This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/7eb074-1331-4dea-9e60-1f1ec400fa50/1/_2cf_EXh2kLfCOS7aAjrWSITrHc.roa File: _2cf_EXh2kLfCOS7aAjrWSITrHc.roa (raw, json) Hash identifier: zrJvNFrtdqhVjP3rBieXtFDSJaOIOQdUfZ5Ouc9oaEw= Subject key identifier: FF:67:1F:FC:45:E1:DA:42:DF:08:E4:BB:68:08:EB:59:22:13:AC:77 Certificate issuer: /CN=03e563477ca2bde69ef7943991f95333057b3e36 Certificate serial: 019B7C7FAF613D5415F7983DF613465617FB Authority key identifier: 03:E5:63:47:7C:A2:BD:E6:9E:F7:94:39:91:F9:53:33:05:7B:3E:36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-VjR3yiveae95Q5kflTMwV7PjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/7eb074-1331-4dea-9e60-1f1ec400fa50/1/_2cf_EXh2kLfCOS7aAjrWSITrHc.roa Signing time: Fri 02 Jan 2026 02:18:21 +0000 ROA not before: Fri 02 Jan 2026 02:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214679 IP address blocks: 45.88.57.0/24 maxlen: 24 2a0d:3480::/29 maxlen: 29 2a0d:3480:a::/48 maxlen: 48 2a0d:3480:b::/48 maxlen: 48 2a0d:3480:c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/7eb074-1331-4dea-9e60-1f1ec400fa50/1/A-VjR3yiveae95Q5kflTMwV7PjY.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/7eb074-1331-4dea-9e60-1f1ec400fa50/1/A-VjR3yiveae95Q5kflTMwV7PjY.mft rsync://rpki.ripe.net/repository/DEFAULT/A-VjR3yiveae95Q5kflTMwV7PjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:af:61:3d:54:15:f7:98:3d:f6:13:46:56:17:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03e563477ca2bde69ef7943991f95333057b3e36 Validity Not Before: Jan 2 02:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff671ffc45e1da42df08e4bb6808eb592213ac77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:59:5c:91:bd:bf:9b:0a:d3:08:49:a2:9e:99: 0d:db:4f:27:e6:4e:0e:1d:f6:56:df:a3:eb:4c:3d: 2c:4d:11:14:dc:67:81:b0:73:b1:66:e2:e2:18:87: 45:fc:6f:31:f5:0a:85:da:99:40:94:be:3f:0c:69: f2:6c:ec:8d:bc:1e:cc:d9:11:a5:34:2a:84:c0:e1: ed:fe:68:e9:9d:96:99:18:56:0c:09:5a:b4:f0:95: 19:14:d6:d6:8b:ab:67:8a:4f:f8:99:f5:dd:6e:c0: 43:e2:36:31:7a:90:27:2c:e5:13:55:01:60:dd:ae: 0d:08:48:74:47:62:75:4a:ea:fa:93:66:11:76:19: f5:8a:ef:7d:d8:b4:cb:7b:eb:b9:92:ca:5f:0c:04: 83:85:db:00:d7:84:b6:78:d9:0c:59:58:ed:97:ec: 32:8e:5f:f2:51:6d:08:02:71:06:eb:4c:ae:71:e3: 3e:9b:e0:c7:04:76:17:00:2f:f3:2c:e3:f4:fa:47: 1f:02:5f:f2:93:77:31:69:7c:2f:f5:db:63:94:70: bc:7d:8c:68:6c:c2:8e:be:9e:a7:8e:8f:7d:a3:45: 67:35:68:83:32:d5:d5:73:56:45:2b:67:15:67:13: 10:9b:7e:a5:0c:34:51:62:2d:f1:e5:19:50:f2:89: 93:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:67:1F:FC:45:E1:DA:42:DF:08:E4:BB:68:08:EB:59:22:13:AC:77 X509v3 Authority Key Identifier: