This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/2nPIRP72Jf5YjvsBZiLCnmbp-p8.roa File: 2nPIRP72Jf5YjvsBZiLCnmbp-p8.roa (raw, json) Hash identifier: Yz/8CGjOJYnOasszn6ZNY2vs5w5ux3r0g0CLHgZyjdU= Subject key identifier: DA:73:C8:44:FE:F6:25:FE:58:8E:FB:01:66:22:C2:9E:66:E9:FA:9F Certificate issuer: /CN=2532a5cf2ba18c753edc95ee20b666293df02d5b Certificate serial: 019B775966304066B11F80E2B08796B32D70 Authority key identifier: 25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/2nPIRP72Jf5YjvsBZiLCnmbp-p8.roa Signing time: Thu 01 Jan 2026 02:18:26 +0000 ROA not before: Thu 01 Jan 2026 02:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35030 IP address blocks: 77.32.227.0/24 maxlen: 24 77.32.231.0/24 maxlen: 24 91.221.82.0/24 maxlen: 24 91.221.83.0/24 maxlen: 24 195.211.12.0/24 maxlen: 24 195.211.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.mft rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:66:30:40:66:b1:1f:80:e2:b0:87:96:b3:2d:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2532a5cf2ba18c753edc95ee20b666293df02d5b Validity Not Before: Jan 1 02:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da73c844fef625fe588efb016622c29e66e9fa9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:71:5c:04:16:08:7b:fb:75:8f:1c:c1:8d:88: 6a:ed:3e:b4:6a:23:29:15:88:74:0f:8d:df:d2:b0: 0b:3f:66:c2:17:4a:52:b2:4a:8f:45:02:76:35:70: e7:60:6e:b5:cc:b5:56:ca:06:df:f1:d5:1f:1b:54: d7:3b:e8:50:d6:9f:ce:a7:cf:c7:a7:16:7a:b1:1b: d1:99:9d:4e:8c:41:2d:83:f6:47:4b:84:9e:c1:4c: 92:64:e8:25:05:75:29:e1:a2:b5:85:89:23:43:6b: d4:a5:ad:7a:50:e1:36:b0:59:8a:08:ee:57:fa:4b: 21:5b:93:8b:2e:26:3f:73:6c:29:64:ca:36:e8:6a: 17:f5:f5:c9:3a:67:7a:76:ab:33:e5:41:da:49:3a: 32:c4:d7:3c:7d:19:4d:c1:0d:14:29:6c:95:74:c3: d1:07:41:0c:60:c2:36:f1:e3:3b:3e:3f:81:e7:b5: a3:eb:b1:8a:e1:86:44:19:22:51:3c:de:22:99:28: 36:84:89:f7:6e:ca:c4:da:e0:6f:28:32:03:15:6b: a6:21:8c:2a:24:cf:82:e5:f5:e1:0e:e7:53:73:c5: b3:1f:3e:45:19:fd:82:29:c6:4f:f7:74:5c:df:63: 15:1f:e9:f4:3d:6e:b4:01:fd:81:04:36:70:f7:28: 21:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:73:C8:44:FE:F6:25:FE:58:8E:FB:01:66:22:C2:9E:66:E9:FA:9F X509v3 Authority Key Identifier: keyid:25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/2nPIRP72Jf5YjvsBZiLCnmbp-p8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.32.227.0/24 77.32.231.0/24 91.221.82.0/23 195.211.12.0/23 