This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/n2RXCHmE2mIVVK86mWjjYTONVEY.roa File: n2RXCHmE2mIVVK86mWjjYTONVEY.roa (raw, json) Hash identifier: vfexF/zKDf9M5bj3mCjRl7MbjkVTZHBSgi+Kjne7g2E= Subject key identifier: 9F:64:57:08:79:84:DA:62:15:54:AF:3A:99:68:E3:61:33:8D:54:46 Certificate issuer: /CN=7a704007e2135c8b1278035ba7642b99159444b1 Certificate serial: 019B7F159D1D06EEEC99A78BC79D57DBE753 Authority key identifier: 7A:70:40:07:E2:13:5C:8B:12:78:03:5B:A7:64:2B:99:15:94:44:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/enBAB-ITXIsSeANbp2QrmRWURLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/n2RXCHmE2mIVVK86mWjjYTONVEY.roa Signing time: Fri 02 Jan 2026 14:21:21 +0000 ROA not before: Fri 02 Jan 2026 14:21:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15600 IP address blocks: 5.149.16.0/20 maxlen: 20 185.74.148.0/22 maxlen: 22 2a00:d260::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/enBAB-ITXIsSeANbp2QrmRWURLE.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/enBAB-ITXIsSeANbp2QrmRWURLE.mft rsync://rpki.ripe.net/repository/DEFAULT/enBAB-ITXIsSeANbp2QrmRWURLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:9d:1d:06:ee:ec:99:a7:8b:c7:9d:57:db:e7:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a704007e2135c8b1278035ba7642b99159444b1 Validity Not Before: Jan 2 14:21:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9f6457087984da621554af3a9968e361338d5446 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:26:ab:54:33:8a:7e:a7:4d:62:2f:94:ae:ee: 9b:4f:36:f6:68:04:7c:37:0c:12:47:05:5f:47:50: f6:1b:b8:4e:0d:b8:07:02:cc:74:2d:c1:7d:66:d9: 91:d7:38:b7:7e:14:8d:d0:9d:35:51:57:3e:b8:ef: ca:c7:45:89:af:44:3c:9f:42:5e:0d:c9:28:70:30: 95:8e:0d:7d:5d:ea:ac:8b:87:e7:0b:4b:b4:6a:58: 0a:54:af:f8:0e:7d:2b:83:e4:e6:40:db:5b:ce:c3: ff:85:54:2d:e8:ff:62:37:bf:66:67:37:d7:c4:89: 91:0b:a5:1d:0f:0a:96:dc:01:9c:1b:cc:58:0f:38: 87:24:9e:c7:c2:0d:c7:90:7c:69:a9:f9:7f:32:64: 00:0e:91:bb:22:53:0b:4b:d6:40:0a:7b:1c:b2:02: 9a:0b:02:31:c5:e3:7e:6b:c9:ed:91:29:ca:5c:c3: 1a:dd:19:f5:b0:d6:ab:ab:55:74:3b:b5:95:3f:e2: f2:22:49:cf:f9:8f:f6:de:77:12:c1:f4:5b:82:d1: 78:db:ac:88:49:8c:55:73:6e:ba:2a:28:82:b3:95: a7:49:a2:cf:be:d4:ce:e8:49:ab:d9:1c:45:ae:b7: b4:c0:eb:fe:7f:36:cb:25:11:9d:5b:fc:91:4f:e3: f7:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:64:57:08:79:84:DA:62:15:54:AF:3A:99:68:E3:61:33:8D:54:46 X509v3 Authority Key Identifier: keyid:7A:70:40:07:E2:13:5C:8B:12:78:03:5B:A7:64:2B:99:15:94:44:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/enBAB-ITXIsSeANbp2QrmRWURLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/n2RXCHmE2mIVVK86mWjjYTONVEY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/4edda4-ebc5-4434-bb91-f7710a030fa2/1/enBAB-ITXIsSeANbp2QrmRWURLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.149.16.0/20 