This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/t2nvtC07fwfG4DJZdYyApeiuOoI.roa File: t2nvtC07fwfG4DJZdYyApeiuOoI.roa (raw, json) Hash identifier: Y4IHvCKtqY3mhfa2IhWhMpbzNg7eswOXZP8ib5pSXR4= Subject key identifier: B7:69:EF:B4:2D:3B:7F:07:C6:E0:32:59:75:8C:80:A5:E8:AE:3A:82 Certificate issuer: /CN=9f7432f699cbd249b2e3c9c55bdefaf83986b442 Certificate serial: 019B775937691E468FAB4CC7713C9FDAE38C Authority key identifier: 9F:74:32:F6:99:CB:D2:49:B2:E3:C9:C5:5B:DE:FA:F8:39:86:B4:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/t2nvtC07fwfG4DJZdYyApeiuOoI.roa Signing time: Thu 01 Jan 2026 02:18:13 +0000 ROA not before: Thu 01 Jan 2026 02:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43757 IP address blocks: 78.31.24.0/21 maxlen: 21 192.108.126.0/24 maxlen: 24 2001:67c:1578::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/n3Qy9pnL0kmy48nFW976-DmGtEI.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/n3Qy9pnL0kmy48nFW976-DmGtEI.mft rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:37:69:1e:46:8f:ab:4c:c7:71:3c:9f:da:e3:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f7432f699cbd249b2e3c9c55bdefaf83986b442 Validity Not Before: Jan 1 02:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b769efb42d3b7f07c6e03259758c80a5e8ae3a82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:23:5d:46:b0:b9:25:da:a5:12:42:1d:2a:4d: 04:6c:3e:e5:97:7d:b5:aa:8b:39:f7:61:12:d1:a4: 64:97:84:18:2d:3d:24:2a:56:55:b1:f6:06:11:cf: c8:44:dd:ee:1b:3a:73:2d:d5:3a:cd:8d:51:0d:f0: f1:74:f7:a1:6e:29:e5:38:e6:a8:e0:29:45:e1:1c: 06:23:13:a3:65:a5:cc:e6:43:4e:c5:7f:cc:9a:d7: 8e:e9:de:44:91:9a:1b:eb:5c:83:73:af:58:b6:7f: cf:a4:9c:7d:7d:a3:d0:01:c2:c6:e6:34:b8:c9:a2: f8:60:94:7b:60:4b:1f:56:17:2e:9d:ab:c5:3f:85: 60:a1:71:5a:1d:14:5a:c4:ec:98:ba:0b:89:63:6c: ae:60:b6:e7:2e:a6:d3:f5:73:99:6e:02:19:69:16: e5:a2:20:78:e6:1c:c9:dc:69:87:b9:a1:f9:7c:53: ea:82:3e:6b:fc:61:93:13:5b:51:47:0c:c3:58:89: f8:62:e6:97:bc:b5:d4:44:f6:4b:2f:1f:41:73:75: 2f:eb:34:51:87:a5:2b:c6:4a:b9:25:c7:96:34:2d: 7a:df:9c:70:6f:0b:a7:b5:39:7a:71:47:9d:26:92: e0:45:f2:37:66:c9:f9:2c:fe:a8:29:a1:92:24:ca: 1c:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:69:EF:B4:2D:3B:7F:07:C6:E0:32:59:75:8C:80:A5:E8:AE:3A:82 X509v3 Authority Key Identifier: keyid:9F:74:32:F6:99:CB:D2:49:B2:E3:C9:C5:5B:DE:FA:F8:39:86:B4:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n3Qy9pnL0kmy48nFW976-DmGtEI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/t2nvtC07fwfG4DJZdYyApeiuOoI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/0cf187-ecb3-4b42-91e4-6addfcb18f99/1/n3Qy9pnL0kmy48nFW976-DmGtEI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.31.24.0/21 