This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/2r56-7c4rzlH_MkXpf4EVQxFefI.roa File: 2r56-7c4rzlH_MkXpf4EVQxFefI.roa (raw, json) Hash identifier: hSJijlNMgIG+anYeveOsK+OFXlzwcZe8DVit+XV01Ts= Subject key identifier: DA:BE:7A:FB:B7:38:AF:39:47:FC:C9:17:A5:FE:04:55:0C:45:79:F2 Certificate issuer: /CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99 Certificate serial: 019B7F14046BEB8052E293D9AB6F6CD110D8 Authority key identifier: 1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/2r56-7c4rzlH_MkXpf4EVQxFefI.roa Signing time: Fri 02 Jan 2026 14:19:36 +0000 ROA not before: Fri 02 Jan 2026 14:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206894 IP address blocks: 185.172.216.0/22 maxlen: 22 2a0b:2700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.crl rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.mft rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:04:6b:eb:80:52:e2:93:d9:ab:6f:6c:d1:10:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1dfc2b36514163d389ee8fe18f8e2343fa4ddc99 Validity Not Before: Jan 2 14:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dabe7afbb738af3947fcc917a5fe04550c4579f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:94:ba:c5:5f:df:c2:8d:62:7c:a1:6c:ca:76: 5f:8d:7e:00:02:05:16:8b:ba:5c:8d:59:77:2d:fe: 28:80:ae:60:b5:37:98:65:d0:43:66:96:7e:fd:0a: c2:65:9f:84:37:38:d2:1f:4c:55:86:27:79:f5:d5: f4:ca:94:ab:92:ef:2a:57:72:91:92:98:6d:bc:ab: be:41:94:b5:5c:e5:72:f5:57:71:a6:89:2e:4b:dc: 98:01:45:41:85:43:00:4e:41:5d:dc:14:e3:fc:c6: 97:04:b4:b5:28:9c:6b:9b:4e:1f:99:56:72:f1:f4: c3:ef:35:b9:34:7f:e4:85:8c:c3:b4:e2:30:f6:1c: 86:e5:2d:1a:ff:ce:05:06:4a:4a:5d:3e:6a:d6:57: cb:a6:d8:1c:32:fc:ef:46:b4:52:eb:18:ad:c6:1d: a5:c4:e2:e2:57:4a:4e:36:39:20:6a:37:c0:74:0e: 4d:a5:c5:4b:52:31:06:28:ae:f9:15:fd:78:af:f1: 5c:58:f9:5c:99:d0:5a:e5:f4:71:14:c9:d6:0f:46: 91:0a:52:eb:34:de:68:7a:c1:2a:ff:af:1e:70:72: 41:a9:33:5a:25:3f:a9:f2:22:54:f4:08:83:56:08: 1e:fe:38:c8:a5:f6:36:0d:56:1c:ed:08:cf:c7:b3: a1:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:BE:7A:FB:B7:38:AF:39:47:FC:C9:17:A5:FE:04:55:0C:45:79:F2 X509v3 Authority Key Identifier: keyid:1D:FC:2B:36:51:41:63:D3:89:EE:8F:E1:8F:8E:23:43:FA:4D:DC:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/2r56-7c4rzlH_MkXpf4EVQxFefI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/d929ab-4896-43e2-a876-01bed8782c7f/1/HfwrNlFBY9OJ7o_hj44jQ_pN3Jk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.172.216.0/22 IPv6: 2a0b:2700::/29 Signature Algorithm: