This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/afHVAo60TWSHsM2f1gigU7RALns.roa File: afHVAo60TWSHsM2f1gigU7RALns.roa (raw, json) Hash identifier: +QhhuzYMlqan8zz0ZKya1zxFjyez6IvTsXMQHoTxGUw= Subject key identifier: 69:F1:D5:02:8E:B4:4D:64:87:B0:CD:9F:D6:08:A0:53:B4:40:2E:7B Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54 Certificate serial: 019B22BFBE3EE8A687858A8038804041DC47 Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/afHVAo60TWSHsM2f1gigU7RALns.roa Signing time: Mon 15 Dec 2025 16:02:29 +0000 ROA not before: Mon 15 Dec 2025 16:02:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 0 IP address blocks: 2001:3080::/29 maxlen: 29 2a0e:a780::/29 maxlen: 29 2a10:9600::/29 maxlen: 29 2a13:8000::/29 maxlen: 29 2a13:b640::/29 maxlen: 29 2a13:b840::/29 maxlen: 29 2a13:d2c0::/29 maxlen: 29 2a13:de40::/29 maxlen: 29 2a14:6bc0::/29 maxlen: 29 2a14:72c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 05:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:bf:be:3e:e8:a6:87:85:8a:80:38:80:40:41:dc:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54 Validity Not Before: Dec 15 16:02:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=69f1d5028eb44d6487b0cd9fd608a053b4402e7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:33:70:3d:95:ba:54:2c:44:ba:88:e5:02:63: d1:3d:2c:6e:a9:e6:9f:35:6a:65:e1:1a:1f:1e:2f: 7b:f0:2a:3b:cf:e8:65:df:29:64:57:89:31:4a:0b: 47:c1:7f:4f:d2:e2:58:01:60:21:18:ee:66:20:1d: 80:b4:9c:ee:dd:48:e4:62:b7:d6:ac:30:ca:dc:85: 83:56:fd:53:f9:47:59:53:b4:f4:46:f1:10:08:97: 63:8c:d9:de:f6:82:4e:85:6a:42:d7:7b:cd:e8:b7: 3d:ae:1c:ff:03:e5:16:30:74:22:59:a3:f7:7f:4a: 8d:6c:36:a8:2e:3b:b1:97:44:94:d5:90:e8:55:b8: 01:62:b4:70:a8:be:a7:34:60:3a:26:a6:78:e7:47: 1c:39:e5:d7:11:98:c3:3b:0c:61:32:0f:76:f0:32: d9:8e:1e:07:58:86:d8:f0:ec:71:d4:a3:1a:d0:26: c7:5e:db:44:1b:db:26:1b:7a:67:66:4f:a3:f0:54: 6d:31:e9:eb:07:06:55:c1:47:9d:ad:03:ab:fa:e5: 12:00:fc:34:92:02:43:fd:94:dc:fe:89:d5:da:e6: 58:58:92:89:c9:63:ac:13:73:d7:2f:39:8a:0c:0e: 96:91:50:50:33:65:bd:a8:d8:41:e2:12:e7:01:89: eb:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:F1:D5:02:8E:B4:4D:64:87:B0:CD:9F:D6:08:A0:53:B4:40:2E:7B X509v3 Authority Key Identifier: keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/afHVAo60TWSHsM2f1gigU7RALns.