This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/pbGUP3y4RpyVSLG7eXeil8rY1ME.roa File: pbGUP3y4RpyVSLG7eXeil8rY1ME.roa (raw, json) Hash identifier: SysyRMZRJZakF6FXhRynobKTSkCFH7tLqdsJUw3S05A= Subject key identifier: A5:B1:94:3F:7C:B8:46:9C:95:48:B1:BB:79:77:A2:97:CA:D8:D4:C1 Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3 Certificate serial: 019B7CED974FB630A703CEF304DB3186C210 Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/pbGUP3y4RpyVSLG7eXeil8rY1ME.roa Signing time: Fri 02 Jan 2026 04:18:24 +0000 ROA not before: Fri 02 Jan 2026 04:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213087 IP address blocks: 134.97.2.0/24 maxlen: 24 134.97.3.0/24 maxlen: 24 2001:650:cc05::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.mft rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:97:4f:b6:30:a7:03:ce:f3:04:db:31:86:c2:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3 Validity Not Before: Jan 2 04:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a5b1943f7cb8469c9548b1bb7977a297cad8d4c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:5e:e2:91:5b:33:f6:ec:db:c6:6e:61:64:5c: 92:25:b6:7b:b4:bd:8c:80:a1:e0:79:6e:94:c4:5e: 97:28:b7:37:42:7a:c7:eb:36:47:c9:3a:79:72:a5: a1:f7:43:49:af:09:99:96:7f:49:22:08:7b:eb:c3: fe:0e:f7:68:64:f8:be:a3:90:b0:8a:22:e8:ad:47: 38:9b:4b:5c:f6:b6:b3:7a:2f:fd:42:78:cd:d7:a2: 20:07:b3:64:98:32:2b:5f:27:1d:4c:72:92:27:8e: 39:6c:d4:7d:b2:d5:52:0d:2a:60:25:96:d5:61:47: e1:1b:34:e6:10:24:ca:d4:e0:42:c0:92:b6:2e:f0: c1:36:99:56:35:84:34:7c:2d:9c:78:09:9d:33:60: 8e:08:9d:75:d9:68:f3:eb:44:85:62:5c:96:28:0d: a3:24:15:e6:b0:d3:2c:1c:13:0a:a0:ea:3e:af:90: b3:5f:65:6f:b8:d5:e0:6e:ce:91:4b:d1:1e:76:a0: 23:64:96:66:85:55:1a:d9:30:47:f3:a8:18:78:84: ce:8a:ff:87:38:75:cb:94:e2:d9:99:5b:5a:16:70: 6a:0e:5b:06:f8:f1:68:e9:9c:88:2e:05:49:dc:ac: 15:2a:71:4a:ee:3d:86:93:49:b6:21:b4:a8:c1:f4: 83:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:B1:94:3F:7C:B8:46:9C:95:48:B1:BB:79:77:A2:97:CA:D8:D4:C1 X509v3 Authority Key Identifier: keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/pbGUP3y4RpyVSLG7eXeil8rY1ME.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 134.97.2.0/23 IPv6: 2001:650:cc05::/48 Signature Algorithm: sha256WithRSAEncryption 6e:4d:1e:c4:c0:2e:11:37:d5:e9:6a:1d:ba:3b:74:92:c3:41: c5:d5:bb:11:c5:6a:f9:88:ae:33:9d:91:b3:7b:bf:94:55:88: fa:01:cc:d9:6f:3c:8f:80:a9:7d:61:4f:58:25:65:6f:b8:f2: 73:e8:52:fd:08:4c:8e:24:4f:57:98:35:7a:ab:b0:10:56:61: fe:e4:d3:37:d3:6a:34:23:02:6b:63:bf:ba:94:bf:ea:44:83: be:e1:29:f3:75:df:d6:98:71:f9:de:38:2e:a0:71:11:00:66: 3b:8e:94:5d:06:09:4a:e7:95:ba:1e:d6:8d:56:39:4d:dd:57: 90:e2:0b:dd:ed:1c:92:2b:87:39:c6:76:f0:e1:41:7c:ff:9b: 4b:19:fd:ba:08:09:49:e6:58:f0:ef:6e:a0:c4:e0:02:7c:78: d5:d3:65:44:33:f9:8d:fd:31:1f:11:5b:b4:2a:6e:37:e4:6a: f5:89:60:a8:24:ee:12:64:69:62:90:95:6d:6a:66:49:16:41: 9d:9c:ec:af:ed:77:e0:e2:49:8a:6d:bf:97:ba:4c:61:a6:e7: 01:2a:0f:c0:2a:db:6d:cc:8e:fd:29:2f:9b:50:90:40:b8:d0: 1b:f7:4a:c2:88:8f:ec:6c:3a:2d:b6:9f:fc:9a:fb:d9:27:5a: 0d:b1:ad:8a -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt87ZdPtjCnA87zBNsxhsIQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4 YWUwZDMwHhcNMjYwMTAyMDQxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNWIxOTQzZjdjYjg0NjljOTU0OGIxYmI3OTc3YTI5N2NhZDhkNGMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp17ikVsz9uzbxm5hZFySJbZ7tL2M gKHgeW6UxF6XKLc3QnrH6zZHyTp5cqWh90NJrwmZln9JIgh768P+DvdoZPi+o5Cw iiLorUc4m0tc9razei/9QnjN16IgB7NkmDIrXycdTHKSJ445bNR9stVSDSpgJZbV YUfhGzTmECTK1OBCwJK2LvDBNplWNYQ0fC2ceAmdM2COCJ112Wjz60SFYlyWKA2j JBXmsNMsHBMKoOo+r5CzX2VvuNXgbs6RS9EedqAjZJZmhVUa2TBH86gYeITOiv+H OHXLlOLZmVtaFnBqDlsG+PFo6ZyILgVJ3KwVKnFK7j2Gk0m2IbSowfSDcQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKWxlD98uEaclUixu3l3opfK2NTBMB8GA1UdIwQY MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt NTNjYzVkYWY1MmNmLzEvcGJHVVAzeTRScHlWU0xHN2VYZWlsOHJZMU1FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBhmECMA8E AgACMAkDBwAgAQZQzAUwDQYJKoZIhvcNAQELBQADggEBAG5NHsTALhE31elqHbo7 dJLDQcXVuxHFavmIrjOdkbN7v5RViPoBzNlvPI+AqX1hT1glZW+48nPoUv0ITI4k T1eYNXqrsBBWYf7k0zfTajQjAmtjv7qUv+pEg77hKfN139aYcfneOC6gcREAZjuO lF0GCUrnlboe1o1WOU3dV5DiC93tHJIrhznGdvDhQXz/m0sZ/boICUnmWPDvbqDE 4AJ8eNXTZUQz+Y39MR8RW7QqbjfkavWJYKgk7hJkaWKQlW1qZkkWQZ2c7K/td+Di SYptv5e6TGGm5wEqD8Aq223Mjv0pL5tQkEC40Bv3SsKIj+xsOi22n/ya+9knWg2x rYo= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:45 2026 by rpki-client