This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/sz2hM6b0kWi5lGSZOx8xQWLEDac.roa File: sz2hM6b0kWi5lGSZOx8xQWLEDac.roa (raw, json) Hash identifier: WNOAe/3pRo5H7hWt2dUEHtw/6Zr0ujDafm8V0QNv03k= Subject key identifier: B3:3D:A1:33:A6:F4:91:68:B9:94:64:99:3B:1F:31:41:62:C4:0D:A7 Certificate issuer: /CN=d2075c84f529c87dd85fd4afea4e0934366af54a Certificate serial: 019B7D5B5386A6FBBF83124E896021B290BC Authority key identifier: D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/sz2hM6b0kWi5lGSZOx8xQWLEDac.roa Signing time: Fri 02 Jan 2026 06:18:15 +0000 ROA not before: Fri 02 Jan 2026 06:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31239 IP address blocks: 78.40.212.0/24 maxlen: 24 89.31.128.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.mft rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:53:86:a6:fb:bf:83:12:4e:89:60:21:b2:90:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2075c84f529c87dd85fd4afea4e0934366af54a Validity Not Before: Jan 2 06:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b33da133a6f49168b99464993b1f314162c40da7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:81:38:00:48:64:0f:0e:0d:eb:72:f6:f8:ce: 1a:50:ec:01:f3:47:e4:a9:64:97:67:23:77:f2:68: e3:9c:62:1c:87:25:0c:de:3b:84:61:46:27:bb:06: 23:26:44:96:ad:3b:e3:48:87:62:1d:47:36:9e:00: 52:6c:34:ac:d4:08:8f:7e:02:52:34:ba:98:0a:f8: 03:21:81:a3:5f:de:a0:8d:de:b7:a6:af:0d:1d:dd: 3e:e7:01:6e:c3:c2:ad:17:36:bf:0f:d7:99:8d:3a: 1e:58:97:ba:4f:a9:07:59:46:3f:41:c0:cf:05:32: c4:03:0d:e6:8d:f8:ff:32:94:6e:bb:a8:8b:c7:2f: ec:c2:67:d7:b0:a2:7e:cb:7d:11:17:47:df:44:19: 33:b8:07:c7:5b:02:7b:e8:c4:24:70:7a:9d:f0:39: cb:50:b6:f5:a8:b9:5d:05:f1:8e:62:5b:80:7a:36: 9c:eb:a9:a6:81:eb:54:da:c4:df:ba:c7:be:d1:f6: 49:87:3e:91:e4:f2:08:5c:7e:df:6a:2f:70:89:69: a2:dd:67:5f:20:a3:48:02:df:94:fe:d6:a9:dc:cd: ed:43:b8:5f:2e:05:34:c4:5b:23:9e:91:87:11:a9: 7b:30:b6:72:8b:7e:41:b9:fb:42:72:91:c1:81:ab: 44:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:3D:A1:33:A6:F4:91:68:B9:94:64:99:3B:1F:31:41:62:C4:0D:A7 X509v3 Authority Key Identifier: keyid:D2:07:5C:84:F5:29:C8:7D:D8:5F:D4:AF:EA:4E:09:34:36:6A:F5:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/sz2hM6b0kWi5lGSZOx8xQWLEDac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/eefa72-8f4c-486c-b019-b4eaa0561fc7/1/0gdchPUpyH3YX9Sv6k4JNDZq9Uo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.40.212.0/24 89.31.128.0/21 Signature Algorithm: sha256WithRSAEncryption 