keyid:03:E5:63:47:7C:A2:BD:E6:9E:F7:94:39:91:F9:53:33:05:7B:3E:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-VjR3yiveae95Q5kflTMwV7PjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/7eb074-1331-4dea-9e60-1f1ec400fa50/1/_2cf_EXh2kLfCOS7aAjrWSITrHc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/7eb074-1331-4dea-9e60-1f1ec400fa50/1/A-VjR3yiveae95Q5kflTMwV7PjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.88.57.0/24 IPv6: 2a0d:3480::/29 Signature Algorithm: sha256WithRSAEncryption b8:a6:df:39:50:30:a8:94:41:63:c8:f9:11:e7:73:23:36:1f: 49:c4:ef:37:9a:92:2a:a8:9c:91:94:f7:85:a8:59:4f:2c:87: f3:df:a5:28:ff:e2:bd:94:a4:1a:c4:f3:a4:85:b1:ab:67:bb: 53:67:04:4c:da:5f:7f:01:0c:3c:84:36:85:42:14:96:c2:44: 69:60:50:4a:32:bf:a0:80:d4:53:3f:6d:e8:41:8b:60:79:64: b2:62:ba:83:02:eb:df:ea:ce:5a:98:70:22:8e:aa:80:6d:c0: a4:7a:84:79:15:2d:3c:fd:bb:d8:85:c9:ad:60:f6:6f:a0:99: 66:59:03:fa:6e:9c:3a:f1:09:b0:04:04:65:d5:c4:1a:de:8d: eb:b7:68:cc:4f:1b:81:b2:25:b1:f2:96:4b:76:48:e3:ff:27: 93:a3:5a:4b:1c:53:f1:a5:8f:3d:37:8d:1b:94:8c:90:21:e8: d3:13:27:d8:24:fc:75:51:d4:14:fb:7c:57:41:32:4d:b2:12: 75:76:77:38:41:c0:77:3b:52:99:dc:f7:73:57:8c:82:f0:7a: 8c:fc:ad:f0:a0:19:c3:71:15:7e:55:3d:b9:5f:9f:8a:dd:51: 8c:90:81:57:cf:f0:6b:4e:a0:9e:57:cc:30:19:ec:ef:ae:9e: 63:14:95:39 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8f69hPVQV95g99hNGVhf7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzZTU2MzQ3N2NhMmJkZTY5ZWY3OTQzOTkxZjk1MzMzMDU3 YjNlMzYwHhcNMjYwMTAyMDIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjY3MWZmYzQ1ZTFkYTQyZGYwOGU0YmI2ODA4ZWI1OTIyMTNhYzc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41lckb2/mwrTCEminpkN208n5k4O HfZW36PrTD0sTREU3GeBsHOxZuLiGIdF/G8x9QqF2plAlL4/DGnybOyNvB7M2RGl NCqEwOHt/mjpnZaZGFYMCVq08JUZFNbWi6tnik/4mfXdbsBD4jYxepAnLOUTVQFg 3a4NCEh0R2J1Sur6k2YRdhn1iu992LTLe+u5kspfDASDhdsA14S2eNkMWVjtl+wy jl/yUW0IAnEG60yuceM+m+DHBHYXAC/zLOP0+kcfAl/yk3cxaXwv9dtjlHC8fYxo bMKOvp6njo99o0VnNWiDMtXVc1ZFK2cVZxMQm36lDDRRYi3x5RlQ8omTFQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFP9nH/xF4dpC3wjku2gI61kiE6x3MB8GA1UdIwQY MBaAFAPlY0d8or3mnveUOZH5UzMFez42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQS1WalIzeWl2ZWFlOTVRNWtmbFRNd1Y3UGpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83ZWIwNzQtMTMzMS00ZGVhLTllNjAt MWYxZWM0MDBmYTUwLzEvXzJjZl9FWGgya0xmQ09TN2FBanJXU0lUckhjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy83ZWIwNzQtMTMzMS00ZGVhLTllNjAtMWYxZWM0MDBmYTUw LzEvQS1WalIzeWl2ZWFlOTVRNWtmbFRNd1Y3UGpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALVg5MA0E AgACMAcDBQMqDTSAMA0GCSqGSIb3DQEBCwUAA4IBAQC4pt85UDColEFjyPkR53Mj Nh9JxO83mpIqqJyRlPeFqFlPLIfz36Uo/+K9lKQaxPOkhbGrZ7tTZwRM2l9/AQw8 hDaFQhSWwkRpYFBKMr+ggNRTP23oQYtgeWSyYrqDAuvf6s5amHAijqqAbcCkeoR5 FS08/bvYhcmtYPZvoJlmWQP6bpw68QmwBARl1cQa3o3rt2jMTxuBsiWx8pZLdkjj /yeTo1pLHFPxpY89N40blIyQIejTEyfYJPx1UdQU+3xXQTJNshJ1dnc4QcB3O1KZ 3PdzV4yC8HqM/K3woBnDcRV+VT25X5+K3VGMkIFXz/BrTqCeV8wwGezvrp5jFJU5 -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:29 2026 by rpki-client