This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/cO4n71Ca1KW9YOy3Lk5tseYgVLs.roa File: cO4n71Ca1KW9YOy3Lk5tseYgVLs.roa (raw, json) Hash identifier: mIrTwfJ5XFJdShmQyd6p7zVMdef2lZJKuLHzMy3HxFU= Subject key identifier: 70:EE:27:EF:50:9A:D4:A5:BD:60:EC:B7:2E:4E:6D:B1:E6:20:54:BB Certificate issuer: /CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2 Certificate serial: 019B7AC8734B39CD78F5E58690CF9505A022 Authority key identifier: 2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/cO4n71Ca1KW9YOy3Lk5tseYgVLs.roa Signing time: Thu 01 Jan 2026 18:18:35 +0000 ROA not before: Thu 01 Jan 2026 18:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51056 IP address blocks: 109.233.192.0/21 maxlen: 24 185.64.236.0/22 maxlen: 24 2a02:1618::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.crl rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.mft rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:73:4b:39:cd:78:f5:e5:86:90:cf:95:05:a0:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2 Validity Not Before: Jan 1 18:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70ee27ef509ad4a5bd60ecb72e4e6db1e62054bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:49:d9:d0:28:cb:2a:e4:24:c7:0e:0f:5c:b3: 90:cb:db:0f:9f:5d:bd:30:c6:18:b9:79:20:fc:cd: ac:a5:ef:1c:91:1d:a2:49:39:47:e0:34:a1:f6:6f: f9:a0:35:0d:be:f2:b5:35:d3:f0:22:e9:c4:61:37: f8:b0:5f:2d:e3:14:60:a8:a3:14:44:48:47:95:a3: 78:b9:39:d0:04:cf:d5:f8:b5:42:59:1f:76:6a:41: ef:74:5f:cc:bd:e0:8b:f4:43:80:2c:39:38:42:c0: 5a:8f:b7:f9:fe:f1:4c:1b:c2:68:a6:44:90:8c:96: 32:ea:b0:81:25:bf:0f:79:09:a8:6a:51:b1:b4:af: af:10:e7:49:fe:d5:8e:69:fe:c3:76:fb:1e:39:ca: 60:0b:1f:9c:fe:da:b2:4d:22:20:37:20:07:76:25: e9:4b:b5:19:a6:a3:0f:1c:72:08:5b:10:f1:f0:0c: a2:40:f6:d2:a6:de:59:8a:4d:47:fb:f7:de:e2:f2: 43:9f:59:2a:12:aa:cd:0c:0d:3d:21:7e:ec:30:fe: ff:70:0d:0f:2c:f8:c1:c4:ce:11:f8:40:39:df:33: 82:0c:f9:a9:b6:56:87:86:12:95:c8:75:42:cc:9a: e8:59:ef:13:3f:bd:fd:56:7e:be:65:44:9a:f0:9d: ff:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:EE:27:EF:50:9A:D4:A5:BD:60:EC:B7:2E:4E:6D:B1:E6:20:54:BB X509v3 Authority Key Identifier: keyid:2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/cO4n71Ca1KW9YOy3Lk5tseYgVLs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.233.192.0/21 185.64.236.0/22 IPv6: 2a02:1618::/32 Signature Algorithm: sha256WithRSAEncryption 7a:f8:ee:33:98:86:f3:b4:de:57:db:ca:6e:56:4e:56:1b:64: 