This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ShVxQWgKVcI1MsX_YKIZ2SGCk9M.roa File: ShVxQWgKVcI1MsX_YKIZ2SGCk9M.roa (raw, json) Hash identifier: 6q8KXkCBKmen8/8ev+cFO1m02wbGMZb9bYtBJQNdjFM= Subject key identifier: 4A:15:71:41:68:0A:55:C2:35:32:C5:FF:60:A2:19:D9:21:82:93:D3 Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54 Certificate serial: 019AFA6318BD2E937842E1EB4EA3776A2E61 Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ShVxQWgKVcI1MsX_YKIZ2SGCk9M.roa Signing time: Sun 07 Dec 2025 19:56:29 +0000 ROA not before: Sun 07 Dec 2025 19:56:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 0 IP address blocks: 2001:3080::/29 maxlen: 29 2a0e:a780::/29 maxlen: 29 2a10:9600::/29 maxlen: 29 2a13:8000::/29 maxlen: 29 2a13:b840::/29 maxlen: 29 2a13:de40::/29 maxlen: 29 2a14:6bc0::/29 maxlen: 29 2a14:72c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 07:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fa:63:18:bd:2e:93:78:42:e1:eb:4e:a3:77:6a:2e:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54 Validity Not Before: Dec 7 19:56:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4a157141680a55c23532c5ff60a219d9218293d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2c:f9:e2:45:b3:4e:00:fd:54:1c:06:b2:16: f1:c2:85:cd:da:25:ef:8b:3c:99:46:21:e9:64:d5: 43:ec:29:bf:f5:b7:67:43:f2:1d:3c:bc:a5:9e:26: f6:df:2a:43:a5:c8:87:a0:76:3a:2d:ac:8c:a6:47: 93:8b:87:03:e3:8a:79:5c:fd:45:0d:3b:8d:ce:d5: f3:ce:64:0e:bb:b7:53:52:31:a7:2f:3a:91:84:da: f3:93:75:e2:32:84:7f:4b:ba:82:69:4c:1e:94:b4: 4c:8b:fb:85:35:73:8e:2a:b6:02:91:3d:c2:f3:b1: 74:84:2e:15:b7:0c:28:c8:1f:52:0c:8e:79:df:cf: 77:f2:83:08:08:29:bf:b2:65:7e:3a:86:3f:a0:ca: e1:7f:c1:be:2f:c3:00:3d:93:8a:89:25:9d:cf:88: 22:45:f9:9d:db:0e:fe:b8:61:89:bc:5f:c0:cc:28: 6f:63:35:06:43:be:de:39:8a:78:31:09:fd:28:86: 22:92:db:81:38:65:db:06:b0:b0:d5:e0:f3:a9:4e: 62:35:2d:c2:e5:fc:40:99:4e:54:7a:03:4b:1c:45: aa:3f:59:ba:ef:35:b7:53:a9:bb:78:9b:a6:07:fa: 4c:76:7a:67:15:f6:c6:8a:8c:34:79:34:48:af:8f: 1f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:15:71:41:68:0A:55:C2:35:32:C5:FF:60:A2:19:D9:21:82:93:D3 X509v3 Authority Key Identifier: keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ShVxQWgKVcI1MsX_YKIZ2SGCk9M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3080::/29 2a0e:a780::/29 2a10:9600::/29 2a13:8000::/29 2a13:b840::/29 