This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/kFN2JA4wyXnX-X3t1ScNXsaC0ps.roa File: kFN2JA4wyXnX-X3t1ScNXsaC0ps.roa (raw, json) Hash identifier: pFO8WJK2IpmyD0BiUSZgYwNmBI+Ty3QLefXtzLAgFO4= Subject key identifier: 90:53:76:24:0E:30:C9:79:D7:F9:7D:ED:D5:27:0D:5E:C6:82:D2:9B Certificate issuer: /CN=4c7594b0214264f06677609bb4aa4779eb1eecad Certificate serial: 019B7E377F401EBD12BBD8DC99EE6B7EF4F7 Authority key identifier: 4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/kFN2JA4wyXnX-X3t1ScNXsaC0ps.roa Signing time: Fri 02 Jan 2026 10:18:44 +0000 ROA not before: Fri 02 Jan 2026 10:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29263 IP address blocks: 217.68.48.0/20 maxlen: 20 217.68.48.0/21 maxlen: 21 217.68.48.0/22 maxlen: 22 217.68.48.0/28 maxlen: 28 217.68.48.124/30 maxlen: 30 217.68.48.128/30 maxlen: 30 217.68.48.144/29 maxlen: 29 217.68.48.160/27 maxlen: 27 217.68.48.252/32 maxlen: 32 217.68.48.253/32 maxlen: 32 217.68.49.65/32 maxlen: 32 217.68.49.75/32 maxlen: 32 217.68.49.85/32 maxlen: 32 217.68.49.93/32 maxlen: 32 217.68.49.208/29 maxlen: 29 217.68.49.216/29 maxlen: 29 217.68.50.0/24 maxlen: 24 217.68.51.0/24 maxlen: 24 217.68.52.0/22 maxlen: 22 217.68.53.0/24 maxlen: 24 217.68.56.0/21 maxlen: 21 217.68.56.0/22 maxlen: 22 217.68.58.0/24 maxlen: 24 217.68.60.0/22 maxlen: 22 217.68.60.0/24 maxlen: 24 217.68.61.0/24 maxlen: 24 2a02:2400::/32 maxlen: 32 2a02:2400::/34 maxlen: 34 2a02:2400:4000::/34 maxlen: 34 2a02:2400:8000::/34 maxlen: 34 2a02:2400:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.mft rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:7f:40:1e:bd:12:bb:d8:dc:99:ee:6b:7e:f4:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c7594b0214264f06677609bb4aa4779eb1eecad Validity Not Before: Jan 2 10:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=905376240e30c979d7f97dedd5270d5ec682d29b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:32:78:48:a6:ea:d9:98:ce:e2:c2:6d:f5:b5: 3d:79:dc:a9:6d:a9:73:c6:5b:66:58:eb:0c:21:6d: 67:e6:a0:90:7f:ae:c8:c0:ec:eb:5a:25:bd:09:5d: d2:13:5d:85:1e:6e:23:80:40:b3:83:6e:6e:34:b4: 0b:1f:6c:7e:84:11:31:3d:2b:57:b7:41:35:ee:5d: 80:2b:0b:56:0f:9e:1a:26:75:23:7c:f6:3f:7c:ba: 9b:7c:26:25:77:f6:38:31:6c:c9:a0:3c:60:e5:a9: a0:b6:64:b2:e9:b1:ed:d4:40:f1:fa:76:cf:a8:43: 3a:72:aa:4e:01:b0:3f:0d:fa:e0:c3:41:91:f0:be: 0b:8c:ad:7f:0a:ac:fc:c6:41:46:ee:04:be:d9:e7: 53:8e:02:a7:e5:fb:92:78:fc:08:c3:81:4e:df:03: 90:c3:a4:8c:ab:e8:ef:34:ac:3e:1b:60:cb:20:30: fe:52:04:cf:56:d7:17:a4:75:a6:67:86:5b:f7:9b: 22:b2:14:4d:42:69:49:8a:a4:e3:4e:69:fc:87:78: 6f:71:80:7e:88:c7:85:b5:1f:fb:f7:31:4c:07:46: 65:74:ac:47:f4:b7:14:d8:84:e1:5f:97:ec:85:93: b5:ca:f7:cc:1e:66:f5:b5:42:07:82:8c:a6:37:a3: 0b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:53:76:24:0E:30:C9:79:D7:F9:7D:ED:D5:27:0D:5E:C6:82:D2:9B X509v3 Authority Key Identifier: keyid:4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/kFN2JA4wyXnX-X3t1ScNXsaC0ps.