This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/z_i2HLAe207eqqdf1Xix5ENRMe4.roa File: z_i2HLAe207eqqdf1Xix5ENRMe4.roa (raw, json) Hash identifier: ztqjP6xacDo+JPNkJa5MSwjbXr7h1+BJzgwfqlxxQ4Q= Subject key identifier: CF:F8:B6:1C:B0:1E:DB:4E:DE:AA:A7:5F:D5:78:B1:E4:43:51:31:EE Certificate issuer: /CN=2cb4291df97963c5a9b732b1396f0f1c887504d6 Certificate serial: 019B7DCAA8A7742C55E47A38F2FD41A30CE8 Authority key identifier: 2C:B4:29:1D:F9:79:63:C5:A9:B7:32:B1:39:6F:0F:1C:88:75:04:D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/z_i2HLAe207eqqdf1Xix5ENRMe4.roa Signing time: Fri 02 Jan 2026 08:19:51 +0000 ROA not before: Fri 02 Jan 2026 08:19:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8829 IP address blocks: 109.204.168.0/21 maxlen: 21 109.204.192.0/18 maxlen: 18 2a00:8780::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/LLQpHfl5Y8WptzKxOW8PHIh1BNY.crl rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/LLQpHfl5Y8WptzKxOW8PHIh1BNY.mft rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:a8:a7:74:2c:55:e4:7a:38:f2:fd:41:a3:0c:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2cb4291df97963c5a9b732b1396f0f1c887504d6 Validity Not Before: Jan 2 08:19:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cff8b61cb01edb4edeaaa75fd578b1e4435131ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:42:64:21:88:98:bd:7b:2d:a4:ec:be:a8:25: 7c:fd:0b:9e:49:12:5a:a3:80:46:66:52:33:ec:12: eb:24:a0:a1:38:ef:2f:dc:1a:a4:27:d6:29:b9:4d: 5c:d1:98:5f:16:80:97:62:7e:bd:ec:c6:e9:0c:4e: 9f:7d:92:fc:40:b7:8e:3b:b8:d3:71:33:32:37:16: d0:e7:88:3e:92:ce:02:75:a7:0d:81:d6:47:c5:37: 20:2d:d6:65:5d:9c:22:97:96:1a:2d:da:40:e1:0a: 50:b9:1c:56:45:73:62:53:de:bc:bb:4b:f6:7b:b7: 70:f8:9e:5f:e8:1a:5f:e2:54:c7:4b:46:63:37:97: 51:8d:13:94:fb:1d:da:a5:2a:a6:63:ea:37:7e:cc: 9a:a3:bd:2a:4a:c3:5e:98:45:f5:7c:bd:d5:f5:a5: 08:0a:52:2a:94:8f:da:61:4c:36:1f:0f:86:63:95: e2:cd:3a:87:25:3c:7a:96:71:8c:70:ca:a7:61:e5: 76:fa:aa:6b:a3:7c:f7:41:76:10:2c:33:07:82:6d: f0:1f:82:14:47:77:bb:0e:3a:23:9f:e2:d3:69:82: 74:0c:07:f3:eb:d7:a1:9c:8f:6f:1f:d1:90:fd:6b: c5:92:05:2a:d3:50:67:ea:91:b4:10:a2:6b:6b:47: 01:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:F8:B6:1C:B0:1E:DB:4E:DE:AA:A7:5F:D5:78:B1:E4:43:51:31:EE X509v3 Authority Key Identifier: keyid:2C:B4:29:1D:F9:79:63:C5:A9:B7:32:B1:39:6F:0F:1C:88:75:04:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLQpHfl5Y8WptzKxOW8PHIh1BNY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/z_i2HLAe207eqqdf1Xix5ENRMe4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f9684e-09e2-49cc-851d-af4c06f31aff/1/LLQpHfl5Y8WptzKxOW8PHIh1BNY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.204.168.0/21 