This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/2bI3Qmws3XXES10TrMjiduJ0YjM.roa File: 2bI3Qmws3XXES10TrMjiduJ0YjM.roa (raw, json) Hash identifier: bcVf9v+MOeXBf4uPxEXPoMaoEkIH2++T0r9Amvk7Lz4= Subject key identifier: D9:B2:37:42:6C:2C:DD:75:C4:4B:5D:13:AC:C8:E2:76:E2:74:62:33 Certificate issuer: /CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc Certificate serial: 019B7BA3A5A7BEFA88983F0B218AF01785C9 Authority key identifier: 1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/2bI3Qmws3XXES10TrMjiduJ0YjM.roa Signing time: Thu 01 Jan 2026 22:18:00 +0000 ROA not before: Thu 01 Jan 2026 22:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215495 IP address blocks: 2001:67c:dec::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/HL1XRuMACR3tGhGhOxaAe0_Q8fw.crl rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/HL1XRuMACR3tGhGhOxaAe0_Q8fw.mft rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:a5:a7:be:fa:88:98:3f:0b:21:8a:f0:17:85:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc Validity Not Before: Jan 1 22:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9b237426c2cdd75c44b5d13acc8e276e2746233 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:6b:ac:f4:3b:86:c2:50:6b:18:10:7b:c8:a9: 31:f2:97:52:de:a5:51:6f:f8:0d:b9:c6:81:e5:b4: 03:f0:27:c8:00:6f:88:3f:f0:ac:62:c9:ca:c2:b6: 10:da:9d:6a:82:c3:ce:7c:2e:00:11:e8:af:f9:e3: bd:71:c0:f7:4c:8c:54:62:55:15:1f:22:dc:8b:c8: f1:b2:e8:5c:e2:44:02:84:39:94:3e:35:c2:47:bb: f6:2d:d8:04:81:89:ec:4d:60:93:09:41:3b:59:d0: 19:78:69:d1:f7:46:00:d9:c6:f5:33:47:7e:e4:50: 02:cf:b0:d3:82:92:75:a3:eb:10:ce:13:a9:5b:e8: b0:a4:6f:eb:08:57:d4:cc:a4:86:96:ed:fb:67:d1: 34:c0:8d:b2:d1:c1:bf:78:79:af:6d:37:ac:47:f0: 13:d9:03:7a:59:71:27:fd:6c:7f:f9:d0:0d:ae:4a: f0:1b:12:64:18:00:93:03:90:60:54:21:81:66:10: 21:cd:29:9f:da:2c:fa:da:34:10:2e:84:2d:c7:4e: 25:86:76:f9:9d:6e:ec:e1:2c:26:69:52:f8:af:9d: 3b:e5:02:3c:4a:ba:b1:ba:55:18:16:d7:a1:82:1d: 3e:fa:a9:c4:6f:ca:c8:9c:8a:52:99:ac:04:22:8a: 6e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:B2:37:42:6C:2C:DD:75:C4:4B:5D:13:AC:C8:E2:76:E2:74:62:33 X509v3 Authority Key Identifier: keyid:1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/2bI3Qmws3XXES10TrMjiduJ0YjM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/HL1XRuMACR3tGhGhOxaAe0_Q8fw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:dec::/48 Signature Algorithm: sha256WithRSAEncryption 5d:44:1f:b1:3d:85:5e:52:ef:80:02:c9:6b:6d:dc:28:21:3b: d3:7f:20:95:69:ad:b1:55:ab:43:6d:af:51:e5:ba:87:39:52: 7f:dd:75:f6:c3:10:58:d5:62:53:84:ca:54:17:6e:51:5c:31: 47:81:f2:ee:7f:8d:1e:5c:0c:47:e4:ee:22:06:c2:99:b3:07: 14:1c:a4:37:a2:91:8e:00:de:64:59:d9:90:d7:a2:0f:33:ff: b2:45:f7:3e:29:92:0c:2b:cd:05:6f:d8:33:7f:6b:57:2b:2a: 6b:76:e3:b9:62:60:b0:de:e6:5a:65:bf:d7:ff:e7:f9:09:39: 89:6f:e2:bc:54:0f:ba:01:27:40:7a:c4:76:6a:e4:c6:14:bf: 80:0b:82:4e:db:2f:3d:fc:be:6c:9a:d7:e4:88:8e:e8:50:22: dd:4e:7d:43:99:a2:26:69:40:c2:2e:5f:22:cb:fc:fe:f3:b5: 7c:bf:06:b0:2d:de:35:b3:b1:c2:e3:23:e7:39:f0:11:6c:bc: cb:cf:a8:c3:65:63:b0:af:7a:ce:78:34:14:15:91:a4:e3:47: 3e:45:76:eb:8a:12:6b:7c:8f:2a:81:94:b4:84:8c:4a:e6:57: 7b:5c:b4:d8:52:17:54:ff:bd:9d:cf:bf:d9:df:62:14:43:42: 84:20:1c:b3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt7o6WnvvqImD8LIYrwF4XJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYmQ1NzQ2ZTMwMDA5MWRlZDFhMTFhMTNiMTY4MDdiNGZk MGYxZmMwHhcNMjYwMTAxMjIxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWIyMzc0MjZjMmNkZDc1YzQ0YjVkMTNhY2M4ZTI3NmUyNzQ2MjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWus9DuGwlBrGBB7yKkx8pdS3qVR b/gNucaB5bQD8CfIAG+IP/CsYsnKwrYQ2p1qgsPOfC4AEeiv+eO9ccD3TIxUYlUV HyLci8jxsuhc4kQChDmUPjXCR7v2LdgEgYnsTWCTCUE7WdAZeGnR90YA2cb1M0d+ 5FACz7DTgpJ1o+sQzhOpW+iwpG/rCFfUzKSGlu37Z9E0wI2y0cG/eHmvbTesR/AT 2QN6WXEn/Wx/+dANrkrwGxJkGACTA5BgVCGBZhAhzSmf2iz62jQQLoQtx04lhnb5 nW7s4SwmaVL4r5075QI8SrqxulUYFtehgh0++qnEb8rInIpSmawEIopu1QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNmyN0JsLN11xEtdE6zI4nbidGIzMB8GA1UdIwQY MBaAFBy9V0bjAAkd7RoRoTsWgHtP0PH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQt YmRlYTYzZTVhN2M0LzEvMmJJM1Ftd3MzWFhFUzEwVHJNamlkdUowWWpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQtYmRlYTYzZTVhN2M0 LzEvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA3s MA0GCSqGSIb3DQEBCwUAA4IBAQBdRB+xPYVeUu+AAslrbdwoITvTfyCVaa2xVatD ba9R5bqHOVJ/3XX2wxBY1WJThMpUF25RXDFHgfLuf40eXAxH5O4iBsKZswcUHKQ3 opGOAN5kWdmQ16IPM/+yRfc+KZIMK80Fb9gzf2tXKyprduO5YmCw3uZaZb/X/+f5 CTmJb+K8VA+6ASdAesR2auTGFL+AC4JO2y89/L5smtfkiI7oUCLdTn1DmaImaUDC Ll8iy/z+87V8vwawLd41s7HC4yPnOfARbLzLz6jDZWOwr3rOeDQUFZGk40c+RXbr ihJrfI8qgZS0hIxK5ld7XLTYUhdU/72dz7/Z32IUQ0KEIByz -----END CERTIFICATE-----Generated at Tue Feb 10 04:48:59 2026 by rpki-client