This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/6ez8s1YBp2TYVVuKcqGU9mGsJLQ.roa File: 6ez8s1YBp2TYVVuKcqGU9mGsJLQ.roa (raw, json) Hash identifier: iFltius3SHf/ctu10YpbCgn/dFGwWU60BbGiBMv1N44= Subject key identifier: E9:EC:FC:B3:56:01:A7:64:D8:55:5B:8A:72:A1:94:F6:61:AC:24:B4 Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Certificate serial: 019B7EA63C527DFFB4AAA202FCAA6A2FDA86 Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/6ez8s1YBp2TYVVuKcqGU9mGsJLQ.roa Signing time: Fri 02 Jan 2026 12:19:42 +0000 ROA not before: Fri 02 Jan 2026 12:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216180 IP address blocks: 192.250.232.0/24 maxlen: 24 192.250.233.0/24 maxlen: 24 194.39.122.0/24 maxlen: 24 198.38.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:3c:52:7d:ff:b4:aa:a2:02:fc:aa:6a:2f:da:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd Validity Not Before: Jan 2 12:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e9ecfcb35601a764d8555b8a72a194f661ac24b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:17:58:78:47:c7:f8:5a:6f:4d:1c:f7:f4:9b: e4:82:a1:f5:e6:72:40:29:b7:53:74:20:33:ce:25: 39:40:27:16:5f:1c:d0:24:04:d3:75:20:f9:25:59: d7:05:1e:92:64:d3:f6:81:0d:1a:38:ec:a1:f7:f3: d6:f4:96:0d:86:f8:01:5d:e2:01:d4:de:ae:68:63: 4c:19:90:dc:6d:0b:29:29:03:e6:ed:61:5b:45:95: f5:fd:b3:02:ee:ad:d2:71:7f:5a:9b:14:62:61:c6: ec:d0:5b:7e:36:4e:d2:d4:79:e9:23:a0:62:cc:34: 53:6d:6f:d2:a9:23:dc:00:44:2a:9c:bf:64:0f:2b: 6a:cb:ee:ed:0c:35:56:ac:8f:18:ce:da:73:0a:f0: a7:2b:d8:81:78:b5:f1:6a:9b:3a:8f:0b:8c:32:f5: 6b:a3:f5:46:60:dc:12:1d:5d:da:61:8a:a9:a4:10: 07:b1:38:89:fe:6d:ea:52:eb:f3:c6:ff:2b:db:09: 2c:5e:ca:32:09:9f:3f:ff:07:49:e8:5c:f2:31:dc: 05:43:ea:ff:48:b9:63:74:62:33:4c:df:f4:95:88: 05:23:52:f1:fd:f2:93:10:01:3a:5c:e4:e4:25:3b: 65:c7:ae:18:d1:0e:71:ea:fb:7b:26:ba:ea:78:28: 4a:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:EC:FC:B3:56:01:A7:64:D8:55:5B:8A:72:A1:94:F6:61:AC:24:B4 X509v3 Authority Key Identifier: keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/6ez8s1YBp2TYVVuKcqGU9mGsJLQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.250.232.0/23 194.39.122.0/24 198.38.93.0/24 Signature Algorithm: sha256WithRSAEncryption 06:8b:9e:d1:af:ad:96:47:6d:35:b3:a5:ab:f3:35:9f:2f:fa: 46:f0:d1:ff:5b:cb:0a:2b:31:20:65:97:87:a7:a7:3f:a3:d3: c1:bf:f4:2a:8b:5f:56:ab:42:04:95:28:a2:a6:ae:5d:05:cc: af:d4:c2:b8:18:5e:2c:72:f9:e5:52:3c:c2:50:a3:5b:05:9b: 21:ef:1b:5c:5e:42:87:5a:d8:32:88:80:02:28:f1:59:0e:8c: 12:2f:26:50:2e:34:3d:5c:c9:00:0f:8d:16:83:f4:f2:9d:02: a5:5e:29:27:41:b0:b7:e7:5a:26:b6:da:09:4f:c4:9e:2f:0e: 9b:d9:0d:49:6f:07:15:c0:fd:06:ee:ad:5e:31:ef:a1:b4:21: 1d:d6:f8:ad:bc:d3:7a:e8:e3:30:b2:55:1c:a2:3d:5b:3c:e1: f1:ac:d5:24:e7:97:7e:94:b3:04:70:95:84:3a:cf:6f:90:08: 5b:70:cc:5d:a9:7a:2b:fd:d7:e3:de:a0:f6:f1:22:72:4a:86: 6b:2b:8a:35:61:6c:92:c1:a0:a4:05:d3:36:aa:89:89:1d:d0: cb:0b:a4:cc:8d:99:41:10:6f:f5:8b:41:30:41:4d:6c:16:78: 67:3d:f1:ad:78:78:f0:87:d4:e5:a4:2f:93:56:3e:49:4e:98: 24:e0:18:fe -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+pjxSff+0qqIC/KpqL9qGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy ZWU4ZGQwHhcNMjYwMTAyMTIxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlOWVjZmNiMzU2MDFhNzY0ZDg1NTViOGE3MmExOTRmNjYxYWMyNGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BdYeEfH+FpvTRz39JvkgqH15nJA KbdTdCAzziU5QCcWXxzQJATTdSD5JVnXBR6SZNP2gQ0aOOyh9/PW9JYNhvgBXeIB 1N6uaGNMGZDcbQspKQPm7WFbRZX1/bMC7q3ScX9amxRiYcbs0Ft+Nk7S1HnpI6Bi zDRTbW/SqSPcAEQqnL9kDytqy+7tDDVWrI8YztpzCvCnK9iBeLXxaps6jwuMMvVr o/VGYNwSHV3aYYqppBAHsTiJ/m3qUuvzxv8r2wksXsoyCZ8//wdJ6FzyMdwFQ+r/ SLljdGIzTN/0lYgFI1Lx/fKTEAE6XOTkJTtlx64Y0Q5x6vt7JrrqeChKhQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOns/LNWAadk2FVbinKhlPZhrCS0MB8GA1UdIwQY MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt Y2NhMzc2MDZiZjE4LzEvNmV6OHMxWUJwMlRZVlZ1S2NxR1U5bUdzSkxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4 LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwProAwQA wid6AwQAxiZdMA0GCSqGSIb3DQEBCwUAA4IBAQAGi57Rr62WR201s6Wr8zWfL/pG 8NH/W8sKKzEgZZeHp6c/o9PBv/Qqi19Wq0IElSiipq5dBcyv1MK4GF4scvnlUjzC UKNbBZsh7xtcXkKHWtgyiIACKPFZDowSLyZQLjQ9XMkAD40Wg/TynQKlXiknQbC3 51omttoJT8SeLw6b2Q1JbwcVwP0G7q1eMe+htCEd1vitvNN66OMwslUcoj1bPOHx rNUk55d+lLMEcJWEOs9vkAhbcMxdqXor/dfj3qD28SJySoZrK4o1YWySwaCkBdM2 qomJHdDLC6TMjZlBEG/1i0EwQU1sFnhnPfGteHjwh9TlpC+TVj5JTpgk4Bj+ -----END CERTIFICATE-----Generated at Sun Jan 25 19:02:14 2026 by rpki-client