2a13:de40::/29 2a14:6bc0::/29 2a14:72c0::/29 Signature Algorithm: sha256WithRSAEncryption 68:5a:29:69:9e:32:8c:2b:76:bc:a2:72:77:74:62:2f:91:07: 97:4d:f6:43:5d:f9:fb:0e:8d:4c:cb:39:ea:82:b3:e1:c9:27: 88:d6:9e:e2:cb:eb:34:60:c5:df:cc:10:ff:75:ff:21:91:53: 28:64:c0:3f:01:c1:f7:bd:8c:e5:fd:89:2b:43:4f:a6:52:9e: 53:bb:a3:00:54:bb:93:d6:51:e8:a7:10:ed:1b:bc:9e:66:48: 4e:a7:fe:68:c4:c4:ba:ee:f7:03:5d:92:d1:2c:13:92:ef:25: 1e:5f:cd:15:3b:1c:84:28:78:8e:1d:73:c9:6b:53:e6:4d:86: 1a:ac:52:3e:c3:d3:43:52:24:dc:96:8a:a8:5a:9a:fa:86:70: 17:bc:07:b0:cf:07:f5:41:d9:9b:f7:f3:8a:36:3a:b8:ca:25: 0c:1f:06:d9:c6:62:e7:4f:8c:7f:7c:f6:7c:f4:ac:a0:3c:bc: 6d:7f:60:f8:5d:4e:88:78:3b:22:65:8c:4f:d9:65:91:46:18: 50:f5:65:a1:ab:1f:78:a5:70:6c:4e:4c:11:f0:6f:fe:62:51: 75:ba:e5:98:9e:11:91:f6:24:9f:28:96:ea:8d:a6:13:cb:7e: 8f:f5:bc:ca:8c:82:ca:89:15:6d:1f:92:59:57:dc:b3:89:11: 42:1c:4b:65 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgISAZr6Yxi9LpN4QuHrTqN3ai5hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy NjhmNTQwHhcNMjUxMjA3MTk1NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YTE1NzE0MTY4MGE1NWMyMzUzMmM1ZmY2MGEyMTlkOTIxODI5M2QzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyz54kWzTgD9VBwGshbxwoXN2iXv izyZRiHpZNVD7Cm/9bdnQ/IdPLylnib23ypDpciHoHY6LayMpkeTi4cD44p5XP1F DTuNztXzzmQOu7dTUjGnLzqRhNrzk3XiMoR/S7qCaUwelLRMi/uFNXOOKrYCkT3C 87F0hC4VtwwoyB9SDI5538938oMICCm/smV+OoY/oMrhf8G+L8MAPZOKiSWdz4gi Rfmd2w7+uGGJvF/AzChvYzUGQ77eOYp4MQn9KIYiktuBOGXbBrCw1eDzqU5iNS3C 5fxAmU5UegNLHEWqP1m67zW3U6m7eJumB/pMdnpnFfbGiow0eTRIr48fUwIDAQAB o4ICOzCCAjcwHQYDVR0OBBYEFEoVcUFoClXCNTLF/2CiGdkhgpPTMB8GA1UdIwQY MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt N2FhN2ZjMzU5NjU1LzEvU2hWeFFXZ0tWY0kxTXNYX1lLSVoyU0dDazlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1 LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDIAEwgAMF AyoOp4ADBQMqEJYAAwUDKhOAAAMFAyoTuEADBQMqE95AAwUDKhRrwAMFAyoUcsAw DQYJKoZIhvcNAQELBQADggEBAGhaKWmeMowrdryicnd0Yi+RB5dN9kNd+fsOjUzL OeqCs+HJJ4jWnuLL6zRgxd/MEP91/yGRUyhkwD8Bwfe9jOX9iStDT6ZSnlO7owBU u5PWUeinEO0bvJ5mSE6n/mjExLru9wNdktEsE5LvJR5fzRU7HIQoeI4dc8lrU+ZN hhqsUj7D00NSJNyWiqhamvqGcBe8B7DPB/VB2Zv384o2OrjKJQwfBtnGYudPjH98 9nz0rKA8vG1/YPhdToh4OyJljE/ZZZFGGFD1ZaGrH3ilcGxOTBHwb/5iUXW65Zie EZH2JJ8oluqNphPLfo/1vMqMgsqJFW0fkllX3LOJEUIcS2U= -----END CERTIFICATE-----Generated at Mon Dec 15 17:02:39 2025 by rpki-client