This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/a2dGgMgkDvSFz9UvYkCXlH5tzZU.roa File: a2dGgMgkDvSFz9UvYkCXlH5tzZU.roa (raw, json) Hash identifier: c2MCuHjIaTWBayfSiKP1qGbzAEWRP5fSSTHUf07P0Kc= Subject key identifier: 6B:67:46:80:C8:24:0E:F4:85:CF:D5:2F:62:40:97:94:7E:6D:CD:95 Certificate issuer: /CN=d779968e66edbea372ef95baa2bf689138567a40 Certificate serial: 019B78A37976514917375E21E90DFEDB3B97 Authority key identifier: D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/a2dGgMgkDvSFz9UvYkCXlH5tzZU.roa Signing time: Thu 01 Jan 2026 08:18:57 +0000 ROA not before: Thu 01 Jan 2026 08:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205496 IP address blocks: 185.214.228.0/22 maxlen: 22 185.214.228.0/24 maxlen: 24 185.214.229.0/24 maxlen: 24 185.214.230.0/24 maxlen: 24 185.214.231.0/24 maxlen: 24 194.15.137.0/24 maxlen: 24 2001:67c:2fd8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.crl rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.mft rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 14 Jan 2026 08:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:79:76:51:49:17:37:5e:21:e9:0d:fe:db:3b:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d779968e66edbea372ef95baa2bf689138567a40 Validity Not Before: Jan 1 08:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6b674680c8240ef485cfd52f624097947e6dcd95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:65:13:7e:42:51:bf:99:4d:ef:e2:bc:22:c9: 86:ef:07:7c:1f:ef:03:0a:6a:2f:4f:aa:c6:01:00: a3:59:78:fd:1e:cb:78:fc:f2:17:2f:fb:07:d0:d6: 59:ef:cb:2a:cc:54:c4:03:1a:be:da:c8:71:07:b3: d4:93:fe:89:71:02:3c:93:a2:43:27:9a:a0:c0:4a: 71:ce:eb:da:7d:bc:a0:95:2a:57:5a:63:32:44:d8: 9e:7a:2f:e6:75:bc:f5:9b:f5:23:ea:9d:5d:19:8b: 91:99:5a:a5:83:31:98:50:1b:74:34:78:28:18:0f: 46:27:5b:46:12:74:c9:96:fb:38:12:11:11:d4:5b: 5d:79:61:eb:f5:05:c5:13:e5:5b:fa:b7:1d:2c:6d: 07:e4:65:20:fe:a2:39:a3:3b:be:c7:00:34:9b:0d: d1:53:5d:6d:78:1a:b2:29:24:b6:c8:ad:f5:55:bd: 25:6e:c0:c0:d0:34:cd:58:1a:f7:8e:6d:bc:75:0c: cb:ac:9f:f9:b9:f9:63:31:84:78:99:f7:63:dd:8d: 60:97:ce:3e:08:26:31:96:4c:c2:a2:a6:7e:0a:f4: 30:35:9a:74:b7:71:62:ee:4d:38:4d:55:61:b2:22: e7:bf:41:b1:31:ed:26:16:e7:82:12:0b:0e:b8:de: e8:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:67:46:80:C8:24:0E:F4:85:CF:D5:2F:62:40:97:94:7E:6D:CD:95 X509v3 Authority Key Identifier: keyid:D7:79:96:8E:66:ED:BE:A3:72:EF:95:BA:A2:BF:68:91:38:56:7A:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13mWjmbtvqNy75W6or9okThWekA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/a2dGgMgkDvSFz9UvYkCXlH5tzZU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/94bf5b-d38a-4c76-b01f-6e6fa39bb1ec/1/13mWjmbtvqNy75W6or9okThWekA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.214.228.0/22 