This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa File: A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa (raw, json) Hash identifier: GGeYGfyoQGlOlTO2uMYQdKl/MdtFY8veEw/Zc71doVs= Subject key identifier: 03:64:59:D2:06:F2:28:2E:60:CE:84:1E:2A:29:F4:1D:21:3E:66:A4 Certificate issuer: /CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Certificate serial: 019B79110580D1944EC2A7FFFCD3C828266E Authority key identifier: A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa Signing time: Thu 01 Jan 2026 10:18:37 +0000 ROA not before: Thu 01 Jan 2026 10:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211599 IP address blocks: 185.249.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.mft rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:05:80:d1:94:4e:c2:a7:ff:fc:d3:c8:28:26:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0aae5850a36db28822a6c1afc5ffacff007eef2 Validity Not Before: Jan 1 10:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=036459d206f2282e60ce841e2a29f41d213e66a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4b:ee:e7:f3:eb:d2:b2:05:05:24:ce:0b:bf: b9:9b:9d:38:52:76:74:3f:9e:b8:1b:26:a1:86:69: 1e:f1:26:12:57:8a:9f:27:0f:d4:c2:c5:cc:27:f6: 80:47:1a:2b:df:b5:6d:92:52:b1:91:b1:93:34:04: ad:af:a4:b0:76:e3:f7:0d:3a:4e:b9:2f:44:0c:12: 0e:44:7f:dd:d7:13:ad:e8:27:23:a6:ac:90:19:d3: e4:45:77:18:14:59:3d:44:a6:7e:c7:b4:8f:5b:e8: e4:36:1a:79:3b:c3:05:79:17:31:25:b0:c4:9c:06: 32:43:06:cd:eb:6a:83:ea:d0:6c:bd:5d:f7:0d:62: 97:57:eb:52:3a:0c:32:73:c4:89:02:08:22:b3:98: af:df:96:30:1d:54:5b:24:c1:13:10:3a:1d:d1:0b: 73:43:0d:45:67:01:e0:1a:c4:07:b2:45:0e:ca:74: c7:e6:89:76:d0:66:dc:5d:c8:4c:c1:96:25:73:a3: d9:5f:be:6e:e3:be:a3:44:d7:b3:d3:a7:21:50:d4: 02:ae:6e:7f:4a:7c:f9:44:49:89:6d:d3:46:36:85: 78:f8:1b:c5:4e:44:ec:3c:e1:b9:97:ec:94:0a:c3: 1f:53:a3:87:20:90:e1:aa:62:c3:9a:4b:38:ad:d8: 0b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:64:59:D2:06:F2:28:2E:60:CE:84:1E:2A:29:F4:1D:21:3E:66:A4 X509v3 Authority Key Identifier: keyid:A0:AA:E5:85:0A:36:DB:28:82:2A:6C:1A:FC:5F:FA:CF:F0:07:EE:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKrlhQo22yiCKmwa_F_6z_AH7vI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/A2RZ0gbyKC5gzoQeKin0HSE-ZqQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/720e67-d94c-4ff9-ba82-2819e4c5f123/1/oKrlhQo22yiCKmwa_F_6z_AH7vI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.249.253.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:43:28:15:fb:fa:22:37:2c:a6:52:de:b4:8f:28:e0:d7:1c: 36:48:65:cc:05:dd:4a:6e:08:c4:34:3b:70:23:96:c3:1d:70: 26:84:c9:39:72:02:55:c1:dc:e7:08:97:21:ee:9a:8c:78:a5: e1:3c:8f:c9:94:5c:c7:47:2e:36:ac:b8:d1:af:ed:59:96:0e: f9:74:11:2c:e2:6a:e4:8a:69:d8:ff:91:79:0b:78:47:f1:a2: 65:3f:66:56:35:d6:23:81:31:8a:9a:eb:92:2c:89:ea:71:45: 5b:bf:7b:86:d3:1b:a5:39:82:a5:64:35:6f:4e:07:92:5f:c3: 3d:a0:b4:52:70:f2:17:b9:ab:0c:15:cc:a1:f0:15:7b:50:69: 34:ff:a7:ab:5b:83:d3:24:31:0e:e9:02:5a:a2:e4:2e:20:03: 28:1c:28:cd:89:0f:cf:34:90:a5:98:af:e4:12:7e:dc:b1:c1: a2:3b:d9:18:8d:98:6c:01:59:2f:38:b9:cf:92:4d:61:29:71: bc:b3:e8:65:f1:27:52:04:fe:1a:e3:c7:32:96:ca:12:26:d2: 49:ac:a5:dd:3b:3d:f2:10:a9:9b:eb:1a:29:aa:f4:56:fd:25: 2c:78:b8:f1:28:9f:73:2b:43:f5:fb:70:21:72:f6:e2:19:ab: 24:ae:e6:ee -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EQWA0ZROwqf//NPIKCZuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwYWFlNTg1MGEzNmRiMjg4MjJhNmMxYWZjNWZmYWNmZjAw N2VlZjIwHhcNMjYwMTAxMTAxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzY0NTlkMjA2ZjIyODJlNjBjZTg0MWUyYTI5ZjQxZDIxM2U2NmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0vu5/Pr0rIFBSTOC7+5m504UnZ0 P564Gyahhmke8SYSV4qfJw/UwsXMJ/aARxor37VtklKxkbGTNAStr6SwduP3DTpO uS9EDBIORH/d1xOt6CcjpqyQGdPkRXcYFFk9RKZ+x7SPW+jkNhp5O8MFeRcxJbDE nAYyQwbN62qD6tBsvV33DWKXV+tSOgwyc8SJAggis5iv35YwHVRbJMETEDod0Qtz Qw1FZwHgGsQHskUOynTH5ol20GbcXchMwZYlc6PZX75u476jRNez06chUNQCrm5/ Snz5REmJbdNGNoV4+BvFTkTsPOG5l+yUCsMfU6OHIJDhqmLDmks4rdgLnwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFANkWdIG8iguYM6EHiop9B0hPmakMB8GA1UdIwQY MBaAFKCq5YUKNtsogipsGvxf+s/wB+7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODIt MjgxOWU0YzVmMTIzLzEvQTJSWjBnYnlLQzVnem9RZUtpbjBIU0UtWnFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS83MjBlNjctZDk0Yy00ZmY5LWJhODItMjgxOWU0YzVmMTIz LzEvb0tybGhRbzIyeWlDS213YV9GXzZ6X0FIN3ZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufn9MA0G CSqGSIb3DQEBCwUAA4IBAQBNQygV+/oiNyymUt60jyjg1xw2SGXMBd1KbgjENDtw I5bDHXAmhMk5cgJVwdznCJch7pqMeKXhPI/JlFzHRy42rLjRr+1Zlg75dBEs4mrk imnY/5F5C3hH8aJlP2ZWNdYjgTGKmuuSLInqcUVbv3uG0xulOYKlZDVvTgeSX8M9 oLRScPIXuasMFcyh8BV7UGk0/6erW4PTJDEO6QJaouQuIAMoHCjNiQ/PNJClmK/k En7cscGiO9kYjZhsAVkvOLnPkk1hKXG8s+hl8SdSBP4a48cylsoSJtJJrKXdOz3y EKmb6xopqvRW/SUseLjxKJ9zK0P1+3AhcvbiGaskrubu -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:37 2026 by rpki-client