This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/2K2LRFKVS5G4UBpi02aIHEwaYbo.roa File: 2K2LRFKVS5G4UBpi02aIHEwaYbo.roa (raw, json) Hash identifier: vp6Q5byh4sOxsLn6+xnbICkzt50Gu7I9DJlz9grAs68= Subject key identifier: D8:AD:8B:44:52:95:4B:91:B8:50:1A:62:D3:66:88:1C:4C:1A:61:BA Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1 Certificate serial: 019B7E380F481AB836852F068C8A1C10C712 Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/2K2LRFKVS5G4UBpi02aIHEwaYbo.roa Signing time: Fri 02 Jan 2026 10:19:21 +0000 ROA not before: Fri 02 Jan 2026 10:19:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211027 IP address blocks: 2a09:3d00::/29 maxlen: 36 2a09:b680::/29 maxlen: 36 2a0f:c582::/32 maxlen: 32 2a10:c340:7000::/36 maxlen: 36 2a11:200:2000::/36 maxlen: 36 2a11:780::/29 maxlen: 36 2a11:b80::/29 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 13:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:0f:48:1a:b8:36:85:2f:06:8c:8a:1c:10:c7:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1 Validity Not Before: Jan 2 10:19:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8ad8b4452954b91b8501a62d366881c4c1a61ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:42:47:83:65:ef:5f:91:fd:3a:b1:69:a5:8e: c8:06:a7:1f:2d:f5:20:f9:3f:d0:d0:53:68:37:f9: 7a:cb:17:52:ef:a5:a1:e6:70:29:cb:00:f9:d1:87: 06:9e:5e:8f:33:89:b7:70:3f:28:bb:d8:e7:87:b2: d8:1a:d7:b4:28:d8:37:b3:52:61:83:32:9e:e8:13: d3:09:f8:58:82:df:2c:9b:51:c5:78:d3:8f:30:32: be:dd:33:a0:a6:a7:90:73:b4:1d:e9:03:a1:34:3e: 2a:e3:c2:f1:3c:3e:bf:f7:da:f9:1a:e6:60:8e:70: 67:92:9a:36:14:0f:c1:24:05:0e:d6:57:d4:7b:61: e1:02:e1:10:6d:45:35:0e:b3:b9:6b:d5:9a:fa:e3: 65:0c:30:76:42:78:8e:6b:9b:81:79:42:b9:a4:6e: 56:3c:cd:f3:7e:1a:86:83:33:ef:4c:3b:ea:c8:7a: 83:47:78:99:f4:e3:e6:0f:0b:35:05:17:78:73:f6: c5:0e:95:41:23:be:f8:c5:82:dd:a9:68:c8:06:2b: b7:25:97:8f:ce:13:4c:02:9b:3c:dd:22:73:86:a0: 46:79:dc:df:30:fb:fd:f2:af:1b:f8:4c:6e:c6:38: 3a:e0:ab:70:be:17:6d:43:59:dd:45:e7:b5:97:35: 85:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:AD:8B:44:52:95:4B:91:B8:50:1A:62:D3:66:88:1C:4C:1A:61:BA X509v3 Authority Key Identifier: keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/2K2LRFKVS5G4UBpi02aIHEwaYbo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:3d00::/29 2a09:b680::/29 2a0f:c582::/32 2a10:c340:7000::/36 2a11:200:2000::/36 2a11:780::/29 2a11:b80::/29 Signature Algorithm: sha256WithRSAEncryption 68:91:dd:15:83:6a:49:b5:71:78:2f:04:bd:fd:78:d2:c4:5c: 80:c9:df:3b:eb:a8:bd:0c:70:c3:22:8b:14:f6:10:ac:43:6c: 30:2a:e9:17:f3:a4:13:c2:fc:91:04:c8:e4:6b:7a:a5:5d:b2: c2:d0:c3:bc:a3:bf:e9:44:b3:ba:5a:ab:a4:7f:e0:b3:32:76: ab:ec:40:dc:f3:65:56:da:8f:b3:f4:93:2b:28:c8:e9:1b:93: 04:34:c2:3d:82:bf:dd:da:d0:a2:1c:08:08:37:d8:8f:f7:b4: b1:41:ee:c1:79:d7:81:57:59:e6:68:00:2e:3a:ca:00:96:02: 38:c0:bf:31:ca:ef:03:65:45:4c:db:5f:f3:fd:bb:96:bb:81: d8:b0:75:0b:ed:ce:94:f8:a9:a7:ea:32:d4:72:d1:2b:16:af: 70:af:6c:89:95:6b:f1:1a:54:f3:23:95:eb:6c:43:38:40:18: a2:f0:65:17:07:b1:7f:bd:bf:2c:66:7a:52:65:e0:52:a1:22: 69:74:3d:36:71:93:57:cd:67:5a:43:48:7a:43:77:61:ad:93: 8a:ff:1d:91:aa:79:f5:f5:19:cc:3e:60:a1:01:dd:31:1a:26: 3f:2d:f1:f6:e8:0f:4a:e2:4a:b6:07:25:03:44:3b:3d:dd:70: 37:2e:c2:3e -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt+OA9IGrg2hS8GjIocEMcSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3 NzliYjEwHhcNMjYwMTAyMTAxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGFkOGI0NDUyOTU0YjkxYjg1MDFhNjJkMzY2ODgxYzRjMWE2MWJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEJHg2XvX5H9OrFppY7IBqcfLfUg +T/Q0FNoN/l6yxdS76Wh5nApywD50YcGnl6PM4m3cD8ou9jnh7LYGte0KNg3s1Jh gzKe6BPTCfhYgt8sm1HFeNOPMDK+3TOgpqeQc7Qd6QOhND4q48LxPD6/99r5GuZg jnBnkpo2FA/BJAUO1lfUe2HhAuEQbUU1DrO5a9Wa+uNlDDB2QniOa5uBeUK5pG5W PM3zfhqGgzPvTDvqyHqDR3iZ9OPmDws1BRd4c/bFDpVBI774xYLdqWjIBiu3JZeP zhNMAps83SJzhqBGedzfMPv98q8b+Exuxjg64KtwvhdtQ1ndRee1lzWFQwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFNiti0RSlUuRuFAaYtNmiBxMGmG6MB8GA1UdIwQY MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt NmI0MzcyNjAyMDk2LzEvMksyTFJGS1ZTNUc0VUJwaTAyYUlIRXdhWWJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2 LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUDKgk9AAMF AyoJtoADBQAqD8WCAwYEKhDDQHADBgQqEQIAIAMFAyoRB4ADBQMqEQuAMA0GCSqG SIb3DQEBCwUAA4IBAQBokd0Vg2pJtXF4LwS9/XjSxFyAyd8766i9DHDDIosU9hCs Q2wwKukX86QTwvyRBMjka3qlXbLC0MO8o7/pRLO6Wqukf+CzMnar7EDc82VW2o+z 9JMrKMjpG5MENMI9gr/d2tCiHAgIN9iP97SxQe7BedeBV1nmaAAuOsoAlgI4wL8x yu8DZUVM21/z/buWu4HYsHUL7c6U+Kmn6jLUctErFq9wr2yJlWvxGlTzI5XrbEM4 QBii8GUXB7F/vb8sZnpSZeBSoSJpdD02cZNXzWdaQ0h6Q3dhrZOK/x2Rqnn19RnM PmChAd0xGiY/LfH26A9K4kq2ByUDRDs93XA3LsI+ -----END CERTIFICATE-----Generated at Tue Jan 20 17:06:31 2026 by rpki-client