109.204.192.0/18 IPv6: 2a00:8780::/32 Signature Algorithm: sha256WithRSAEncryption 58:64:77:0b:56:76:52:4d:d4:b9:8e:c2:88:5e:20:e3:72:a4: 6c:ed:b0:9f:a7:22:76:89:cb:3a:8a:a5:ac:f8:79:18:80:6f: 68:bd:d3:f9:c6:49:ca:92:fb:86:6e:f1:b8:5c:dd:ad:75:6e: 5a:2b:4e:2b:1a:1b:52:f5:08:01:0a:56:c0:a9:6f:60:ac:ce: 4e:ae:2b:c2:31:ed:d0:79:34:27:33:73:e0:8d:0d:e3:10:c9: 26:73:6c:de:5b:a3:5b:b9:50:0f:c4:34:2f:67:48:dd:1b:65: eb:b1:c7:c3:58:fe:5e:5b:60:33:50:2d:0e:03:ce:6b:fe:81: 85:b9:02:01:ec:5e:4d:45:3b:a5:0b:6c:70:78:9a:78:fc:78: 49:39:ca:27:39:43:39:2b:59:d6:bc:b0:ee:86:35:37:67:ce: 02:b1:77:2b:66:0f:98:78:9a:8b:db:cb:85:46:47:17:31:ac: 18:23:0f:aa:7a:33:be:37:d0:9d:4d:dc:c2:73:3b:7c:b2:7e: 84:2a:af:aa:24:3d:48:f9:23:8d:2f:8f:a8:07:14:a7:fe:41: 39:58:33:ac:01:06:09:3e:83:02:75:7a:1b:35:67:8f:48:d1: 68:f3:04:70:47:62:a4:3e:68:79:67:cb:e8:50:59:9e:fc:29: cf:fe:68:08 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9yqindCxV5Ho48v1BowzoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYjQyOTFkZjk3OTYzYzVhOWI3MzJiMTM5NmYwZjFjODg3 NTA0ZDYwHhcNMjYwMTAyMDgxOTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZmY4YjYxY2IwMWVkYjRlZGVhYWE3NWZkNTc4YjFlNDQzNTEzMWVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokJkIYiYvXstpOy+qCV8/QueSRJa o4BGZlIz7BLrJKChOO8v3BqkJ9YpuU1c0ZhfFoCXYn697MbpDE6ffZL8QLeOO7jT cTMyNxbQ54g+ks4CdacNgdZHxTcgLdZlXZwil5YaLdpA4QpQuRxWRXNiU968u0v2 e7dw+J5f6Bpf4lTHS0ZjN5dRjROU+x3apSqmY+o3fsyao70qSsNemEX1fL3V9aUI ClIqlI/aYUw2Hw+GY5XizTqHJTx6lnGMcMqnYeV2+qpro3z3QXYQLDMHgm3wH4IU R3e7Djojn+LTaYJ0DAfz69ehnI9vH9GQ/WvFkgUq01Bn6pG0EKJra0cBfwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFM/4thywHttO3qqnX9V4seRDUTHuMB8GA1UdIwQY MBaAFCy0KR35eWPFqbcysTlvDxyIdQTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTExRcEhmbDVZOFdwdHpLeE9XOFBISWgxQk5ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mOTY4NGUtMDllMi00OWNjLTg1MWQt YWY0YzA2ZjMxYWZmLzEvel9pMkhMQWUyMDdlcXFkZjFYaXg1RU5STWU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9mOTY4NGUtMDllMi00OWNjLTg1MWQtYWY0YzA2ZjMxYWZm LzEvTExRcEhmbDVZOFdwdHpLeE9XOFBISWgxQk5ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbcyoAwQG bczAMA0EAgACMAcDBQAqAIeAMA0GCSqGSIb3DQEBCwUAA4IBAQBYZHcLVnZSTdS5 jsKIXiDjcqRs7bCfpyJ2ics6iqWs+HkYgG9ovdP5xknKkvuGbvG4XN2tdW5aK04r GhtS9QgBClbAqW9grM5OrivCMe3QeTQnM3PgjQ3jEMkmc2zeW6NbuVAPxDQvZ0jd G2XrscfDWP5eW2AzUC0OA85r/oGFuQIB7F5NRTulC2xweJp4/HhJOconOUM5K1nW vLDuhjU3Z84CsXcrZg+YeJqL28uFRkcXMawYIw+qejO+N9CdTdzCczt8sn6EKq+q JD1I+SONL4+oBxSn/kE5WDOsAQYJPoMCdXobNWePSNFo8wRwR2KkPmh5Z8voUFme /CnP/mgI -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:17 2026 by rpki-client