This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/2bvqhGwQ0lPcBuBDG9_LfRJJmS0.roa File: 2bvqhGwQ0lPcBuBDG9_LfRJJmS0.roa (raw, json) Hash identifier: CH2b5UD+d3clq2chE/+n6piPoX52uVJBt2iOc7QC1hY= Subject key identifier: D9:BB:EA:84:6C:10:D2:53:DC:06:E0:43:1B:DF:CB:7D:12:49:99:2D Certificate issuer: /CN=ea846006cf8b9e388f31451358092502cecc1136 Certificate serial: 019B7834764162A29E801FA18CFF0B9FCC79 Authority key identifier: EA:84:60:06:CF:8B:9E:38:8F:31:45:13:58:09:25:02:CE:CC:11:36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6oRgBs-LnjiPMUUTWAklAs7METY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/2bvqhGwQ0lPcBuBDG9_LfRJJmS0.roa Signing time: Thu 01 Jan 2026 06:17:42 +0000 ROA not before: Thu 01 Jan 2026 06:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207252 IP address blocks: 91.197.55.0/24 maxlen: 24 2a06:8ac0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/6oRgBs-LnjiPMUUTWAklAs7METY.crl rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/6oRgBs-LnjiPMUUTWAklAs7METY.mft rsync://rpki.ripe.net/repository/DEFAULT/6oRgBs-LnjiPMUUTWAklAs7METY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:76:41:62:a2:9e:80:1f:a1:8c:ff:0b:9f:cc:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ea846006cf8b9e388f31451358092502cecc1136 Validity Not Before: Jan 1 06:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9bbea846c10d253dc06e0431bdfcb7d1249992d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4d:93:0e:3d:83:37:0d:ab:52:74:cf:7f:61: 15:86:09:24:bc:59:2c:4d:ab:55:95:45:8b:88:71: 4e:e5:82:bb:17:21:89:1b:8e:e3:bd:81:69:67:ee: 7b:cd:1b:7d:d5:c8:f5:75:cb:c3:bc:e0:17:c1:79: eb:c7:b3:ae:3f:04:77:28:97:b6:bd:3f:0a:3e:b7: 5e:62:1d:bd:19:ae:24:5a:c6:37:d6:65:d6:79:ee: fd:c0:73:55:bb:90:92:bb:21:86:ea:4a:48:4b:a6: 94:48:5a:0a:cf:aa:ea:aa:4b:a5:a8:24:63:aa:35: 1c:c3:5a:25:1a:55:e3:b4:c2:08:e8:15:bc:73:b2: 9d:81:9d:34:79:7a:3d:73:10:2c:01:55:62:57:ce: 77:bf:2e:bf:72:53:fc:b3:27:7c:16:ac:28:56:3d: 71:3e:1f:35:08:75:15:49:21:e3:c6:05:cd:b8:dd: 48:e3:29:bb:4f:ad:fd:47:db:a8:bc:78:b0:12:fa: 74:3c:bd:de:2d:f8:f3:2b:46:3f:70:a5:98:a8:3c: bf:26:6f:af:8f:88:23:2e:4d:4b:bb:3b:1b:c0:75: d1:cd:2b:13:d6:5a:70:74:70:8e:2a:93:67:15:d9: 7f:5a:05:2e:d6:eb:33:d0:84:58:2c:26:4c:68:1b: 96:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:BB:EA:84:6C:10:D2:53:DC:06:E0:43:1B:DF:CB:7D:12:49:99:2D X509v3 Authority Key Identifier: keyid:EA:84:60:06:CF:8B:9E:38:8F:31:45:13:58:09:25:02:CE:CC:11:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6oRgBs-LnjiPMUUTWAklAs7METY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/2bvqhGwQ0lPcBuBDG9_LfRJJmS0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/21cd77-1eca-46b9-9aba-f74cccc4e0a1/1/6oRgBs-LnjiPMUUTWAklAs7METY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.55.0/24 