This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/2j0K4TBmylww5994wq6h52DnC4Q.roa File: 2j0K4TBmylww5994wq6h52DnC4Q.roa (raw, json) Hash identifier: V4EC4v+tPx02lsB25vziwHKMaEgUW7sf5nc1OVwIXxE= Subject key identifier: DA:3D:0A:E1:30:66:CA:5C:30:E7:DF:78:C2:AE:A1:E7:60:E7:0B:84 Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17 Certificate serial: 019A582EF2607DC83D70727982EF12324732 Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/2j0K4TBmylww5994wq6h52DnC4Q.roa Signing time: Thu 06 Nov 2025 08:01:03 +0000 ROA not before: Thu 06 Nov 2025 08:01:03 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 51091 IP address blocks: 91.216.142.0/24 maxlen: 24 2001:67c:2864::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:58:2e:f2:60:7d:c8:3d:70:72:79:82:ef:12:32:47:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17 Validity Not Before: Nov 6 08:01:03 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=da3d0ae13066ca5c30e7df78c2aea1e760e70b84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:77:29:c2:fa:bb:c5:84:f2:1a:94:95:82:68: 00:a3:9c:b1:35:82:07:d7:8b:84:5b:1e:12:79:b7: 6b:01:94:fe:23:32:da:2e:f3:a2:a2:04:90:2e:b1: 2c:2f:e5:ed:63:b2:7b:e1:67:d0:5f:8e:9c:6e:ca: a2:48:6e:e7:ca:32:5c:37:b5:7b:1c:eb:75:a3:20: 59:00:bd:e5:f0:1e:0c:26:8e:60:29:ff:c9:56:e8: 88:6c:df:fc:d7:cf:86:3f:76:e3:fa:b8:50:ab:8b: c6:2a:b3:72:43:0e:d1:93:23:86:21:a7:04:76:d2: bb:e1:01:9c:ff:d2:35:c4:f7:c7:35:2d:21:97:b4: 39:ff:f1:19:65:d1:5f:04:cc:b5:84:81:ff:aa:68: 39:71:96:92:67:3c:c1:04:ac:fa:5a:8b:79:ab:2b: 39:38:04:6f:a0:1f:21:01:e6:d5:e4:7a:6d:62:9a: f3:1f:81:75:96:fb:12:4b:5e:b2:a4:25:16:2a:e2: da:89:1e:51:58:ee:1a:b1:d5:33:c4:bd:59:65:26: dc:9a:56:fe:36:62:9c:d5:70:f6:72:01:62:7b:46: 88:ac:e3:0b:12:d9:c4:94:19:f8:31:73:2e:4c:d9: df:67:50:b3:9d:90:a9:b5:68:26:13:c1:f8:e8:ba: c1:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:3D:0A:E1:30:66:CA:5C:30:E7:DF:78:C2:AE:A1:E7:60:E7:0B:84 X509v3 Authority Key Identifier: keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/2j0K4TBmylww5994wq6h52DnC4Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.216.142.0/24 IPv6: 2001:67c:2864::/48 Signature Algorithm: sha256WithRSAEncryption 8e:14:09:9d:3f:1e:ab:0e:44:b2:95:ae:05:d5:3b:fb:77:19: b6:a0:db:ba:a0:dc:c7:28:ce:ad:4f:1e:f9:72:89:d5:e0:ad: dc:35:61:a3:b6:4c:65:0f:6c:0d:da:a1:60:6d:01:6c:1d:cb: 32:33:1f:ac:f6:d1:c3:80:7a:c8:fb:d8:9b:f2:b8:70:7b:bd: 70:6f:1d:de:d1:86:1e:07:99:84:4c:3b:60:92:3c:20:45:57: 69:f9:18:2c:fd:89:46:dd:0c:e2:67:3b:b2:78:17:70:07:37: 8d:e4:4e:bb:14:81:a7:e3:06:ce:3f:27:b4:43:59:39:21:86: 1d:31:c8:d4:04:4d:16:65:bf:e6:ab:8c:fe:d9:7e:f5:6e:93: f7:bd:c1:30:bb:8f:aa:59:63:a6:34:b0:68:82:f5:ed:8b:0b: 10:ec:68:4b:5e:58:18:c8:ba:14:ce:55:5d:35:29:05:f8:42: db:b6:eb:80:41:e3:e8:43:fa:af:0f:c8:9c:cf:09:86:82:93: bd:70:12:84:1f:2f:82:ac:05:17:a6:92:61:23:99:b6:2e:0e: 43:ec:5a:97:1c:88:7e:33:a3:b4:7a:17:f7:96:cc:4a:fc:ce: c7:05:19:b4:c0:09:64:55:1d:34:32:68:e6:2f:c8:3d:f2:02: 62:ea:11:77 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZpYLvJgfcg9cHJ5gu8SMkcyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4 NDlkMTcwHhcNMjUxMTA2MDgwMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTNkMGFlMTMwNjZjYTVjMzBlN2RmNzhjMmFlYTFlNzYwZTcwYjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXcpwvq7xYTyGpSVgmgAo5yxNYIH 14uEWx4SebdrAZT+IzLaLvOiogSQLrEsL+XtY7J74WfQX46cbsqiSG7nyjJcN7V7 HOt1oyBZAL3l8B4MJo5gKf/JVuiIbN/818+GP3bj+rhQq4vGKrNyQw7RkyOGIacE dtK74QGc/9I1xPfHNS0hl7Q5//EZZdFfBMy1hIH/qmg5cZaSZzzBBKz6Wot5qys5 OARvoB8hAebV5HptYprzH4F1lvsSS16ypCUWKuLaiR5RWO4asdUzxL1ZZSbcmlb+ NmKc1XD2cgFie0aIrOMLEtnElBn4MXMuTNnfZ1CznZCptWgmE8H46LrBZwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNo9CuEwZspcMOffeMKuoedg5wuEMB8GA1UdIwQY MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt OWRkOTk3ZWVmNGVmLzEvMmowSzRUQm15bHd3NTk5NHdxNmg1MkRuQzRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9iOMA8E AgACMAkDBwAgAQZ8KGQwDQYJKoZIhvcNAQELBQADggEBAI4UCZ0/HqsORLKVrgXV O/t3Gbag27qg3Mcozq1PHvlyidXgrdw1YaO2TGUPbA3aoWBtAWwdyzIzH6z20cOA esj72JvyuHB7vXBvHd7Rhh4HmYRMO2CSPCBFV2n5GCz9iUbdDOJnO7J4F3AHN43k TrsUgafjBs4/J7RDWTkhhh0xyNQETRZlv+arjP7ZfvVuk/e9wTC7j6pZY6Y0sGiC 9e2LCxDsaEteWBjIuhTOVV01KQX4Qtu264BB4+hD+q8PyJzPCYaCk71wEoQfL4Ks BRemkmEjmbYuDkPsWpcciH4zo7R6F/eWzEr8zscFGbTACWRVHTQyaOYvyD3yAmLq EXc= -----END CERTIFICATE-----Generated at Fri Dec 12 04:04:40 2025 by rpki-client