This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/8e2d6c-1481-4844-a7ee-1fa540b721c2/1/2KQ_sA42Hg8XlmVkRHuQHbLnwnU.roa File: 2KQ_sA42Hg8XlmVkRHuQHbLnwnU.roa (raw, json) Hash identifier: emnblHjExcXiEHevT+4EWU1LxAJDxlybageeiGlQMiE= Subject key identifier: D8:A4:3F:B0:0E:36:1E:0F:17:96:65:64:44:7B:90:1D:B2:E7:C2:75 Certificate issuer: /CN=864d2f0c46752bf069738fba67efe2f6b8b62cc4 Certificate serial: 019B2C608AEDDC17C6ACB8235E8E7D91FD67 Authority key identifier: 86:4D:2F:0C:46:75:2B:F0:69:73:8F:BA:67:EF:E2:F6:B8:B6:2C:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hk0vDEZ1K_Bpc4-6Z-_i9ri2LMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/8e2d6c-1481-4844-a7ee-1fa540b721c2/1/2KQ_sA42Hg8XlmVkRHuQHbLnwnU.roa Signing time: Wed 17 Dec 2025 12:54:42 +0000 ROA not before: Wed 17 Dec 2025 12:54:42 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57478 IP address blocks: 91.192.144.0/22 maxlen: 22 91.192.144.0/24 maxlen: 24 91.192.145.0/24 maxlen: 24 91.214.36.0/22 maxlen: 22 91.214.52.0/22 maxlen: 22 91.224.146.0/23 maxlen: 23 185.237.156.0/22 maxlen: 22 193.169.18.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/8e2d6c-1481-4844-a7ee-1fa540b721c2/1/hk0vDEZ1K_Bpc4-6Z-_i9ri2LMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/72/8e2d6c-1481-4844-a7ee-1fa540b721c2/1/hk0vDEZ1K_Bpc4-6Z-_i9ri2LMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hk0vDEZ1K_Bpc4-6Z-_i9ri2LMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2c:60:8a:ed:dc:17:c6:ac:b8:23:5e:8e:7d:91:fd:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=864d2f0c46752bf069738fba67efe2f6b8b62cc4 Validity Not Before: Dec 17 12:54:42 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d8a43fb00e361e0f17966564447b901db2e7c275 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:0a:24:49:b7:1f:c1:1e:7c:a2:f2:a2:b3:46: bc:9a:ae:8e:ad:e9:84:4b:52:95:0b:3f:5b:bb:ed: 6f:c0:69:e9:78:23:1e:2c:a5:68:b7:9a:fd:75:3f: 4a:40:73:3a:5d:a3:bf:fa:12:48:5f:a0:8f:4f:61: fc:33:ac:16:18:37:77:20:a2:b0:65:d2:2a:b8:3c: c0:77:ab:a9:ee:76:bf:5a:29:20:a2:57:55:8d:13: 59:07:05:99:2a:bc:e6:0a:a4:81:cf:a0:b5:c7:d4: 35:59:70:28:d0:d4:8c:28:a2:f1:47:8b:f8:d9:f4: 78:c0:02:f7:88:0b:28:3c:8d:14:72:fb:5b:92:44: 89:9b:2a:a7:be:32:67:91:f8:02:df:3f:9d:9d:87: 69:2c:15:f7:56:f2:0b:94:37:6e:9e:79:74:e5:61: 29:7c:42:85:6f:88:82:a8:46:a8:2e:9e:0e:85:82: 62:f6:c9:c8:10:a4:b9:bc:48:ad:ba:90:9a:40:aa: 39:44:42:96:67:73:95:60:5f:b1:3c:c9:8a:3e:fb: a0:d9:e9:e9:e8:4f:a2:90:a4:db:ad:60:a2:b9:1a: 0b:14:c7:f5:b0:68:51:33:b8:e8:e1:fe:aa:a2:cd: 13:10:d5:b8:21:f8:c4:43:66:a0:3a:ae:07:ad:37: 12:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:A4:3F:B0:0E:36:1E:0F:17:96:65:64:44:7B:90:1D:B2:E7:C2:75 X509v3 Authority Key Identifier: