This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/2ztr66xhOcOr2Kq6L1D4fEoRjwo.roa File: 2ztr66xhOcOr2Kq6L1D4fEoRjwo.roa (raw, json) Hash identifier: amz+yTvX9x7rzj0FFfB2aTlKhOEfzIXqA7tCgNwl8L8= Subject key identifier: DB:3B:6B:EB:AC:61:39:C3:AB:D8:AA:BA:2F:50:F8:7C:4A:11:8F:0A Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df Certificate serial: 019B7B3694478760772A71B09FA0F49372A0 Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/2ztr66xhOcOr2Kq6L1D4fEoRjwo.roa Signing time: Thu 01 Jan 2026 20:18:52 +0000 ROA not before: Thu 01 Jan 2026 20:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 40994 IP address blocks: 31.14.17.0/24 maxlen: 24 46.102.156.0/24 maxlen: 24 46.102.157.0/24 maxlen: 24 83.138.55.0/24 maxlen: 24 86.106.182.0/23 maxlen: 24 94.177.8.0/23 maxlen: 24 104.143.0.0/23 maxlen: 24 110.172.148.0/24 maxlen: 24 193.219.97.0/24 maxlen: 24 203.34.137.0/24 maxlen: 24 203.98.67.0/24 maxlen: 24 204.154.104.0/22 maxlen: 24 205.147.200.0/23 maxlen: 24 2a0d:f302::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.mft rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:94:47:87:60:77:2a:71:b0:9f:a0:f4:93:72:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df Validity Not Before: Jan 1 20:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db3b6bebac6139c3abd8aaba2f50f87c4a118f0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:90:57:a7:5c:9b:a7:69:25:c0:9f:6d:09:ea: 81:45:59:cd:d1:d6:8e:13:36:df:88:98:15:e8:d6: 1d:fb:5a:11:08:df:4b:a6:31:7a:64:8b:5a:76:e2: 06:fe:15:23:7b:67:c7:dc:10:d5:8f:67:de:f8:49: 43:70:23:37:a5:78:e2:93:29:da:8e:b7:99:9c:db: c3:bf:dc:63:3d:a8:ca:fc:3a:bc:38:b3:d3:d9:df: 1a:68:ee:5a:93:fe:da:35:55:62:df:d6:b1:4d:53: ce:85:66:cf:32:a1:54:29:2d:23:7f:ab:cb:77:9c: f9:e5:f4:23:79:b9:37:f9:bf:bc:f9:8a:ea:42:45: 04:6c:85:39:1d:14:09:c3:a6:59:f4:c9:13:2d:b8: b2:f1:2d:dd:f7:e8:cc:ce:a3:79:f8:fe:4c:db:14: f1:8a:4b:14:25:79:f4:96:e7:bd:50:f8:3f:dd:99: e1:69:13:a9:06:3b:7e:6d:0c:35:0e:eb:3d:d2:72: 96:48:7b:01:b4:f5:db:e7:42:d9:c4:6b:98:20:f4: 26:3d:19:ee:b0:ff:6c:a3:b9:64:ab:d8:c4:87:42: 32:41:af:39:f6:80:dd:56:24:69:67:3d:de:40:82: 58:46:cf:1a:c0:48:ab:d0:9a:a3:5b:85:4b:26:9c: 85:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:3B:6B:EB:AC:61:39:C3:AB:D8:AA:BA:2F:50:F8:7C:4A:11:8F:0A X509v3 Authority Key Identifier: keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/2ztr66xhOcOr2Kq6L1D4fEoRjwo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.17.0/24 46.102.156.0/23 83.138.55.0/24 86.106.182.0/23 