This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/8a71dc-9356-4d3f-80a4-51c6f60d5979/1/2PRZ6lFW5Ytchf9MmZf7GwlA3vA.roa File: 2PRZ6lFW5Ytchf9MmZf7GwlA3vA.roa (raw, json) Hash identifier: vawlKSVHyKRBL2/hA/FnCEfDpygXxAirjAN/iyp8egI= Subject key identifier: D8:F4:59:EA:51:56:E5:8B:5C:85:FF:4C:99:97:FB:1B:09:40:DE:F0 Certificate issuer: /CN=dcc43a470976f3747f682e32d27c3ecacee0cc59 Certificate serial: 019B7B358D7BBDC67BF9D090DDDF12F605EF Authority key identifier: DC:C4:3A:47:09:76:F3:74:7F:68:2E:32:D2:7C:3E:CA:CE:E0:CC:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MQ6Rwl283R_aC4y0nw-ys7gzFk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/8a71dc-9356-4d3f-80a4-51c6f60d5979/1/2PRZ6lFW5Ytchf9MmZf7GwlA3vA.roa Signing time: Thu 01 Jan 2026 20:17:45 +0000 ROA not before: Thu 01 Jan 2026 20:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42584 IP address blocks: 185.200.28.0/24 maxlen: 24 185.200.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/8a71dc-9356-4d3f-80a4-51c6f60d5979/1/3MQ6Rwl283R_aC4y0nw-ys7gzFk.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/8a71dc-9356-4d3f-80a4-51c6f60d5979/1/3MQ6Rwl283R_aC4y0nw-ys7gzFk.mft rsync://rpki.ripe.net/repository/DEFAULT/3MQ6Rwl283R_aC4y0nw-ys7gzFk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:8d:7b:bd:c6:7b:f9:d0:90:dd:df:12:f6:05:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcc43a470976f3747f682e32d27c3ecacee0cc59 Validity Not Before: Jan 1 20:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8f459ea5156e58b5c85ff4c9997fb1b0940def0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b8:a2:ba:56:04:ef:1a:ab:81:f1:d2:8e:b4: b6:59:51:16:68:ea:7f:22:35:99:e4:3e:ad:ea:31: 41:e1:8d:8e:39:b3:e4:b0:0e:6e:ec:ed:5f:ee:b1: 25:b8:6b:6f:36:79:a2:ab:a2:d5:65:ac:64:20:0d: f6:79:90:a7:65:41:06:34:82:33:83:ed:ee:4c:b4: 5b:e6:a5:ab:c8:fc:0b:4f:b3:bc:fe:ae:e8:1c:29: 23:81:1c:3c:68:83:1c:72:22:c6:47:c2:1e:98:ca: ae:5e:b7:85:ad:1b:c7:63:30:77:57:c4:db:02:23: dd:b0:68:e2:47:a0:ee:24:df:dd:6c:f4:84:9c:4a: f2:a0:b1:3a:5a:24:49:c1:68:33:f2:c1:55:f1:09: 96:a0:78:99:cd:19:f3:f7:a9:24:2a:18:51:0e:44: dd:40:98:38:91:df:8c:4f:90:44:3a:94:31:c7:37: 3f:06:20:e4:e6:33:61:cb:35:09:31:f5:ad:29:53: 78:ee:b2:c0:8d:3f:b6:bf:8f:ca:fa:b5:f5:db:4e: a4:00:04:f6:68:6b:39:74:27:9e:97:99:33:8a:1a: 7b:91:8f:33:7c:e4:ba:41:c5:4b:80:32:98:dd:ba: 3f:3e:e5:c1:9a:18:5d:1b:00:38:b5:e9:4a:7e:13: 75:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:F4:59:EA:51:56:E5:8B:5C:85:FF:4C:99:97:FB:1B:09:40:DE:F0 X509v3 Authority Key Identifier: keyid:DC:C4:3A:47:09:76:F3:74:7F:68:2E:32:D2:7C:3E:CA:CE:E0:CC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MQ6Rwl283R_aC4y0nw-ys7gzFk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/8a71dc-9356-4d3f-80a4-51c6f60d5979/1/2PRZ6lFW5Ytchf9MmZf7GwlA3vA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/8a71dc-9356-4d3f-80a4-51c6f60d5979/1/3MQ6Rwl283R_aC4y0nw-ys7gzFk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.200.28.0/24 