This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/2MsPFamPffku1ttx9gaJe1ffa6Y.roa File: 2MsPFamPffku1ttx9gaJe1ffa6Y.roa (raw, json) Hash identifier: DHSbfM3R76vdNxci0L/Qjop0BLeabp3SpJ5q1Jd300M= Subject key identifier: D8:CB:0F:15:A9:8F:7D:F9:2E:D6:DB:71:F6:06:89:7B:57:DF:6B:A6 Certificate issuer: /CN=a3eceac8125534a57947962db28903fad7ac3af9 Certificate serial: 019B7FF11AE3E885B5F7F10AAE9F257479AF Authority key identifier: A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/2MsPFamPffku1ttx9gaJe1ffa6Y.roa Signing time: Fri 02 Jan 2026 18:21:06 +0000 ROA not before: Fri 02 Jan 2026 18:21:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199520 IP address blocks: 91.224.246.0/23 maxlen: 24 91.226.40.0/23 maxlen: 24 2a0c:9e80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:1a:e3:e8:85:b5:f7:f1:0a:ae:9f:25:74:79:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a3eceac8125534a57947962db28903fad7ac3af9 Validity Not Before: Jan 2 18:21:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8cb0f15a98f7df92ed6db71f606897b57df6ba6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:41:39:f1:af:ac:92:c0:0a:d8:7c:5d:39:67: 2c:34:ee:99:27:1b:f7:97:f5:4e:eb:06:25:ae:56: 0c:66:d3:54:4e:c9:b1:4d:51:a6:47:ba:c9:e6:45: 1b:84:db:30:7a:ef:ab:aa:3a:0e:af:6a:74:db:ff: e0:03:1c:d3:4a:b1:fd:64:01:88:6e:3c:ed:2d:74: 58:a1:b1:f8:12:86:b1:f5:e0:10:28:fc:e7:f6:47: c4:bd:26:0f:09:41:2b:af:01:ba:f1:49:f9:d0:20: 2f:ef:28:27:35:63:81:f3:ea:db:d5:a4:eb:31:28: 31:99:99:88:ef:eb:0b:8e:e5:38:2c:ab:69:53:b9: 4b:94:84:91:e2:8a:3c:7d:5c:78:54:53:4e:d8:7a: f1:db:3b:9d:fe:67:af:3f:a5:b6:9d:e7:1f:4a:4f: 8c:39:b5:01:e6:ee:8e:30:58:cc:96:4d:44:05:f6: d9:cf:11:3f:b7:93:9b:87:c3:b6:d4:3d:8f:66:ed: 90:e5:04:c2:30:a5:87:b9:63:53:cd:9e:82:05:b6: 63:63:57:e7:2b:ff:9c:67:c1:71:ec:c8:cb:11:37: eb:87:82:9b:20:c0:24:15:9b:88:3c:f2:b8:e3:2e: cd:9a:89:11:d0:5b:92:76:e9:b4:02:f2:01:69:4f: 83:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:CB:0F:15:A9:8F:7D:F9:2E:D6:DB:71:F6:06:89:7B:57:DF:6B:A6 X509v3 Authority Key Identifier: keyid:A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/2MsPFamPffku1ttx9gaJe1ffa6Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.224.246.0/23 91.226.40.0/23 IPv6: 2a0c:9e80::/32 Signature Algorithm: sha256WithRSAEncryption 46:3f:d4:b5:33:ab:22:2a:92:cc:d5:bb:d0:b4:a6:ec:a1:a0: c0:e0:b1:1c:0d:76:4f:32:87:52:fe:12:96:90:0b:15:8e:99: db:88:ee:a6:f9:94:fc:7a:ff:fa:8a:df:e6:22:83:b1:a0:2d: 47:b8:bc:0d:fd:90:32:a8:14:64:c6:ac:80:2c:a0:28:52:6d: 6c:dd:cd:f1:af:8d:a9:ae:60:2c:9e:12:6b:24:ff:b3:52:34: 4f:71:8a:20:a9:3a:b2:3e:e9:ec:2b:00:70:32:bd:ec:a4:df: 5e:9d:7d:d2:1f:1f:08:33:31:24:fe:1f:5a:80:90:fa:36:c7: 8f:7d:ee:0a:68:e3:fc:da:ba:23:5e:af:d1:b8:3c:a5:8e:9b: 5f:f4:c4:9f:1c:30:68:70:64:c9:2a:3a:10:2c:05:33:04:34: ac:e5:e2:7b:7e:99:76:dc:5b:23:0e:6a:7a:50:77:00:e3:5a: ae:6c:fc:c8:e3:08:32:61:00:84:13:da:47:b9:39:f8:85:59: 5f:58:d5:17:b7:99:88:56:b7:39:a4:ab:92:a9:1d:97:c7:42: 35:f2:cf:7b:a4:94:c7:20:bd:45:9e:fa:c7:f1:85:02:b8:e1: ae:91:3d:cd:68:bd:cb:a5:d6:fb:e1:05:dc:f1:fa:19:6d:80: d0:c6:b7:6b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/8Rrj6IW19/EKrp8ldHmvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEzZWNlYWM4MTI1NTM0YTU3OTQ3OTYyZGIyODkwM2ZhZDdh YzNhZjkwHhcNMjYwMTAyMTgyMTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGNiMGYxNWE5OGY3ZGY5MmVkNmRiNzFmNjA2ODk3YjU3ZGY2YmE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUE58a+sksAK2HxdOWcsNO6ZJxv3 l/VO6wYlrlYMZtNUTsmxTVGmR7rJ5kUbhNsweu+rqjoOr2p02//gAxzTSrH9ZAGI bjztLXRYobH4Eoax9eAQKPzn9kfEvSYPCUErrwG68Un50CAv7ygnNWOB8+rb1aTr MSgxmZmI7+sLjuU4LKtpU7lLlISR4oo8fVx4VFNO2Hrx2zud/mevP6W2necfSk+M ObUB5u6OMFjMlk1EBfbZzxE/t5Obh8O21D2PZu2Q5QTCMKWHuWNTzZ6CBbZjY1fn K/+cZ8Fx7MjLETfrh4KbIMAkFZuIPPK44y7NmokR0FuSdum0AvIBaU+D6QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNjLDxWpj335LtbbcfYGiXtX32umMB8GA1UdIwQY MBaAFKPs6sgSVTSleUeWLbKJA/rXrDr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQt YTliZDVlNDEwYWVkLzEvMk1zUEZhbVBmZmt1MXR0eDlnYUplMWZmYTZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQtYTliZDVlNDEwYWVk LzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+D2AwQB W+IoMA0EAgACMAcDBQAqDJ6AMA0GCSqGSIb3DQEBCwUAA4IBAQBGP9S1M6siKpLM 1bvQtKbsoaDA4LEcDXZPModS/hKWkAsVjpnbiO6m+ZT8ev/6it/mIoOxoC1HuLwN /ZAyqBRkxqyALKAoUm1s3c3xr42prmAsnhJrJP+zUjRPcYogqTqyPunsKwBwMr3s pN9enX3SHx8IMzEk/h9agJD6NsePfe4KaOP82rojXq/RuDyljptf9MSfHDBocGTJ KjoQLAUzBDSs5eJ7fpl23FsjDmp6UHcA41qubPzI4wgyYQCEE9pHuTn4hVlfWNUX t5mIVrc5pKuSqR2Xx0I18s97pJTHIL1FnvrH8YUCuOGukT3NaL3Lpdb74QXc8foZ bYDQxrdr -----END CERTIFICATE-----Generated at Thu Jan 8 11:02:00 2026 by rpki-client