This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2-CKA7TZ2cMdjJnKx-OniU8BLus.roa File: 2-CKA7TZ2cMdjJnKx-OniU8BLus.roa (raw, json) Hash identifier: KQgdnZXKJIqPC+F45i1c2R7R00QL5ft25HtBcF2XoyQ= Subject key identifier: DB:E0:8A:03:B4:D9:D9:C3:1D:8C:99:CA:C7:E3:A7:89:4F:01:2E:EB Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362 Certificate serial: 019B7C12EE74F527FA15886A99A0E606CD96 Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2-CKA7TZ2cMdjJnKx-OniU8BLus.roa Signing time: Fri 02 Jan 2026 00:19:33 +0000 ROA not before: Fri 02 Jan 2026 00:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206479 IP address blocks: 5.175.189.0/24 maxlen: 24 5.175.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 14:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:ee:74:f5:27:fa:15:88:6a:99:a0:e6:06:cd:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362 Validity Not Before: Jan 2 00:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbe08a03b4d9d9c31d8c99cac7e3a7894f012eeb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c5:3c:dc:0d:44:e7:ab:77:10:ea:fc:09:59: 72:89:98:8b:72:59:5e:13:74:54:e3:db:55:df:6b: 50:33:0c:c9:c4:08:af:19:d7:29:fc:e1:46:b6:a7: ab:9a:fa:5b:5e:34:25:13:a4:51:7a:d4:e2:a0:1e: 8f:1b:29:c4:1c:46:a7:2b:c8:38:42:35:ac:a9:d6: bc:73:8f:ae:a4:c2:1c:1f:66:fe:9b:70:81:ab:b0: 67:0c:ff:08:12:81:b4:0b:6d:83:49:51:00:f2:ea: e7:6c:e9:9b:37:31:be:86:5e:69:00:29:29:81:e3: 38:9d:5b:94:61:ba:c4:ad:c2:89:85:da:ce:48:65: dc:0b:0b:2a:41:f2:27:e9:dc:13:23:4d:3d:83:9c: 2e:b4:dd:fc:74:92:86:e5:74:ed:ec:82:55:f0:63: 58:0a:ab:d2:ca:a4:4a:ff:6e:78:b4:1c:d4:27:8d: b4:b7:ee:30:e8:85:d0:bc:83:c0:a7:1e:ee:44:dd: 36:1f:b7:7c:53:d7:8e:5d:cc:5a:6a:64:99:5f:e3: 81:fd:38:a9:39:4f:7e:1c:f8:a6:79:f2:0d:72:57: a3:27:2a:c2:e9:ba:7e:ff:21:31:1b:c8:79:f5:b6: 7f:06:9f:5a:df:28:56:05:55:e8:06:ee:5c:a2:07: 67:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:E0:8A:03:B4:D9:D9:C3:1D:8C:99:CA:C7:E3:A7:89:4F:01:2E:EB X509v3 Authority Key Identifier: keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/2-CKA7TZ2cMdjJnKx-OniU8BLus.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.175.189.0/24 5.175.234.0/24 Signature Algorithm: sha256WithRSAEncryption b9:b4:ab:c2:97:ce:80:a5:24:f2:d2:a2:b0:a2:ad:27:74:73: 0f:f8:7b:20:0e:fc:5c:34:cd:98:d2:c7:36:1e:b2:ff:af:37: a4:49:ae:06:d2:9f:07:d1:3c:00:3d:5b:32:e9:e7:49:ac:60: ab:83:e2:fa:ab:9f:64:ad:4d:d0:14:50:d0:a5:de:59:64:ce: 49:ff:8f:fc:63:30:5f:ab:e6:85:89:c9:a4:6e:a0:14:99:93: 6c:de:60:56:c2:57:34:67:00:60:3c:d3:5a:5e:53:5d:c8:9f: 3e:cd:a0:91:d5:96:8e:93:04:b6:36:c5:67:8b:92:18:d3:c3: b7:b9:e8:60:fa:21:19:bf:29:1b:bf:2a:18:7a:94:e4:6f:52: 1d:fd:a7:b2:cf:f3:c3:d4:5b:09:90:c4:25:cb:b0:8e:4f:ad: 33:eb:a8:b8:be:1e:46:c9:6e:57:21:c4:05:94:47:b9:84:c6: d8:6d:0c:b0:15:06:f0:27:d5:72:c6:8e:01:7a:0b:d7:c6:46: 89:1d:c5:27:3a:e7:4d:e8:73:71:44:52:28:ec:22:95:dd:5a: b9:05:87:91:c0:6a:13:9a:93:e2:07:28:8e:5c:54:f0:19:35: 28:fd:ed:ee:fd:47:e9:af:44:b5:30:52:28:c1:f7:8b:b6:28: a2:7e:60:af -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8Eu509Sf6FYhqmaDmBs2WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5 YjIzNjIwHhcNMjYwMTAyMDAxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmUwOGEwM2I0ZDlkOWMzMWQ4Yzk5Y2FjN2UzYTc4OTRmMDEyZWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8U83A1E56t3EOr8CVlyiZiLclle E3RU49tV32tQMwzJxAivGdcp/OFGtqermvpbXjQlE6RRetTioB6PGynEHEanK8g4 QjWsqda8c4+upMIcH2b+m3CBq7BnDP8IEoG0C22DSVEA8urnbOmbNzG+hl5pACkp geM4nVuUYbrErcKJhdrOSGXcCwsqQfIn6dwTI009g5wutN38dJKG5XTt7IJV8GNY CqvSyqRK/254tBzUJ420t+4w6IXQvIPApx7uRN02H7d8U9eOXcxaamSZX+OB/Tip OU9+HPimefINclejJyrC6bp+/yExG8h59bZ/Bp9a3yhWBVXoBu5cogdnGQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNvgigO02dnDHYyZysfjp4lPAS7rMB8GA1UdIwQY MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt ZTFiZDg4ZDNmZDA3LzEvMi1DS0E3VFoyY01kakpuS3gtT25pVThCTHVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3 LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABa+9AwQA Ba/qMA0GCSqGSIb3DQEBCwUAA4IBAQC5tKvCl86ApSTy0qKwoq0ndHMP+HsgDvxc NM2Y0sc2HrL/rzekSa4G0p8H0TwAPVsy6edJrGCrg+L6q59krU3QFFDQpd5ZZM5J /4/8YzBfq+aFicmkbqAUmZNs3mBWwlc0ZwBgPNNaXlNdyJ8+zaCR1ZaOkwS2NsVn i5IY08O3uehg+iEZvykbvyoYepTkb1Id/aeyz/PD1FsJkMQly7COT60z66i4vh5G yW5XIcQFlEe5hMbYbQywFQbwJ9Vyxo4BegvXxkaJHcUnOudN6HNxRFIo7CKV3Vq5 BYeRwGoTmpPiByiOXFTwGTUo/e3u/Ufpr0S1MFIowfeLtiiifmCv -----END CERTIFICATE-----Generated at Mon Jan 19 19:56:24 2026 by rpki-client