This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/a9lZbjcMXDtHMCsr10LHf4snEY4.roa File: a9lZbjcMXDtHMCsr10LHf4snEY4.roa (raw, json) Hash identifier: YtYSBqHSCRVYda15fZsSNYbnTjkw5VNklgiFPHhbI3M= Subject key identifier: 6B:D9:59:6E:37:0C:5C:3B:47:30:2B:2B:D7:42:C7:7F:8B:27:11:8E Certificate issuer: /CN=3cbdce45c4882c8a3a257110c6b1f0d49b182a9c Certificate serial: 019B7A5AF3A60D17FC622E1FF5D70191CB00 Authority key identifier: 3C:BD:CE:45:C4:88:2C:8A:3A:25:71:10:C6:B1:F0:D4:9B:18:2A:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/a9lZbjcMXDtHMCsr10LHf4snEY4.roa Signing time: Thu 01 Jan 2026 16:18:59 +0000 ROA not before: Thu 01 Jan 2026 16:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30781 IP address blocks: 185.154.189.0/24 maxlen: 24 2a12:dac0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.mft rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:f3:a6:0d:17:fc:62:2e:1f:f5:d7:01:91:cb:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3cbdce45c4882c8a3a257110c6b1f0d49b182a9c Validity Not Before: Jan 1 16:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6bd9596e370c5c3b47302b2bd742c77f8b27118e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b4:0d:ee:0c:bb:50:3a:3e:51:f4:df:7f:47: e5:f2:fe:69:16:12:b8:b7:22:89:4e:4b:dc:8d:be: d2:5d:e6:96:a7:cb:a3:3c:59:48:43:29:b3:d6:ad: db:8d:49:ba:f9:5a:b8:0a:c9:94:c5:77:4a:34:c5: 9b:1e:22:60:04:71:e2:3c:8b:b1:83:1b:8a:22:f5: 15:12:26:53:b7:02:99:b5:80:3d:a9:14:4b:b4:d8: e5:1b:98:20:47:6d:6b:f4:d8:f5:ad:b6:1e:dd:33: 28:27:b0:0c:b7:d8:01:53:13:bc:93:5c:25:ce:35: 95:19:95:0c:37:db:fa:ea:3f:6a:e3:89:bf:ca:bc: c7:ac:5d:a5:f6:ec:d6:57:14:2e:08:e6:1f:f1:b6: fb:31:d8:0e:d4:5e:72:81:9f:c0:94:44:4e:31:3c: 9a:b6:92:b3:74:8b:aa:a5:23:56:29:f8:36:fd:ed: 19:a5:81:20:fd:43:98:2a:d2:d9:98:c0:2d:f8:8a: 91:25:1b:10:54:ba:db:76:f9:10:45:7f:3b:9a:46: 23:80:f6:88:0b:09:82:58:81:06:18:c7:a8:00:71: 3b:d4:31:83:f8:f5:8d:15:96:8e:42:88:ef:05:2d: 49:7e:2e:3e:03:84:e9:f9:25:d6:bc:bb:35:c1:df: ac:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:D9:59:6E:37:0C:5C:3B:47:30:2B:2B:D7:42:C7:7F:8B:27:11:8E X509v3 Authority Key Identifier: keyid:3C:BD:CE:45:C4:88:2C:8A:3A:25:71:10:C6:B1:F0:D4:9B:18:2A:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PL3ORcSILIo6JXEQxrHw1JsYKpw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/a9lZbjcMXDtHMCsr10LHf4snEY4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1c9469-16fe-4e7b-8823-5db439b4ccee/1/PL3ORcSILIo6JXEQxrHw1JsYKpw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.189.0/24 IPv6: 2a12:dac0::/29 