194.15.137.0/24 IPv6: 2001:67c:2fd8::/48 Signature Algorithm: sha256WithRSAEncryption 45:02:de:bb:1e:b8:af:20:b5:1d:f2:33:54:54:76:76:90:c1: 0c:c5:ff:43:63:73:8a:ae:fb:46:b1:46:03:2e:3b:7c:d8:e6: e8:3a:07:9d:05:3a:58:c8:a7:5c:f2:f6:6c:d3:df:0e:dd:f8: 84:95:38:4d:88:3b:60:d8:01:38:5a:d3:11:5f:23:9f:36:e8: 8f:62:f5:20:18:c4:89:93:d1:66:2c:60:ec:2a:9e:a8:ba:8e: 78:fb:07:4a:e0:a0:70:50:37:e1:39:88:d4:aa:81:ee:6f:e7: be:9e:71:af:28:e5:8c:0e:22:a5:68:c4:f0:d4:54:0a:80:8e: 0f:0b:75:7e:59:bc:0a:ee:36:4f:76:b8:77:56:45:9e:3e:48: f8:10:c1:b7:a5:e4:14:7c:91:93:c7:7b:03:9b:bf:8a:8d:a7: 26:e6:bf:f2:e0:57:fa:06:42:bc:37:cd:4c:5c:6d:f5:a4:aa: 91:ed:36:ed:fa:8c:aa:9b:2c:7d:08:b5:36:a3:76:42:ab:a5: 13:af:1b:94:59:18:f2:d2:f1:98:ed:50:c2:e5:45:8f:59:67: bf:ff:96:82:dd:01:fc:77:3b:3f:cd:e8:8f:d6:c5:b6:36:2d: 8c:37:22:5f:19:dc:6a:cd:25:44:f0:84:b8:fe:49:89:c6:fc: f1:58:a9:25 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt4o3l2UUkXN14h6Q3+2zuXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3Nzk5NjhlNjZlZGJlYTM3MmVmOTViYWEyYmY2ODkxMzg1 NjdhNDAwHhcNMjYwMTAxMDgxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YjY3NDY4MGM4MjQwZWY0ODVjZmQ1MmY2MjQwOTc5NDdlNmRjZDk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGUTfkJRv5lN7+K8IsmG7wd8H+8D CmovT6rGAQCjWXj9Hst4/PIXL/sH0NZZ78sqzFTEAxq+2shxB7PUk/6JcQI8k6JD J5qgwEpxzuvafbyglSpXWmMyRNieei/mdbz1m/Uj6p1dGYuRmVqlgzGYUBt0NHgo GA9GJ1tGEnTJlvs4EhER1FtdeWHr9QXFE+Vb+rcdLG0H5GUg/qI5ozu+xwA0mw3R U11teBqyKSS2yK31Vb0lbsDA0DTNWBr3jm28dQzLrJ/5ufljMYR4mfdj3Y1gl84+ CCYxlkzCoqZ+CvQwNZp0t3Fi7k04TVVhsiLnv0GxMe0mFueCEgsOuN7oXQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFGtnRoDIJA70hc/VL2JAl5R+bc2VMB8GA1UdIwQY MBaAFNd5lo5m7b6jcu+VuqK/aJE4VnpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYt NmU2ZmEzOWJiMWVjLzEvYTJkR2dNZ2tEdlNGejlVdllrQ1hsSDV0elpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC85NGJmNWItZDM4YS00Yzc2LWIwMWYtNmU2ZmEzOWJiMWVj LzEvMTNtV2ptYnR2cU55NzVXNm9yOW9rVGhXZWtBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCudbkAwQA wg+JMA8EAgACMAkDBwAgAQZ8L9gwDQYJKoZIhvcNAQELBQADggEBAEUC3rseuK8g tR3yM1RUdnaQwQzF/0Njc4qu+0axRgMuO3zY5ug6B50FOljIp1zy9mzT3w7d+ISV OE2IO2DYATha0xFfI5826I9i9SAYxImT0WYsYOwqnqi6jnj7B0rgoHBQN+E5iNSq ge5v576eca8o5YwOIqVoxPDUVAqAjg8LdX5ZvAruNk92uHdWRZ4+SPgQwbel5BR8 kZPHewObv4qNpybmv/LgV/oGQrw3zUxcbfWkqpHtNu36jKqbLH0ItTajdkKrpROv G5RZGPLS8ZjtUMLlRY9ZZ7//loLdAfx3Oz/N6I/WxbY2LYw3Il8Z3GrNJUTwhLj+ SYnG/PFYqSU= -----END CERTIFICATE-----Generated at Tue Jan 13 16:16:24 2026 by rpki-client