This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/vXfLmPKQvq8Xsk8o-7vsGcFAvdA.roa File: vXfLmPKQvq8Xsk8o-7vsGcFAvdA.roa (raw, json) Hash identifier: JskXRzeILl7MbBJ3/C+4HYyn6osGgL+SJwbO/w3txgs= Subject key identifier: BD:77:CB:98:F2:90:BE:AF:17:B2:4F:28:FB:BB:EC:19:C1:40:BD:D0 Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42 Certificate serial: 019B78A2F45A7D5C465BA872DB0750410810 Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/vXfLmPKQvq8Xsk8o-7vsGcFAvdA.roa Signing time: Thu 01 Jan 2026 08:18:23 +0000 ROA not before: Thu 01 Jan 2026 08:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1759 IP address blocks: 2001:2000:6000::/40 maxlen: 40 2001:2001:6000::/40 maxlen: 40 2001:2003::/32 maxlen: 32 2001:2060::/27 maxlen: 27 2001:2060::/32 maxlen: 32 2001:2061::/32 maxlen: 32 2001:2062::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f4:5a:7d:5c:46:5b:a8:72:db:07:50:41:08:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42 Validity Not Before: Jan 1 08:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd77cb98f290beaf17b24f28fbbbec19c140bdd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d9:fb:10:f1:81:09:a9:f5:89:69:d7:63:ef: 3e:b6:cc:b9:df:07:2c:5f:ff:e5:62:01:de:3b:19: 01:c0:cc:46:39:4f:61:99:3f:43:ac:62:21:f5:7f: cd:87:ac:99:44:e8:52:af:0c:33:72:6b:45:6e:96: 75:be:62:d1:4c:06:f0:19:5e:34:31:ce:38:ab:55: 7d:29:be:fe:4a:a7:63:2d:74:69:6e:f5:5f:84:30: 4e:c4:32:f5:39:3f:db:5a:bf:f9:e3:c1:3a:fc:f8: f4:3a:ad:17:1b:1f:ca:05:2b:60:67:89:2f:76:7c: f0:d5:eb:ae:0e:41:86:1e:45:ac:3a:6f:91:a2:72: ac:4f:2c:aa:8d:e4:4f:7e:00:c9:10:64:45:0b:9a: 65:64:e8:26:91:61:e0:0d:63:1f:b1:8d:5e:ba:4f: 51:c4:60:41:a5:d8:cc:ef:cc:a9:5c:de:65:05:55: f5:ba:62:bc:d8:3e:10:bf:35:a4:a9:e3:72:af:33: f1:3a:4f:02:dd:d8:7d:e9:58:da:62:72:e8:e7:d6: 3a:a6:da:f9:ec:f2:d4:4e:dd:ad:e0:16:fa:1f:72: 27:a4:7c:41:24:42:39:0f:fe:60:8e:e6:59:ba:72: e3:db:74:78:df:f2:3a:94:b6:f4:c3:ee:d9:5e:8a: f9:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:77:CB:98:F2:90:BE:AF:17:B2:4F:28:FB:BB:EC:19:C1:40:BD:D0 X509v3 Authority Key Identifier: keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/vXfLmPKQvq8Xsk8o-7vsGcFAvdA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:2000:6000::/40 2001:2001:6000::/40 2001:2003::/32 2001:2060::/27 Signature Algorithm: sha256WithRSAEncryption 10:0c:27:3f:f2:5a:c1:b6:f6:ae:fb:03:80:0a:4e:d6:98:46: 9b:a1:7d:36:69:f1:fc:f0:0e:0c:3c:72:c4:16:33:68:19:69: 0a:03:ca:9d:f6:e6:93:3a:c8:f0:bb:9a:67:c0:88:43:a3:62: 78:c5:a0:36:54:7c:ec:31:bc:b0:ab:5f:f3:7d:b1:b1:d9:95: 86:e4:be:28:6c:9a:f1:b4:09:a4:e9:47:71:02:98:b3:05:3c: 90:8d:e6:53:90:a9:bd:28:ce:98:63:a7:1e:f2:f6:e0:46:91: 04:b7:11:a5:22:e3:00:80:1f:5b:64:a9:97:2d:33:3b:65:1e: e6:4d:42:e8:93:c0:75:74:1c:62:a3:2d:d9:ed:58:5e:dc:03: 41:f1:80:18:c6:b6:aa:53:eb:bf:d2:a5:6b:e6:ea:ec:e7:ad: 6a:aa:83:a3:b6:7c:55:f5:f8:81:99:fb:9f:dc:5e:7d:05:f3: 12:2b:bb:c8:34:0b:c1:bc:32:90:16:71:a5:5f:91:5a:84:b2: 14:c1:8d:6b:e9:0d:c1:2f:88:5b:ae:aa:88:3a:f6:7a:6b:4c: bf:44:6e:a1:58:12:90:6f:33:18:3e:f1:38:7a:5c:5b:0c:0f: 62:2e:88:f2:ae:97:45:5a:4f:ec:6f:76:c7:ea:28:bd:b3:f1: 8e:0e:0d:b9 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt4ovRafVxGW6hy2wdQQQgQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5 NjZkNDIwHhcNMjYwMTAxMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDc3Y2I5OGYyOTBiZWFmMTdiMjRmMjhmYmJiZWMxOWMxNDBiZGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstn7EPGBCan1iWnXY+8+tsy53wcs X//lYgHeOxkBwMxGOU9hmT9DrGIh9X/Nh6yZROhSrwwzcmtFbpZ1vmLRTAbwGV40 Mc44q1V9Kb7+SqdjLXRpbvVfhDBOxDL1OT/bWr/548E6/Pj0Oq0XGx/KBStgZ4kv dnzw1euuDkGGHkWsOm+RonKsTyyqjeRPfgDJEGRFC5plZOgmkWHgDWMfsY1euk9R xGBBpdjM78ypXN5lBVX1umK82D4QvzWkqeNyrzPxOk8C3dh96VjaYnLo59Y6ptr5 7PLUTt2t4Bb6H3InpHxBJEI5D/5gjuZZunLj23R43/I6lLb0w+7ZXor5eQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFL13y5jykL6vF7JPKPu77BnBQL3QMB8GA1UdIwQY MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt NDY2ZTljYWI3ODY0LzEvdlhmTG1QS1F2cThYc2s4by03dnNHY0ZBdmRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0 LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwYAIAEgAGAD BgAgASABYAMFACABIAMDBQUgASBgMA0GCSqGSIb3DQEBCwUAA4IBAQAQDCc/8lrB tvau+wOACk7WmEaboX02afH88A4MPHLEFjNoGWkKA8qd9uaTOsjwu5pnwIhDo2J4 xaA2VHzsMbywq1/zfbGx2ZWG5L4obJrxtAmk6UdxApizBTyQjeZTkKm9KM6YY6ce 8vbgRpEEtxGlIuMAgB9bZKmXLTM7ZR7mTULok8B1dBxioy3Z7Vhe3ANB8YAYxraq U+u/0qVr5urs561qqoOjtnxV9fiBmfuf3F59BfMSK7vINAvBvDKQFnGlX5FahLIU wY1r6Q3BL4hbrqqIOvZ6a0y/RG6hWBKQbzMYPvE4elxbDA9iLojyrpdFWk/sb3bH 6ii9s/GODg25 -----END CERTIFICATE-----Generated at Mon Jan 26 04:40:20 2026 by rpki-client