This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/d2SprZfdS0SY1x1Wy17T8YC1idA.roa File: d2SprZfdS0SY1x1Wy17T8YC1idA.roa (raw, json) Hash identifier: RB7moJ155dUdkZifnr4mmDfclVM/fofVaHiCzJRd3n4= Subject key identifier: 77:64:A9:AD:97:DD:4B:44:98:D7:1D:56:CB:5E:D3:F1:80:B5:89:D0 Certificate issuer: /CN=ac58eb7c61750cce333cd0026c77c93cbe465d98 Certificate serial: 019B7E38DCAD1549908CBA54E6D2BDAF13AE Authority key identifier: AC:58:EB:7C:61:75:0C:CE:33:3C:D0:02:6C:77:C9:3C:BE:46:5D:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rFjrfGF1DM4zPNACbHfJPL5GXZg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/d2SprZfdS0SY1x1Wy17T8YC1idA.roa Signing time: Fri 02 Jan 2026 10:20:14 +0000 ROA not before: Fri 02 Jan 2026 10:20:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205449 IP address blocks: 185.218.88.0/22 maxlen: 22 2a0c:f400::/29 maxlen: 29 2a0c:f400:53::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/rFjrfGF1DM4zPNACbHfJPL5GXZg.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/rFjrfGF1DM4zPNACbHfJPL5GXZg.mft rsync://rpki.ripe.net/repository/DEFAULT/rFjrfGF1DM4zPNACbHfJPL5GXZg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:dc:ad:15:49:90:8c:ba:54:e6:d2:bd:af:13:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac58eb7c61750cce333cd0026c77c93cbe465d98 Validity Not Before: Jan 2 10:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7764a9ad97dd4b4498d71d56cb5ed3f180b589d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:70:21:2e:da:40:f9:b7:99:0c:37:15:25:a5: 15:6b:00:c1:a0:2b:ea:cf:0e:e4:b7:71:96:e3:37: 14:4e:bf:5e:24:35:06:57:e7:2d:04:34:c1:57:98: bc:bd:16:f3:fc:7c:ac:c7:18:4a:b3:7d:c4:00:02: 40:08:f4:28:5c:23:c9:c1:27:91:ad:2e:a9:0e:f7: a6:8f:3e:a0:97:31:e0:ac:15:67:d6:c4:6e:17:0a: 85:26:e5:58:00:c0:17:3d:e4:a9:43:da:fa:ab:94: 48:ba:db:9d:eb:e7:3d:5c:39:12:1f:29:b5:57:50: 62:bc:2f:cc:e0:b5:7b:5c:1a:33:10:dc:b4:74:09: 6b:f9:76:41:b7:bb:9f:cb:b8:14:01:fa:79:7d:03: c2:e2:62:21:6c:fe:4c:5a:ac:50:c4:a1:af:8b:23: aa:3a:0a:cb:1a:ba:6d:bd:f5:54:01:32:57:74:45: a1:87:e6:c1:62:bc:af:ed:db:8f:e3:22:c3:6e:e3: 7f:f1:e3:64:41:68:85:12:1b:82:64:2c:dc:46:4a: 04:df:75:8f:9e:9f:66:25:5e:23:23:24:47:44:d9: c9:18:05:27:cb:20:8b:41:21:de:1a:b4:78:49:56: a8:2b:90:f6:80:40:c2:fa:eb:cc:01:29:06:57:81: f5:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:64:A9:AD:97:DD:4B:44:98:D7:1D:56:CB:5E:D3:F1:80:B5:89:D0 X509v3 Authority Key Identifier: keyid:AC:58:EB:7C:61:75:0C:CE:33:3C:D0:02:6C:77:C9:3C:BE:46:5D:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rFjrfGF1DM4zPNACbHfJPL5GXZg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/d2SprZfdS0SY1x1Wy17T8YC1idA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/ebd0c9-7a36-4036-8658-1de00bd8912c/1/rFjrfGF1DM4zPNACbHfJPL5GXZg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.218.88.0/22 