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.68.48.0/20 IPv6: 2a02:2400::/32 Signature Algorithm: sha256WithRSAEncryption af:5e:e3:6a:44:db:c5:65:17:15:79:2d:5f:f2:eb:02:6d:52: c1:8c:68:21:00:c6:c0:35:5d:5f:ca:c5:9e:d1:b4:ce:49:9b: 3d:47:2f:2d:29:ae:f1:6c:00:16:69:66:5b:58:ec:cd:e0:53: 57:09:40:4f:79:d3:c7:29:87:1b:74:9a:5f:38:90:f2:1d:1d: 16:65:d1:b1:99:da:ad:a8:eb:52:a2:22:59:db:8a:e2:ef:16: d6:0e:69:a0:b0:6d:f0:58:f2:d5:f3:4d:b1:11:8d:90:21:7f: 9b:63:f8:fd:df:d5:a6:83:7d:e0:6b:ab:29:06:62:22:b6:5d: b9:d3:aa:1d:77:20:ae:c6:65:54:e0:85:5b:b2:19:5a:e1:d0: 73:cc:f8:94:8a:50:65:94:9d:19:ec:5d:64:1d:76:a8:17:63: f5:bd:93:22:9d:8c:d2:d0:49:20:d7:3e:4f:df:ba:dc:38:43: df:42:b6:71:fc:97:bd:d7:eb:c8:d2:27:88:e0:cd:30:dc:b8: 83:ef:44:e8:ae:a9:a7:a3:2a:3e:b9:c5:28:e3:27:9f:b5:38: f8:d5:73:f7:ca:f9:78:4e:62:3c:9f:06:ed:ea:96:6f:93:b0: 71:2b:4d:b9:8e:4f:33:14:59:4b:c6:82:53:f4:86:51:ef:32: 2b:6a:e1:a1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+N39AHr0Su9jcme5rfvT3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjNzU5NGIwMjE0MjY0ZjA2Njc3NjA5YmI0YWE0Nzc5ZWIx ZWVjYWQwHhcNMjYwMTAyMTAxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDUzNzYyNDBlMzBjOTc5ZDdmOTdkZWRkNTI3MGQ1ZWM2ODJkMjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DJ4SKbq2ZjO4sJt9bU9edypbalz xltmWOsMIW1n5qCQf67IwOzrWiW9CV3SE12FHm4jgECzg25uNLQLH2x+hBExPStX t0E17l2AKwtWD54aJnUjfPY/fLqbfCYld/Y4MWzJoDxg5amgtmSy6bHt1EDx+nbP qEM6cqpOAbA/Dfrgw0GR8L4LjK1/Cqz8xkFG7gS+2edTjgKn5fuSePwIw4FO3wOQ w6SMq+jvNKw+G2DLIDD+UgTPVtcXpHWmZ4Zb95sishRNQmlJiqTjTmn8h3hvcYB+ iMeFtR/79zFMB0ZldKxH9LcU2IThX5fshZO1yvfMHmb1tUIHgoymN6MLEwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJBTdiQOMMl51/l97dUnDV7GgtKbMB8GA1UdIwQY MBaAFEx1lLAhQmTwZndgm7SqR3nrHuytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYt YjEzMGJmNzZmZTEwLzEva0ZOMkpBNHd5WG5YLVgzdDFTY05Yc2FDMHBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYtYjEzMGJmNzZmZTEw LzEvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UQwMA0E AgACMAcDBQAqAiQAMA0GCSqGSIb3DQEBCwUAA4IBAQCvXuNqRNvFZRcVeS1f8usC bVLBjGghAMbANV1fysWe0bTOSZs9Ry8tKa7xbAAWaWZbWOzN4FNXCUBPedPHKYcb dJpfOJDyHR0WZdGxmdqtqOtSoiJZ24ri7xbWDmmgsG3wWPLV802xEY2QIX+bY/j9 39Wmg33ga6spBmIitl2506oddyCuxmVU4IVbshla4dBzzPiUilBllJ0Z7F1kHXao F2P1vZMinYzS0Ekg1z5P37rcOEPfQrZx/Je91+vI0ieI4M0w3LiD70Torqmnoyo+ ucUo4yeftTj41XP3yvl4TmI8nwbt6pZvk7BxK025jk8zFFlLxoJT9IZR7zIrauGh -----END CERTIFICATE-----Generated at Tue Feb 10 02:48:09 2026 by rpki-client