This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/4s2LfJgezExAwyLPh90eBZdMtsA.roa File: 4s2LfJgezExAwyLPh90eBZdMtsA.roa (raw, json) Hash identifier: QROHTNbuhK/OLqAPPL7ZK974ElG4KehFHzzkBDXusl4= Subject key identifier: E2:CD:8B:7C:98:1E:CC:4C:40:C3:22:CF:87:DD:1E:05:97:4C:B6:C0 Certificate issuer: /CN=305c44e8c961a1450d0aab212f0dec717d1defb6 Certificate serial: 019B7C80AF64C91822435B235921B7EB8377 Authority key identifier: 30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/4s2LfJgezExAwyLPh90eBZdMtsA.roa Signing time: Fri 02 Jan 2026 02:19:26 +0000 ROA not before: Fri 02 Jan 2026 02:19:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56641 IP address blocks: 91.226.74.0/23 maxlen: 24 2a00:9520::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:af:64:c9:18:22:43:5b:23:59:21:b7:eb:83:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=305c44e8c961a1450d0aab212f0dec717d1defb6 Validity Not Before: Jan 2 02:19:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2cd8b7c981ecc4c40c322cf87dd1e05974cb6c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d8:d3:fd:68:47:56:0e:21:1a:c0:9e:e0:bb: 37:e4:b6:72:6c:14:d1:0d:e9:6f:4f:d0:04:2c:ef: 64:82:79:c5:54:28:53:88:7d:5e:09:4a:6f:ec:b4: 2f:57:49:80:50:a1:dd:cf:d7:8c:d5:33:0e:dd:20: 64:22:2d:42:d9:3e:a5:3d:80:86:b9:2f:84:b6:0e: 77:6e:28:9d:6f:5b:75:22:6e:c5:31:7c:c1:80:0e: 23:ff:cc:fc:12:57:ca:66:78:58:16:ff:b6:20:f0: 9a:e8:e3:63:71:75:32:0a:3a:9b:66:15:e4:88:eb: ee:a9:bb:c9:5b:c6:22:55:08:e2:bb:7a:e4:47:43: f4:3e:4f:e8:d0:5b:62:e9:92:27:be:7c:6d:77:1a: 78:7a:fb:15:c1:bc:67:dd:a5:11:71:cf:64:c9:3b: 97:23:0e:29:d6:95:7e:b7:e2:19:dc:71:42:86:7a: da:08:2c:d1:4b:31:1a:60:87:ef:a4:24:33:d0:9c: 4e:45:5a:a4:a2:ee:1e:a7:a3:56:06:2c:9d:df:33: 3e:48:4d:29:66:59:62:56:7f:0e:66:b8:a2:d0:37: d7:71:66:3e:f5:42:73:68:38:9c:e9:80:b1:dd:a0: 01:0d:53:cc:cb:1e:17:bc:a8:fe:d8:42:d0:df:12: d6:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:CD:8B:7C:98:1E:CC:4C:40:C3:22:CF:87:DD:1E:05:97:4C:B6:C0 X509v3 Authority Key Identifier: keyid:30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/4s2LfJgezExAwyLPh90eBZdMtsA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.226.74.0/23 IPv6: 2a00:9520::/32 Signature Algorithm: sha256WithRSAEncryption 04:77:ad:1b:9a:14:1e:17:3a:cd:a4:a3:38:34:d1:05:2c:03: b3:ec:bc:8b:7b:3f:2e:12:e2:c6:ba:b2:06:fe:63:f9:29:3a: fe:11:24:17:8f:08:14:02:e0:6a:92:71:47:32:4d:65:91:8a: af:b0:6c:6f:08:e4:1c:50:85:3a:54:50:1b:a3:c1:b4:9b:36: 0d:a3:5f:41:7f:2d:16:d7:d4:57:cb:84:7c:fa:17:1a:eb:7a: cd:90:3d:3e:15:31:f4:45:ac:7f:f3:12:c5:60:1d:f8:1a:f1: 20:30:b2:85:f8:44:7f:b0:3f:76:fe:f4:4a:13:4b:05:b2:b4: 0c:12:8b:ca:e8:79:f4:57:72:d9:51:c9:52:ca:b3:fc:eb:6a: 57:a6:6f:ef:38:cb:90:33:39:1d:5c:12:88:72:9a:36:9b:a8: 1f:fa:39:da:77:ae:ff:b7:cd:19:26:1d:dc:a3:76:6f:69:29: 8b:31:9c:83:c7:e8:a8:ee:36:ba:a0:ee:05:49:35:00:a2:fa: 02:55:09:38:b8:8d:31:81:07:52:60:b0:9a:db:9b:08:93:b1: 7a:cf:1b:e2:bb:ff:e9:04:f4:3e:a7:34:a4:1a:d8:a6:f5:14: 14:55:e3:31:3a:50:9e:65:a1:3c:18:97:30:44:2b:36:07:0d: 8d:34:ea:b1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8gK9kyRgiQ1sjWSG364N3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwNWM0NGU4Yzk2MWExNDUwZDBhYWIyMTJmMGRlYzcxN2Qx ZGVmYjYwHhcNMjYwMTAyMDIxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMmNkOGI3Yzk4MWVjYzRjNDBjMzIyY2Y4N2RkMWUwNTk3NGNiNmMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodjT/WhHVg4hGsCe4Ls35LZybBTR DelvT9AELO9kgnnFVChTiH1eCUpv7LQvV0mAUKHdz9eM1TMO3SBkIi1C2T6lPYCG uS+Etg53biidb1t1Im7FMXzBgA4j/8z8ElfKZnhYFv+2IPCa6ONjcXUyCjqbZhXk iOvuqbvJW8YiVQjiu3rkR0P0Pk/o0Fti6ZInvnxtdxp4evsVwbxn3aURcc9kyTuX Iw4p1pV+t+IZ3HFChnraCCzRSzEaYIfvpCQz0JxORVqkou4ep6NWBiyd3zM+SE0p ZlliVn8OZrii0DfXcWY+9UJzaDic6YCx3aABDVPMyx4XvKj+2ELQ3xLWOwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOLNi3yYHsxMQMMiz4fdHgWXTLbAMB8GA1UdIwQY MBaAFDBcROjJYaFFDQqrIS8N7HF9He+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYt ZDUyN2NlMGQ5OTMwLzEvNHMyTGZKZ2V6RXhBd3lMUGg5MGVCWmRNdHNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYtZDUyN2NlMGQ5OTMw LzEvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW+JKMA0E AgACMAcDBQAqAJUgMA0GCSqGSIb3DQEBCwUAA4IBAQAEd60bmhQeFzrNpKM4NNEF LAOz7LyLez8uEuLGurIG/mP5KTr+ESQXjwgUAuBqknFHMk1lkYqvsGxvCOQcUIU6 VFAbo8G0mzYNo19Bfy0W19RXy4R8+hca63rNkD0+FTH0Rax/8xLFYB34GvEgMLKF +ER/sD92/vRKE0sFsrQMEovK6Hn0V3LZUclSyrP862pXpm/vOMuQMzkdXBKIcpo2 m6gf+jnad67/t80ZJh3co3ZvaSmLMZyDx+io7ja6oO4FSTUAovoCVQk4uI0xgQdS YLCa25sIk7F6zxviu//pBPQ+pzSkGtim9RQUVeMxOlCeZaE8GJcwRCs2Bw2NNOqx -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:09 2026 by rpki-client