This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/2kuIvYz0mPqtJbUQJNVx-lVPBIo.roa File: 2kuIvYz0mPqtJbUQJNVx-lVPBIo.roa (raw, json) Hash identifier: D0Xs0iUp+l8fS7+Aa1NtF7EeVcXmxlsHcjYkQRjFig4= Subject key identifier: DA:4B:88:BD:8C:F4:98:FA:AD:25:B5:10:24:D5:71:FA:55:4F:04:8A Certificate issuer: /CN=330fe971b3e36b16a92be85f59985be45968b864 Certificate serial: 019B7F15AC84ED48A2DA49BE961347781D5F Authority key identifier: 33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/2kuIvYz0mPqtJbUQJNVx-lVPBIo.roa Signing time: Fri 02 Jan 2026 14:21:25 +0000 ROA not before: Fri 02 Jan 2026 14:21:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15830 IP address blocks: 5.175.80.0/21 maxlen: 21 94.103.16.0/20 maxlen: 20 159.255.216.0/21 maxlen: 21 185.68.180.0/23 maxlen: 24 185.68.183.0/24 maxlen: 24 185.170.92.0/22 maxlen: 22 2a03:6980::/32 maxlen: 48 2a03:6981::/32 maxlen: 32 2a03:6982::/32 maxlen: 32 2a03:6983::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 21:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:ac:84:ed:48:a2:da:49:be:96:13:47:78:1d:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=330fe971b3e36b16a92be85f59985be45968b864 Validity Not Before: Jan 2 14:21:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da4b88bd8cf498faad25b51024d571fa554f048a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:9f:01:ff:43:fd:b7:75:d4:53:ad:4b:fa:47: df:31:68:45:a5:d0:93:11:db:f3:65:ab:77:3c:69: 2e:5a:39:36:a7:a6:54:61:31:1c:af:12:7d:c0:c5: 5e:9b:fc:2c:52:0b:75:5c:d8:4b:4f:c9:0d:8c:64: 2f:af:78:ce:a6:d9:ff:08:01:46:c1:02:13:0e:f3: 6c:b8:ee:96:23:e6:91:a5:99:80:da:c9:7a:0a:b5: 13:52:94:c7:bf:16:6c:72:db:29:44:46:77:30:68: f9:f4:3f:f8:9c:87:92:06:fb:3e:c1:00:e7:c5:d2: 06:20:4e:3e:36:d7:b5:64:42:1f:05:f2:8d:5c:f1: 92:a4:bb:52:b2:de:1f:f9:ab:68:8f:ac:07:91:aa: f7:8b:7e:fe:36:90:bd:69:8c:2c:74:92:96:da:b6: 4b:9b:96:a1:27:e6:de:ea:61:38:7e:0b:af:92:3e: 35:09:75:a7:db:37:c9:bc:7b:42:0f:f2:35:c7:2e: 33:25:4f:90:3d:7d:97:d3:0b:5c:99:db:2f:38:2a: e5:ed:eb:5c:e1:0f:51:68:17:19:1b:34:48:ff:5e: b4:c3:d3:26:d6:89:2c:84:4f:a7:37:85:25:9a:5f: 94:d1:8a:53:99:ef:57:4b:22:15:c9:2d:7e:a0:3c: 49:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:4B:88:BD:8C:F4:98:FA:AD:25:B5:10:24:D5:71:FA:55:4F:04:8A X509v3 Authority Key Identifier: keyid:33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/2kuIvYz0mPqtJbUQJNVx-lVPBIo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.175.80.0/21 94.103.16.0/20 159.255.216.0/21 185.68.180.0/23 