185.200.31.0/24 Signature Algorithm: sha256WithRSAEncryption 21:7e:f7:29:40:5e:c7:3c:5d:04:e9:da:57:58:fb:6a:40:7c: ab:68:e1:96:80:49:47:79:a7:31:be:1a:40:8e:5b:ab:41:92: d6:ab:4b:27:83:64:23:18:5e:9b:c3:52:6b:35:33:38:4f:db: 2e:f9:30:56:98:28:df:59:8d:87:95:e9:1f:06:b7:67:38:3d: 01:b1:90:d5:7f:4f:12:27:e0:f9:64:af:b5:9e:5e:29:16:7c: b2:b1:d8:76:1b:4c:f8:51:ed:49:30:dd:5e:a9:b3:31:ff:23: 54:9a:d7:16:58:4b:88:5a:0c:03:88:1d:11:5a:e5:98:ef:c8: a5:93:a4:0c:2d:3d:78:9b:68:5a:53:59:75:a3:0d:55:ca:7e: 18:9a:f2:51:10:06:b9:75:7b:b3:9b:74:94:46:b7:9b:82:8b: 16:f1:7e:d0:8d:cc:85:70:57:b2:1a:0b:c7:e9:b5:4f:86:37: 2b:27:e5:52:66:8c:2a:7e:94:79:8c:db:ef:52:2f:4a:96:01: 69:ad:dd:e0:cf:bd:48:7a:78:f7:3e:e3:05:81:56:13:f5:21: f8:e5:1d:31:72:82:95:bd:d7:ac:7f:77:e5:91:6d:23:41:67: 1c:84:a9:23:a6:ec:5d:bf:28:32:45:3c:9f:21:68:b1:99:19: 85:67:6b:f1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NY17vcZ7+dCQ3d8S9gXvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjYzQzYTQ3MDk3NmYzNzQ3ZjY4MmUzMmQyN2MzZWNhY2Vl MGNjNTkwHhcNMjYwMTAxMjAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGY0NTllYTUxNTZlNThiNWM4NWZmNGM5OTk3ZmIxYjA5NDBkZWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LiiulYE7xqrgfHSjrS2WVEWaOp/ IjWZ5D6t6jFB4Y2OObPksA5u7O1f7rEluGtvNnmiq6LVZaxkIA32eZCnZUEGNIIz g+3uTLRb5qWryPwLT7O8/q7oHCkjgRw8aIMcciLGR8IemMquXreFrRvHYzB3V8Tb AiPdsGjiR6DuJN/dbPSEnEryoLE6WiRJwWgz8sFV8QmWoHiZzRnz96kkKhhRDkTd QJg4kd+MT5BEOpQxxzc/BiDk5jNhyzUJMfWtKVN47rLAjT+2v4/K+rX1206kAAT2 aGs5dCeel5kzihp7kY8zfOS6QcVLgDKY3bo/PuXBmhhdGwA4telKfhN1hwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNj0WepRVuWLXIX/TJmX+xsJQN7wMB8GA1UdIwQY MBaAFNzEOkcJdvN0f2guMtJ8PsrO4MxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM01RNlJ3bDI4M1JfYUM0eTBudy15czdnekZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84YTcxZGMtOTM1Ni00ZDNmLTgwYTQt NTFjNmY2MGQ1OTc5LzEvMlBSWjZsRlc1WXRjaGY5TW1aZjdHd2xBM3ZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS84YTcxZGMtOTM1Ni00ZDNmLTgwYTQtNTFjNmY2MGQ1OTc5 LzEvM01RNlJ3bDI4M1JfYUM0eTBudy15czdnekZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucgcAwQA ucgfMA0GCSqGSIb3DQEBCwUAA4IBAQAhfvcpQF7HPF0E6dpXWPtqQHyraOGWgElH eacxvhpAjlurQZLWq0sng2QjGF6bw1JrNTM4T9su+TBWmCjfWY2HlekfBrdnOD0B sZDVf08SJ+D5ZK+1nl4pFnyysdh2G0z4Ue1JMN1eqbMx/yNUmtcWWEuIWgwDiB0R WuWY78ilk6QMLT14m2haU1l1ow1Vyn4YmvJREAa5dXuzm3SURrebgosW8X7QjcyF cFeyGgvH6bVPhjcrJ+VSZowqfpR5jNvvUi9KlgFprd3gz71Ienj3PuMFgVYT9SH4 5R0xcoKVvdesf3flkW0jQWcchKkjpuxdvygyRTyfIWixmRmFZ2vx -----END CERTIFICATE-----Generated at Tue Feb 10 04:32:12 2026 by rpki-client