Signature Algorithm: sha256WithRSAEncryption 27:c2:0b:49:a8:a5:53:25:5c:96:07:f4:96:f4:35:1a:34:a6: 07:9b:ac:2c:c9:0e:17:f3:f1:4a:cc:00:d7:53:18:ec:e9:f7: ab:6f:55:37:5c:c4:5f:62:ea:da:d5:89:fe:12:23:8e:8f:2c: 86:7f:86:84:53:93:21:68:27:e1:26:8b:f9:f2:6c:f0:33:63: 8f:dd:91:56:a3:1b:96:df:5f:09:c2:96:46:16:ef:37:0b:2a: 26:6c:3a:30:12:a1:c1:e4:5a:c5:52:94:01:4e:fa:ef:81:a2: b3:6a:c2:ea:d3:71:de:5a:9f:a3:a0:1c:fc:74:ff:3d:cc:97: 95:2c:25:4f:a3:28:11:1d:47:4d:f8:a6:1d:41:57:5e:09:6a: 74:40:19:b1:d2:5d:6e:ee:d2:aa:b6:48:64:dd:20:f8:9a:95: 7a:cf:2d:0c:f7:e0:40:c1:f7:54:cd:fc:b7:b3:19:91:68:1a: 16:b0:46:72:5b:93:50:0c:2e:cf:ca:f3:17:de:4c:f5:97:36: dd:13:aa:9a:6c:46:24:53:01:2e:6e:60:0e:0a:21:d2:78:c5: c3:a7:b7:8c:f3:71:a3:cf:c0:24:ce:30:b8:c2:5a:4b:be:2a: ee:3e:b6:43:43:2c:14:3a:83:7d:7a:cd:bc:bc:47:ba:5d:d6: 7c:14:04:a3 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3WWYwQGaxH4DisIeWsy1wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1MzJhNWNmMmJhMThjNzUzZWRjOTVlZTIwYjY2NjI5M2Rm MDJkNWIwHhcNMjYwMTAxMDIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTczYzg0NGZlZjYyNWZlNTg4ZWZiMDE2NjIyYzI5ZTY2ZTlmYTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3FcBBYIe/t1jxzBjYhq7T60aiMp FYh0D43f0rALP2bCF0pSskqPRQJ2NXDnYG61zLVWygbf8dUfG1TXO+hQ1p/Op8/H pxZ6sRvRmZ1OjEEtg/ZHS4SewUySZOglBXUp4aK1hYkjQ2vUpa16UOE2sFmKCO5X +kshW5OLLiY/c2wpZMo26GoX9fXJOmd6dqsz5UHaSToyxNc8fRlNwQ0UKWyVdMPR B0EMYMI28eM7Pj+B57Wj67GK4YZEGSJRPN4imSg2hIn3bsrE2uBvKDIDFWumIYwq JM+C5fXhDudTc8WzHz5FGf2CKcZP93Rc32MVH+n0PW60Af2BBDZw9yghLwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFNpzyET+9iX+WI77AWYiwp5m6fqfMB8GA1UdIwQY MBaAFCUypc8roYx1PtyV7iC2Zik98C1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjIt MTUxY2Y2MWRlODNlLzEvMm5QSVJQNzJKZjVZanZzQlppTENubWJwLXA4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjItMTUxY2Y2MWRlODNl LzEvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATSDjAwQA TSDnAwQBW91SAwQBw9MMMA0GCSqGSIb3DQEBCwUAA4IBAQAnwgtJqKVTJVyWB/SW 9DUaNKYHm6wsyQ4X8/FKzADXUxjs6ferb1U3XMRfYura1Yn+EiOOjyyGf4aEU5Mh aCfhJov58mzwM2OP3ZFWoxuW318JwpZGFu83CyombDowEqHB5FrFUpQBTvrvgaKz asLq03HeWp+joBz8dP89zJeVLCVPoygRHUdN+KYdQVdeCWp0QBmx0l1u7tKqtkhk 3SD4mpV6zy0M9+BAwfdUzfy3sxmRaBoWsEZyW5NQDC7PyvMX3kz1lzbdE6qabEYk UwEubmAOCiHSeMXDp7eM83Gjz8AkzjC4wlpLviruPrZDQywUOoN9es28vEe6XdZ8 FASj -----END CERTIFICATE-----Generated at Mon Feb 9 23:43:06 2026 by rpki-client