keyid:86:4D:2F:0C:46:75:2B:F0:69:73:8F:BA:67:EF:E2:F6:B8:B6:2C:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hk0vDEZ1K_Bpc4-6Z-_i9ri2LMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8e2d6c-1481-4844-a7ee-1fa540b721c2/1/2KQ_sA42Hg8XlmVkRHuQHbLnwnU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8e2d6c-1481-4844-a7ee-1fa540b721c2/1/hk0vDEZ1K_Bpc4-6Z-_i9ri2LMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.192.144.0/22 91.214.36.0/22 91.214.52.0/22 91.224.146.0/23 185.237.156.0/22 193.169.18.0/23 Signature Algorithm: sha256WithRSAEncryption b4:7f:03:86:75:cf:a5:aa:9d:43:b4:ef:69:86:10:3b:94:bc: 54:5d:8c:b0:78:5e:6d:68:bf:2e:3b:d7:bd:39:10:6f:34:af: e1:72:a5:b4:3a:73:a7:7d:60:e8:92:e0:b3:59:87:cd:fe:ce: 75:92:43:aa:73:4b:09:6f:14:46:b2:64:11:07:58:ff:89:c5: a5:c7:3b:59:aa:0c:ea:18:f1:40:ea:2e:b5:a1:16:d5:94:4f: 09:ff:af:b7:c8:19:12:29:55:ba:c3:6d:8c:10:21:4f:f5:12: ae:e5:44:0e:7a:49:4b:eb:2f:55:18:da:65:af:25:82:0d:1d: 62:df:01:16:c4:16:bd:92:67:44:78:8d:e1:e9:4d:8c:90:d3: 66:08:58:40:83:c7:38:18:cf:3c:d5:36:66:e4:05:f0:66:ff: 31:33:fd:4c:94:52:32:59:63:1d:45:9f:22:da:d7:8a:d1:94: ac:ec:1b:08:cd:a7:2c:ca:c6:05:1a:34:76:0f:5e:95:05:fc: 3e:2f:45:fc:3d:4c:3a:86:7c:98:7c:48:b8:ab:98:67:65:4e: 1a:07:f1:2d:50:c2:7e:13:0d:f0:d7:df:35:db:ce:5d:07:a6: 81:e6:0a:33:04:0a:ff:84:0d:b4:93:5a:26:df:59:51:a7:df: 14:99:5a:ba -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZssYIrt3BfGrLgjXo59kf1nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2NGQyZjBjNDY3NTJiZjA2OTczOGZiYTY3ZWZlMmY2Yjhi NjJjYzQwHhcNMjUxMjE3MTI1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGE0M2ZiMDBlMzYxZTBmMTc5NjY1NjQ0NDdiOTAxZGIyZTdjMjc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQokSbcfwR58ovKis0a8mq6OremE S1KVCz9bu+1vwGnpeCMeLKVot5r9dT9KQHM6XaO/+hJIX6CPT2H8M6wWGDd3IKKw ZdIquDzAd6up7na/WikgoldVjRNZBwWZKrzmCqSBz6C1x9Q1WXAo0NSMKKLxR4v4 2fR4wAL3iAsoPI0UcvtbkkSJmyqnvjJnkfgC3z+dnYdpLBX3VvILlDdunnl05WEp fEKFb4iCqEaoLp4OhYJi9snIEKS5vEitupCaQKo5REKWZ3OVYF+xPMmKPvug2enp 6E+ikKTbrWCiuRoLFMf1sGhRM7jo4f6qos0TENW4IfjEQ2agOq4HrTcSDwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFNikP7AONh4PF5ZlZER7kB2y58J1MB8GA1UdIwQY MBaAFIZNLwxGdSvwaXOPumfv4va4tizEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGswdkRFWjFLX0JwYzQtNlotX2k5cmkyTE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84ZTJkNmMtMTQ4MS00ODQ0LWE3ZWUt MWZhNTQwYjcyMWMyLzEvMktRX3NBNDJIZzhYbG1Wa1JIdVFIYkxud25VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi84ZTJkNmMtMTQ4MS00ODQ0LWE3ZWUtMWZhNTQwYjcyMWMy LzEvaGswdkRFWjFLX0JwYzQtNlotX2k5cmkyTE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW8CQAwQC W9YkAwQCW9Y0AwQBW+CSAwQCue2cAwQBwakSMA0GCSqGSIb3DQEBCwUAA4IBAQC0 fwOGdc+lqp1DtO9phhA7lLxUXYyweF5taL8uO9e9ORBvNK/hcqW0OnOnfWDokuCz WYfN/s51kkOqc0sJbxRGsmQRB1j/icWlxztZqgzqGPFA6i61oRbVlE8J/6+3yBkS KVW6w22MECFP9RKu5UQOeklL6y9VGNplryWCDR1i3wEWxBa9kmdEeI3h6U2MkNNm CFhAg8c4GM881TZm5AXwZv8xM/1MlFIyWWMdRZ8i2teK0ZSs7BsIzacsysYFGjR2 D16VBfw+L0X8PUw6hnyYfEi4q5hnZU4aB/EtUMJ+Ew3w1981285dB6aB5gozBAr/ hA20k1om31lRp98UmVq6 -----END CERTIFICATE-----Generated at Fri Dec 26 17:19:31 2025 by rpki-client