IPv6: 2a0c:f400::/29 Signature Algorithm: sha256WithRSAEncryption 8a:71:69:0e:ad:6d:42:49:14:aa:ff:8a:d0:84:73:7b:57:dd: 58:b8:54:57:b5:bd:83:f4:9c:be:34:df:7f:e4:ff:c7:5a:ba: dd:79:d9:04:75:6f:96:d7:75:c6:c4:c3:de:ac:f0:24:12:dc: 0b:01:b3:70:b9:45:89:7b:65:65:b9:d0:74:f5:d0:df:5d:5d: 1b:9d:b0:34:4e:ea:21:af:f2:18:7d:9c:18:fe:31:e2:26:a9: ce:75:98:fe:03:6d:fb:63:bb:b1:76:e2:22:69:c9:d8:80:3f: ed:2b:6d:52:61:ef:dc:df:20:b4:b0:28:e7:8a:70:fd:8f:12: 47:7c:2f:3b:de:97:3c:e5:0c:e9:49:80:bb:7a:d2:5f:41:be: bd:ea:b4:34:aa:18:3b:18:05:55:8b:83:d2:01:fe:ec:54:15: 36:d8:87:ed:81:5f:0f:a4:cb:99:7f:38:fc:2c:76:5d:d7:f8: 59:a8:2c:44:7b:17:02:cb:9f:2a:7c:e9:bf:46:32:fa:5b:fa: 31:7e:6d:fd:d5:d8:42:d3:6c:dd:eb:9a:62:fd:78:04:9b:cb: 20:f9:73:57:17:61:32:15:98:90:b6:e6:65:48:52:8d:80:5a: 26:01:fd:48:9a:1a:64:10:79:6a:1b:71:0c:1e:0e:b7:37:ab: 72:32:ef:b6 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+ONytFUmQjLpU5tK9rxOuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjNThlYjdjNjE3NTBjY2UzMzNjZDAwMjZjNzdjOTNjYmU0 NjVkOTgwHhcNMjYwMTAyMTAyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NzY0YTlhZDk3ZGQ0YjQ0OThkNzFkNTZjYjVlZDNmMTgwYjU4OWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3AhLtpA+beZDDcVJaUVawDBoCvq zw7kt3GW4zcUTr9eJDUGV+ctBDTBV5i8vRbz/HysxxhKs33EAAJACPQoXCPJwSeR rS6pDvemjz6glzHgrBVn1sRuFwqFJuVYAMAXPeSpQ9r6q5RIutud6+c9XDkSHym1 V1BivC/M4LV7XBozENy0dAlr+XZBt7ufy7gUAfp5fQPC4mIhbP5MWqxQxKGviyOq OgrLGrptvfVUATJXdEWhh+bBYryv7duP4yLDbuN/8eNkQWiFEhuCZCzcRkoE33WP np9mJV4jIyRHRNnJGAUnyyCLQSHeGrR4SVaoK5D2gEDC+uvMASkGV4H1eQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHdkqa2X3UtEmNcdVste0/GAtYnQMB8GA1UdIwQY MBaAFKxY63xhdQzOMzzQAmx3yTy+Rl2YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckZqcmZHRjFETTR6UE5BQ2JIZkpQTDVHWFpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9lYmQwYzktN2EzNi00MDM2LTg2NTgt MWRlMDBiZDg5MTJjLzEvZDJTcHJaZmRTMFNZMXgxV3kxN1Q4WUMxaWRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9lYmQwYzktN2EzNi00MDM2LTg2NTgtMWRlMDBiZDg5MTJj LzEvckZqcmZHRjFETTR6UE5BQ2JIZkpQTDVHWFpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudpYMA0E AgACMAcDBQMqDPQAMA0GCSqGSIb3DQEBCwUAA4IBAQCKcWkOrW1CSRSq/4rQhHN7 V91YuFRXtb2D9Jy+NN9/5P/HWrrdedkEdW+W13XGxMPerPAkEtwLAbNwuUWJe2Vl udB09dDfXV0bnbA0Tuohr/IYfZwY/jHiJqnOdZj+A237Y7uxduIiacnYgD/tK21S Ye/c3yC0sCjninD9jxJHfC873pc85QzpSYC7etJfQb696rQ0qhg7GAVVi4PSAf7s VBU22IftgV8PpMuZfzj8LHZd1/hZqCxEexcCy58qfOm/RjL6W/oxfm391dhC02zd 65pi/XgEm8sg+XNXF2EyFZiQtuZlSFKNgFomAf1ImhpkEHlqG3EMHg63N6tyMu+2 -----END CERTIFICATE-----Generated at Tue Feb 10 03:06:14 2026 by rpki-client