3c:d4:63:47:ad:c1:6e:c6:b6:09:a7:70:8a:97:79:aa:ca:d4: 20:a1:26:75:a4:04:f7:8b:37:49:6f:7c:52:e6:22:e5:5d:7d: ed:fc:82:32:ee:a9:37:ce:59:4b:81:3d:bb:3c:1e:d7:f0:ec: fd:26:9e:2e:f2:79:d3:4c:a5:42:75:1f:0b:4b:da:a2:cd:66: 10:04:5b:d1:cb:2c:e0:8c:a9:b1:4e:52:1b:47:76:8f:f1:fa: a5:35:42:5b:5d:8e:7b:d7:f2:4d:dd:64:8e:d4:ef:69:52:6f: b6:d1:cd:07:11:f2:68:03:13:dc:a2:18:20:e1:bc:47:47:88: 45:0a:73:50:4f:c5:d2:58:ba:29:2c:b2:3b:97:53:64:4b:0e: aa:66:b3:02:cd:a3:42:2a:bc:10:4e:e4:d9:e1:dc:b3:ae:b4: 61:3d:1e:fc:92:70:19:e7:ae:76:fe:54:57:a4:d9:47:4d:6d: 36:a6:cd:07:f6:77:ea:45:b0:1b:e8:63:f9:76:37:f8:31:5d: b1:37:b1:5c:21:eb:d7:61:8b:f4:92:79:b5:bd:c4:30:0b:ad: 35:9f:a0:ea:0a:e8:2a:c0:41:b1:e0:f4:74:11:12:35:0e:50: 3c:77:54:9b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6yHNLOc149eWGkM+VBaAiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkYjYxNmYzYWQwMzYzZTcyNjljYzJlYjU4ZDFiYzA4NmNj OTc1ZjIwHhcNMjYwMTAxMTgxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGVlMjdlZjUwOWFkNGE1YmQ2MGVjYjcyZTRlNmRiMWU2MjA1NGJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0knZ0CjLKuQkxw4PXLOQy9sPn129 MMYYuXkg/M2spe8ckR2iSTlH4DSh9m/5oDUNvvK1NdPwIunEYTf4sF8t4xRgqKMU REhHlaN4uTnQBM/V+LVCWR92akHvdF/MveCL9EOALDk4QsBaj7f5/vFMG8JopkSQ jJYy6rCBJb8PeQmoalGxtK+vEOdJ/tWOaf7DdvseOcpgCx+c/tqyTSIgNyAHdiXp S7UZpqMPHHIIWxDx8AyiQPbSpt5Zik1H+/fe4vJDn1kqEqrNDA09IX7sMP7/cA0P LPjBxM4R+EA53zOCDPmptlaHhhKVyHVCzJroWe8TP739Vn6+ZUSa8J3/xQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFHDuJ+9QmtSlvWDsty5ObbHmIFS7MB8GA1UdIwQY MBaAFC22FvOtA2PnJpzC61jRvAhsyXXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGJZVzg2MERZLWNtbk1McldORzhDR3pKZGZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTIyNmQtYzcyYy00YzEyLWJiYmEt YTRiNTVhNzFjMjI4LzEvY080bjcxQ2ExS1c5WU95M0xrNXRzZVlnVkxzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi8yYTIyNmQtYzcyYy00YzEyLWJiYmEtYTRiNTVhNzFjMjI4 LzEvTGJZVzg2MERZLWNtbk1McldORzhDR3pKZGZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbenAAwQC uUDsMA0EAgACMAcDBQAqAhYYMA0GCSqGSIb3DQEBCwUAA4IBAQB6+O4zmIbztN5X 28puVk5WG2Q81GNHrcFuxrYJp3CKl3mqytQgoSZ1pAT3izdJb3xS5iLlXX3t/IIy 7qk3zllLgT27PB7X8Oz9Jp4u8nnTTKVCdR8LS9qizWYQBFvRyyzgjKmxTlIbR3aP 8fqlNUJbXY571/JN3WSO1O9pUm+20c0HEfJoAxPcohgg4bxHR4hFCnNQT8XSWLop LLI7l1NkSw6qZrMCzaNCKrwQTuTZ4dyzrrRhPR78knAZ5652/lRXpNlHTW02ps0H 9nfqRbAb6GP5djf4MV2xN7FcIevXYYv0knm1vcQwC601n6DqCugqwEGx4PR0ERI1 DlA8d1Sb -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:12 2026 by rpki-client