53:e9:19:29:22:7a:82:53:73:02:b8:c8:83:b6:88:aa:30:6d: 79:47:f8:5f:2e:d0:10:ba:f3:c7:6c:a5:30:2b:4f:b4:dd:b7: 72:6f:16:02:ff:c7:0c:8e:41:b3:6a:b7:52:43:1e:fb:23:1a: 78:bb:64:fc:c9:2c:a8:da:de:37:18:f5:96:31:23:bd:9a:d7: e6:59:0d:e9:1f:4e:c3:4b:a3:92:b8:ca:bb:98:3d:7c:93:51: ee:02:98:c4:9d:28:26:4b:d4:e0:3d:0d:3c:c7:a2:5b:f9:ef: 57:16:20:c4:03:da:a8:18:57:43:cf:95:74:09:c1:2c:a9:40: 27:d7:88:2c:cd:ad:3b:7f:79:60:e0:df:a5:22:79:23:22:08: f5:12:e0:1a:29:2e:a6:3b:a8:f0:d2:e7:8e:15:f1:16:4e:54: c8:4e:2a:62:88:30:e4:26:b5:5d:6b:7a:ba:f6:8d:8f:be:f1: 60:2d:37:db:02:a1:59:df:89:1e:1b:80:9c:3f:70:f2:6b:04: 88:26:82:6e:5f:9c:2d:dc:2a:45:e8:57:3c:ad:d1:7a:35:48: 2f:33:c3:be:ec:08:40:6f:d8:e4:82:55:25:cf:34:dc:a7:bd: 2d:49:fa:ab:6c:0b:e5:f5:7c:87:9c:dd:fc:b6:80:45:05:17: d8:49:25:a8 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9W1OGpvu/gxJOiWAhspC8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMDc1Yzg0ZjUyOWM4N2RkODVmZDRhZmVhNGUwOTM0MzY2 YWY1NGEwHhcNMjYwMTAyMDYxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzNkYTEzM2E2ZjQ5MTY4Yjk5NDY0OTkzYjFmMzE0MTYyYzQwZGE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIE4AEhkDw4N63L2+M4aUOwB80fk qWSXZyN38mjjnGIchyUM3juEYUYnuwYjJkSWrTvjSIdiHUc2ngBSbDSs1AiPfgJS NLqYCvgDIYGjX96gjd63pq8NHd0+5wFuw8KtFza/D9eZjToeWJe6T6kHWUY/QcDP BTLEAw3mjfj/MpRuu6iLxy/swmfXsKJ+y30RF0ffRBkzuAfHWwJ76MQkcHqd8DnL ULb1qLldBfGOYluAejac66mmgetU2sTfuse+0fZJhz6R5PIIXH7fai9wiWmi3Wdf IKNIAt+U/tap3M3tQ7hfLgU0xFsjnpGHEal7MLZyi35BuftCcpHBgatElwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLM9oTOm9JFouZRkmTsfMUFixA2nMB8GA1UdIwQY MBaAFNIHXIT1Kch92F/Ur+pOCTQ2avVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGdkY2hQVXB5SDNZWDlTdjZrNEpORFpxOVVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9lZWZhNzItOGY0Yy00ODZjLWIwMTkt YjRlYWEwNTYxZmM3LzEvc3oyaE02YjBrV2k1bEdTWk94OHhRV0xFRGFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS9lZWZhNzItOGY0Yy00ODZjLWIwMTktYjRlYWEwNTYxZmM3 LzEvMGdkY2hQVXB5SDNZWDlTdjZrNEpORFpxOVVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATijUAwQD WR+AMA0GCSqGSIb3DQEBCwUAA4IBAQBT6RkpInqCU3MCuMiDtoiqMG15R/hfLtAQ uvPHbKUwK0+03bdybxYC/8cMjkGzardSQx77Ixp4u2T8ySyo2t43GPWWMSO9mtfm WQ3pH07DS6OSuMq7mD18k1HuApjEnSgmS9TgPQ08x6Jb+e9XFiDEA9qoGFdDz5V0 CcEsqUAn14gsza07f3lg4N+lInkjIgj1EuAaKS6mO6jw0ueOFfEWTlTITipiiDDk JrVda3q69o2PvvFgLTfbAqFZ34keG4CcP3DyawSIJoJuX5wt3CpF6Fc8rdF6NUgv M8O+7AhAb9jkglUlzzTcp70tSfqrbAvl9XyHnN38toBFBRfYSSWo -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:53 2026 by rpki-client