This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/67fn5GTCeyuZQBLDAbthDHukFBc.roa File: 67fn5GTCeyuZQBLDAbthDHukFBc.roa (raw, json) Hash identifier: mGoog7qE1SUu5tq0Qw3ikg4XEdKFRtMMptWXJMMEWPw= Subject key identifier: EB:B7:E7:E4:64:C2:7B:2B:99:40:12:C3:01:BB:61:0C:7B:A4:14:17 Certificate issuer: /CN=f98669d31a14dbdc5077159cf0a65353bfbfa20a Certificate serial: 019B7FF1EB180B7BE21804A9F27FFD09CBD5 Authority key identifier: F9:86:69:D3:1A:14:DB:DC:50:77:15:9C:F0:A6:53:53:BF:BF:A2:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YZp0xoU29xQdxWc8KZTU7-_ogo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/67fn5GTCeyuZQBLDAbthDHukFBc.roa Signing time: Fri 02 Jan 2026 18:21:59 +0000 ROA not before: Fri 02 Jan 2026 18:21:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34222 IP address blocks: 37.46.208.0/21 maxlen: 21 217.198.112.0/20 maxlen: 20 2a00:19a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/1-YZp0xoU29xQdxWc8KZTU7-_ogo.crl rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/1-YZp0xoU29xQdxWc8KZTU7-_ogo.mft rsync://rpki.ripe.net/repository/DEFAULT/1-YZp0xoU29xQdxWc8KZTU7-_ogo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:eb:18:0b:7b:e2:18:04:a9:f2:7f:fd:09:cb:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f98669d31a14dbdc5077159cf0a65353bfbfa20a Validity Not Before: Jan 2 18:21:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ebb7e7e464c27b2b994012c301bb610c7ba41417 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:67:9e:35:23:a8:49:a4:e3:bc:9b:cc:28:2d: d3:6f:58:41:92:15:15:12:2e:f4:94:d7:8f:bc:27: d3:14:41:8b:e1:8c:7f:54:c8:c9:ea:b2:28:fa:3b: 51:56:5e:ce:90:8c:47:90:7e:6c:0c:4e:d3:52:f8: ab:55:17:cb:e0:24:3f:5b:98:80:a0:4b:40:6a:10: 39:6d:62:89:98:5e:ca:93:83:86:47:2f:e7:20:29: 02:19:4d:d6:a9:19:86:e2:45:ac:9c:07:9b:27:39: 63:d2:e1:4f:f6:a1:ac:bb:d2:bf:be:f0:9f:bd:11: a7:78:a5:d9:78:e6:30:7d:1f:66:50:76:3b:53:8d: a4:1f:d0:a9:3a:2f:c6:78:6d:b1:82:c5:ae:f7:70: b3:5f:f1:62:55:1c:ba:44:c0:f8:b8:f2:3c:13:3c: 32:b8:ab:9c:67:53:eb:32:2d:99:6c:39:f1:90:59: e5:65:6b:0c:32:98:37:d0:2d:f0:df:57:9f:cf:83: cb:98:fb:79:17:70:47:45:13:82:a4:9d:fe:ed:ce: f4:05:22:d8:4e:aa:fd:a2:28:03:9a:9f:9c:b3:31: f7:99:22:7c:a4:ae:1f:2c:08:52:16:f5:9d:46:56: b4:7c:fa:fe:bc:a9:d2:f6:d5:ad:4f:b1:64:1a:27: 2f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:B7:E7:E4:64:C2:7B:2B:99:40:12:C3:01:BB:61:0C:7B:A4:14:17 X509v3 Authority Key Identifier: keyid:F9:86:69:D3:1A:14:DB:DC:50:77:15:9C:F0:A6:53:53:BF:BF:A2:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YZp0xoU29xQdxWc8KZTU7-_ogo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/67fn5GTCeyuZQBLDAbthDHukFBc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/2b417d-2869-411f-aeda-4a05bac5265f/1/1-YZp0xoU29xQdxWc8KZTU7-_ogo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.46.208.0/21 