This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/90dV2SA1CbJk3NCS-t3KmkFgPQY.roa File: 90dV2SA1CbJk3NCS-t3KmkFgPQY.roa (raw, json) Hash identifier: 3dV5dNZ+RLCQDMwYVAfz7la9Wy91RPFU6fngCvhobIs= Subject key identifier: F7:47:55:D9:20:35:09:B2:64:DC:D0:92:FA:DD:CA:9A:41:60:3D:06 Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54 Certificate serial: 019B78A21C1FBD4F186941083CD7D1E6CA3C Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/90dV2SA1CbJk3NCS-t3KmkFgPQY.roa Signing time: Thu 01 Jan 2026 08:17:28 +0000 ROA not before: Thu 01 Jan 2026 08:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215427 IP address blocks: 2001:3185::/32 maxlen: 32 2a11:ad80::/29 maxlen: 29 2a13:c0c0::/29 maxlen: 29 2a13:c140::/29 maxlen: 29 2a13:d240::/29 maxlen: 29 2a14:5740::/29 maxlen: 29 2a14:58c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:1c:1f:bd:4f:18:69:41:08:3c:d7:d1:e6:ca:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54 Validity Not Before: Jan 1 08:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f74755d9203509b264dcd092faddca9a41603d06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:33:a2:ca:0a:9d:81:de:6c:92:5d:d2:f2:bf: 4d:93:13:47:66:3d:83:96:ea:62:8c:37:a0:ab:0f: 32:99:e4:ae:8a:68:cc:b8:e7:eb:de:0c:3b:3f:0c: b7:72:bf:7b:2e:66:07:86:14:70:cf:bc:1f:34:e7: 2e:44:5a:67:15:7f:c3:06:60:ee:1c:a4:52:c3:e2: 80:d7:45:e0:1e:d2:15:16:ab:da:5f:65:e6:87:e4: 20:fa:eb:af:98:fc:9b:15:22:6e:c7:20:f1:df:3b: a6:dd:07:e2:a8:b4:91:c3:fc:92:ae:be:73:17:4f: 3d:7a:21:cd:03:93:b9:28:5b:cd:f6:fa:11:fc:29: 63:ca:2f:36:c2:e4:d7:8c:a4:2c:d1:20:0d:7c:e0: 7d:5a:d0:83:e2:ee:b5:1e:b8:10:5c:7d:1a:b0:6b: e2:29:5b:07:4b:1c:40:f5:c3:5d:71:1c:87:92:b4: 52:9a:b4:8a:9a:93:1d:5b:f8:f6:26:28:aa:dd:c4: b8:c5:94:58:72:25:83:33:df:62:e7:16:a3:01:7c: f7:8e:6d:6a:52:6a:fa:52:b5:68:11:a7:5d:13:24: 68:48:2c:30:6b:67:c2:45:2c:ff:04:0c:f2:d5:20: c4:bb:4b:92:34:2c:1e:db:a7:0e:e0:de:80:ff:ee: 9a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:47:55:D9:20:35:09:B2:64:DC:D0:92:FA:DD:CA:9A:41:60:3D:06 X509v3 Authority Key Identifier: keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/90dV2SA1CbJk3NCS-t3KmkFgPQY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3185::/32 2a11:ad80::/29 2a13:c0c0::/29 2a13:c140::/29 2a13:d240::/29 2a14:5740::/29 2a14:58c0::/29 Signature Algorithm: sha256WithRSAEncryption 4a:b9:da:6d:57:05:4b:e5:01:f4:21:f9:02:8a:77:62:ad:e4: 64:c0:6e:ae:2c:82:b1:5a:77:09:cd:2c:7a:ad:f1:b8:b6:2e: f8:21:f0:51:37:43:d1:83:fe:cd:28:a1:4d:6e:9b:2a:75:50: c5:b6:8e:b2:4a:20:e3:3f:3a:db:57:f4:75:d2:6a:4d:71:b0: a2:51:dd:5e:ad:31:f2:d0:a1:b6:3c:43:46:a0:ba:70:de:89: 34:9f:69:1a:17:93:fe:70:ec:6b:e0:4c:92:57:b3:5d:85:46: 21:60:85:b2:cc:21:8a:06:96:f9:db:ce:1d:0a:80:55:3d:23: d1:ce:e7:eb:bc:11:f9:dd:28:75:33:c7:94:5d:10:95:01:26: 0d:0a:5d:e1:95:4e:78:f9:71:83:10:7d:04:39:e1:2c:9b:fa: dd:4f:47:cb:3d:9d:3f:47:6c:07:04:93:58:42:5b:6f:45:eb: 49:9b:ea:7a:3d:3a:69:cd:9f:51:cd:87:34:a6:d9:70:b7:75: 12:98:92:2a:4b:48:40:cc:1e:c4:34:5c:10:e4:c2:d7:60:51: 7f:55:55:1d:91:f9:a9:39:10:25:96:62:63:dd:37:9e:45:c3: 8d:21:10:5c:ce:69:bf:77:84:1a:34:0f:e8:e0:d0:60:5e:41: ee:6b:7d:2b -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgISAZt4ohwfvU8YaUEIPNfR5so8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy NjhmNTQwHhcNMjYwMTAxMDgxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzQ3NTVkOTIwMzUwOWIyNjRkY2QwOTJmYWRkY2E5YTQxNjAzZDA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzOiygqdgd5skl3S8r9NkxNHZj2D lupijDegqw8ymeSuimjMuOfr3gw7Pwy3cr97LmYHhhRwz7wfNOcuRFpnFX/DBmDu HKRSw+KA10XgHtIVFqvaX2Xmh+Qg+uuvmPybFSJuxyDx3zum3QfiqLSRw/ySrr5z F089eiHNA5O5KFvN9voR/Cljyi82wuTXjKQs0SANfOB9WtCD4u61HrgQXH0asGvi KVsHSxxA9cNdcRyHkrRSmrSKmpMdW/j2Jiiq3cS4xZRYciWDM99i5xajAXz3jm1q Umr6UrVoEaddEyRoSCwwa2fCRSz/BAzy1SDEu0uSNCwe26cO4N6A/+6arwIDAQAB o4ICNDCCAjAwHQYDVR0OBBYEFPdHVdkgNQmyZNzQkvrdyppBYD0GMB8GA1UdIwQY MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt N2FhN2ZjMzU5NjU1LzEvOTBkVjJTQTFDYkprM05DUy10M0tta0ZnUFFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1 LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAIAExhQMF AyoRrYADBQMqE8DAAwUDKhPBQAMFAyoT0kADBQMqFFdAAwUDKhRYwDANBgkqhkiG 9w0BAQsFAAOCAQEASrnabVcFS+UB9CH5Aop3Yq3kZMBuriyCsVp3Cc0seq3xuLYu +CHwUTdD0YP+zSihTW6bKnVQxbaOskog4z8621f0ddJqTXGwolHdXq0x8tChtjxD RqC6cN6JNJ9pGheT/nDsa+BMklezXYVGIWCFsswhigaW+dvOHQqAVT0j0c7n67wR +d0odTPHlF0QlQEmDQpd4ZVOePlxgxB9BDnhLJv63U9Hyz2dP0dsBwSTWEJbb0Xr SZvqej06ac2fUc2HNKbZcLd1EpiSKktIQMwexDRcEOTC12BRf1VVHZH5qTkQJZZi Y903nkXDjSEQXM5pv3eEGjQP6ODQYF5B7mt9Kw== -----END CERTIFICATE-----Generated at Sun Jan 25 17:40:36 2026 by rpki-client