This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2LHhafqz9fDQmtOLojXPzHPpzRI.roa File: 2LHhafqz9fDQmtOLojXPzHPpzRI.roa (raw, json) Hash identifier: Y02LZjUshmzV2Nv7a9HFroI+ENTqTb63UGoZvQeKbcs= Subject key identifier: D8:B1:E1:69:FA:B3:F5:F0:D0:9A:D3:8B:A2:35:CF:CC:73:E9:CD:12 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B216206348F418D66658072142EB9A290 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2LHhafqz9fDQmtOLojXPzHPpzRI.roa Signing time: Mon 15 Dec 2025 09:40:30 +0000 ROA not before: Mon 15 Dec 2025 09:40:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 62240 IP address blocks: 194.105.74.0/24 maxlen: 24 213.130.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:62:06:34:8f:41:8d:66:65:80:72:14:2e:b9:a2:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 15 09:40:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d8b1e169fab3f5f0d09ad38ba235cfcc73e9cd12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:24:10:dc:9b:10:52:42:a4:d1:bb:5e:74:2c: 7d:d2:18:55:18:2e:33:66:f0:a7:fc:f4:cd:18:a7: f3:06:7e:ac:ca:e3:a5:1e:57:67:95:ec:60:ee:b3: dd:9c:80:f1:11:f2:89:eb:62:2a:77:ae:d1:b9:4b: 73:3e:23:43:68:97:eb:aa:4c:15:57:02:09:62:ff: 7d:f9:69:dd:2f:70:5b:80:34:26:60:43:f2:5b:88: 5b:37:c7:64:a5:d4:ae:19:92:2d:7d:68:0a:95:5b: 0f:8f:1f:9a:e8:ee:e5:07:c2:d9:a8:78:eb:0e:ba: d1:1e:06:e7:3c:f4:26:ac:f9:36:d8:d1:c8:4c:f1: 09:28:19:7b:ce:3f:b5:9b:d5:eb:d9:af:a3:85:bf: c6:17:7a:cd:19:ff:06:39:93:19:a5:4c:b1:ba:b6: c4:67:71:4b:35:8d:15:16:a8:2a:a4:37:6c:87:62: 63:e8:77:8c:5f:a0:f0:38:54:fd:0d:55:ab:6d:0e: e2:81:17:82:cc:e8:dd:7d:d4:58:2b:b9:a0:57:1a: ad:07:32:e2:f6:37:95:fe:b6:3a:55:ec:c0:b4:b5: 92:27:5b:ba:16:91:4c:0a:dd:c1:5f:06:e9:f8:e2: dc:20:c6:6b:9d:57:18:a4:16:49:91:f7:02:f8:94: 38:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:B1:E1:69:FA:B3:F5:F0:D0:9A:D3:8B:A2:35:CF:CC:73:E9:CD:12 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2LHhafqz9fDQmtOLojXPzHPpzRI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.105.74.0/24 213.130.154.0/24 Signature Algorithm: sha256WithRSAEncryption aa:df:6d:6b:e9:ab:50:1b:2e:56:77:c7:0b:de:32:2d:c9:ce: 54:6f:78:8f:3c:ca:a1:f6:d9:64:2a:5a:19:71:6d:2e:5a:f2: 0d:ff:84:79:5c:da:d7:22:2b:4d:cb:c8:e5:af:9c:83:a6:be: 37:6c:8b:e2:c5:b5:8c:14:24:e1:0e:95:4e:70:0e:95:fd:86: 26:da:b0:c3:16:29:1a:84:4d:73:c7:aa:80:61:25:1b:5a:18: f6:5f:ab:58:42:ad:f2:2b:58:f0:62:dd:46:d5:0a:9d:ff:76: 95:59:ee:f0:f7:cb:c5:27:d1:a2:48:dd:a6:94:74:f5:d7:bf: f0:f0:df:64:f7:1d:13:89:e9:39:bc:84:c7:b4:24:c3:ee:e3: 2a:b5:d2:85:c1:52:99:a9:93:3f:62:53:7b:eb:ec:96:0d:c8: 48:18:03:16:2a:b9:f3:5e:81:88:03:2e:7a:19:75:28:54:bc: 46:c4:c6:68:68:63:1b:aa:e6:b2:b4:63:5e:ea:95:8d:b5:8e: e3:5d:44:98:20:f8:a9:5c:0a:25:36:a0:78:d7:5a:f4:1c:b7: ac:4a:71:b5:ee:07:7d:07:85:c2:81:e2:ca:c0:7c:82:d6:4d: 01:eb:24:b8:03:74:59:67:5a:62:35:da:b9:2c:88:db:dc:72: f6:56:13:08 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZshYgY0j0GNZmWAchQuuaKQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjE1MDk0MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGIxZTE2OWZhYjNmNWYwZDA5YWQzOGJhMjM1Y2ZjYzczZTljZDEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCQQ3JsQUkKk0btedCx90hhVGC4z ZvCn/PTNGKfzBn6syuOlHldnlexg7rPdnIDxEfKJ62Iqd67RuUtzPiNDaJfrqkwV VwIJYv99+WndL3BbgDQmYEPyW4hbN8dkpdSuGZItfWgKlVsPjx+a6O7lB8LZqHjr DrrRHgbnPPQmrPk22NHITPEJKBl7zj+1m9Xr2a+jhb/GF3rNGf8GOZMZpUyxurbE Z3FLNY0VFqgqpDdsh2Jj6HeMX6DwOFT9DVWrbQ7igReCzOjdfdRYK7mgVxqtBzLi 9jeV/rY6VezAtLWSJ1u6FpFMCt3BXwbp+OLcIMZrnVcYpBZJkfcC+JQ4yQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNix4Wn6s/Xw0JrTi6I1z8xz6c0SMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvMkxIaGFmcXo5ZkRRbXRPTG9qWFB6SFBwelJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmlKAwQA 1YKaMA0GCSqGSIb3DQEBCwUAA4IBAQCq321r6atQGy5Wd8cL3jItyc5Ub3iPPMqh 9tlkKloZcW0uWvIN/4R5XNrXIitNy8jlr5yDpr43bIvixbWMFCThDpVOcA6V/YYm 2rDDFikahE1zx6qAYSUbWhj2X6tYQq3yK1jwYt1G1Qqd/3aVWe7w98vFJ9GiSN2m lHT117/w8N9k9x0Tiek5vITHtCTD7uMqtdKFwVKZqZM/YlN76+yWDchIGAMWKrnz XoGIAy56GXUoVLxGxMZoaGMbquaytGNe6pWNtY7jXUSYIPipXAolNqB411r0HLes SnG17gd9B4XCgeLKwHyC1k0B6yS4A3RZZ1piNdq5LIjb3HL2VhMI -----END CERTIFICATE-----Generated at Fri Dec 19 22:49:24 2025 by rpki-client