192.108.126.0/24 IPv6: 2001:67c:1578::/48 Signature Algorithm: sha256WithRSAEncryption 0e:9c:1f:8a:8a:5f:d8:9c:08:c1:d4:92:ab:76:de:0d:de:70: 5a:55:d6:05:83:3f:0d:73:9a:ee:0e:fd:74:68:23:b4:62:2f: 57:83:d0:aa:96:49:7d:36:dd:0d:ab:4d:d6:fd:cc:a5:a6:67: ed:a4:f3:6e:0f:5f:66:3c:5e:aa:81:97:a6:8b:11:e9:14:6f: 72:72:f3:03:32:1a:93:9d:90:03:80:ad:fb:cd:f5:bf:b4:c1: b9:c0:aa:a7:8a:00:de:3b:82:3a:d3:14:8c:7d:b7:1d:ad:80: cf:77:65:fe:37:03:28:c4:66:66:4f:6f:d1:f7:aa:15:bc:22: 0c:00:c7:ea:34:32:a5:09:fc:57:c8:36:25:ec:63:a4:c0:27: 99:67:e2:b9:a6:34:3d:b2:fd:a8:0c:39:39:45:7a:86:53:ed: f0:96:3d:35:8b:cb:14:ac:7a:52:a2:45:4d:a8:24:3f:a6:07: d9:85:5c:4d:59:65:b0:34:32:74:d5:87:46:c7:b8:42:92:24: 32:54:a8:66:d6:ab:16:6e:50:1e:cd:42:84:67:a2:d5:70:7c: 2d:bc:7a:49:bd:8f:86:34:56:9d:85:b4:79:d2:01:36:92:70: 51:23:f6:26:65:81:cc:94:51:be:1c:d5:5f:4b:aa:c2:3c:fa: a7:cc:da:07 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt3WTdpHkaPq0zHcTyf2uOMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmNzQzMmY2OTljYmQyNDliMmUzYzljNTViZGVmYWY4Mzk4 NmI0NDIwHhcNMjYwMTAxMDIxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNzY5ZWZiNDJkM2I3ZjA3YzZlMDMyNTk3NThjODBhNWU4YWUzYTgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCNdRrC5JdqlEkIdKk0EbD7ll321 qos592ES0aRkl4QYLT0kKlZVsfYGEc/IRN3uGzpzLdU6zY1RDfDxdPehbinlOOao 4ClF4RwGIxOjZaXM5kNOxX/MmteO6d5EkZob61yDc69Ytn/PpJx9faPQAcLG5jS4 yaL4YJR7YEsfVhcunavFP4VgoXFaHRRaxOyYuguJY2yuYLbnLqbT9XOZbgIZaRbl oiB45hzJ3GmHuaH5fFPqgj5r/GGTE1tRRwzDWIn4YuaXvLXURPZLLx9Bc3Uv6zRR h6Urxkq5JceWNC1635xwbwuntTl6cUedJpLgRfI3Zsn5LP6oKaGSJMocyQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFLdp77QtO38HxuAyWXWMgKXorjqCMB8GA1UdIwQY MBaAFJ90MvaZy9JJsuPJxVve+vg5hrRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbjNReTlwbkwwa215NDhuRlc5NzYtRG1HdEVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8wY2YxODctZWNiMy00YjQyLTkxZTQt NmFkZGZjYjE4Zjk5LzEvdDJudnRDMDdmd2ZHNERKWmRZeUFwZWl1T29JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi8wY2YxODctZWNiMy00YjQyLTkxZTQtNmFkZGZjYjE4Zjk5 LzEvbjNReTlwbkwwa215NDhuRlc5NzYtRG1HdEVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDTh8YAwQA wGx+MA8EAgACMAkDBwAgAQZ8FXgwDQYJKoZIhvcNAQELBQADggEBAA6cH4qKX9ic CMHUkqt23g3ecFpV1gWDPw1zmu4O/XRoI7RiL1eD0KqWSX023Q2rTdb9zKWmZ+2k 824PX2Y8XqqBl6aLEekUb3Jy8wMyGpOdkAOArfvN9b+0wbnAqqeKAN47gjrTFIx9 tx2tgM93Zf43AyjEZmZPb9H3qhW8IgwAx+o0MqUJ/FfINiXsY6TAJ5ln4rmmND2y /agMOTlFeoZT7fCWPTWLyxSselKiRU2oJD+mB9mFXE1ZZbA0MnTVh0bHuEKSJDJU qGbWqxZuUB7NQoRnotVwfC28ekm9j4Y0Vp2FtHnSATaScFEj9iZlgcyUUb4c1V9L qsI8+qfM2gc= -----END CERTIFICATE-----Generated at Mon Feb 9 21:25:14 2026 by rpki-client