This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/2UJnYkLlrBrsr-FiuY1t_mTWT4k.roa File: 2UJnYkLlrBrsr-FiuY1t_mTWT4k.roa (raw, json) Hash identifier: Xa61lzBRtSApWj6goAfzYPWzx5tHlOIe0rD8n3ZeiWM= Subject key identifier: D9:42:67:62:42:E5:AC:1A:EC:AF:E1:62:B9:8D:6D:FE:64:D6:4F:89 Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1 Certificate serial: 019B7E3887DB6F8A3C0A273C6FA1C626465B Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/2UJnYkLlrBrsr-FiuY1t_mTWT4k.roa Signing time: Fri 02 Jan 2026 10:19:52 +0000 ROA not before: Fri 02 Jan 2026 10:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201838 IP address blocks: 185.240.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.mft rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:87:db:6f:8a:3c:0a:27:3c:6f:a1:c6:26:46:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1 Validity Not Before: Jan 2 10:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d942676242e5ac1aecafe162b98d6dfe64d64f89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b8:ac:5a:a5:4b:53:04:14:65:b7:1b:2d:b7: 57:4b:b2:93:e1:a1:ec:03:1c:1f:a1:75:7b:79:dd: 42:fa:a4:08:c0:0c:cf:e0:90:c0:6a:b7:34:a6:fc: eb:77:2b:98:2a:cc:ed:73:c9:76:a8:f9:92:c1:ed: 12:bf:50:d5:90:11:77:dd:83:24:30:be:e2:33:58: 42:c7:9f:e1:e8:4e:a5:f5:a4:15:e2:e1:7d:9e:d8: 5d:b6:c4:72:eb:08:df:ae:fa:7d:f0:7d:8f:6f:39: e0:04:1b:57:86:4f:e1:6a:44:82:2d:6b:1e:c1:56: 26:d2:6b:7c:b4:25:7a:30:50:ca:20:d7:46:db:6c: 6c:32:5d:be:3e:a1:08:b7:a7:58:49:2e:3e:b2:eb: 3a:f9:13:26:25:83:b9:fa:81:d8:44:50:d1:85:b3: 20:c3:eb:fb:8d:5d:79:15:87:4f:bb:37:e3:24:9f: 91:b9:d7:85:19:37:10:a7:61:86:ea:99:49:b0:f6: cc:8a:85:aa:2f:5e:a7:75:1e:0e:b7:72:55:02:20: e7:37:91:1d:77:ad:bb:b7:63:79:82:ae:08:5d:11: 07:a2:1d:ff:76:52:09:6b:f8:e3:38:a7:17:74:cb: e7:11:20:da:49:eb:a4:36:55:f9:8c:b8:60:c2:45: 8c:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:42:67:62:42:E5:AC:1A:EC:AF:E1:62:B9:8D:6D:FE:64:D6:4F:89 X509v3 Authority Key Identifier: keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/2UJnYkLlrBrsr-FiuY1t_mTWT4k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.240.24.0/22 Signature Algorithm: sha256WithRSAEncryption 1c:09:5f:b0:18:03:51:96:55:14:cc:5e:a5:01:96:1d:a1:0e: d4:44:16:fa:5a:2f:92:4d:bc:cc:64:47:db:24:60:63:67:42: 44:16:90:d1:a4:d1:03:73:e5:5e:72:01:3b:d7:a3:35:0a:2b: 51:e5:d6:4b:e2:e7:35:93:61:ef:9d:51:54:bd:ae:1b:22:e6: 4a:23:b8:4d:22:80:d0:ae:91:12:88:62:4e:05:1a:f8:ec:b7: 86:a8:9b:1d:6a:61:52:23:d8:28:32:41:61:a3:a9:27:5d:56: 41:c3:b4:2d:9c:73:13:d7:c5:74:e2:0f:98:e3:96:cf:63:f2: f1:6f:38:84:d1:db:9e:16:a3:c6:69:9a:50:92:e6:79:2b:c8: 6a:dd:ee:45:86:97:43:d0:84:10:61:2f:a0:b5:6f:05:3e:75: 43:c4:f3:48:53:61:5a:1a:c1:49:f4:7b:e2:13:17:3a:b4:fe: a7:db:70:9f:b8:75:c2:7a:5e:59:b5:60:47:dc:ff:ab:fd:8d: c7:01:68:05:5e:64:26:50:ec:ff:b1:3d:d5:d0:07:d2:d4:51: 4d:6d:c7:df:28:2e:75:e8:73:63:af:55:00:d2:bc:08:4a:25: 86:86:91:94:aa:41:df:be:29:35:50:18:5c:e6:d0:59:c1:cf: 7c:91:b6:46 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OIfbb4o8Cic8b6HGJkZbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy YmI5YzEwHhcNMjYwMTAyMTAxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTQyNjc2MjQyZTVhYzFhZWNhZmUxNjJiOThkNmRmZTY0ZDY0Zjg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrisWqVLUwQUZbcbLbdXS7KT4aHs AxwfoXV7ed1C+qQIwAzP4JDAarc0pvzrdyuYKsztc8l2qPmSwe0Sv1DVkBF33YMk ML7iM1hCx5/h6E6l9aQV4uF9nthdtsRy6wjfrvp98H2PbzngBBtXhk/hakSCLWse wVYm0mt8tCV6MFDKINdG22xsMl2+PqEIt6dYSS4+sus6+RMmJYO5+oHYRFDRhbMg w+v7jV15FYdPuzfjJJ+RudeFGTcQp2GG6plJsPbMioWqL16ndR4Ot3JVAiDnN5Ed d627t2N5gq4IXREHoh3/dlIJa/jjOKcXdMvnESDaSeukNlX5jLhgwkWMrwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNlCZ2JC5awa7K/hYrmNbf5k1k+JMB8GA1UdIwQY MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt ZTljMzY0OWMxMjE4LzEvMlVKbllrTGxyQnJzci1GaXVZMXRfbVRXVDRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4 LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufAYMA0G CSqGSIb3DQEBCwUAA4IBAQAcCV+wGANRllUUzF6lAZYdoQ7URBb6Wi+STbzMZEfb JGBjZ0JEFpDRpNEDc+VecgE716M1CitR5dZL4uc1k2HvnVFUva4bIuZKI7hNIoDQ rpESiGJOBRr47LeGqJsdamFSI9goMkFho6knXVZBw7QtnHMT18V04g+Y45bPY/Lx bziE0dueFqPGaZpQkuZ5K8hq3e5FhpdD0IQQYS+gtW8FPnVDxPNIU2FaGsFJ9Hvi Exc6tP6n23CfuHXCel5ZtWBH3P+r/Y3HAWgFXmQmUOz/sT3V0AfS1FFNbcffKC51 6HNjr1UA0rwISiWGhpGUqkHfvik1UBhc5tBZwc98kbZG -----END CERTIFICATE-----Generated at Wed Jan 21 14:41:05 2026 by rpki-client