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3080::/29 2a0e:a780::/29 2a10:9600::/29 2a13:8000::/29 2a13:b640::/29 2a13:b840::/29 2a13:d2c0::/29 2a13:de40::/29 2a14:6bc0::/29 2a14:72c0::/29 Signature Algorithm: sha256WithRSAEncryption 4c:49:84:a2:03:c6:75:ec:c9:c8:04:e6:8e:fb:2a:4d:5d:93: 72:95:8e:af:ca:5a:47:3d:1b:da:59:4e:63:70:69:c5:b8:c2: 8f:ae:95:63:a3:9c:b3:a7:8e:6d:6d:39:b5:b5:fc:50:6b:27: 87:65:60:ee:fa:c2:4b:b4:e6:07:1b:91:ad:b2:4c:91:80:13: 20:9e:7d:9d:db:d1:9a:19:75:0a:23:12:10:53:5b:4d:3f:33: ef:d7:29:d8:14:80:24:08:69:83:a6:ed:11:63:cd:11:5a:8a: 6b:fd:cf:64:93:e1:37:57:05:12:46:52:2a:b8:15:47:49:50: 4d:25:d4:76:4b:72:ea:43:ef:bb:7a:a0:73:bc:55:98:e7:9b: df:29:4b:4d:b7:e7:eb:d8:28:65:c5:a1:f3:84:bc:5b:17:df: 38:99:26:1a:13:58:d7:4e:eb:8e:e5:7b:5c:17:da:9d:e2:13: 4f:be:88:e0:2b:61:fb:e1:57:3a:94:e6:3a:c4:1a:3b:03:37: 6c:32:a0:44:84:72:f2:e6:29:5c:14:76:2f:32:8a:19:f0:08: 9b:00:0b:3f:5f:c0:7a:ec:10:84:0f:22:b1:d7:c2:4f:93:5b: 79:b8:a0:c1:2e:f1:e7:3b:bd:37:1e:cc:cb:cd:5f:77:65:1c: 13:d4:95:9c -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISAZsiv74+6KaHhYqAOIBAQdxHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy NjhmNTQwHhcNMjUxMjE1MTYwMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OWYxZDUwMjhlYjQ0ZDY0ODdiMGNkOWZkNjA4YTA1M2I0NDAyZTdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjNwPZW6VCxEuojlAmPRPSxuqeaf NWpl4RofHi978Co7z+hl3ylkV4kxSgtHwX9P0uJYAWAhGO5mIB2AtJzu3UjkYrfW rDDK3IWDVv1T+UdZU7T0RvEQCJdjjNne9oJOhWpC13vN6Lc9rhz/A+UWMHQiWaP3 f0qNbDaoLjuxl0SU1ZDoVbgBYrRwqL6nNGA6JqZ450ccOeXXEZjDOwxhMg928DLZ jh4HWIbY8Oxx1KMa0CbHXttEG9smG3pnZk+j8FRtMenrBwZVwUedrQOr+uUSAPw0 kgJD/ZTc/onV2uZYWJKJyWOsE3PXLzmKDA6WkVBQM2W9qNhB4hLnAYnrHQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGnx1QKOtE1kh7DNn9YIoFO0QC57MB8GA1UdIwQY MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt N2FhN2ZjMzU5NjU1LzEvYWZIVkFvNjBUV1NIc00yZjFnaWdVN1JBTG5zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1 LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDIAEwgAMF AyoOp4ADBQMqEJYAAwUDKhOAAAMFAyoTtkADBQMqE7hAAwUDKhPSwAMFAyoT3kAD BQMqFGvAAwUDKhRywDANBgkqhkiG9w0BAQsFAAOCAQEATEmEogPGdezJyATmjvsq TV2TcpWOr8paRz0b2llOY3BpxbjCj66VY6Ocs6eObW05tbX8UGsnh2Vg7vrCS7Tm BxuRrbJMkYATIJ59ndvRmhl1CiMSEFNbTT8z79cp2BSAJAhpg6btEWPNEVqKa/3P ZJPhN1cFEkZSKrgVR0lQTSXUdkty6kPvu3qgc7xVmOeb3ylLTbfn69goZcWh84S8 WxffOJkmGhNY107rjuV7XBfaneITT76I4Cth++FXOpTmOsQaOwM3bDKgRIRy8uYp XBR2LzKKGfAImwALP1/AeuwQhA8isdfCT5NbebigwS7x5zu9Nx7My81fd2UcE9SV nA== -----END CERTIFICATE-----Generated at Mon Dec 22 12:45:36 2025 by rpki-client