Signature Algorithm: sha256WithRSAEncryption 9e:92:ac:46:4f:0f:74:76:e0:f1:3f:59:1d:b2:29:34:e6:d0: be:16:47:5d:eb:7b:48:59:79:7e:c7:79:28:00:0f:d0:63:50: db:04:e1:d1:fc:79:b2:3e:c4:fe:87:ab:2e:f8:7d:d6:fc:92: 1e:62:b3:92:5a:a9:1f:4d:f1:29:f9:91:05:5c:9d:7a:3d:ea: 95:24:0f:d9:36:5b:6a:64:8e:22:4e:f2:f0:f3:3e:1d:58:b8: 1a:a4:82:40:23:0e:e5:dc:98:59:ac:ba:1c:c2:a2:ed:39:7b: 6f:ac:c4:8e:a5:1a:61:68:e9:f4:16:3b:33:84:46:05:62:7c: 85:8b:86:e2:c4:4c:bc:53:ea:5b:4e:38:e5:77:00:57:76:d2: c2:60:1b:26:03:02:53:1a:33:28:c9:0b:89:49:5b:9c:ee:a1: 5f:65:a2:76:02:75:ed:7e:28:11:a9:33:af:a4:2a:e5:29:23: 81:f5:35:c7:30:e6:e1:35:1c:62:44:8b:d9:4d:63:26:5f:3d: 9e:04:76:4d:ac:ac:2a:a4:ff:e2:7d:33:2d:20:64:2d:6b:93: f8:53:bd:d5:f5:40:6a:1b:25:7d:84:a5:76:ae:ef:6c:9f:c1: 4c:99:22:c7:95:5f:20:47:63:a6:f8:35:96:43:62:e0:5f:7b: 95:29:71:7e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6WvOmDRf8Yi4f9dcBkcsAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjYmRjZTQ1YzQ4ODJjOGEzYTI1NzExMGM2YjFmMGQ0OWIx ODJhOWMwHhcNMjYwMTAxMTYxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmQ5NTk2ZTM3MGM1YzNiNDczMDJiMmJkNzQyYzc3ZjhiMjcxMThlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbQN7gy7UDo+UfTff0fl8v5pFhK4 tyKJTkvcjb7SXeaWp8ujPFlIQymz1q3bjUm6+Vq4CsmUxXdKNMWbHiJgBHHiPIux gxuKIvUVEiZTtwKZtYA9qRRLtNjlG5ggR21r9Nj1rbYe3TMoJ7AMt9gBUxO8k1wl zjWVGZUMN9v66j9q44m/yrzHrF2l9uzWVxQuCOYf8bb7MdgO1F5ygZ/AlEROMTya tpKzdIuqpSNWKfg2/e0ZpYEg/UOYKtLZmMAt+IqRJRsQVLrbdvkQRX87mkYjgPaI CwmCWIEGGMeoAHE71DGD+PWNFZaOQojvBS1Jfi4+A4Tp+SXWvLs1wd+sDwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGvZWW43DFw7RzArK9dCx3+LJxGOMB8GA1UdIwQY MBaAFDy9zkXEiCyKOiVxEMax8NSbGCqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEwzT1JjU0lMSW82SlhFUXhySHcxSnNZS3B3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYzk0NjktMTZmZS00ZTdiLTg4MjMt NWRiNDM5YjRjY2VlLzEvYTlsWmJqY01YRHRITUNzcjEwTEhmNHNuRVk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS8xYzk0NjktMTZmZS00ZTdiLTg4MjMtNWRiNDM5YjRjY2Vl LzEvUEwzT1JjU0lMSW82SlhFUXhySHcxSnNZS3B3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZq9MA0E AgACMAcDBQMqEtrAMA0GCSqGSIb3DQEBCwUAA4IBAQCekqxGTw90duDxP1kdsik0 5tC+Fkdd63tIWXl+x3koAA/QY1DbBOHR/HmyPsT+h6su+H3W/JIeYrOSWqkfTfEp +ZEFXJ16PeqVJA/ZNltqZI4iTvLw8z4dWLgapIJAIw7l3JhZrLocwqLtOXtvrMSO pRphaOn0FjszhEYFYnyFi4bixEy8U+pbTjjldwBXdtLCYBsmAwJTGjMoyQuJSVuc 7qFfZaJ2AnXtfigRqTOvpCrlKSOB9TXHMObhNRxiRIvZTWMmXz2eBHZNrKwqpP/i fTMtIGQta5P4U73V9UBqGyV9hKV2ru9sn8FMmSLHlV8gR2Om+DWWQ2LgX3uVKXF+ -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:25 2026 by rpki-client