sha256WithRSAEncryption 92:78:d0:5a:a5:4c:04:a0:b8:d9:49:3c:94:f6:22:63:58:f0: 13:d3:58:59:03:bf:13:7c:85:8a:c3:ca:3e:cd:53:ae:c4:43: af:6f:66:a0:0f:f4:ba:11:70:3b:20:6c:53:c7:85:cb:6f:f7: 75:fd:de:be:a8:a1:36:fc:54:8d:43:27:49:ac:7a:02:a0:2c: 0c:d1:bf:8e:ff:3f:76:8f:5e:42:ce:57:70:8a:d0:7e:5c:bb: 19:5e:55:85:c5:a2:0e:e2:44:60:4f:85:9e:66:8a:4b:66:be: 5d:84:2d:ea:79:18:f6:5c:ac:bf:e6:1b:56:74:23:d6:91:c3: 6d:88:35:23:4e:d2:c3:67:f8:6e:9b:71:a3:69:35:30:e6:01: bb:eb:44:18:aa:69:53:29:d4:50:0b:d3:2f:2e:be:a5:ca:b6: eb:d4:e6:cd:a7:06:45:93:61:78:e4:2c:ea:cd:08:ca:9f:09: a5:ea:eb:e9:d9:2c:a3:2f:0a:c6:6c:3f:99:38:15:c2:d8:88: 34:cc:8f:45:66:6e:f1:2c:d8:53:25:17:cc:de:ed:da:07:24: 61:3d:fb:7c:40:50:c6:fe:55:bc:49:08:f2:18:8f:76:d0:b7: eb:e3:17:e2:a9:8f:36:43:45:fe:bb:88:a5:01:1f:53:d4:af: 17:76:61:93 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FARr64BS4pPZq29s0RDYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkZmMyYjM2NTE0MTYzZDM4OWVlOGZlMThmOGUyMzQzZmE0 ZGRjOTkwHhcNMjYwMTAyMTQxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYWJlN2FmYmI3MzhhZjM5NDdmY2M5MTdhNWZlMDQ1NTBjNDU3OWYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpS6xV/fwo1ifKFsynZfjX4AAgUW i7pcjVl3Lf4ogK5gtTeYZdBDZpZ+/QrCZZ+ENzjSH0xVhid59dX0ypSrku8qV3KR kphtvKu+QZS1XOVy9VdxpokuS9yYAUVBhUMATkFd3BTj/MaXBLS1KJxrm04fmVZy 8fTD7zW5NH/khYzDtOIw9hyG5S0a/84FBkpKXT5q1lfLptgcMvzvRrRS6xitxh2l xOLiV0pONjkgajfAdA5NpcVLUjEGKK75Ff14r/FcWPlcmdBa5fRxFMnWD0aRClLr NN5oesEq/68ecHJBqTNaJT+p8iJU9AiDVgge/jjIpfY2DVYc7QjPx7OhjQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNq+evu3OK85R/zJF6X+BFUMRXnyMB8GA1UdIwQY MBaAFB38KzZRQWPTie6P4Y+OI0P6TdyZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGZ3ck5sRkJZOU9KN29faGo0NGpRX3BOM0prLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kOTI5YWItNDg5Ni00M2UyLWE4NzYt MDFiZWQ4NzgyYzdmLzEvMnI1Ni03YzRyemxIX01rWHBmNEVWUXhGZWZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9kOTI5YWItNDg5Ni00M2UyLWE4NzYtMDFiZWQ4NzgyYzdm LzEvSGZ3ck5sRkJZOU9KN29faGo0NGpRX3BOM0prLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazYMA0E AgACMAcDBQMqCycAMA0GCSqGSIb3DQEBCwUAA4IBAQCSeNBapUwEoLjZSTyU9iJj WPAT01hZA78TfIWKw8o+zVOuxEOvb2agD/S6EXA7IGxTx4XLb/d1/d6+qKE2/FSN QydJrHoCoCwM0b+O/z92j15CzldwitB+XLsZXlWFxaIO4kRgT4WeZopLZr5dhC3q eRj2XKy/5htWdCPWkcNtiDUjTtLDZ/hum3GjaTUw5gG760QYqmlTKdRQC9MvLr6l yrbr1ObNpwZFk2F45CzqzQjKnwml6uvp2SyjLwrGbD+ZOBXC2Ig0zI9FZm7xLNhT JRfM3u3aByRhPft8QFDG/lW8SQjyGI920Lfr4xfiqY82Q0X+u4ilAR9T1K8XdmGT -----END CERTIFICATE-----Generated at Mon Feb 9 22:57:34 2026 by rpki-client