This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/2MSpCLbIJT_dNS85cUQH7P6hQQQ.roa File: 2MSpCLbIJT_dNS85cUQH7P6hQQQ.roa (raw, json) Hash identifier: LqxKJfwKg1vJNoy6niHI6Ay0t/ibwSsUhqanJ+kZvVg= Subject key identifier: D8:C4:A9:08:B6:C8:25:3F:DD:35:2F:39:71:44:07:EC:FE:A1:41:04 Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21 Certificate serial: 019B7CEE20EFFB517A2C6E7FDDBEDA354001 Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/2MSpCLbIJT_dNS85cUQH7P6hQQQ.roa Signing time: Fri 02 Jan 2026 04:18:59 +0000 ROA not before: Fri 02 Jan 2026 04:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199775 IP address blocks: 45.94.32.0/22 maxlen: 24 46.36.192.0/21 maxlen: 24 185.6.152.0/22 maxlen: 24 185.65.164.0/22 maxlen: 24 185.95.108.0/22 maxlen: 24 185.168.132.0/22 maxlen: 24 185.182.52.0/22 maxlen: 24 185.208.240.0/22 maxlen: 22 185.242.218.0/24 maxlen: 24 194.126.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:20:ef:fb:51:7a:2c:6e:7f:dd:be:da:35:40:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21 Validity Not Before: Jan 2 04:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8c4a908b6c8253fdd352f39714407ecfea14104 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:59:d4:ce:b0:82:e4:da:39:46:7c:d3:6b:1f: 66:9f:bc:09:d5:4e:a7:fb:d0:71:7e:35:22:27:a3: af:cc:1b:37:05:ce:4f:78:2e:39:53:15:1a:ad:62: f5:a7:c5:73:02:66:4a:66:9c:1e:7d:96:2d:3b:c3: 28:34:8b:3d:d8:8c:e0:44:4d:66:7d:00:16:1c:e1: bb:ae:44:10:e0:41:06:59:42:83:38:c2:04:5d:21: 92:d2:ad:e9:72:2b:45:40:83:6a:a5:33:19:e2:68: 49:24:8d:01:17:50:b7:1b:7f:8a:17:cf:dd:43:96: ce:10:3e:2e:91:ce:1e:e6:96:b6:71:d7:bf:b0:2b: 36:e2:4f:52:c4:be:51:7e:05:2a:86:61:e5:ec:c3: 86:dd:40:0e:5d:10:10:00:96:93:ef:3c:0d:fe:80: 16:03:fd:69:e1:bb:31:9a:8b:cb:38:c0:af:59:3f: 0a:3d:d4:f0:32:89:5a:83:59:6e:4d:52:2c:2a:0e: 9a:c9:02:f9:b1:9f:f5:30:a5:6e:7a:b1:7a:3d:e2: 80:39:07:1b:78:20:cf:d1:a1:37:dc:38:a4:29:91: 8c:4e:d5:d2:8f:29:99:7a:1d:14:b9:e6:eb:04:41: fa:19:14:bd:5e:6a:f8:5e:60:a4:cc:50:c2:9c:ad: 1a:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:C4:A9:08:B6:C8:25:3F:DD:35:2F:39:71:44:07:EC:FE:A1:41:04 X509v3 Authority Key Identifier: keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/2MSpCLbIJT_dNS85cUQH7P6hQQQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.94.32.0/22 46.36.192.0/21 185.6.152.0/22 185.65.164.0/22 185.95.108.0/22 185.168.132.0/22 