This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/6rnrSEeWwXS9bkTEMOSeiixKE38.roa File: 6rnrSEeWwXS9bkTEMOSeiixKE38.roa (raw, json) Hash identifier: 52aBBHeNk265BEYoUD77bQdAx5zSeTzmfS49xef/H58= Subject key identifier: EA:B9:EB:48:47:96:C1:74:BD:6E:44:C4:30:E4:9E:8A:2C:4A:13:7F Certificate issuer: /CN=cfe0df82121438271c913c24ff50fd3b62d40dc6 Certificate serial: 019AFD07E1B1CAECC0237E813736E653AF1D Authority key identifier: CF:E0:DF:82:12:14:38:27:1C:91:3C:24:FF:50:FD:3B:62:D4:0D:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/6rnrSEeWwXS9bkTEMOSeiixKE38.roa Signing time: Mon 08 Dec 2025 08:15:43 +0000 ROA not before: Mon 08 Dec 2025 08:15:43 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206844 IP address blocks: 171.22.244.0/24 maxlen: 24 171.22.245.0/24 maxlen: 24 171.22.246.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/z-DfghIUOCcckTwk_1D9O2LUDcY.crl rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/z-DfghIUOCcckTwk_1D9O2LUDcY.mft rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 05:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fd:07:e1:b1:ca:ec:c0:23:7e:81:37:36:e6:53:af:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfe0df82121438271c913c24ff50fd3b62d40dc6 Validity Not Before: Dec 8 08:15:43 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=eab9eb484796c174bd6e44c430e49e8a2c4a137f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:15:30:17:bb:c7:cf:f5:16:2e:a8:26:55:d2: 00:95:2e:bc:46:76:e8:ee:15:90:9e:30:9a:8c:b3: 16:89:ba:e7:ef:0b:28:7f:37:d2:6e:af:8d:9a:aa: 4d:08:ff:98:e8:19:2b:29:5c:fd:f3:ea:76:27:7b: 30:a0:fb:af:66:73:9f:76:0b:64:55:5f:3c:22:6c: 55:c4:6f:fb:65:cb:8b:9b:1f:43:4c:05:3f:46:d7: 40:ee:8f:2b:88:f4:87:e5:33:c9:ab:c7:56:a8:97: f9:43:87:d3:b1:e5:a2:cb:bb:11:06:16:6a:84:cb: ea:a9:03:03:74:23:59:2a:b4:92:a3:d0:bc:1e:d4: a5:4d:e8:92:54:74:1a:83:48:b1:96:c5:f9:f9:30: a4:35:0f:7c:4f:d2:2f:9b:7e:72:0e:69:f7:be:06: ab:50:5f:d0:32:d3:67:8f:d3:e5:0b:e5:8d:d7:be: 04:c8:65:38:ff:5c:9a:c1:30:d3:3a:94:7a:11:f0: 80:dd:a3:33:7b:44:6c:84:02:1d:f2:bb:1c:fc:47: e1:3a:d6:5e:e3:f1:49:7b:ca:ed:96:75:75:6c:78: 05:af:22:a9:b6:b5:60:c0:5b:11:e3:ee:bd:7a:06: 1b:f9:f9:a4:e6:dd:71:d5:bf:4a:36:73:87:55:50: 5d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:B9:EB:48:47:96:C1:74:BD:6E:44:C4:30:E4:9E:8A:2C:4A:13:7F X509v3 Authority Key Identifier: keyid:CF:E0:DF:82:12:14:38:27:1C:91:3C:24:FF:50:FD:3B:62:D4:0D:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-DfghIUOCcckTwk_1D9O2LUDcY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/6rnrSEeWwXS9bkTEMOSeiixKE38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/26331c-34a1-4bc5-b75c-f2c7922faf32/1/z-DfghIUOCcckTwk_1D9O2LUDcY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 