This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/2eqhGMddc6o7FIDR3NGWx4Ow8E8.roa File: 2eqhGMddc6o7FIDR3NGWx4Ow8E8.roa (raw, json) Hash identifier: z5gVcRgK3Nn9nyPEEaZPlAeofGLHnrjmeBcu5Qk4JJE= Subject key identifier: D9:EA:A1:18:C7:5D:73:AA:3B:14:80:D1:DC:D1:96:C7:83:B0:F0:4F Certificate issuer: /CN=c2fca944458606b1017e26c3ca17430f7ff924b3 Certificate serial: 019B7D5C65FA65225F72F4931FF44E73B9A6 Authority key identifier: C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/2eqhGMddc6o7FIDR3NGWx4Ow8E8.roa Signing time: Fri 02 Jan 2026 06:19:25 +0000 ROA not before: Fri 02 Jan 2026 06:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2107 IP address blocks: 88.200.0.0/17 maxlen: 17 92.244.64.0/19 maxlen: 19 95.87.128.0/18 maxlen: 18 109.127.192.0/18 maxlen: 18 141.255.192.0/18 maxlen: 18 149.62.64.0/18 maxlen: 18 153.5.0.0/16 maxlen: 16 163.159.128.0/17 maxlen: 17 178.172.0.0/17 maxlen: 17 185.13.52.0/22 maxlen: 22 193.2.0.0/16 maxlen: 16 194.249.0.0/16 maxlen: 16 212.235.128.0/17 maxlen: 17 2001:1470::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.mft rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:65:fa:65:22:5f:72:f4:93:1f:f4:4e:73:b9:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c2fca944458606b1017e26c3ca17430f7ff924b3 Validity Not Before: Jan 2 06:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9eaa118c75d73aa3b1480d1dcd196c783b0f04f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:97:20:90:43:68:a6:08:13:d7:1f:4c:d0:9d: 82:5c:5e:88:29:16:f8:15:b1:01:ee:65:74:a5:ef: 13:5c:fe:a3:fa:57:08:c5:63:24:d9:94:8b:28:bc: 94:8a:57:69:5e:d3:c8:df:a7:aa:5b:a7:27:b5:ef: a9:e7:bd:ff:54:37:ad:4f:99:67:e2:65:ff:24:7b: f8:c2:32:f4:2e:02:f8:f0:f7:9e:59:d0:7b:ac:96: 20:29:ee:70:30:75:dd:26:da:9f:57:5b:a0:2b:f8: 03:66:48:87:50:14:a8:ea:9a:b5:9c:18:0d:d7:88: d6:b9:d0:04:eb:4a:33:70:72:35:84:b2:2e:1c:09: 38:e0:1a:f2:88:d2:5a:c7:85:a3:47:a6:45:37:e4: f1:7a:cb:8b:26:c7:1d:48:cf:c5:76:54:4c:93:55: 9c:ab:78:26:27:c7:18:d0:75:17:6f:4a:fd:ff:83: c4:f2:05:0b:74:0c:c3:93:b0:4a:95:63:6d:e0:7f: fd:11:6b:c8:92:03:57:02:eb:cd:eb:89:ca:18:a1: 7c:41:0b:2b:2c:67:48:b8:c8:68:26:27:53:b8:62: df:ff:7d:e4:7c:97:c4:a9:a6:ae:83:64:3f:8e:7d: 7b:39:a1:72:2c:fd:48:da:2f:75:bb:66:7f:5f:03: 74:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:EA:A1:18:C7:5D:73:AA:3B:14:80:D1:DC:D1:96:C7:83:B0:F0:4F X509v3 Authority Key Identifier: keyid:C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/2eqhGMddc6o7FIDR3NGWx4Ow8E8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.200.0.0/17 92.244.64.0/19 95.87.128.0/18 109.127.192.0/18 141.255.192.0/18 149.62.64.0/18 153.5.0.0/16 163.159.128.0/17 178.172.0.0/17 185.13.52.0/22 193.2.0.0/16 