This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/2QaZAgQ2BxUVFfg1aWYDEr7yowE.roa File: 2QaZAgQ2BxUVFfg1aWYDEr7yowE.roa (raw, json) Hash identifier: mrwPNewhrXBRjZ3xbz9XepEm0Cy1szvH8RFKVrkr1LU= Subject key identifier: D9:06:99:02:04:36:07:15:15:15:F8:35:69:66:03:12:BE:F2:A3:01 Certificate issuer: /CN=d5aa9c11657d8a2a54ce672814b6bdb979618830 Certificate serial: 019B7AC9185C663838E6B199D3AF361F7484 Authority key identifier: D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/2QaZAgQ2BxUVFfg1aWYDEr7yowE.roa Signing time: Thu 01 Jan 2026 18:19:17 +0000 ROA not before: Thu 01 Jan 2026 18:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215293 IP address blocks: 91.237.251.0/24 maxlen: 24 217.19.1.0/24 maxlen: 24 2a14:22c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.mft rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:18:5c:66:38:38:e6:b1:99:d3:af:36:1f:74:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5aa9c11657d8a2a54ce672814b6bdb979618830 Validity Not Before: Jan 1 18:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9069902043607151515f83569660312bef2a301 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d4:63:c1:5b:42:a2:7f:21:7e:ee:f6:25:50: e6:dd:1f:70:52:62:3b:a0:e2:1a:c6:9c:da:1f:32: 2e:08:fb:9b:fa:08:4c:e4:f5:96:9e:fd:87:d3:3f: bb:4a:80:86:c7:41:ae:ad:dd:66:0b:96:36:1a:ad: ad:2f:00:1e:9a:af:74:9e:45:9b:3f:ed:11:b6:00: 32:4a:d5:73:fd:72:9a:40:d5:44:f9:04:d9:e2:a0: 5b:67:db:45:1b:dd:28:48:14:52:90:10:f7:a3:f4: 3f:fe:20:ba:92:a1:dd:77:ad:7d:ac:d0:29:6b:80: 35:db:5c:36:77:cd:f0:dd:e0:42:a9:ab:58:f4:3c: 0d:43:2e:6b:38:b2:6a:48:91:91:f4:2e:e7:9c:2b: ba:cb:69:e6:ae:20:c2:09:29:3a:e8:f5:41:fa:9c: 5b:50:af:7c:6d:aa:96:ae:3d:66:ae:94:98:11:21: ea:a2:4f:8e:3b:4a:5e:f7:c5:29:6d:9f:4f:ae:21: 4a:b5:4f:5f:43:3e:e4:03:a6:80:ef:75:dc:d7:de: 0c:d8:db:07:7a:6b:e8:54:ab:f4:46:b5:32:c8:05: d2:e9:a6:4e:72:e9:0d:26:7f:9d:41:8b:dd:ba:e4: 38:9e:7c:26:bd:29:35:6a:2a:e1:72:97:1b:68:e7: 03:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:06:99:02:04:36:07:15:15:15:F8:35:69:66:03:12:BE:F2:A3:01 X509v3 Authority Key Identifier: keyid:D5:AA:9C:11:65:7D:8A:2A:54:CE:67:28:14:B6:BD:B9:79:61:88:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aqcEWV9iipUzmcoFLa9uXlhiDA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/2QaZAgQ2BxUVFfg1aWYDEr7yowE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/304a4f-2cc0-451a-b15f-cf99d5e257e9/1/1aqcEWV9iipUzmcoFLa9uXlhiDA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.237.251.0/24 