170.168.9.0/24 maxlen: 24 170.168.10.0/24 maxlen: 24 170.168.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:2d:20:a3:ee:02:64:59:31:5d:b3:07:69:c2:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Jan 1 12:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ae178a253e95a33749fba3abac7546b2a3f28d25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ec:e4:87:38:21:75:64:b3:42:a3:26:06:74: a2:a5:1d:13:5a:06:e2:f8:5b:4e:a4:85:85:33:5d: 54:9e:39:e6:df:bd:01:b0:da:45:01:6c:bf:26:36: 5f:21:9c:c0:cd:2b:e1:72:71:6f:99:b3:aa:9a:1c: df:a7:59:35:da:70:b4:0e:a8:8a:ae:f8:4d:23:63: 3e:53:66:14:21:65:1d:02:67:95:ea:ba:d2:3c:fa: fa:0a:b8:f6:57:48:49:d4:b0:49:09:ae:4d:df:c1: 12:cd:d7:76:5a:5b:b7:d7:db:3a:73:a9:e6:c4:09: cc:34:93:e2:04:36:1a:b8:bf:4c:d6:fe:84:c9:b9: b6:b3:d6:a4:a2:7c:dc:be:b1:f0:23:07:63:09:a9: b0:83:d4:b0:0f:4e:22:15:84:c3:b1:1a:88:e4:11: b3:08:7b:99:02:a1:f0:c6:05:c4:b9:24:cb:e6:c9: 90:32:14:c0:ae:d9:56:24:54:0e:42:f1:b4:ae:8a: 98:e0:dd:4b:f5:8d:e3:5d:9f:4c:78:8e:96:a7:b3: 1f:6b:65:01:24:c5:5f:78:50:11:8b:a2:da:92:2e: 14:05:61:ba:5a:da:53:ab:d0:43:03:a4:c4:2b:15: cc:a7:e3:15:d3:9d:94:03:e2:ca:52:c4:e3:64:d7: 4d:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:17:8A:25:3E:95:A3:37:49:FB:A3:AB:AC:75:46:B2:A3:F2:8D:25 X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/rheKJT6VozdJ-6OrrHVGsqPyjSU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 170.168.9.0-170.168.10.255 170.168.47.0/24 Signature Algorithm: sha256WithRSAEncryption 73:2d:6a:72:23:44:90:a7:3c:1c:7c:8e:64:e1:8b:ca:4c:08: 77:6c:af:63:bb:8f:42:30:94:c9:da:eb:ba:6a:dd:50:ce:dd: 31:60:59:78:80:45:ec:5d:40:24:4e:59:1e:8a:f4:04:40:63: 92:8f:6d:b8:3d:25:02:7e:22:bc:18:5c:b0:71:d6:9a:f7:4e: 1d:8a:72:40:d8:90:bf:25:12:ae:4b:8f:9d:c6:56:c0:c8:25: 52:97:ef:17:6d:aa:f9:b4:ae:96:b6:65:0f:07:e8:31:dd:f0: dc:b3:d8:58:c4:16:dc:72:7f:44:ce:5d:55:4f:d9:ac:04:1a: e9:9f:94:0f:80:85:4f:cf:55:42:97:8e:30:55:02:e0:9d:b9: 78:f1:a3:ce:eb:ea:e5:89:b0:7b:7d:ae:c6:af:cb:1b:5d:4f: ee:d1:8a:8b:e1:63:13:24:43:69:fe:ac:0b:96:5f:a4:29:a3: e2:df:d0:45:0d:a4:2e:c3:28:8d:f4:38:65:c9:98:41:c9:c5: 48:e4:f9:98:18:5e:18:a9:14:4f:7d:81:c4:fe:ce:e0:1a:1c: a1:01:e1:20:a2:a8:41:7f:7e:64:25:b3:0e:61:4b:d8:81:53: 29:d4:fa:31:4b:5b:7e:e8:5b:9a:5b:07:dd:65:47:fc:d9:5f: b2:3b:2d:11 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt5fy0go+4CZFkxXbMHacIpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjYwMTAxMTIxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZTE3OGEyNTNlOTVhMzM3NDlmYmEzYWJhYzc1NDZiMmEzZjI4ZDI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuzkhzghdWSzQqMmBnSipR0TWgbi +FtOpIWFM11Unjnm370BsNpFAWy/JjZfIZzAzSvhcnFvmbOqmhzfp1k12nC0DqiK rvhNI2M+U2YUIWUdAmeV6rrSPPr6Crj2V0hJ1LBJCa5N38ESzdd2Wlu319s6c6nm xAnMNJPiBDYauL9M1v6Eybm2s9akonzcvrHwIwdjCamwg9SwD04iFYTDsRqI5BGz CHuZAqHwxgXEuSTL5smQMhTArtlWJFQOQvG0roqY4N1L9Y3jXZ9MeI6Wp7Mfa2UB JMVfeFARi6Laki4UBWG6WtpTq9BDA6TEKxXMp+MV052UA+LKUsTjZNdNzwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFK4XiiU+laM3Sfujq6x1RrKj8o0lMB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEvcmhlS0pUNlZvemRKLTZPcnJIVkdzcVB5alNVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACqqAkD BACqqAoDBACqqC8wDQYJKoZIhvcNAQELBQADggEBAHMtanIjRJCnPBx8jmThi8pM CHdsr2O7j0IwlMna67pq3VDO3TFgWXiARexdQCROWR6K9ARAY5KPbbg9JQJ+IrwY XLBx1pr3Th2KckDYkL8lEq5Lj53GVsDIJVKX7xdtqvm0rpa2ZQ8H6DHd8Nyz2FjE Ftxyf0TOXVVP2awEGumflA+AhU/PVUKXjjBVAuCduXjxo87r6uWJsHt9rsavyxtd T+7RiovhYxMkQ2n+rAuWX6Qpo+Lf0EUNpC7DKI30OGXJmEHJxUjk+ZgYXhipFE99 gcT+zuAaHKEB4SCiqEF/fmQlsw5hS9iBUynU+jFLW37oW5pbB91lR/zZX7I7LRE= -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:32 2026 by rpki-client