This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/69dc6a-e91e-4b3a-934a-b354b78cc969/1/F2IHJrnPyRwbzKo1HP_xqBvLdvQ.roa File: F2IHJrnPyRwbzKo1HP_xqBvLdvQ.roa (raw, json) Hash identifier: FgszxDdrz1FfhJ+T4y5DQNjiDZnx4cEgXP5k1Bjw7eg= Subject key identifier: 17:62:07:26:B9:CF:C9:1C:1B:CC:AA:35:1C:FF:F1:A8:1B:CB:76:F4 Certificate issuer: /CN=8106d994a1219257a3cec9ed91cd189bc3d93b0b Certificate serial: 019B7BA37EFA1C13DA75F39BB51D370AC3A8 Authority key identifier: 81:06:D9:94:A1:21:92:57:A3:CE:C9:ED:91:CD:18:9B:C3:D9:3B:0B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQbZlKEhklejzsntkc0Ym8PZOws.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/69dc6a-e91e-4b3a-934a-b354b78cc969/1/F2IHJrnPyRwbzKo1HP_xqBvLdvQ.roa Signing time: Thu 01 Jan 2026 22:17:51 +0000 ROA not before: Thu 01 Jan 2026 22:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1103 IP address blocks: 134.221.0.0/16 maxlen: 24 192.43.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/69dc6a-e91e-4b3a-934a-b354b78cc969/1/gQbZlKEhklejzsntkc0Ym8PZOws.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/69dc6a-e91e-4b3a-934a-b354b78cc969/1/gQbZlKEhklejzsntkc0Ym8PZOws.mft rsync://rpki.ripe.net/repository/DEFAULT/gQbZlKEhklejzsntkc0Ym8PZOws.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:7e:fa:1c:13:da:75:f3:9b:b5:1d:37:0a:c3:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8106d994a1219257a3cec9ed91cd189bc3d93b0b Validity Not Before: Jan 1 22:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=17620726b9cfc91c1bccaa351cfff1a81bcb76f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0e:46:92:81:d3:ac:39:1b:17:d8:ec:f0:52: d2:e4:ae:9b:0a:5c:b0:b4:47:cb:ce:3a:58:4c:5d: 6c:2a:0d:f8:34:6b:8a:67:10:56:54:41:1e:8f:d5: 52:02:c6:17:28:4e:bb:9c:0f:ba:5c:d8:7d:b4:73: dd:5c:4d:8b:6e:59:2f:43:1c:74:49:d3:74:c7:52: e8:19:7f:31:51:47:47:1c:4a:ec:33:fb:d4:f0:4f: 71:e9:36:a9:6d:d7:9f:38:e2:39:1d:99:e0:8b:ac: fc:18:29:71:1a:24:58:ac:8d:2b:36:1a:45:bf:13: e3:14:68:26:bd:38:61:e9:8b:23:58:2a:cd:ee:c7: dc:01:0d:3e:af:11:34:1f:41:6e:48:2a:ad:26:22: b8:5d:d2:15:2c:c1:03:15:60:23:c1:af:2c:8e:11: a6:ec:10:47:8b:f1:8c:c7:bb:8a:43:cc:4b:6d:08: bd:73:f1:dd:73:1c:23:d3:04:c0:92:e4:81:96:38: 36:85:c6:97:91:79:25:26:ed:f0:29:9c:b3:36:4c: e0:46:ea:89:25:77:32:fd:27:19:9c:3b:46:b5:3b: 5e:4d:8c:53:59:62:e5:42:5e:24:62:71:75:14:ad: ec:98:25:24:e0:62:67:c5:71:d8:df:b0:88:d1:91: 05:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:62:07:26:B9:CF:C9:1C:1B:CC:AA:35:1C:FF:F1:A8:1B:CB:76:F4 X509v3 Authority Key Identifier: keyid:81:06:D9:94:A1:21:92:57:A3:CE:C9:ED:91:CD:18:9B:C3:D9:3B:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQbZlKEhklejzsntkc0Ym8PZOws.