This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/2XRNzdBMCTGrxZzPMC45UJSE_XY.roa File: 2XRNzdBMCTGrxZzPMC45UJSE_XY.roa (raw, json) Hash identifier: MALdcoNe429xozLLjWrtiy10AbtWOLY2faCRujnB7oQ= Subject key identifier: D9:74:4D:CD:D0:4C:09:31:AB:C5:9C:CF:30:2E:39:50:94:84:FD:76 Certificate issuer: /CN=9d115fe9c9e9cfdef17e924165592c023efb2b16 Certificate serial: 019B7AC943B3C888F674FCB1988817C4DC95 Authority key identifier: 9D:11:5F:E9:C9:E9:CF:DE:F1:7E:92:41:65:59:2C:02:3E:FB:2B:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/2XRNzdBMCTGrxZzPMC45UJSE_XY.roa Signing time: Thu 01 Jan 2026 18:19:28 +0000 ROA not before: Thu 01 Jan 2026 18:19:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43354 IP address blocks: 91.197.28.0/22 maxlen: 22 91.197.28.0/24 maxlen: 24 91.197.29.0/24 maxlen: 24 91.197.30.0/24 maxlen: 24 91.197.31.0/24 maxlen: 24 194.45.94.0/24 maxlen: 24 2001:67c:4d0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/nRFf6cnpz97xfpJBZVksAj77KxY.crl rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/nRFf6cnpz97xfpJBZVksAj77KxY.mft rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:43:b3:c8:88:f6:74:fc:b1:98:88:17:c4:dc:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d115fe9c9e9cfdef17e924165592c023efb2b16 Validity Not Before: Jan 1 18:19:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9744dcdd04c0931abc59ccf302e39509484fd76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d1:dd:18:24:62:3f:7d:fb:53:da:77:a8:37: 43:f3:cc:84:bc:e3:e6:f5:83:0f:51:f7:5f:2a:b2: d7:df:f4:aa:c2:37:8a:96:77:1a:ad:0c:d8:ff:3a: 11:71:fa:96:07:8c:2d:72:0b:ce:8b:c6:e1:ab:1d: bc:d6:7e:72:ba:df:d7:73:a0:45:b4:16:82:6f:04: 3e:f1:93:dd:19:64:94:7b:2d:b0:4d:ac:6c:00:87: 20:34:63:b0:e7:e5:f4:b8:b5:88:08:8f:30:f7:92: 59:2b:01:58:52:2a:c2:14:91:e6:f9:ae:39:d9:71: ce:b3:b6:e4:e8:8f:e5:71:26:19:63:2d:5b:9a:c3: f4:ad:32:bc:46:a2:98:ad:ec:4f:36:22:19:9e:76: 9b:b1:35:6f:42:97:d0:0e:41:dc:84:49:18:4b:52: 7a:3e:2c:bd:99:c5:e3:0a:97:54:bf:55:a7:6b:ac: be:05:d9:62:23:81:4c:44:fa:f6:08:13:95:94:94: 09:5a:d2:cf:d3:32:42:9f:70:59:9b:6f:52:60:f8: 1e:b0:88:df:17:c1:f0:93:12:d1:a1:26:2e:c4:55: d4:e4:f8:7b:28:94:5a:ae:1e:58:1f:ac:70:5c:5d: 32:e0:6f:cd:0d:82:9c:63:a9:52:ae:e6:6c:e1:79: fc:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:74:4D:CD:D0:4C:09:31:AB:C5:9C:CF:30:2E:39:50:94:84:FD:76 X509v3 Authority Key Identifier: keyid:9D:11:5F:E9:C9:E9:CF:DE:F1:7E:92:41:65:59:2C:02:3E:FB:2B:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nRFf6cnpz97xfpJBZVksAj77KxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/2XRNzdBMCTGrxZzPMC45UJSE_XY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/b417f8-0732-48af-b00c-bb797ce7e108/1/nRFf6cnpz97xfpJBZVksAj77KxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.28.0/22 