This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2U-4fh5Y-6ELapPuaFN-8v3vzZ8.roa File: 2U-4fh5Y-6ELapPuaFN-8v3vzZ8.roa (raw, json) Hash identifier: fzQ1nZuzCd2NJaFM8J+RsanrGfF4uueIjrfI/K1QphI= Subject key identifier: D9:4F:B8:7E:1E:58:FB:A1:0B:6A:93:EE:68:53:7E:F2:FD:EF:CD:9F Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E392E063CABAAE42C776C6C40E58A89 Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2U-4fh5Y-6ELapPuaFN-8v3vzZ8.roa Signing time: Fri 02 Jan 2026 10:20:35 +0000 ROA not before: Fri 02 Jan 2026 10:20:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198127 IP address blocks: 2a0c:b641:300::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:2e:06:3c:ab:aa:e4:2c:77:6c:6c:40:e5:8a:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d94fb87e1e58fba10b6a93ee68537ef2fdefcd9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:91:ea:64:b4:12:d6:9f:fc:0e:31:5c:74:b9: 8a:e9:a2:1e:cc:d5:a0:4a:39:8e:89:76:2c:1c:28: 5f:66:36:c0:13:d0:9e:ab:49:97:f7:10:68:89:82: f3:bd:58:72:cb:e7:23:0a:a1:6b:66:96:a9:37:27: 08:3d:08:7f:ce:fc:6b:e8:b3:f9:00:38:c6:4f:3d: ec:9b:5a:bf:5f:3d:50:e2:81:78:21:06:eb:ba:d3: 41:83:81:7a:b3:5a:d1:aa:bd:df:d6:df:33:93:99: 07:63:bd:a1:44:72:d1:84:1c:a6:a4:6d:51:f5:15: 14:90:1a:81:48:aa:6f:c8:a8:b3:bb:d8:fa:f8:4a: 77:76:d1:1c:43:33:09:f1:f2:c1:d1:1a:ba:0e:2c: ed:49:7c:16:5c:57:d7:c4:37:8e:3c:25:05:0c:8e: ec:5f:92:ca:94:17:3e:82:b0:c1:89:11:d4:52:fa: 31:67:4c:b8:4c:4e:aa:e7:12:4e:7a:ee:fe:b5:ef: ba:b7:d5:02:9f:86:fc:e4:a4:eb:1b:73:9e:8f:99: 7a:f9:04:a9:c2:82:51:e5:e3:24:aa:65:9c:9f:e9: ff:ab:e5:68:ab:50:9d:4d:cd:58:7b:ea:66:de:c1: d5:d9:92:2d:46:a7:4e:40:85:cc:f8:b7:98:76:18: 81:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:4F:B8:7E:1E:58:FB:A1:0B:6A:93:EE:68:53:7E:F2:FD:EF:CD:9F X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2U-4fh5Y-6ELapPuaFN-8v3vzZ8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b641:300::/44 Signature Algorithm: sha256WithRSAEncryption 92:2d:4b:98:0f:aa:24:5d:aa:54:a9:32:1b:7a:5e:b3:c5:d0: 26:eb:47:2b:76:e9:4c:da:20:97:d3:ef:5f:5d:5c:79:42:f2: a1:1a:8d:d2:fb:23:73:a1:bc:59:86:39:f6:2e:e5:d2:3d:e3: 43:e0:56:30:f6:69:66:30:35:9d:a7:5b:82:eb:fa:a6:6a:9b: 13:15:ec:25:48:22:e8:fa:9c:70:59:5e:8f:eb:d2:19:6f:2f: 86:49:08:b1:ec:c4:d6:ea:22:18:4d:20:bf:8c:72:21:20:76: 2d:ad:b1:d0:59:91:61:6f:df:ed:98:40:35:b1:85:3b:c2:e9: 5f:ce:dd:6b:21:7d:21:4c:ac:dc:5a:2a:30:cc:20:f5:91:48: b7:c3:8a:11:36:2b:14:f5:4f:f4:56:61:23:6c:d9:75:e9:cb: b3:96:67:e7:c1:6b:b5:27:2d:4f:bd:03:72:3c:73:52:35:bf: 54:b4:fe:af:66:d6:d4:e2:3e:e4:e0:7c:d4:d4:ab:39:ce:e0: 30:82:fd:b1:83:be:8d:2f:0e:e3:b8:ac:e5:c7:eb:c4:32:f2: 3d:4f:8d:ff:c5:1c:85:69:0f:80:92:6f:2a:72:91:eb:fe:8b: 00:af:55:3f:6d:15:83:1e:7c:1c:55:bc:63:ad:2e:46:d2:a2: e6:66:21:72 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+OS4GPKuq5Cx3bGxA5YqJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTRmYjg3ZTFlNThmYmExMGI2YTkzZWU2ODUzN2VmMmZkZWZjZDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZHqZLQS1p/8DjFcdLmK6aIezNWg SjmOiXYsHChfZjbAE9Ceq0mX9xBoiYLzvVhyy+cjCqFrZpapNycIPQh/zvxr6LP5 ADjGTz3sm1q/Xz1Q4oF4IQbrutNBg4F6s1rRqr3f1t8zk5kHY72hRHLRhBympG1R 9RUUkBqBSKpvyKizu9j6+Ep3dtEcQzMJ8fLB0Rq6DiztSXwWXFfXxDeOPCUFDI7s X5LKlBc+grDBiRHUUvoxZ0y4TE6q5xJOeu7+te+6t9UCn4b85KTrG3Oej5l6+QSp woJR5eMkqmWcn+n/q+Voq1CdTc1Ye+pm3sHV2ZItRqdOQIXM+LeYdhiBXQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNlPuH4eWPuhC2qT7mhTfvL9782fMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvMlUtNGZoNVktNkVMYXBQdWFGTi04djN2elo4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQMA MA0GCSqGSIb3DQEBCwUAA4IBAQCSLUuYD6okXapUqTIbel6zxdAm60crdulM2iCX 0+9fXVx5QvKhGo3S+yNzobxZhjn2LuXSPeND4FYw9mlmMDWdp1uC6/qmapsTFewl SCLo+pxwWV6P69IZby+GSQix7MTW6iIYTSC/jHIhIHYtrbHQWZFhb9/tmEA1sYU7 wulfzt1rIX0hTKzcWiowzCD1kUi3w4oRNisU9U/0VmEjbNl16cuzlmfnwWu1Jy1P vQNyPHNSNb9UtP6vZtbU4j7k4HzU1Ks5zuAwgv2xg76NLw7juKzlx+vEMvI9T43/ xRyFaQ+Akm8qcpHr/osAr1U/bRWDHnwcVbxjrS5G0qLmZiFy -----END CERTIFICATE-----Generated at Tue Jan 20 02:45:53 2026 by rpki-client