This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/2krvIRPRsTOPomVMfCPNZSLLFks.roa File: 2krvIRPRsTOPomVMfCPNZSLLFks.roa (raw, json) Hash identifier: P0BkghxyDkTPiHFvyXDN/scxvrKFV/bbDjO/nIHvYBI= Subject key identifier: DA:4A:EF:21:13:D1:B1:33:8F:A2:65:4C:7C:23:CD:65:22:CB:16:4B Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd Certificate serial: 019B791087C2AB4BD47710DA4FA955B088B2 Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/2krvIRPRsTOPomVMfCPNZSLLFks.roa Signing time: Thu 01 Jan 2026 10:18:05 +0000 ROA not before: Thu 01 Jan 2026 10:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210398 IP address blocks: 83.217.238.128/26 maxlen: 26 83.231.149.64/28 maxlen: 28 213.130.47.32/28 maxlen: 28 213.130.49.64/26 maxlen: 26 2001:728:1404::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.mft rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:87:c2:ab:4b:d4:77:10:da:4f:a9:55:b0:88:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd Validity Not Before: Jan 1 10:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da4aef2113d1b1338fa2654c7c23cd6522cb164b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a7:1f:ba:52:b5:ca:05:ce:10:8f:be:eb:d7: df:bd:2d:56:7f:82:23:62:55:8a:c9:67:a2:a5:7f: eb:01:3e:f8:58:d7:6f:43:94:27:f1:29:0b:6b:f3: b2:32:af:1f:21:d3:f0:ad:fa:a9:27:25:5b:3e:75: db:e9:3e:da:cb:59:8a:0c:56:41:5d:05:41:5b:4d: 53:51:7f:dd:77:1b:c5:38:d8:91:eb:2c:43:78:46: c0:b1:75:f2:75:43:43:4f:36:92:c8:c3:9c:25:83: 0d:6e:fb:cb:72:dd:4a:c0:bb:d9:c1:4d:5e:10:3a: 24:43:84:6c:dc:ca:a0:90:af:2b:c6:46:e7:f1:a2: f3:3b:8c:bc:cc:1e:53:08:4b:d6:d0:dd:e1:ee:cb: 2e:76:e4:99:b3:0c:da:3f:5a:37:f9:45:8f:7c:04: 75:84:ba:01:ac:eb:6b:64:b0:0b:fa:18:54:c7:e2: 36:3e:50:14:95:e1:db:46:bc:17:e4:8d:9e:6b:5a: c0:e9:5d:7e:d3:a2:6a:20:6e:c1:9a:22:28:55:75: f7:34:4d:1e:49:49:cb:ec:f5:dd:d8:3f:d3:2a:a1: fe:01:ba:0b:d9:83:4a:9b:30:76:df:2f:bd:68:51: 96:ed:35:3e:2d:2a:6b:62:1a:7c:b8:b2:9a:57:b7: a3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:4A:EF:21:13:D1:B1:33:8F:A2:65:4C:7C:23:CD:65:22:CB:16:4B X509v3 Authority Key Identifier: keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/2krvIRPRsTOPomVMfCPNZSLLFks.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.217.238.128/26 83.231.149.64/28 213.130.47.32/28 213.130.49.64/26 IPv6: 2001:728:1404::/48 Signature Algorithm: sha256WithRSAEncryption 71:85:8d:45:42:10:8e:ac:14:b4:d4:8e:b1:27:f8:e5:05:3d: ba:70:23:2f:23:3e:60:e7:fa:bc:85:98:c4:1c:1f:24:ed:33: 45:26:43:01:78:01:66:10:4b:d6:4b:dd:e6:b5:9c:b5:ef:9c: dd:85:f5:0b:1a:80:fb:54:e1:97:98:0a:b8:7d:cb:cd:f4:cf: a7:14:b1:e0:74:43:cd:ba:0a:15:e4:9f:65:4f:23:81:12:98: fb:8e:a6:cc:49:6a:10:56:31:bc:e8:55:8b:85:c1:78:e6:b9: cf:ec:72:e4:8b:0c:e1:2e:10:48:37:e8:5b:11:e4:55:e9:3c: 9d:0e:6b:d3:c6:8a:ed:a3:6d:a4:1d:73:9c:2d:26:ac:99:2f: 81:e2:df:9c:02:08:ea:57:13:36:30:36:45:6e:f6:d5:75:83: 95:dc:5e:4e:76:1a:3a:bd:58:8b:7c:94:bc:3e:7d:88:bf:d3: b8:0d:04:d0:e7:3f:67:46:2c:5f:1b:30:1b:d4:4a:b5:ff:57: 92:73:20:ee:30:fd:5a:30:97:24:b6:eb:4d:58:86:59:32:90: 4b:26:79:48:4c:b3:1b:ec:2d:bd:77:dd:21:59:09:11:61:51: 3b:05:31:d3:17:1e:2a:86:91:30:6f:7d:6c:00:f3:67:1f:5c: 91:e3:a2:1a -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt5EIfCq0vUdxDaT6lVsIiyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4 ZDIyZmQwHhcNMjYwMTAxMTAxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTRhZWYyMTEzZDFiMTMzOGZhMjY1NGM3YzIzY2Q2NTIyY2IxNjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqcfulK1ygXOEI++69ffvS1Wf4Ij YlWKyWeipX/rAT74WNdvQ5Qn8SkLa/OyMq8fIdPwrfqpJyVbPnXb6T7ay1mKDFZB XQVBW01TUX/ddxvFONiR6yxDeEbAsXXydUNDTzaSyMOcJYMNbvvLct1KwLvZwU1e EDokQ4Rs3MqgkK8rxkbn8aLzO4y8zB5TCEvW0N3h7ssuduSZswzaP1o3+UWPfAR1 hLoBrOtrZLAL+hhUx+I2PlAUleHbRrwX5I2ea1rA6V1+06JqIG7BmiIoVXX3NE0e SUnL7PXd2D/TKqH+AboL2YNKmzB23y+9aFGW7TU+LSprYhp8uLKaV7ejDQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFNpK7yET0bEzj6JlTHwjzWUiyxZLMB8GA1UdIwQY MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt NzgwYTI1Y2QwZGQ5LzEvMmtydklSUFJzVE9Qb21WTWZDUE5aU0xMRmtzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5 LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcAwUGU9nugAMF BFPnlUADBQTVgi8gAwUG1YIxQDAPBAIAAjAJAwcAIAEHKBQEMA0GCSqGSIb3DQEB CwUAA4IBAQBxhY1FQhCOrBS01I6xJ/jlBT26cCMvIz5g5/q8hZjEHB8k7TNFJkMB eAFmEEvWS93mtZy175zdhfULGoD7VOGXmAq4fcvN9M+nFLHgdEPNugoV5J9lTyOB Epj7jqbMSWoQVjG86FWLhcF45rnP7HLkiwzhLhBIN+hbEeRV6TydDmvTxorto22k HXOcLSasmS+B4t+cAgjqVxM2MDZFbvbVdYOV3F5Odho6vViLfJS8Pn2Iv9O4DQTQ 5z9nRixfGzAb1Eq1/1eScyDuMP1aMJcktutNWIZZMpBLJnlITLMb7C29d90hWQkR YVE7BTHTFx4qhpEwb31sAPNnH1yR46Ia -----END CERTIFICATE-----Generated at Mon Jan 12 12:34:26 2026 by rpki-client