94.177.8.0/23 104.143.0.0/23 110.172.148.0/24 193.219.97.0/24 203.34.137.0/24 203.98.67.0/24 204.154.104.0/22 205.147.200.0/23 IPv6: 2a0d:f302::/32 Signature Algorithm: sha256WithRSAEncryption 3f:da:4c:6d:57:d6:f6:a0:c4:3a:aa:61:c5:93:eb:31:2d:b3: 5e:3f:ef:91:65:44:64:34:f3:6b:d8:9d:8f:2f:11:51:c0:84: 71:ab:d8:09:bb:a2:d6:96:39:21:d0:de:8a:32:8d:bc:ac:9f: d7:89:b1:3f:23:67:9c:60:45:2c:91:c5:b5:48:06:8e:11:1e: cb:65:f0:d2:d1:0d:d6:74:7f:f0:c5:61:5e:02:2a:7b:e2:69: 8f:d5:c6:dd:72:0f:bb:79:97:d8:ae:40:64:f9:11:6e:80:41: c4:12:aa:c2:34:ca:fa:bc:31:6e:63:e8:8d:f3:9a:b8:15:d2: ea:b5:63:fe:e8:e6:cd:9a:cf:94:07:38:92:37:11:80:ca:55: 62:47:d1:0c:71:a6:4a:92:70:55:9e:fc:20:03:29:e5:8c:63: a4:15:be:b1:d8:ef:3d:09:88:84:40:bc:6f:b2:13:ad:4a:76: d3:e1:0a:14:7a:61:4f:d8:63:3a:54:9b:a5:23:5e:04:61:ec: ec:78:b0:86:92:12:f4:d8:f5:52:ed:f2:50:c3:06:6f:5b:cc: d5:40:57:49:ab:3f:10:45:6d:91:2a:09:f2:b0:00:38:a7:0c: be:2e:0b:4a:5a:36:15:41:4a:7a:fa:d3:af:7c:1a:4a:b0:dc: 7c:5c:3f:ce -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgISAZt7NpRHh2B3KnGwn6D0k3KgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx ZjgzZGYwHhcNMjYwMTAxMjAxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjNiNmJlYmFjNjEzOWMzYWJkOGFhYmEyZjUwZjg3YzRhMTE4ZjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5BXp1ybp2klwJ9tCeqBRVnN0daO EzbfiJgV6NYd+1oRCN9LpjF6ZItaduIG/hUje2fH3BDVj2fe+ElDcCM3pXjikyna jreZnNvDv9xjPajK/Dq8OLPT2d8aaO5ak/7aNVVi39axTVPOhWbPMqFUKS0jf6vL d5z55fQjebk3+b+8+YrqQkUEbIU5HRQJw6ZZ9MkTLbiy8S3d9+jMzqN5+P5M2xTx iksUJXn0lue9UPg/3ZnhaROpBjt+bQw1Dus90nKWSHsBtPXb50LZxGuYIPQmPRnu sP9so7lkq9jEh0IyQa859oDdViRpZz3eQIJYRs8awEir0JqjW4VLJpyFHQIDAQAB o4ICWjCCAlYwHQYDVR0OBBYEFNs7a+usYTnDq9iqui9Q+HxKEY8KMB8GA1UdIwQY MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt NTg1N2YxYzE3NjI0LzEvMnp0cjY2eGhPY09yMktxNkwxRDRmRW9SandvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0 LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAHw4RAwQB LmacAwQAU4o3AwQBVmq2AwQBXrEIAwQBaI8AAwQAbqyUAwQAwdthAwQAyyKJAwQA y2JDAwQCzJpoAwQBzZPIMA0EAgACMAcDBQAqDfMCMA0GCSqGSIb3DQEBCwUAA4IB AQA/2kxtV9b2oMQ6qmHFk+sxLbNeP++RZURkNPNr2J2PLxFRwIRxq9gJu6LWljkh 0N6KMo28rJ/XibE/I2ecYEUskcW1SAaOER7LZfDS0Q3WdH/wxWFeAip74mmP1cbd cg+7eZfYrkBk+RFugEHEEqrCNMr6vDFuY+iN85q4FdLqtWP+6ObNms+UBziSNxGA ylViR9EMcaZKknBVnvwgAynljGOkFb6x2O89CYiEQLxvshOtSnbT4QoUemFP2GM6 VJulI14EYezseLCGkhL02PVS7fJQwwZvW8zVQFdJqz8QRW2RKgnysAA4pwy+LgtK WjYVQUp6+tOvfBpKsNx8XD/O -----END CERTIFICATE-----Generated at Wed Jan 21 01:09:26 2026 by rpki-client