This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/2ltBc4GhtfxzLWKlvi-1z9vcpjE.roa File: 2ltBc4GhtfxzLWKlvi-1z9vcpjE.roa (raw, json) Hash identifier: pzJvlCBDnp+7HT6AHZlJGs5XYxihBzZrRyUC6E1JEO4= Subject key identifier: DA:5B:41:73:81:A1:B5:FC:73:2D:62:A5:BE:2F:B5:CF:DB:DC:A6:31 Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777 Certificate serial: 019B04ADFB85E82BB1B5FF4A125724C858D9 Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/2ltBc4GhtfxzLWKlvi-1z9vcpjE.roa Signing time: Tue 09 Dec 2025 19:54:29 +0000 ROA not before: Tue 09 Dec 2025 19:54:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 13150 IP address blocks: 85.255.16.0/24 maxlen: 24 85.255.17.0/24 maxlen: 24 85.255.19.0/24 maxlen: 24 85.255.20.0/24 maxlen: 24 85.255.21.0/24 maxlen: 24 85.255.22.0/24 maxlen: 24 85.255.23.0/24 maxlen: 24 85.255.24.0/24 maxlen: 24 85.255.25.0/24 maxlen: 24 85.255.26.0/24 maxlen: 24 85.255.27.0/24 maxlen: 24 85.255.28.0/24 maxlen: 24 85.255.29.0/24 maxlen: 24 85.255.30.0/24 maxlen: 24 85.255.31.0/24 maxlen: 24 159.117.224.0/24 maxlen: 24 159.117.225.0/24 maxlen: 24 159.117.226.0/24 maxlen: 24 159.117.227.0/24 maxlen: 24 159.117.229.0/24 maxlen: 24 159.117.230.0/24 maxlen: 24 159.117.231.0/24 maxlen: 24 159.117.232.0/24 maxlen: 24 159.117.233.0/24 maxlen: 24 159.117.234.0/24 maxlen: 24 185.114.120.0/24 maxlen: 24 185.114.121.0/24 maxlen: 24 185.114.122.0/24 maxlen: 24 185.114.123.0/24 maxlen: 24 209.206.0.0/24 maxlen: 24 209.206.1.0/24 maxlen: 24 209.206.2.0/24 maxlen: 24 209.206.3.0/24 maxlen: 24 209.206.4.0/24 maxlen: 24 209.206.5.0/24 maxlen: 24 209.206.6.0/24 maxlen: 24 209.206.7.0/24 maxlen: 24 209.206.8.0/24 maxlen: 24 209.206.9.0/24 maxlen: 24 209.206.10.0/24 maxlen: 24 209.206.11.0/24 maxlen: 24 209.206.12.0/24 maxlen: 24 209.206.13.0/24 maxlen: 24 209.206.14.0/24 maxlen: 24 209.206.15.0/24 maxlen: 24 209.206.16.0/24 maxlen: 24 209.206.17.0/24 maxlen: 24 209.206.18.0/24 maxlen: 24 209.206.19.0/24 maxlen: 24 209.206.20.0/24 maxlen: 24 209.206.21.0/24 maxlen: 24 209.206.22.0/24 maxlen: 24 209.206.23.0/24 maxlen: 24 209.206.24.0/24 maxlen: 24 209.206.25.0/24 maxlen: 24 209.206.26.0/24 maxlen: 24 209.206.27.0/24 maxlen: 24 209.206.28.0/24 maxlen: 24 209.206.29.0/24 maxlen: 24 209.206.30.0/24 maxlen: 24 209.206.31.0/24 maxlen: 24 216.252.176.0/24 maxlen: 24 216.252.177.0/24 maxlen: 24 216.252.178.0/24 maxlen: 24 216.252.179.0/24 maxlen: 24 216.252.180.0/24 maxlen: 24 216.252.181.0/24 maxlen: 24 216.252.182.0/24 maxlen: 24 216.252.183.0/24 maxlen: 24 216.252.184.0/24 maxlen: 24 216.252.185.0/24 maxlen: 24 216.252.186.0/24 maxlen: 24 216.252.187.0/24 maxlen: 24 216.252.189.0/24 maxlen: 24 216.252.190.0/24 maxlen: 24 216.252.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 07:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:04:ad:fb:85:e8:2b:b1:b5:ff:4a:12:57:24:c8:58:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777 Validity Not Before: Dec 9 19:54:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=da5b417381a1b5fc732d62a5be2fb5cfdbdca631 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ae:f5:6a:b9:b7:43:af:b2:ad:13:6e:cd:2e: 14:ef:72:46:6a:fd:40:c3:6c:b0:2f:35:19:7e:c3: 95:15:f0:c6:3c:cb:69:78:4f:a8:9e:d1:7b:cf:b3: 30:93:c3:31:23:e3:72:89:c2:59:c0:b4:63:ee:45: 49:93:97:45:c2:bb:de:42:b1:83:1f:e3:5f:0a:f5: 