217.198.112.0/20 IPv6: 2a00:19a0::/32 Signature Algorithm: sha256WithRSAEncryption 1f:4d:34:10:97:bd:20:ef:56:7e:97:b4:f2:cf:fb:b8:7a:41: 44:0a:86:24:7a:08:12:07:6d:e1:1f:11:85:1d:80:f5:2b:c1: c8:16:c2:2e:27:ba:ec:fd:9f:13:63:e5:81:c4:50:40:e2:22: 17:a9:b2:1c:e3:6a:03:75:0b:7f:27:0e:ae:ee:50:91:13:ab: b6:6f:5f:ff:c7:22:c8:27:06:9f:dd:5b:7f:93:41:95:1b:8b: e2:1c:5b:14:db:7b:82:db:2f:fd:c5:16:76:71:12:f2:ba:47: a6:a7:35:a5:7a:97:fd:70:9c:c0:20:ea:a1:b5:f4:2e:a7:d9: ad:28:5b:53:0b:9b:d3:9a:66:2d:ae:23:7d:55:52:bf:1d:f3: f9:ba:7b:5e:99:4c:9c:a6:34:4d:96:f4:79:ef:6b:3f:30:e8: fa:d3:aa:c5:a2:5a:ca:56:f3:2a:3e:c9:3d:12:e3:4b:70:4a: f0:82:74:24:15:d9:b1:10:23:40:5e:ea:fa:cf:cf:ce:fc:30: 4a:c9:0b:b5:af:9c:76:1b:11:2d:34:43:68:20:4d:50:62:80: 21:ba:9a:95:0b:e7:22:4b:10:d7:67:31:5d:6c:aa:92:be:55: 80:97:7f:1d:eb:6b:4b:e4:3c:64:ca:9c:b6:08:63:3c:a7:4e: 1e:ed:44:34 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt/8esYC3viGASp8n/9CcvVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY5ODY2OWQzMWExNGRiZGM1MDc3MTU5Y2YwYTY1MzUzYmZi ZmEyMGEwHhcNMjYwMTAyMTgyMTU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYmI3ZTdlNDY0YzI3YjJiOTk0MDEyYzMwMWJiNjEwYzdiYTQxNDE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42eeNSOoSaTjvJvMKC3Tb1hBkhUV Ei70lNePvCfTFEGL4Yx/VMjJ6rIo+jtRVl7OkIxHkH5sDE7TUvirVRfL4CQ/W5iA oEtAahA5bWKJmF7Kk4OGRy/nICkCGU3WqRmG4kWsnAebJzlj0uFP9qGsu9K/vvCf vRGneKXZeOYwfR9mUHY7U42kH9CpOi/GeG2xgsWu93CzX/FiVRy6RMD4uPI8Ezwy uKucZ1PrMi2ZbDnxkFnlZWsMMpg30C3w31efz4PLmPt5F3BHRROCpJ3+7c70BSLY Tqr9oigDmp+cszH3mSJ8pK4fLAhSFvWdRla0fPr+vKnS9tWtT7FkGicvwwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFOu35+RkwnsrmUASwwG7YQx7pBQXMB8GA1UdIwQY MBaAFPmGadMaFNvcUHcVnPCmU1O/v6IKMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1ZWnAweG9VMjl4UWR4V2M4S1pUVTctX29nby5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcvMmI0MTdkLTI4NjktNDExZi1hZWRh LTRhMDViYWM1MjY1Zi8xLzY3Zm41R1RDZXl1WlFCTERBYnRoREh1a0ZCYy5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMDcvMmI0MTdkLTI4NjktNDExZi1hZWRhLTRhMDViYWM1MjY1 Zi8xLzEtWVpwMHhvVTI5eFFkeFdjOEtaVFU3LV9vZ28uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAMlLtAD BATZxnAwDQQCAAIwBwMFACoAGaAwDQYJKoZIhvcNAQELBQADggEBAB9NNBCXvSDv Vn6XtPLP+7h6QUQKhiR6CBIHbeEfEYUdgPUrwcgWwi4nuuz9nxNj5YHEUEDiIhep shzjagN1C38nDq7uUJETq7ZvX//HIsgnBp/dW3+TQZUbi+IcWxTbe4LbL/3FFnZx EvK6R6anNaV6l/1wnMAg6qG19C6n2a0oW1MLm9OaZi2uI31VUr8d8/m6e16ZTJym NE2W9Hnvaz8w6PrTqsWiWspW8yo+yT0S40twSvCCdCQV2bEQI0Be6vrPz878MErJ C7WvnHYbES00Q2ggTVBigCG6mpUL5yJLENdnMV1sqpK+VYCXfx3ra0vkPGTKnLYI YzynTh7tRDQ= -----END CERTIFICATE-----Generated at Mon Feb 9 23:46:22 2026 by rpki-client