This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2iHfuVG6WoZ0qe6GRG1SVE2C6Jo.roa File: 2iHfuVG6WoZ0qe6GRG1SVE2C6Jo.roa (raw, json) Hash identifier: vBBNdgkhjfG1kRT3FsTblamQnzblPOy85bJATaZZoh8= Subject key identifier: DA:21:DF:B9:51:BA:5A:86:74:A9:EE:86:44:6D:52:54:4D:82:E8:9A Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5A9DCD884C784772856363BC1CA68F Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2iHfuVG6WoZ0qe6GRG1SVE2C6Jo.roa Signing time: Thu 01 Jan 2026 16:18:37 +0000 ROA not before: Thu 01 Jan 2026 16:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21859 IP address blocks: 77.107.82.0/24 maxlen: 24 82.153.216.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:9d:cd:88:4c:78:47:72:85:63:63:bc:1c:a6:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da21dfb951ba5a8674a9ee86446d52544d82e89a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a7:f5:04:2c:59:e0:1e:1f:50:e4:23:ec:02: 36:fb:bb:8f:5d:b0:60:53:f7:18:9e:d8:db:22:95: c4:3d:57:e3:e2:02:d0:7b:63:91:30:c2:70:a5:22: c8:0c:3e:a3:02:30:1c:d5:04:0c:67:e3:bd:f1:6b: 7a:f7:79:69:d8:72:f9:45:3d:80:8c:5b:c2:f6:34: 37:cb:5d:3a:d2:2b:b8:c5:a5:48:92:0f:06:17:4b: af:53:22:be:4e:8c:3f:98:28:1b:a8:6b:a8:ed:63: d5:31:3f:f6:34:41:72:75:a5:78:c8:07:5e:d0:f9: 63:dc:0f:c9:1c:95:1d:f8:13:e6:ab:69:0b:f6:fd: c5:13:81:bd:61:e8:93:67:46:09:d6:bf:1f:33:0e: 4e:50:9b:5c:0e:78:83:56:08:b7:4f:f4:88:31:b4: 42:45:28:51:c3:ba:97:a4:ca:ac:1e:d1:22:e2:ef: 7b:44:12:43:88:c2:4e:33:8a:56:cc:d8:87:38:8b: 90:15:4c:4d:ec:c2:fa:11:b2:47:a4:63:a5:73:2b: 19:fc:9a:0e:74:e6:92:e7:5a:83:ae:34:10:1d:bf: 02:a3:44:1e:62:90:70:b8:10:c6:4c:1b:fe:73:a2: 94:05:55:2b:78:4d:92:40:21:aa:7e:c1:c7:bb:43: bf:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:21:DF:B9:51:BA:5A:86:74:A9:EE:86:44:6D:52:54:4D:82:E8:9A X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2iHfuVG6WoZ0qe6GRG1SVE2C6Jo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.107.82.0/24 82.153.216.0/24 Signature Algorithm: sha256WithRSAEncryption 49:fd:18:b4:b2:18:5b:26:f5:a1:dd:18:01:33:87:95:2b:9a: c3:92:3f:33:ca:d4:e3:75:85:9d:a3:36:6a:e6:1e:90:b2:a1: d3:93:c2:00:af:11:26:37:fc:0e:a1:3e:b8:e8:c9:5b:ae:fd: 3a:50:66:ca:b2:8c:f6:76:02:c6:14:a0:0a:db:a8:88:fd:ae: 04:3e:10:dd:32:3e:59:5d:fc:67:01:61:8d:17:c7:ea:2e:e6: ab:a8:f3:4b:06:46:ce:3d:11:fe:bd:60:a9:f0:81:e2:25:96: 0a:4a:05:e1:62:a5:0e:41:c0:c4:de:b0:07:5c:18:95:63:88: 43:c8:e0:f1:40:b0:64:3d:d8:1b:7b:07:e5:74:e7:55:70:55: 5d:fa:02:85:7b:54:e9:7e:50:49:42:d9:c4:bc:c3:1b:72:5e: 80:a1:fa:08:f4:ac:b5:03:bd:68:d4:48:57:a1:8a:2c:59:e4: 50:4d:60:e4:5e:34:7d:52:90:4b:89:17:f9:8d:8a:bb:16:96: 42:6b:64:c2:67:1a:77:cb:aa:b3:36:51:95:d7:8f:3d:19:0a: 9f:68:75:a6:95:ab:ca:4e:b8:7c:2c:ae:ac:e7:8f:c9:a7:d2: 49:41:95:8d:05:04:0a:d9:2b:87:84:0d:8e:6a:a0:f1:49:92: 4a:83:89:52 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wp3NiEx4R3KFY2O8HKaPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTIxZGZiOTUxYmE1YTg2NzRhOWVlODY0NDZkNTI1NDRkODJlODlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqf1BCxZ4B4fUOQj7AI2+7uPXbBg U/cYntjbIpXEPVfj4gLQe2ORMMJwpSLIDD6jAjAc1QQMZ+O98Wt693lp2HL5RT2A jFvC9jQ3y1060iu4xaVIkg8GF0uvUyK+Tow/mCgbqGuo7WPVMT/2NEFydaV4yAde 0Plj3A/JHJUd+BPmq2kL9v3FE4G9YeiTZ0YJ1r8fMw5OUJtcDniDVgi3T/SIMbRC RShRw7qXpMqsHtEi4u97RBJDiMJOM4pWzNiHOIuQFUxN7ML6EbJHpGOlcysZ/JoO dOaS51qDrjQQHb8Co0QeYpBwuBDGTBv+c6KUBVUreE2SQCGqfsHHu0O/BwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNoh37lRulqGdKnuhkRtUlRNguiaMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvMmlIZnVWRzZXb1owcWU2R1JHMVNWRTJDNkpvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATWtSAwQA UpnYMA0GCSqGSIb3DQEBCwUAA4IBAQBJ/Ri0shhbJvWh3RgBM4eVK5rDkj8zytTj dYWdozZq5h6QsqHTk8IArxEmN/wOoT646Mlbrv06UGbKsoz2dgLGFKAK26iI/a4E PhDdMj5ZXfxnAWGNF8fqLuarqPNLBkbOPRH+vWCp8IHiJZYKSgXhYqUOQcDE3rAH XBiVY4hDyODxQLBkPdgbewfldOdVcFVd+gKFe1TpflBJQtnEvMMbcl6AofoI9Ky1 A71o1EhXoYosWeRQTWDkXjR9UpBLiRf5jYq7FpZCa2TCZxp3y6qzNlGV1489GQqf aHWmlavKTrh8LK6s54/Jp9JJQZWNBQQK2SuHhA2OaqDxSZJKg4lS -----END CERTIFICATE-----Generated at Thu Jan 8 17:25:06 2026 by rpki-client