This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/dfd8c0-d7af-4db1-9e04-975a80d0d93f/1/q2iMHMpPinukFM5Qhc4ZwsftRx0.roa File: q2iMHMpPinukFM5Qhc4ZwsftRx0.roa (raw, json) Hash identifier: +p+ImNbpg+AUu5Y3P8c/ugT7MQsuGHh+4k2E8cJ52tE= Subject key identifier: AB:68:8C:1C:CA:4F:8A:7B:A4:14:CE:50:85:CE:19:C2:C7:ED:47:1D Certificate issuer: /CN=8c0cf65badd9a88accc327500b5ff29d1ff09196 Certificate serial: 019B79EBC549065A3B3030863E399C0AB7ED Authority key identifier: 8C:0C:F6:5B:AD:D9:A8:8A:CC:C3:27:50:0B:5F:F2:9D:1F:F0:91:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAz2W63ZqIrMwydQC1_ynR_wkZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/dfd8c0-d7af-4db1-9e04-975a80d0d93f/1/q2iMHMpPinukFM5Qhc4ZwsftRx0.roa Signing time: Thu 01 Jan 2026 14:17:33 +0000 ROA not before: Thu 01 Jan 2026 14:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212916 IP address blocks: 5.180.72.0/22 maxlen: 24 2a09:fa40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/dfd8c0-d7af-4db1-9e04-975a80d0d93f/1/jAz2W63ZqIrMwydQC1_ynR_wkZY.crl rsync://rpki.ripe.net/repository/DEFAULT/55/dfd8c0-d7af-4db1-9e04-975a80d0d93f/1/jAz2W63ZqIrMwydQC1_ynR_wkZY.mft rsync://rpki.ripe.net/repository/DEFAULT/jAz2W63ZqIrMwydQC1_ynR_wkZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:c5:49:06:5a:3b:30:30:86:3e:39:9c:0a:b7:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8c0cf65badd9a88accc327500b5ff29d1ff09196 Validity Not Before: Jan 1 14:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab688c1cca4f8a7ba414ce5085ce19c2c7ed471d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:64:3f:28:b3:1b:4d:ac:f8:a4:81:71:e4:e4: d1:d3:da:20:7a:72:1a:22:e6:ab:32:5f:c9:91:ed: 9f:6e:fb:cd:02:2a:08:42:27:1d:13:ac:74:f1:93: f9:ea:aa:f5:12:91:30:d3:68:bf:f6:94:e2:40:67: 1c:8e:fe:42:60:7b:a4:7d:ee:c4:ea:8c:5e:03:a5: bc:60:73:f9:5a:be:d4:ed:af:91:3f:f7:f2:30:3a: d2:97:43:ca:57:48:c0:89:4f:c2:e0:54:93:27:64: e8:b3:27:c7:38:34:c3:d7:28:68:a4:c5:62:b4:61: 6e:4b:e8:f9:dc:fe:b1:88:05:67:89:66:f8:85:74: da:f4:f2:bd:d3:dc:92:19:1a:d1:b1:c7:96:c1:61: 76:14:ba:3c:8c:ce:14:3a:c1:d9:47:e1:48:42:de: 74:28:d3:bb:e1:79:39:8e:bd:9d:33:65:ed:6e:b9: 88:21:57:ed:33:de:11:73:e7:32:da:7a:25:e5:ac: 2e:58:4b:71:56:c0:10:69:50:eb:c7:be:cc:78:ba: 45:47:98:37:5d:e9:7d:a9:fe:ec:d8:65:30:e9:25: d3:00:9e:12:b9:5f:df:0f:28:48:e6:ff:3f:2b:60: e9:4d:4f:be:22:4e:6c:ce:e2:11:98:c0:2b:8e:50: 2b:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:68:8C:1C:CA:4F:8A:7B:A4:14:CE:50:85:CE:19:C2:C7:ED:47:1D X509v3 Authority Key Identifier: keyid:8C:0C:F6:5B:AD:D9:A8:8A:CC:C3:27:50:0B:5F:F2:9D:1F:F0:91:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAz2W63ZqIrMwydQC1_ynR_wkZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dfd8c0-d7af-4db1-9e04-975a80d0d93f/1/q2iMHMpPinukFM5Qhc4ZwsftRx0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/dfd8c0-d7af-4db1-9e04-975a80d0d93f/1/jAz2W63ZqIrMwydQC1_ynR_wkZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.180.72.0/22 