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/69dc6a-e91e-4b3a-934a-b354b78cc969/1/F2IHJrnPyRwbzKo1HP_xqBvLdvQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/69dc6a-e91e-4b3a-934a-b354b78cc969/1/gQbZlKEhklejzsntkc0Ym8PZOws.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 134.221.0.0/16 192.43.212.0/24 Signature Algorithm: sha256WithRSAEncryption 39:01:a1:dd:65:d3:0a:3e:48:31:ff:fe:af:e1:af:46:ac:a4: db:f4:63:e8:7b:0a:b7:16:50:10:48:68:eb:a4:be:c1:ec:4b: 4a:7f:1f:e1:be:dd:a4:a4:fe:32:eb:74:6f:b2:32:09:56:7c: 40:42:31:a3:3a:69:a6:47:9b:f9:db:64:48:95:0f:3a:a2:fc: b8:a8:02:69:df:e1:98:12:d3:21:fc:f4:3c:f3:15:bf:4c:4a: f7:6a:08:ee:1b:2c:07:a3:46:c2:24:38:2d:4f:6d:d1:59:cd: 8b:6e:c5:c3:10:54:b4:de:70:95:77:9d:31:d8:cb:64:b0:07: 0f:2a:2a:35:8e:81:84:62:52:ba:06:28:26:5e:92:64:12:d2: 89:66:e6:5e:2c:26:94:de:5c:29:c9:69:e6:b5:42:76:92:7d: df:1d:ae:ac:8d:53:e3:98:27:75:ef:80:96:14:95:ac:ec:bf: ec:28:99:db:f0:0b:b4:ca:7a:96:c0:79:31:82:f8:40:e1:7f: 38:2f:29:fd:c8:ad:07:47:b1:9a:ba:85:a5:f3:7a:b7:fb:57: 46:e2:96:72:1b:e2:b7:07:79:48:1f:c9:3a:e7:3a:a7:39:11: a8:4b:77:dd:23:ba:29:e2:44:7b:ee:c0:68:08:7a:d2:1b:e2: 6d:f5:3e:a0 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt7o376HBPadfObtR03CsOoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxMDZkOTk0YTEyMTkyNTdhM2NlYzllZDkxY2QxODliYzNk OTNiMGIwHhcNMjYwMTAxMjIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNzYyMDcyNmI5Y2ZjOTFjMWJjY2FhMzUxY2ZmZjFhODFiY2I3NmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw5GkoHTrDkbF9js8FLS5K6bClyw tEfLzjpYTF1sKg34NGuKZxBWVEEej9VSAsYXKE67nA+6XNh9tHPdXE2LblkvQxx0 SdN0x1LoGX8xUUdHHErsM/vU8E9x6TapbdefOOI5HZngi6z8GClxGiRYrI0rNhpF vxPjFGgmvThh6YsjWCrN7sfcAQ0+rxE0H0FuSCqtJiK4XdIVLMEDFWAjwa8sjhGm 7BBHi/GMx7uKQ8xLbQi9c/Hdcxwj0wTAkuSBljg2hcaXkXklJu3wKZyzNkzgRuqJ JXcy/ScZnDtGtTteTYxTWWLlQl4kYnF1FK3smCUk4GJnxXHY37CI0ZEFsQIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFBdiBya5z8kcG8yqNRz/8agby3b0MB8GA1UdIwQY MBaAFIEG2ZShIZJXo87J7ZHNGJvD2TsLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1FiWmxLRWhrbGVqenNudGtjMFltOFBaT3dzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy82OWRjNmEtZTkxZS00YjNhLTkzNGEt YjM1NGI3OGNjOTY5LzEvRjJJSEpyblB5UndiektvMUhQX3hxQnZMZHZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy82OWRjNmEtZTkxZS00YjNhLTkzNGEtYjM1NGI3OGNjOTY5 LzEvZ1FiWmxLRWhrbGVqenNudGtjMFltOFBaT3dzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAht0DBADA K9QwDQYJKoZIhvcNAQELBQADggEBADkBod1l0wo+SDH//q/hr0aspNv0Y+h7CrcW UBBIaOukvsHsS0p/H+G+3aSk/jLrdG+yMglWfEBCMaM6aaZHm/nbZEiVDzqi/Lio Amnf4ZgS0yH89DzzFb9MSvdqCO4bLAejRsIkOC1PbdFZzYtuxcMQVLTecJV3nTHY y2SwBw8qKjWOgYRiUroGKCZekmQS0olm5l4sJpTeXCnJaea1QnaSfd8drqyNU+OY J3XvgJYUlazsv+womdvwC7TKepbAeTGC+EDhfzgvKf3IrQdHsZq6haXzerf7V0bi lnIb4rcHeUgfyTrnOqc5EahLd90juiniRHvuwGgIetIb4m31PqA= -----END CERTIFICATE-----Generated at Sat Jan 3 06:19:31 2026 by rpki-client