171.22.244.0/22 Signature Algorithm: sha256WithRSAEncryption 55:b4:4f:05:ef:46:29:d4:ef:c8:da:b7:ca:f1:5c:08:9f:ea: ad:d9:40:a7:91:9d:e7:05:c8:13:34:12:e8:54:ae:2d:9a:b7: 29:84:21:f0:6c:74:10:38:4a:13:06:11:45:60:89:9c:d9:e9: 36:83:73:b8:5e:3c:f6:b0:fa:68:0d:c2:48:ae:77:d9:4a:5c: ad:9f:76:00:75:43:c3:84:59:ad:87:f8:22:bf:00:27:41:ca: a2:36:9f:fe:04:ed:28:a7:71:8d:b0:61:fa:e4:a5:d6:1d:0e: 7a:c3:0e:8a:18:87:a5:2f:75:a0:b2:89:f9:3d:4d:20:0c:16: 68:ae:71:cf:d6:82:cb:50:57:b7:45:76:6f:e1:63:93:34:ce: f6:f6:8e:5b:6d:59:71:cc:51:69:7b:cb:27:9a:3b:af:cb:e2: 64:ac:eb:1c:d2:b0:0a:21:68:64:d4:e2:7e:21:87:f4:46:6f: 09:6d:fc:ea:7b:b5:db:70:3a:a0:4a:f0:cb:18:93:a5:e0:5d: 45:d0:70:4a:e6:f1:d3:f7:30:4f:9b:05:79:05:84:63:a9:b9: fa:fd:eb:df:46:14:85:44:a8:f8:e4:fd:c7:4d:b5:63:86:48: e4:b6:f4:54:72:8c:a6:65:00:87:11:eb:c1:ac:b7:62:29:06: db:14:03:43 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZr9B+GxyuzAI36BNzbmU68dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmZTBkZjgyMTIxNDM4MjcxYzkxM2MyNGZmNTBmZDNiNjJk NDBkYzYwHhcNMjUxMjA4MDgxNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYWI5ZWI0ODQ3OTZjMTc0YmQ2ZTQ0YzQzMGU0OWU4YTJjNGExMzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRUwF7vHz/UWLqgmVdIAlS68Rnbo 7hWQnjCajLMWibrn7wsofzfSbq+NmqpNCP+Y6BkrKVz98+p2J3swoPuvZnOfdgtk VV88ImxVxG/7ZcuLmx9DTAU/RtdA7o8riPSH5TPJq8dWqJf5Q4fTseWiy7sRBhZq hMvqqQMDdCNZKrSSo9C8HtSlTeiSVHQag0ixlsX5+TCkNQ98T9Ivm35yDmn3vgar UF/QMtNnj9PlC+WN174EyGU4/1yawTDTOpR6EfCA3aMze0RshAId8rsc/EfhOtZe 4/FJe8rtlnV1bHgFryKptrVgwFsR4+69egYb+fmk5t1x1b9KNnOHVVBdPwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOq560hHlsF0vW5ExDDknoosShN/MB8GA1UdIwQY MBaAFM/g34ISFDgnHJE8JP9Q/Tti1A3GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvei1EZmdoSVVPQ2Nja1R3a18xRDlPMkxVRGNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yNjMzMWMtMzRhMS00YmM1LWI3NWMt ZjJjNzkyMmZhZjMyLzEvNnJuclNFZVd3WFM5YmtURU1PU2VpaXhLRTM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi8yNjMzMWMtMzRhMS00YmM1LWI3NWMtZjJjNzkyMmZhZjMy LzEvei1EZmdoSVVPQ2Nja1R3a18xRDlPMkxVRGNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqxb0MA0G CSqGSIb3DQEBCwUAA4IBAQBVtE8F70Yp1O/I2rfK8VwIn+qt2UCnkZ3nBcgTNBLo VK4tmrcphCHwbHQQOEoTBhFFYImc2ek2g3O4Xjz2sPpoDcJIrnfZSlytn3YAdUPD hFmth/givwAnQcqiNp/+BO0op3GNsGH65KXWHQ56ww6KGIelL3Wgson5PU0gDBZo rnHP1oLLUFe3RXZv4WOTNM729o5bbVlxzFFpe8snmjuvy+JkrOsc0rAKIWhk1OJ+ IYf0Rm8Jbfzqe7XbcDqgSvDLGJOl4F1F0HBK5vHT9zBPmwV5BYRjqbn6/evfRhSF RKj45P3HTbVjhkjktvRUcoymZQCHEevBrLdiKQbbFAND -----END CERTIFICATE-----Generated at Mon Dec 22 14:49:31 2025 by rpki-client