This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2iR8IGbVCkGR1Nr1Dj30CVcid5w.roa File: 2iR8IGbVCkGR1Nr1Dj30CVcid5w.roa (raw, json) Hash identifier: xbfJRhKgAhcWZeGX4sfooncPRAUNFBi2KqzLugZvDEg= Subject key identifier: DA:24:7C:20:66:D5:0A:41:91:D4:DA:F5:0E:3D:F4:09:57:22:77:9C Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec Certificate serial: 019B797EBA4C556532DE6A2204CF243D0C56 Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2iR8IGbVCkGR1Nr1Dj30CVcid5w.roa Signing time: Thu 01 Jan 2026 12:18:26 +0000 ROA not before: Thu 01 Jan 2026 12:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42157 IP address blocks: 151.251.64.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ba:4c:55:65:32:de:6a:22:04:cf:24:3d:0c:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec Validity Not Before: Jan 1 12:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da247c2066d50a4191d4daf50e3df4095722779c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:9c:b9:61:b1:b6:07:67:3c:20:13:a8:c4:a7: 07:28:00:62:9e:0d:7d:b6:6f:31:cb:d1:6f:51:e6: 89:af:35:63:03:8d:4e:63:5f:d4:f2:e6:23:c2:f0: 80:2c:67:f1:39:8d:b8:25:dc:9b:af:48:a4:34:27: 63:32:2d:fb:61:50:f6:80:d0:87:3f:a7:4b:e2:67: 42:8c:39:36:a2:5d:62:85:90:78:b2:a0:63:45:46: 7b:d8:4c:1a:bd:f5:f6:90:84:d0:0a:c0:22:67:89: 01:6f:34:4d:d7:73:83:56:75:b4:60:55:c8:67:c7: 34:2a:77:4a:80:6a:a2:e4:0d:ae:c1:5b:38:3e:b6: a4:fc:82:69:4e:8b:e4:08:98:10:11:df:99:2a:17: 1b:2a:3a:12:8d:7e:65:58:35:1c:96:b8:ce:8e:b5: 9c:cb:32:39:58:ea:25:43:d5:57:d0:13:1d:19:8d: 02:e9:39:c7:cc:e0:a7:72:a5:67:56:58:88:96:73: f0:ba:de:2e:17:46:08:2d:dd:74:01:c9:07:f7:63: 9f:36:b5:3a:f4:36:c1:fd:d5:cb:b1:1d:cd:a0:99: 64:8b:79:78:22:5c:48:0e:7d:7e:cc:74:c8:eb:7d: f6:bc:18:58:8e:69:e9:d2:a8:e0:0c:13:90:fb:03: e9:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:24:7C:20:66:D5:0A:41:91:D4:DA:F5:0E:3D:F4:09:57:22:77:9C X509v3 Authority Key Identifier: keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2iR8IGbVCkGR1Nr1Dj30CVcid5w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.251.64.0/23 Signature Algorithm: sha256WithRSAEncryption 2d:91:9e:b7:6d:df:fc:e4:98:2f:19:68:a5:6b:97:b2:34:db: 9c:94:56:b9:1d:2b:e4:49:35:31:36:4c:4a:3a:bd:7c:e7:a6: c8:1f:59:50:82:fb:0e:d7:06:78:fe:44:52:9f:07:aa:b4:0a: 37:56:92:27:42:74:13:18:4c:21:39:05:f4:8b:09:38:87:e6: 40:2e:d4:4a:ef:27:6a:73:4a:04:62:fc:6c:5b:e6:2f:ba:b6: c5:98:b0:84:a0:1e:32:a3:69:29:95:bc:2f:b0:5d:8a:ba:7f: ec:6f:2f:68:3c:ec:37:48:33:bd:7d:45:fe:3b:e3:46:7d:52: 13:09:e4:cc:6e:12:bb:c7:66:05:f3:8a:72:ab:4d:65:ca:b6: 83:1e:5b:52:1e:b3:fd:99:69:54:2b:cb:49:f3:08:35:e7:df: 73:02:d0:58:e7:93:26:b9:2f:e6:a9:81:a9:2e:d7:e5:9c:66: 07:1c:62:fb:4e:e9:4e:34:fa:68:ba:b9:c7:39:df:3c:89:ee: 3d:d5:6b:a7:c2:a9:3c:24:f1:a2:73:a0:8a:d5:bf:9a:b7:d5: c7:e7:4a:e8:be:7e:a1:3b:83:b0:d4:23:31:fc:f8:23:fc:48: f1:46:e2:97:4a:e6:25:a5:99:c0:d4:f7:54:41:4a:a7:58:64: d9:a3:2f:8e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5frpMVWUy3moiBM8kPQxWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj ZDgyZWMwHhcNMjYwMTAxMTIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTI0N2MyMDY2ZDUwYTQxOTFkNGRhZjUwZTNkZjQwOTU3MjI3NzljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5y5YbG2B2c8IBOoxKcHKABing19 tm8xy9FvUeaJrzVjA41OY1/U8uYjwvCALGfxOY24Jdybr0ikNCdjMi37YVD2gNCH P6dL4mdCjDk2ol1ihZB4sqBjRUZ72EwavfX2kITQCsAiZ4kBbzRN13ODVnW0YFXI Z8c0KndKgGqi5A2uwVs4Prak/IJpTovkCJgQEd+ZKhcbKjoSjX5lWDUclrjOjrWc yzI5WOolQ9VX0BMdGY0C6TnHzOCncqVnVliIlnPwut4uF0YILd10AckH92OfNrU6 9DbB/dXLsR3NoJlki3l4IlxIDn1+zHTI6332vBhYjmnp0qjgDBOQ+wPpfwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNokfCBm1QpBkdTa9Q499AlXInecMB8GA1UdIwQY MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt N2ZiYmFlNmY5NDM3LzEvMmlSOElHYlZDa0dSMU5yMURqMzBDVmNpZDV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3 LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/tAMA0G CSqGSIb3DQEBCwUAA4IBAQAtkZ63bd/85JgvGWila5eyNNuclFa5HSvkSTUxNkxK Or1856bIH1lQgvsO1wZ4/kRSnweqtAo3VpInQnQTGEwhOQX0iwk4h+ZALtRK7ydq c0oEYvxsW+YvurbFmLCEoB4yo2kplbwvsF2Kun/sby9oPOw3SDO9fUX+O+NGfVIT CeTMbhK7x2YF84pyq01lyraDHltSHrP9mWlUK8tJ8wg1599zAtBY55MmuS/mqYGp LtflnGYHHGL7TulONPpournHOd88ie491Wunwqk8JPGic6CK1b+at9XH50rovn6h O4Ow1CMx/Pgj/EjxRuKXSuYlpZnA1PdUQUqnWGTZoy+O -----END CERTIFICATE-----Generated at Mon Jan 26 17:24:31 2026 by rpki-client