5b:1d:19:5f:fb:46:60:4f:2f:18:c1:c4:87:02:b4: 98:68:f8:8e:95:af:6f:83:0c:e7:77:ad:2c:69:71: b1:02:2f:b4:17:9d:16:c8:45:b1:82:e9:5a:48:e4: 4e:2c:71:35:32:86:1e:d2:9f:3f:ba:db:bf:de:b7: 56:f1:7b:82:d0:b5:c8:4a:b8:d2:ba:74:3f:66:e5: 07:c1:20:fc:ee:2a:04:3e:35:97:a0:48:47:db:51: 82:90:9a:4b:d2:ae:6e:d6:4c:af:c0:b2:24:0d:32: a4:a8:33:5d:02:6a:cf:d8:03:9d:27:b2:ee:17:9c: 78:4c:8b:42:d0:b3:f3:d1:a1:b6:47:26:b6:c8:55: d4:ae:f4:60:62:f4:a0:55:cf:86:81:ec:cb:3c:95: b1:67:ad:77:9a:7f:6c:a8:1a:80:16:fb:31:78:d1: ca:e2:e6:5d:f4:9a:f1:c2:be:22:ef:a7:fc:f3:57: 73:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:5B:41:73:81:A1:B5:FC:73:2D:62:A5:BE:2F:B5:CF:DB:DC:A6:31 X509v3 Authority Key Identifier: keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/2ltBc4GhtfxzLWKlvi-1z9vcpjE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.255.16.0/23 85.255.19.0-85.255.31.255 159.117.224.0/22 159.117.229.0-159.117.234.255 185.114.120.0/22 209.206.0.0/19 216.252.176.0-216.252.187.255 216.252.189.0-216.252.191.255 Signature Algorithm: sha256WithRSAEncryption 7a:7a:81:50:54:a8:ba:14:61:6b:9e:f1:26:3d:04:9f:7e:56: 8a:4a:56:03:b6:a3:b8:eb:9e:6e:b6:61:dc:07:0b:b8:1a:42: 7c:87:e6:da:c0:55:14:73:ba:66:ce:c3:49:73:58:d4:cc:25: e7:a4:17:41:ac:89:d2:18:60:40:3c:ea:20:de:7b:c0:63:0c: 39:d4:f4:89:f1:aa:12:e8:ff:d5:ea:ce:d1:17:d0:ba:65:cc: b5:66:67:b7:1f:81:f4:ff:31:89:4e:85:9a:92:6f:9a:b9:80: 12:a4:4f:bf:4b:2a:9a:02:6e:40:33:72:10:72:2d:a8:b4:d3: ee:e8:20:e9:2d:ba:ed:15:55:18:ed:c6:59:36:24:21:1b:51: e3:7b:78:49:83:19:06:5a:d4:f6:f2:08:c9:fc:d7:9f:be:57: 89:ce:d6:82:37:01:f1:91:03:0d:94:d0:3d:9d:60:4b:0d:7f: 61:f8:f7:17:fd:08:ba:57:cc:25:ec:c7:28:98:37:84:72:d3: 5c:b4:71:bd:42:8f:40:06:c8:b9:6f:80:b3:a4:ce:ff:38:0a: b2:b7:20:cb:02:1e:e5:03:b6:ac:99:7b:41:ac:9a:64:b2:d6: 39:d8:89:cd:34:82:0d:99:00:56:0f:9f:16:14:fe:c4:45:a9: cd:a0:33:83 -----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgISAZsErfuF6Cuxtf9KElckyFjZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm N2U3NzcwHhcNMjUxMjA5MTk1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTViNDE3MzgxYTFiNWZjNzMyZDYyYTViZTJmYjVjZmRiZGNhNjMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK71arm3Q6+yrRNuzS4U73JGav1A w2ywLzUZfsOVFfDGPMtpeE+ontF7z7Mwk8MxI+NyicJZwLRj7kVJk5dFwrveQrGD H+NfCvVbHRlf+0ZgTy8YwcSHArSYaPiOla9vgwznd60saXGxAi+0F50WyEWxgula SOROLHE1MoYe0p8/utu/3rdW8XuC0LXISrjSunQ/ZuUHwSD87ioEPjWXoEhH21GC kJpL0q5u1kyvwLIkDTKkqDNdAmrP2AOdJ7LuF5x4TItC0LPz0aG2Rya2yFXUrvRg YvSgVc+GgezLPJWxZ613mn9sqBqAFvsxeNHK4uZd9Jrxwr4i76f881dzJwIDAQAB o4ICUzCCAk8wHQYDVR0OBBYEFNpbQXOBobX8cy1ipb4vtc/b3KYxMB8GA1UdIwQY MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt YzE5OWM3YjRjYWMyLzEvMmx0QmM0R2h0Znh6TFdLbHZpLTF6OXZjcGpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBVf8QMAwD BABV/xMDBAVV/wADBAKfdeAwDAMEAJ915QMEAJ916gMEArlyeAMEBdHOADAMAwQE 2PywAwQC2Py4MAwDBADY/L0DBAbY/IAwDQYJKoZIhvcNAQELBQADggEBAHp6gVBU qLoUYWue8SY9BJ9+VopKVgO2o7jrnm62YdwHC7gaQnyH5trAVRRzumbOw0lzWNTM JeekF0GsidIYYEA86iDee8BjDDnU9InxqhLo/9XqztEX0LplzLVmZ7cfgfT/MYlO hZqSb5q5gBKkT79LKpoCbkAzchByLai00+7oIOktuu0VVRjtxlk2JCEbUeN7eEmD GQZa1PbyCMn815++V4nO1oI3AfGRAw2U0D2dYEsNf2H49xf9CLpXzCXsxyiYN4Ry 01y0cb1Cj0AGyLlvgLOkzv84CrK3IMsCHuUDtqyZe0GsmmSy1jnYic00gg2ZAFYP nxYU/sRFqc2gM4M= -----END CERTIFICATE-----Generated at Wed Dec 17 15:10:32 2025 by rpki-client