217.19.1.0/24 IPv6: 2a14:22c0::/29 Signature Algorithm: sha256WithRSAEncryption 30:c4:5d:94:ed:64:ce:82:bb:27:f2:86:a4:7f:d6:a2:d6:85: 22:b8:b4:95:b8:95:e6:72:4f:db:e3:d3:76:cc:58:96:1b:06: d1:7e:91:6d:d3:25:2b:9b:69:3d:18:9e:9b:9a:1c:b4:36:54: 5a:52:b8:f2:9e:cf:31:c8:52:2c:4c:ab:b3:bf:c2:6f:67:23: fa:2b:7a:76:4e:90:b4:d0:24:5b:9e:77:f5:c6:2d:d8:d2:ef: 78:a6:ee:bf:7e:a2:88:9c:54:7e:6c:58:e8:8e:ec:33:7e:d6: 5b:42:3b:ed:a2:3c:f6:45:da:e5:60:87:d3:0d:89:78:7c:4a: b1:20:90:e8:9b:b8:a9:9f:19:3c:18:16:e1:a0:91:bb:d0:fb: e8:a5:ca:ed:90:00:6c:4c:3c:bc:18:b5:ca:46:ec:17:e7:a6: 3c:98:30:04:47:7d:01:21:79:70:70:4d:82:28:2a:94:26:a3: 27:ab:1d:00:0b:9a:13:40:7f:c3:16:e9:34:6c:c0:09:c5:e2: 74:0f:58:b3:f7:ca:70:fb:c3:ea:23:ca:84:b4:78:30:de:b2: 3d:5a:02:dd:bf:86:7f:a8:23:54:3a:be:0f:5f:02:42:94:e0: d5:6d:63:1f:49:cb:45:16:1b:02:ff:b0:78:df:24:b6:b6:cd: 98:4b:f7:5c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6yRhcZjg45rGZ0682H3SEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YWE5YzExNjU3ZDhhMmE1NGNlNjcyODE0YjZiZGI5Nzk2 MTg4MzAwHhcNMjYwMTAxMTgxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTA2OTkwMjA0MzYwNzE1MTUxNWY4MzU2OTY2MDMxMmJlZjJhMzAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydRjwVtCon8hfu72JVDm3R9wUmI7 oOIaxpzaHzIuCPub+ghM5PWWnv2H0z+7SoCGx0Gurd1mC5Y2Gq2tLwAemq90nkWb P+0RtgAyStVz/XKaQNVE+QTZ4qBbZ9tFG90oSBRSkBD3o/Q//iC6kqHdd619rNAp a4A121w2d83w3eBCqatY9DwNQy5rOLJqSJGR9C7nnCu6y2nmriDCCSk66PVB+pxb UK98baqWrj1mrpSYESHqok+OO0pe98UpbZ9PriFKtU9fQz7kA6aA73Xc194M2NsH emvoVKv0RrUyyAXS6aZOcukNJn+dQYvduuQ4nnwmvSk1airhcpcbaOcDUwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNkGmQIENgcVFRX4NWlmAxK+8qMBMB8GA1UdIwQY MBaAFNWqnBFlfYoqVM5nKBS2vbl5YYgwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYt Y2Y5OWQ1ZTI1N2U5LzEvMlFhWkFnUTJCeFVWRmZnMWFXWURFcjd5b3dFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8zMDRhNGYtMmNjMC00NTFhLWIxNWYtY2Y5OWQ1ZTI1N2U5 LzEvMWFxY0VXVjlpaXBVem1jb0ZMYTl1WGxoaURBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+37AwQA 2RMBMA0EAgACMAcDBQMqFCLAMA0GCSqGSIb3DQEBCwUAA4IBAQAwxF2U7WTOgrsn 8oakf9ai1oUiuLSVuJXmck/b49N2zFiWGwbRfpFt0yUrm2k9GJ6bmhy0NlRaUrjy ns8xyFIsTKuzv8JvZyP6K3p2TpC00CRbnnf1xi3Y0u94pu6/fqKInFR+bFjojuwz ftZbQjvtojz2RdrlYIfTDYl4fEqxIJDom7ipnxk8GBbhoJG70PvopcrtkABsTDy8 GLXKRuwX56Y8mDAER30BIXlwcE2CKCqUJqMnqx0AC5oTQH/DFuk0bMAJxeJ0D1iz 98pw+8PqI8qEtHgw3rI9WgLdv4Z/qCNUOr4PXwJClODVbWMfSctFFhsC/7B43yS2 ts2YS/dc -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:46 2026 by rpki-client