185.68.183.0/24 185.170.92.0/22 IPv6: 2a03:6980::/30 Signature Algorithm: sha256WithRSAEncryption 80:21:ba:23:11:1c:d6:e7:a4:7e:a9:da:f3:da:6e:e9:f9:e0: dc:73:74:85:e6:e8:45:22:da:8b:d8:ec:9b:f9:86:60:65:1b: 4b:f9:81:d8:f1:ae:44:81:26:38:83:8f:4b:c1:7e:68:3d:15: 1a:e5:50:20:34:44:57:48:87:f0:b7:a7:8a:3b:01:9f:dc:29: 82:8e:d2:93:ec:3e:f0:b4:03:fd:b4:8c:81:67:ea:ad:80:a7: d9:1e:24:ba:a6:39:de:f4:4b:79:42:af:ac:ea:f8:1c:e0:dd: 59:e1:07:a9:4b:d9:fc:2e:8f:3d:88:12:f7:a2:cc:ef:92:53: 1f:eb:46:b0:ca:b8:94:22:7c:40:bb:d3:18:de:5c:28:f3:21: 1c:8f:75:1f:cc:c3:33:8a:9f:d2:35:a0:2a:ba:14:58:e1:df: 27:9b:60:21:5f:95:d5:24:14:33:87:dd:9f:77:c6:a9:0c:23: 2f:ce:d4:66:a0:af:dc:e2:69:e6:73:6b:43:09:bb:2c:d0:95: b4:ce:a1:5b:39:f1:73:bd:04:35:92:0c:de:fa:43:ed:5d:1b: 23:b8:ad:7b:b9:ce:e0:bc:b2:ef:11:97:26:d2:7e:a3:22:2c: f4:43:3f:67:0a:c5:88:77:e7:84:fb:97:d9:51:76:e5:0a:b5: 1b:9a:b4:93 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt/FayE7Uii2km+lhNHeB1fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMzMGZlOTcxYjNlMzZiMTZhOTJiZTg1ZjU5OTg1YmU0NTk2 OGI4NjQwHhcNMjYwMTAyMTQyMTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTRiODhiZDhjZjQ5OGZhYWQyNWI1MTAyNGQ1NzFmYTU1NGYwNDhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5p8B/0P9t3XUU61L+kffMWhFpdCT EdvzZat3PGkuWjk2p6ZUYTEcrxJ9wMVem/wsUgt1XNhLT8kNjGQvr3jOptn/CAFG wQITDvNsuO6WI+aRpZmA2sl6CrUTUpTHvxZsctspREZ3MGj59D/4nIeSBvs+wQDn xdIGIE4+Nte1ZEIfBfKNXPGSpLtSst4f+atoj6wHkar3i37+NpC9aYwsdJKW2rZL m5ahJ+be6mE4fguvkj41CXWn2zfJvHtCD/I1xy4zJU+QPX2X0wtcmdsvOCrl7etc 4Q9RaBcZGzRI/160w9Mm1okshE+nN4Ulml+U0YpTme9XSyIVyS1+oDxJ/QIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFNpLiL2M9Jj6rSW1ECTVcfpVTwSKMB8GA1UdIwQY MBaAFDMP6XGz42sWqSvoX1mYW+RZaLhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWIt MTFlOWU5ZjAxMzQzLzEvMmt1SXZZejBtUHF0SmJVUUpOVngtbFZQQklvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWItMTFlOWU5ZjAxMzQz LzEvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBa9QAwQE XmcQAwQDn//YAwQBuUS0AwQAuUS3AwQCuapcMA0EAgACMAcDBQIqA2mAMA0GCSqG SIb3DQEBCwUAA4IBAQCAIbojERzW56R+qdrz2m7p+eDcc3SF5uhFItqL2Oyb+YZg ZRtL+YHY8a5EgSY4g49LwX5oPRUa5VAgNERXSIfwt6eKOwGf3CmCjtKT7D7wtAP9 tIyBZ+qtgKfZHiS6pjne9Et5Qq+s6vgc4N1Z4QepS9n8Lo89iBL3oszvklMf60aw yriUInxAu9MY3lwo8yEcj3UfzMMzip/SNaAquhRY4d8nm2AhX5XVJBQzh92fd8ap DCMvztRmoK/c4mnmc2tDCbss0JW0zqFbOfFzvQQ1kgze+kPtXRsjuK17uc7gvLLv EZcm0n6jIiz0Qz9nCsWId+eE+5fZUXblCrUbmrST -----END CERTIFICATE-----Generated at Sat Jan 3 04:59:30 2026 by rpki-client