IPv6: 2a06:8ac0::/44 Signature Algorithm: sha256WithRSAEncryption ba:f7:80:96:25:88:4b:c5:e8:39:8e:4b:ab:17:bd:b3:f4:9a: 4b:1c:36:93:0b:38:d5:76:53:9e:ee:45:e0:b3:27:b2:14:ca: e4:a2:59:54:a9:97:27:42:ac:3b:62:73:c7:55:8e:74:3e:d8: bd:9b:0e:43:cc:d4:45:51:98:70:a8:63:27:d7:56:f5:86:41: 48:fc:34:13:0a:50:1f:eb:63:54:74:67:7c:ea:50:1b:94:0a: ab:ed:f4:84:f9:cf:4f:e3:40:27:67:40:2c:e6:37:fc:46:de: ba:73:c9:21:27:69:46:e5:d3:fc:92:6f:64:a8:87:f3:cd:3e: 0c:38:6a:1a:28:85:d1:62:4e:fb:2a:41:46:16:c0:80:c8:90: 34:33:c0:c0:f6:06:d5:47:d6:97:3c:9e:5e:8f:a7:14:49:88: 9d:04:a7:7e:15:db:8d:24:5f:5a:10:91:26:4a:a0:f5:69:1b: d3:2b:72:53:70:87:06:a9:1c:b7:66:43:35:13:62:d7:ad:3a: f9:38:b0:e0:3b:3b:ba:68:1f:46:60:bc:61:96:c7:f9:4f:5f: 92:59:03:41:91:4e:60:59:91:3c:5a:10:68:f7:ad:4d:d5:d2: 4a:5c:fc:f7:90:ee:ef:53:a3:a3:d7:97:85:cd:1c:7d:95:92: 95:93:79:04 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4NHZBYqKegB+hjP8Ln8x5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVhODQ2MDA2Y2Y4YjllMzg4ZjMxNDUxMzU4MDkyNTAyY2Vj YzExMzYwHhcNMjYwMTAxMDYxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWJiZWE4NDZjMTBkMjUzZGMwNmUwNDMxYmRmY2I3ZDEyNDk5OTJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE2TDj2DNw2rUnTPf2EVhgkkvFks TatVlUWLiHFO5YK7FyGJG47jvYFpZ+57zRt91cj1dcvDvOAXwXnrx7OuPwR3KJe2 vT8KPrdeYh29Ga4kWsY31mXWee79wHNVu5CSuyGG6kpIS6aUSFoKz6rqqkulqCRj qjUcw1olGlXjtMII6BW8c7KdgZ00eXo9cxAsAVViV853vy6/clP8syd8FqwoVj1x Ph81CHUVSSHjxgXNuN1I4ym7T639R9uovHiwEvp0PL3eLfjzK0Y/cKWYqDy/Jm+v j4gjLk1LuzsbwHXRzSsT1lpwdHCOKpNnFdl/WgUu1usz0IRYLCZMaBuWnQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNm76oRsENJT3AbgQxvfy30SSZktMB8GA1UdIwQY MBaAFOqEYAbPi544jzFFE1gJJQLOzBE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNm9SZ0JzLUxuamlQTVVVVFdBa2xBczdNRVRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMWNkNzctMWVjYS00NmI5LTlhYmEt Zjc0Y2NjYzRlMGExLzEvMmJ2cWhHd1EwbFBjQnVCREc5X0xmUkpKbVMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi8yMWNkNzctMWVjYS00NmI5LTlhYmEtZjc0Y2NjYzRlMGEx LzEvNm9SZ0JzLUxuamlQTVVVVFdBa2xBczdNRVRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8U3MA8E AgACMAkDBwQqBorAAAAwDQYJKoZIhvcNAQELBQADggEBALr3gJYliEvF6DmOS6sX vbP0mkscNpMLONV2U57uReCzJ7IUyuSiWVSplydCrDtic8dVjnQ+2L2bDkPM1EVR mHCoYyfXVvWGQUj8NBMKUB/rY1R0Z3zqUBuUCqvt9IT5z0/jQCdnQCzmN/xG3rpz ySEnaUbl0/ySb2Soh/PNPgw4ahoohdFiTvsqQUYWwIDIkDQzwMD2BtVH1pc8nl6P pxRJiJ0Ep34V240kX1oQkSZKoPVpG9MrclNwhwapHLdmQzUTYtetOvk4sOA7O7po H0ZgvGGWx/lPX5JZA0GRTmBZkTxaEGj3rU3V0kpc/PeQ7u9To6PXl4XNHH2VkpWT eQQ= -----END CERTIFICATE-----Generated at Tue Jan 20 00:56:00 2026 by rpki-client