This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/2Y_-mHGnzxUPlZ_jGKRDY2NiGkQ.roa File: 2Y_-mHGnzxUPlZ_jGKRDY2NiGkQ.roa (raw, json) Hash identifier: l4MC4MCnTo9aK0gBX0Y1Dtyc7m8oK3j/OFRHObo5fQ8= Subject key identifier: D9:8F:FE:98:71:A7:CF:15:0F:95:9F:E3:18:A4:43:63:63:62:1A:44 Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731 Certificate serial: 019B7C135B90F742897EBBCF07146AFC27E2 Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/2Y_-mHGnzxUPlZ_jGKRDY2NiGkQ.roa Signing time: Fri 02 Jan 2026 00:20:01 +0000 ROA not before: Fri 02 Jan 2026 00:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12302 IP address blocks: 89.35.0.0/23 maxlen: 24 89.40.42.0/24 maxlen: 24 194.26.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:5b:90:f7:42:89:7e:bb:cf:07:14:6a:fc:27:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731 Validity Not Before: Jan 2 00:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d98ffe9871a7cf150f959fe318a4436363621a44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8a:f4:c2:3e:cd:87:ff:41:88:39:81:18:17: 3e:92:56:3d:be:eb:5b:f8:32:c4:0f:2a:8f:89:65: 0f:4e:b3:3f:c4:34:d8:e4:d3:cb:3d:81:de:e6:c5: 3f:f6:83:63:10:08:f9:88:d3:b4:77:06:f4:00:b8: f0:ea:31:a4:7e:17:bb:46:30:46:fe:aa:b9:5c:53: 7d:bd:0c:6d:13:91:34:0e:09:6b:5f:0f:07:50:61: b3:34:ea:24:0e:d8:54:73:3b:e9:52:fb:bb:13:b0: 82:74:de:32:0a:12:d0:07:90:9e:72:86:ee:c5:cd: 9f:06:a6:40:e9:06:57:a7:be:af:3b:e9:b5:ad:1b: 3c:65:e4:00:92:f8:92:95:25:cb:52:c2:9c:58:ad: c1:10:09:d1:02:f4:6e:50:8b:24:f8:7e:9c:51:4e: 36:ea:8b:9f:d9:fe:7b:70:cd:b4:f2:b2:86:ea:48: b3:da:c6:d7:5d:71:18:66:c0:13:c4:8c:26:12:ab: 97:2b:1b:80:df:70:ae:1b:bb:13:4d:b2:b5:f3:30: db:b2:91:df:71:3b:c9:2e:45:af:5f:fa:c7:cd:36: 0a:70:5e:c4:e8:17:e8:44:13:b9:4f:05:e6:45:a3: 5c:26:35:78:18:df:2f:37:15:d0:3b:76:57:6a:65: 0d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:8F:FE:98:71:A7:CF:15:0F:95:9F:E3:18:A4:43:63:63:62:1A:44 X509v3 Authority Key Identifier: keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/2Y_-mHGnzxUPlZ_jGKRDY2NiGkQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.35.0.0/23 89.40.42.0/24 194.26.128.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:da:1b:ca:fb:57:7c:bf:6a:29:84:05:6b:9c:e6:ae:c7:58: 83:2d:76:1f:62:c1:df:21:be:17:07:69:32:64:4f:78:be:22: 55:30:34:87:40:9c:61:6b:9b:2c:c8:25:8d:6e:3b:bf:d9:5f: 74:8b:bf:68:17:5f:c7:72:10:4c:7d:f5:d6:76:68:c0:f0:a1: b7:2c:b5:95:5f:74:85:00:5b:38:7f:7f:b7:3f:b4:f7:03:c0: a7:82:d4:34:a0:77:e4:a1:d4:af:de:67:6f:e9:55:fb:7e:70: 96:13:f2:5b:7e:a4:24:77:58:fa:3a:04:28:6a:aa:3c:5f:80: fc:70:d8:8b:e0:c8:10:b7:9c:45:9f:4a:45:b9:9e:d1:af:bd: 36:c0:be:45:3f:49:56:ca:48:03:ce:e8:a6:ed:53:54:a3:b8: ba:9d:ee:c3:5d:dd:a7:5e:e7:24:58:a3:53:2c:86:f9:22:3b: d9:b9:3e:ad:9f:c9:2b:c5:1f:d4:f1:f4:d0:bd:64:c4:34:04: 75:7e:51:b6:03:09:bf:0f:a1:ab:1e:b2:56:30:0c:21:8f:8c: 64:0d:d8:85:d7:33:f3:3a:82:02:12:f9:38:65:95:4d:50:8e: 71:59:18:23:8c:80:bf:2b:53:c3:8c:a2:79:bd:67:0b:69:55: aa:04:26:0b -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8E1uQ90KJfrvPBxRq/CfiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz NjE3MzEwHhcNMjYwMTAyMDAyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOThmZmU5ODcxYTdjZjE1MGY5NTlmZTMxOGE0NDM2MzYzNjIxYTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwor0wj7Nh/9BiDmBGBc+klY9vutb +DLEDyqPiWUPTrM/xDTY5NPLPYHe5sU/9oNjEAj5iNO0dwb0ALjw6jGkfhe7RjBG /qq5XFN9vQxtE5E0DglrXw8HUGGzNOokDthUczvpUvu7E7CCdN4yChLQB5Cecobu xc2fBqZA6QZXp76vO+m1rRs8ZeQAkviSlSXLUsKcWK3BEAnRAvRuUIsk+H6cUU42 6ouf2f57cM208rKG6kiz2sbXXXEYZsATxIwmEquXKxuA33CuG7sTTbK18zDbspHf cTvJLkWvX/rHzTYKcF7E6BfoRBO5TwXmRaNcJjV4GN8vNxXQO3ZXamUNswIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNmP/phxp88VD5Wf4xikQ2NjYhpEMB8GA1UdIwQY MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt ODQyODU4MTIyYmJjLzEvMllfLW1IR256eFVQbFpfakdLUkRZMk5pR2tRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSMAAwQA WSgqAwQAwhqAMA0GCSqGSIb3DQEBCwUAA4IBAQAc2hvK+1d8v2ophAVrnOaux1iD LXYfYsHfIb4XB2kyZE94viJVMDSHQJxha5ssyCWNbju/2V90i79oF1/HchBMffXW dmjA8KG3LLWVX3SFAFs4f3+3P7T3A8CngtQ0oHfkodSv3mdv6VX7fnCWE/JbfqQk d1j6OgQoaqo8X4D8cNiL4MgQt5xFn0pFuZ7Rr702wL5FP0lWykgDzuim7VNUo7i6 ne7DXd2nXuckWKNTLIb5IjvZuT6tn8krxR/U8fTQvWTENAR1flG2Awm/D6GrHrJW MAwhj4xkDdiF1zPzOoICEvk4ZZVNUI5xWRgjjIC/K1PDjKJ5vWcLaVWqBCYL -----END CERTIFICATE-----Generated at Wed Jan 7 22:31:02 2026 by rpki-client