185.182.52.0/22 185.208.240.0/22 185.242.218.0/24 194.126.152.0/22 Signature Algorithm: sha256WithRSAEncryption 83:17:39:b7:76:d0:0c:63:2d:43:3d:d7:17:67:e2:ad:ea:39: 0c:10:fe:03:c0:9d:37:59:c3:48:71:2e:b7:f2:bb:22:11:85: 00:e5:d2:af:10:4a:6f:0f:6d:ab:d6:50:90:e8:00:15:c9:ad: 8a:dd:ee:d4:52:38:e8:27:68:8d:70:8f:91:c5:6e:fa:01:6a: 70:e2:fd:02:b4:8c:95:20:b7:7d:15:47:60:39:3c:a7:6c:ce: 33:59:59:f4:15:ae:7f:af:98:b3:f9:38:9d:a2:af:a1:26:14: 02:70:00:35:0e:03:43:00:44:95:73:38:1b:21:38:50:ff:d6: 63:ed:e7:b4:7d:d5:d7:91:bd:64:0b:29:a9:9d:7d:53:9f:f1: 09:80:68:15:96:7b:c0:16:69:9b:19:45:b3:e6:a2:59:77:df: ed:73:50:97:dc:2a:61:e0:80:b5:6d:a9:7a:f7:09:f8:c7:1b: b5:e0:cb:19:89:87:50:8b:d2:15:6f:11:c4:28:9f:de:df:e6: dd:8f:b4:69:48:05:4c:3f:cc:0c:ce:c1:9d:f9:1a:7c:48:e3: 3c:4e:20:0d:a8:9d:10:19:e3:27:a7:e6:6c:b8:97:5c:21:c2: cd:b5:dc:b3:07:bb:c9:c9:ac:f4:e5:73:e1:97:23:f0:4f:1f: e2:e2:e3:34 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgISAZt87iDv+1F6LG5/3b7aNUABMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4 ZjdkMjEwHhcNMjYwMTAyMDQxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGM0YTkwOGI2YzgyNTNmZGQzNTJmMzk3MTQ0MDdlY2ZlYTE0MTA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFnUzrCC5No5RnzTax9mn7wJ1U6n +9BxfjUiJ6OvzBs3Bc5PeC45UxUarWL1p8VzAmZKZpwefZYtO8MoNIs92IzgRE1m fQAWHOG7rkQQ4EEGWUKDOMIEXSGS0q3pcitFQINqpTMZ4mhJJI0BF1C3G3+KF8/d Q5bOED4ukc4e5pa2cde/sCs24k9SxL5RfgUqhmHl7MOG3UAOXRAQAJaT7zwN/oAW A/1p4bsxmovLOMCvWT8KPdTwMolag1luTVIsKg6ayQL5sZ/1MKVuerF6PeKAOQcb eCDP0aE33DikKZGMTtXSjymZeh0UuebrBEH6GRS9Xmr4XmCkzFDCnK0alQIDAQAB o4ICPzCCAjswHQYDVR0OBBYEFNjEqQi2yCU/3TUvOXFEB+z+oUEEMB8GA1UdIwQY MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt ODNmNjAxYzNmYjU5LzEvMk1TcENMYklKVF9kTlM4NWNVUUg3UDZoUVFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5 LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLV4gAwQD LiTAAwQCuQaYAwQCuUGkAwQCuV9sAwQCuaiEAwQCubY0AwQCudDwAwQAufLaAwQC wn6YMA0GCSqGSIb3DQEBCwUAA4IBAQCDFzm3dtAMYy1DPdcXZ+Kt6jkMEP4DwJ03 WcNIcS638rsiEYUA5dKvEEpvD22r1lCQ6AAVya2K3e7UUjjoJ2iNcI+RxW76AWpw 4v0CtIyVILd9FUdgOTynbM4zWVn0Fa5/r5iz+Tidoq+hJhQCcAA1DgNDAESVczgb IThQ/9Zj7ee0fdXXkb1kCympnX1Tn/EJgGgVlnvAFmmbGUWz5qJZd9/tc1CX3Cph 4IC1bal69wn4xxu14MsZiYdQi9IVbxHEKJ/e3+bdj7RpSAVMP8wMzsGd+Rp8SOM8 TiANqJ0QGeMnp+ZsuJdcIcLNtdyzB7vJyaz05XPhlyPwTx/i4uM0 -----END CERTIFICATE-----Generated at Fri Jan 2 23:53:22 2026 by rpki-client