194.249.0.0/16 212.235.128.0/17 IPv6: 2001:1470::/29 Signature Algorithm: sha256WithRSAEncryption 5a:3e:c0:69:28:09:de:3d:aa:3c:bc:99:22:d1:14:22:42:63: 70:e3:d7:b3:00:11:4b:a5:ff:63:9d:d3:0a:52:4f:70:27:a9: bf:58:e3:75:4b:6d:60:bb:e3:9e:3e:8c:36:bb:68:87:ec:16: 4f:d4:5d:05:bc:cc:97:83:75:21:0c:f8:83:37:a8:6c:1c:dc: 63:b2:ce:ff:33:47:77:07:75:b1:b4:8a:8c:82:a0:96:a6:6e: ef:83:92:e9:bb:69:3b:23:b9:94:b7:5a:95:f9:58:19:5e:7f: 33:97:2f:a2:aa:81:52:ec:97:4f:ac:39:6d:23:0e:c1:89:8d: 85:2c:c6:60:0e:cc:e9:ab:ae:11:5c:4f:32:bf:8f:a5:0a:b2: 42:07:1f:d7:73:9c:69:61:21:8b:6a:d8:b1:ce:6f:51:d1:23: 4b:e6:85:1d:f6:8d:0f:c0:ac:40:42:15:b6:9f:b5:ab:dc:f7: 52:a4:f2:c0:a9:fb:e6:2b:19:50:62:f7:66:b9:b7:e6:af:7d: a7:5e:68:60:af:a3:35:63:e8:28:7e:90:a5:08:60:ea:0a:2b: 12:d2:0e:c4:4d:0e:d3:8e:d3:90:b6:fe:ca:aa:88:0e:27:ba: e4:8d:46:84:08:f6:50:09:08:b4:a8:51:f2:95:48:03:e5:fd: 0e:2c:de:07 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgISAZt9XGX6ZSJfcvSTH/ROc7mmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMyZmNhOTQ0NDU4NjA2YjEwMTdlMjZjM2NhMTc0MzBmN2Zm OTI0YjMwHhcNMjYwMTAyMDYxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWVhYTExOGM3NWQ3M2FhM2IxNDgwZDFkY2QxOTZjNzgzYjBmMDRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJcgkENopggT1x9M0J2CXF6IKRb4 FbEB7mV0pe8TXP6j+lcIxWMk2ZSLKLyUildpXtPI36eqW6cnte+p573/VDetT5ln 4mX/JHv4wjL0LgL48PeeWdB7rJYgKe5wMHXdJtqfV1ugK/gDZkiHUBSo6pq1nBgN 14jWudAE60ozcHI1hLIuHAk44BryiNJax4WjR6ZFN+TxesuLJscdSM/FdlRMk1Wc q3gmJ8cY0HUXb0r9/4PE8gULdAzDk7BKlWNt4H/9EWvIkgNXAuvN64nKGKF8QQsr LGdIuMhoJidTuGLf/33kfJfEqaaug2Q/jn17OaFyLP1I2i91u2Z/XwN0MwIDAQAB o4ICXTCCAlkwHQYDVR0OBBYEFNnqoRjHXXOqOxSA0dzRlseDsPBPMB8GA1UdIwQY MBaAFML8qURFhgaxAX4mw8oXQw9/+SSzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd3Z5cFJFV0dCckVCZmliRHloZEREM181SkxNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDAzM2MtNWIwMy00NzA5LWI2ZDMt YTg2NWUxODllZDhhLzEvMmVxaEdNZGRjNm83RklEUjNOR1d4NE93OEU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS85MDAzM2MtNWIwMy00NzA5LWI2ZDMtYTg2NWUxODllZDhh LzEvd3Z5cFJFV0dCckVCZmliRHloZEREM181SkxNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwQHWMgAAwQF XPRAAwQGX1eAAwQGbX/AAwQGjf/AAwQGlT5AAwMAmQUDBAejn4ADBAeyrAADBAK5 DTQDAwDBAgMDAML5AwQH1OuAMA0EAgACMAcDBQMgARRwMA0GCSqGSIb3DQEBCwUA A4IBAQBaPsBpKAnePao8vJki0RQiQmNw49ezABFLpf9jndMKUk9wJ6m/WON1S21g u+OePow2u2iH7BZP1F0FvMyXg3UhDPiDN6hsHNxjss7/M0d3B3WxtIqMgqCWpm7v g5Lpu2k7I7mUt1qV+VgZXn8zly+iqoFS7JdPrDltIw7BiY2FLMZgDszpq64RXE8y v4+lCrJCBx/Xc5xpYSGLatixzm9R0SNL5oUd9o0PwKxAQhW2n7Wr3PdSpPLAqfvm KxlQYvdmubfmr32nXmhgr6M1Y+gofpClCGDqCisS0g7ETQ7TjtOQtv7KqogOJ7rk jUaECPZQCQi0qFHylUgD5f0OLN4H -----END CERTIFICATE-----Generated at Fri Jan 2 19:42:47 2026 by rpki-client