IPv6: 2a09:fa40::/29 Signature Algorithm: sha256WithRSAEncryption 71:9c:8f:5b:69:5c:9e:3f:31:6e:2f:14:b5:a5:0b:19:20:5d: 28:ea:02:59:36:d0:fd:96:fd:3a:4f:32:fc:aa:22:25:0d:bb: 0d:69:2d:be:f3:4e:cf:bb:a0:40:b3:b3:76:09:90:12:39:10: 7b:3c:48:d9:fb:03:cc:24:ea:e6:bd:a1:f3:19:11:70:15:a0: b6:a2:d1:9c:f2:23:40:a8:3c:10:c2:9d:48:86:d9:aa:81:f9: a8:44:a3:da:c8:11:a4:be:c5:d5:0f:f1:d5:af:ed:a6:16:bf: 5e:d7:c9:8e:c7:d1:b2:40:06:ab:d4:df:5a:62:ff:1c:c0:88: d2:95:b0:e3:ff:7a:a5:8c:f9:5d:46:a7:72:60:a0:b1:03:5f: cf:a3:bf:f7:98:1f:7e:b9:d7:3d:86:e0:ff:18:3e:95:79:b0: be:7e:96:0b:fa:15:b7:4c:de:2b:ff:4b:98:38:27:ca:c8:82: 7d:f0:61:e9:ec:7f:bb:a7:d2:7a:8b:2a:18:6a:6b:8e:93:0e: b7:ff:cd:36:ec:df:ac:42:a5:31:ec:bd:09:db:cb:fb:1e:52: ee:b6:72:28:92:3b:b2:8e:87:1b:73:56:99:56:55:b5:2c:f9: 06:32:1d:db:6e:ef:a2:b6:eb:24:fb:bf:35:81:78:f9:5d:af: 76:b7:8d:60 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt568VJBlo7MDCGPjmcCrftMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjMGNmNjViYWRkOWE4OGFjY2MzMjc1MDBiNWZmMjlkMWZm MDkxOTYwHhcNMjYwMTAxMTQxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjY4OGMxY2NhNGY4YTdiYTQxNGNlNTA4NWNlMTljMmM3ZWQ0NzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mQ/KLMbTaz4pIFx5OTR09ogenIa IuarMl/Jke2fbvvNAioIQicdE6x08ZP56qr1EpEw02i/9pTiQGccjv5CYHukfe7E 6oxeA6W8YHP5Wr7U7a+RP/fyMDrSl0PKV0jAiU/C4FSTJ2TosyfHODTD1yhopMVi tGFuS+j53P6xiAVniWb4hXTa9PK909ySGRrRsceWwWF2FLo8jM4UOsHZR+FIQt50 KNO74Xk5jr2dM2XtbrmIIVftM94Rc+cy2nol5awuWEtxVsAQaVDrx77MeLpFR5g3 Xel9qf7s2GUw6SXTAJ4SuV/fDyhI5v8/K2DpTU++Ik5szuIRmMArjlAruwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKtojBzKT4p7pBTOUIXOGcLH7UcdMB8GA1UdIwQY MBaAFIwM9lut2aiKzMMnUAtf8p0f8JGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvakF6Mlc2M1pxSXJNd3lkUUMxX3luUl93a1pZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9kZmQ4YzAtZDdhZi00ZGIxLTllMDQt OTc1YTgwZDBkOTNmLzEvcTJpTUhNcFBpbnVrRk01UWhjNFp3c2Z0UngwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9kZmQ4YzAtZDdhZi00ZGIxLTllMDQtOTc1YTgwZDBkOTNm LzEvakF6Mlc2M1pxSXJNd3lkUUMxX3luUl93a1pZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbRIMA0E AgACMAcDBQMqCfpAMA0GCSqGSIb3DQEBCwUAA4IBAQBxnI9baVyePzFuLxS1pQsZ IF0o6gJZNtD9lv06TzL8qiIlDbsNaS2+807Pu6BAs7N2CZASORB7PEjZ+wPMJOrm vaHzGRFwFaC2otGc8iNAqDwQwp1IhtmqgfmoRKPayBGkvsXVD/HVr+2mFr9e18mO x9GyQAar1N9aYv8cwIjSlbDj/3qljPldRqdyYKCxA1/Po7/3mB9+udc9huD/GD6V ebC+fpYL+hW3TN4r/0uYOCfKyIJ98GHp7H+7p9J6iyoYamuOkw63/8027N+sQqUx 7L0J28v7HlLutnIokjuyjocbc1aZVlW1LPkGMh3bbu+itusk+781gXj5Xa92t41g -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:48 2026 by rpki-client