185.74.148.0/22 IPv6: 2a00:d260::/29 Signature Algorithm: sha256WithRSAEncryption a9:ee:2a:6f:4d:25:2c:bd:2d:22:94:39:d5:f3:a9:7e:b7:2f: f4:4b:53:8b:ec:91:9c:5a:f6:61:4a:a8:81:42:82:0a:5a:12: 02:e8:3b:2b:29:65:78:48:fe:74:d6:54:a3:78:9b:73:89:59: c1:1b:20:13:ac:4f:27:1d:86:45:d9:59:b2:90:48:43:8f:ca: 00:65:1e:c6:a1:c4:cd:c9:db:7a:b6:af:82:36:03:ce:d2:96: a8:ea:0a:24:34:62:b9:9f:ee:88:3a:69:0e:66:a6:ac:f7:66: 6e:86:09:70:07:00:ad:d5:31:9d:73:c0:57:6a:9f:a9:2b:0c: b9:4d:ed:b9:27:47:22:0c:05:5a:d9:ab:83:21:bb:fa:9b:af: a0:f5:e9:3c:77:3f:35:55:be:c2:ae:ea:1b:f8:be:b2:37:77: 77:5b:35:54:ae:19:40:f4:c1:2f:3b:03:1e:10:d8:4f:d3:88: 2e:9b:a5:54:e7:1b:b4:42:65:00:74:67:55:01:b4:fb:8f:50: 1e:0e:79:c6:c7:d7:d6:61:87:99:af:5e:47:f3:cd:fc:b5:92: a6:18:0e:b7:78:f1:d6:80:e3:82:df:2b:0d:bf:98:e0:9d:ff: 25:5b:f6:49:a4:6c:a9:7d:64:75:df:88:23:fb:d5:b7:1f:e7: 1e:de:5a:88 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/FZ0dBu7smaeLx51X2+dTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhNzA0MDA3ZTIxMzVjOGIxMjc4MDM1YmE3NjQyYjk5MTU5 NDQ0YjEwHhcNMjYwMTAyMTQyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZjY0NTcwODc5ODRkYTYyMTU1NGFmM2E5OTY4ZTM2MTMzOGQ1NDQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSarVDOKfqdNYi+Uru6bTzb2aAR8 NwwSRwVfR1D2G7hODbgHAsx0LcF9ZtmR1zi3fhSN0J01UVc+uO/Kx0WJr0Q8n0Je DckocDCVjg19Xeqsi4fnC0u0algKVK/4Dn0rg+TmQNtbzsP/hVQt6P9iN79mZzfX xImRC6UdDwqW3AGcG8xYDziHJJ7Hwg3HkHxpqfl/MmQADpG7IlMLS9ZACnscsgKa CwIxxeN+a8ntkSnKXMMa3Rn1sNarq1V0O7WVP+LyIknP+Y/23ncSwfRbgtF426yI SYxVc266KiiCs5WnSaLPvtTO6Emr2RxFrre0wOv+fzbLJRGdW/yRT+P3nQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJ9kVwh5hNpiFVSvOplo42EzjVRGMB8GA1UdIwQY MBaAFHpwQAfiE1yLEngDW6dkK5kVlESxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZW5CQUItSVRYSXNTZUFOYnAyUXJtUldVUkxFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi80ZWRkYTQtZWJjNS00NDM0LWJiOTEt Zjc3MTBhMDMwZmEyLzEvbjJSWENIbUUybUlWVks4Nm1XampZVE9OVkVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi80ZWRkYTQtZWJjNS00NDM0LWJiOTEtZjc3MTBhMDMwZmEy LzEvZW5CQUItSVRYSXNTZUFOYnAyUXJtUldVUkxFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEBZUQAwQC uUqUMA0EAgACMAcDBQMqANJgMA0GCSqGSIb3DQEBCwUAA4IBAQCp7ipvTSUsvS0i lDnV86l+ty/0S1OL7JGcWvZhSqiBQoIKWhIC6DsrKWV4SP501lSjeJtziVnBGyAT rE8nHYZF2VmykEhDj8oAZR7GocTNydt6tq+CNgPO0pao6gokNGK5n+6IOmkOZqas 92ZuhglwBwCt1TGdc8BXap+pKwy5Te25J0ciDAVa2auDIbv6m6+g9ek8dz81Vb7C ruob+L6yN3d3WzVUrhlA9MEvOwMeENhP04gum6VU5xu0QmUAdGdVAbT7j1AeDnnG x9fWYYeZr15H8838tZKmGA63ePHWgOOC3ysNv5jgnf8lW/ZJpGypfWR134gj+9W3 H+ce3lqI -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:31 2026 by rpki-client