This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/2bVvxRffnJ6GQKgs2LoPDWvUcK4.roa File: 2bVvxRffnJ6GQKgs2LoPDWvUcK4.roa (raw, json) Hash identifier: er7wIVOxtiLCvuKAAvSBfYTSBvkd5n1t/IW0taeZM7Y= Subject key identifier: D9:B5:6F:C5:17:DF:9C:9E:86:40:A8:2C:D8:BA:0F:0D:6B:D4:70:AE Certificate issuer: /CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83 Certificate serial: 019B7EA5596FDAE053E966F84A85D40B6979 Authority key identifier: 22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/2bVvxRffnJ6GQKgs2LoPDWvUcK4.roa Signing time: Fri 02 Jan 2026 12:18:44 +0000 ROA not before: Fri 02 Jan 2026 12:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23470 IP address blocks: 31.14.9.0/24 maxlen: 24 31.14.162.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.mft rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:59:6f:da:e0:53:e9:66:f8:4a:85:d4:0b:69:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83 Validity Not Before: Jan 2 12:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9b56fc517df9c9e8640a82cd8ba0f0d6bd470ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:72:74:20:c7:b8:8d:b1:75:f5:01:c5:1a:f3: fc:fe:0e:b5:8a:25:c4:ac:ee:d2:47:54:ff:e3:3b: d8:9c:71:4d:db:e3:8f:e2:1d:5b:df:e7:33:25:d3: a1:5c:33:fe:33:3a:4b:d9:9c:e3:d0:d2:ff:b1:2f: 37:88:c4:f3:4c:c6:8b:90:24:a1:e6:b4:48:62:4f: 42:5f:70:7f:76:b5:0b:a5:ca:29:70:2c:f7:b7:51: 81:95:54:ed:c3:83:ff:b3:0e:74:fa:24:10:fb:25: 33:49:2e:31:a9:bb:87:cb:d1:a8:d6:61:e8:3c:18: 54:26:b6:43:28:32:4e:34:0d:17:2f:14:35:b7:a3: a5:c3:5f:9b:3f:56:17:d1:49:da:4f:83:bf:24:88: d0:b7:22:c0:09:d1:4e:d2:d6:be:61:56:7b:14:6d: dd:66:6a:19:1a:32:15:10:a7:2b:e4:51:46:c2:6c: 34:03:9d:57:4e:0d:bb:97:8c:c6:a5:4f:aa:c3:f3: 66:13:7e:90:d6:38:2f:76:e9:7f:a7:fc:57:b4:01: fa:8d:c1:ca:82:0c:b3:5c:f5:de:14:ed:de:c2:1c: 1b:fe:37:58:f9:eb:8a:4b:28:4f:44:bd:07:b7:a8: ff:30:12:bf:47:84:15:bc:42:41:05:be:c9:9e:5d: 02:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:B5:6F:C5:17:DF:9C:9E:86:40:A8:2C:D8:BA:0F:0D:6B:D4:70:AE X509v3 Authority Key Identifier: keyid:22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/2bVvxRffnJ6GQKgs2LoPDWvUcK4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.9.0/24 31.14.162.0/24 Signature Algorithm: sha256WithRSAEncryption 56:d0:90:04:3e:f3:22:e6:06:74:45:70:bf:02:61:6e:d6:4d: 86:de:0a:89:8b:70:21:2a:02:91:02:73:35:9e:b2:cb:d5:dc: 93:3a:4d:e4:89:9f:ca:2b:be:2b:8c:76:8d:a4:e2:23:70:8a: 23:ea:f4:28:36:20:7f:96:59:3d:46:37:5b:aa:0c:82:0b:a2: 4b:dc:84:12:0c:25:4a:ec:15:16:57:cf:82:d8:70:6b:7e:df: 0d:ff:18:c2:71:6f:12:6b:f2:f0:15:15:ea:18:23:33:2d:f9: 50:ed:07:e1:e7:47:af:ee:5c:10:a3:f3:02:50:ee:ff:68:12: 39:64:ea:5f:d9:a7:55:0d:11:eb:6e:3a:8c:83:a7:f1:b6:c2: 58:cd:e5:23:63:5e:19:03:e0:2f:92:f1:f7:01:ef:57:4e:14: ca:a6:f7:26:6f:e3:f1:8a:79:6c:4f:dd:8e:3e:ae:f6:11:11: b4:5c:fa:bc:ca:7d:68:34:cb:8b:4b:71:11:48:17:eb:59:4d: 9d:f9:33:f9:e9:ac:2e:16:b2:16:33:d7:eb:35:8d:54:e4:4d: c3:c0:6c:45:e6:06:7f:a7:30:c5:6f:10:7a:ff:9e:c8:10:98: 2e:dd:f3:28:8d:d2:c4:b0:36:aa:de:90:b4:9f:0d:b6:ca:5f: 11:c8:50:34 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pVlv2uBT6Wb4SoXUC2l5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMmM0NTg1YmQ4OGZiMjdjYWRmMjllZTViYjk1ZDY1NzVm Y2VmODMwHhcNMjYwMTAyMTIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWI1NmZjNTE3ZGY5YzllODY0MGE4MmNkOGJhMGYwZDZiZDQ3MGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXJ0IMe4jbF19QHFGvP8/g61iiXE rO7SR1T/4zvYnHFN2+OP4h1b3+czJdOhXDP+MzpL2Zzj0NL/sS83iMTzTMaLkCSh 5rRIYk9CX3B/drULpcopcCz3t1GBlVTtw4P/sw50+iQQ+yUzSS4xqbuHy9Go1mHo PBhUJrZDKDJONA0XLxQ1t6Olw1+bP1YX0UnaT4O/JIjQtyLACdFO0ta+YVZ7FG3d ZmoZGjIVEKcr5FFGwmw0A51XTg27l4zGpU+qw/NmE36Q1jgvdul/p/xXtAH6jcHK ggyzXPXeFO3ewhwb/jdY+euKSyhPRL0Ht6j/MBK/R4QVvEJBBb7Jnl0CUwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNm1b8UX35yehkCoLNi6Dw1r1HCuMB8GA1UdIwQY MBaAFCIsRYW9iPsnyt8p7lu5XWV1/O+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUt YzY0N2E4YzFkZGZhLzEvMmJWdnhSZmZuSjZHUUtnczJMb1BEV3ZVY0s0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUtYzY0N2E4YzFkZGZh LzEvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw4JAwQA Hw6iMA0GCSqGSIb3DQEBCwUAA4IBAQBW0JAEPvMi5gZ0RXC/AmFu1k2G3gqJi3Ah KgKRAnM1nrLL1dyTOk3kiZ/KK74rjHaNpOIjcIoj6vQoNiB/llk9RjdbqgyCC6JL 3IQSDCVK7BUWV8+C2HBrft8N/xjCcW8Sa/LwFRXqGCMzLflQ7Qfh50ev7lwQo/MC UO7/aBI5ZOpf2adVDRHrbjqMg6fxtsJYzeUjY14ZA+AvkvH3Ae9XThTKpvcmb+Px inlsT92OPq72ERG0XPq8yn1oNMuLS3ERSBfrWU2d+TP56awuFrIWM9frNY1U5E3D wGxF5gZ/pzDFbxB6/57IEJgu3fMojdLEsDaq3pC0nw22yl8RyFA0 -----END CERTIFICATE-----Generated at Thu Jan 8 09:23:15 2026 by rpki-client