194.45.94.0/24 IPv6: 2001:67c:4d0::/48 Signature Algorithm: sha256WithRSAEncryption 86:f7:0e:ab:5f:7e:ab:c2:69:5a:b0:cd:7a:a7:a2:93:35:06: f1:bd:94:e4:41:78:10:8e:f3:e5:24:89:dc:18:f0:8c:8e:32: e2:0c:6c:09:88:4d:e8:75:9a:fb:98:df:c0:17:42:99:5a:1d: bf:de:01:ba:36:be:09:6a:2f:7a:6d:4a:a5:67:b0:4e:cb:86: a2:c8:1a:32:5a:24:5d:c7:fb:6c:c3:39:a0:75:74:b3:23:b8: ae:de:ce:01:86:1b:ac:92:60:40:37:20:35:51:33:b8:1c:c8: 21:ce:50:62:d2:35:4e:bb:46:3a:51:f9:83:0d:0b:22:9c:50: 9b:b5:01:94:39:bd:f3:c5:4e:91:1d:f3:50:a7:08:c6:06:cd: e6:12:78:8c:2d:a0:6e:f7:76:59:71:f3:38:7e:11:ac:d3:4d: 42:ac:70:cd:3c:75:43:b4:d6:19:d0:93:22:23:23:df:e3:13: 16:3c:fe:b1:06:7c:9e:97:e0:78:c0:53:66:cf:b3:e9:75:d7: 8d:79:33:ed:17:41:06:01:26:cd:9e:49:0f:c2:26:3b:f5:74: 1a:93:ec:89:68:e5:2c:22:e1:90:24:4f:31:bc:35:45:52:f6: 55:b4:f8:42:61:e3:d1:6b:08:c3:ca:8d:69:5e:3d:b8:d0:23: 4e:fc:67:e5 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt6yUOzyIj2dPyxmIgXxNyVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkMTE1ZmU5YzllOWNmZGVmMTdlOTI0MTY1NTkyYzAyM2Vm YjJiMTYwHhcNMjYwMTAxMTgxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTc0NGRjZGQwNGMwOTMxYWJjNTljY2YzMDJlMzk1MDk0ODRmZDc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNHdGCRiP337U9p3qDdD88yEvOPm 9YMPUfdfKrLX3/SqwjeKlncarQzY/zoRcfqWB4wtcgvOi8bhqx281n5yut/Xc6BF tBaCbwQ+8ZPdGWSUey2wTaxsAIcgNGOw5+X0uLWICI8w95JZKwFYUirCFJHm+a45 2XHOs7bk6I/lcSYZYy1bmsP0rTK8RqKYrexPNiIZnnabsTVvQpfQDkHchEkYS1J6 Piy9mcXjCpdUv1Wna6y+BdliI4FMRPr2CBOVlJQJWtLP0zJCn3BZm29SYPgesIjf F8HwkxLRoSYuxFXU5Ph7KJRarh5YH6xwXF0y4G/NDYKcY6lSruZs4Xn8xQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFNl0Tc3QTAkxq8WczzAuOVCUhP12MB8GA1UdIwQY MBaAFJ0RX+nJ6c/e8X6SQWVZLAI++ysWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblJGZjZjbnB6OTd4ZnBKQlpWa3NBajc3S3hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9iNDE3ZjgtMDczMi00OGFmLWIwMGMt YmI3OTdjZTdlMTA4LzEvMlhSTnpkQk1DVEdyeFp6UE1DNDVVSlNFX1hZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9iNDE3ZjgtMDczMi00OGFmLWIwMGMtYmI3OTdjZTdlMTA4 LzEvblJGZjZjbnB6OTd4ZnBKQlpWa3NBajc3S3hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW8UcAwQA wi1eMA8EAgACMAkDBwAgAQZ8BNAwDQYJKoZIhvcNAQELBQADggEBAIb3DqtffqvC aVqwzXqnopM1BvG9lORBeBCO8+UkidwY8IyOMuIMbAmITeh1mvuY38AXQplaHb/e Abo2vglqL3ptSqVnsE7LhqLIGjJaJF3H+2zDOaB1dLMjuK7ezgGGG6ySYEA3IDVR M7gcyCHOUGLSNU67RjpR+YMNCyKcUJu1AZQ5vfPFTpEd81CnCMYGzeYSeIwtoG73 dllx8zh+EazTTUKscM08dUO01hnQkyIjI9/jExY8/rEGfJ6X4HjAU2bPs+l11415 M+0XQQYBJs2eSQ/CJjv1dBqT7Ilo5Swi4ZAkTzG8NUVS9lW0+EJh49FrCMPKjWle PbjQI078Z+U= -----END CERTIFICATE-----Generated at Mon Feb 9 22:32:02 2026 by rpki-client