This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/2Yztgl1JDQiHLbJTugznfEzk5Qc.roa File: 2Yztgl1JDQiHLbJTugznfEzk5Qc.roa (raw, json) Hash identifier: jSITK3S0lez0+624vvcXLxi93dFSIlVEaD28cVt/Qe0= Subject key identifier: D9:8C:ED:82:5D:49:0D:08:87:2D:B2:53:BA:0C:E7:7C:4C:E4:E5:07 Certificate issuer: /CN=1713129ef4fa454e0f0ac407e008e957a1b795a0 Certificate serial: 019B7F15B5F1744FAFB864073E893F3B8961 Authority key identifier: 17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/2Yztgl1JDQiHLbJTugznfEzk5Qc.roa Signing time: Fri 02 Jan 2026 14:21:27 +0000 ROA not before: Fri 02 Jan 2026 14:21:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204786 IP address blocks: 185.240.52.0/22 maxlen: 24 2a0c:7280::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/FxMSnvT6RU4PCsQH4AjpV6G3laA.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/FxMSnvT6RU4PCsQH4AjpV6G3laA.mft rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:b5:f1:74:4f:af:b8:64:07:3e:89:3f:3b:89:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1713129ef4fa454e0f0ac407e008e957a1b795a0 Validity Not Before: Jan 2 14:21:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d98ced825d490d08872db253ba0ce77c4ce4e507 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:73:68:4b:b5:15:3e:63:46:f6:55:d4:cd:80: fd:25:dd:3c:81:d0:08:4e:d4:77:20:29:ec:76:fa: 9a:4d:08:06:22:6b:61:36:0e:be:51:24:0b:a1:cc: 94:ea:80:12:bb:98:54:d2:d2:c9:7d:10:b2:45:cd: fe:93:10:99:e5:9e:90:50:be:ad:f5:9e:7e:90:11: 2e:f7:31:37:a8:6b:6b:90:55:8f:2f:e8:38:2e:bc: 64:ed:28:fc:48:97:6a:56:c0:29:9c:b3:0f:c3:b3: c8:27:6e:08:53:9e:31:60:48:bb:a3:57:73:02:5e: aa:a0:ae:da:9a:08:89:aa:63:bf:0f:ab:4b:22:c1: ec:8e:93:8a:c2:16:4e:b4:cc:72:98:de:1e:3f:14: 56:9e:76:11:19:d8:91:b5:2e:80:10:da:7c:ab:dd: 81:28:f2:f7:66:f6:ca:40:1d:4b:41:62:2f:90:50: 26:3b:bc:89:df:c8:21:e6:75:42:70:7f:6a:39:b2: a7:7c:55:f6:f6:cc:9e:4b:83:07:4d:69:3b:25:e7: fb:80:a5:3a:48:26:9d:38:a5:f8:20:e2:d0:74:6b: 8f:c1:af:33:54:96:71:ec:ae:ac:03:b8:96:62:d5: f1:a9:53:59:7d:ad:4e:fc:23:5c:b3:de:47:05:26: 4c:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:8C:ED:82:5D:49:0D:08:87:2D:B2:53:BA:0C:E7:7C:4C:E4:E5:07 X509v3 Authority Key Identifier: keyid:17:13:12:9E:F4:FA:45:4E:0F:0A:C4:07:E0:08:E9:57:A1:B7:95:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FxMSnvT6RU4PCsQH4AjpV6G3laA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/2Yztgl1JDQiHLbJTugznfEzk5Qc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/157299-9d1c-4c5b-9a41-c25fdc4ca2f6/1/FxMSnvT6RU4PCsQH4AjpV6G3laA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.240.52.0/22 IPv6: 2a0c:7280::/29 Signature Algorithm: sha256WithRSAEncryption 5d:64:7d:0c:01:53:ad:ab:17:0f:1f:bb:0c:bd:02:46:7f:4c: d1:bc:a9:08:60:96:95:98:7d:b3:35:14:4c:49:a7:49:9c:3c: 5d:25:f2:78:b3:36:4c:43:72:95:d0:86:4d:5b:34:db:0c:82: 2c:f8:9f:bc:12:50:7f:9e:f8:f8:41:a0:82:d3:48:01:d0:7a: d7:b7:4e:3e:dc:a0:5b:3e:60:ce:30:f4:38:af:ed:04:1c:94: 9c:19:2a:3c:21:d7:92:8e:ab:43:3f:3c:c2:ef:47:ec:27:dd: 51:01:d2:85:c2:5a:1c:08:4f:8f:92:3e:80:6a:ce:27:21:07: f3:30:74:75:5a:6f:ce:2c:9e:9d:09:ad:87:04:ca:10:eb:d1: cd:39:17:5c:fb:8f:17:52:cf:2e:95:3d:06:fe:8d:9f:28:1f: 0e:34:85:b3:1b:12:9c:b0:b2:aa:38:a0:54:b0:f6:53:5a:ed: 33:07:ad:0a:b0:bf:b3:eb:cf:50:56:73:a0:66:c1:2d:83:bc: a5:12:61:22:7f:cb:a7:61:54:57:84:50:c9:ff:c9:9c:65:4f: a9:9c:c2:cf:d5:40:8a:2a:ec:3b:0c:72:e7:8c:df:e3:61:58: 1b:de:cf:c9:93:73:a2:01:b4:25:fb:b7:62:ff:16:20:f3:7c: 64:48:5c:16 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FbXxdE+vuGQHPok/O4lhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3MTMxMjllZjRmYTQ1NGUwZjBhYzQwN2UwMDhlOTU3YTFi Nzk1YTAwHhcNMjYwMTAyMTQyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOThjZWQ4MjVkNDkwZDA4ODcyZGIyNTNiYTBjZTc3YzRjZTRlNTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHNoS7UVPmNG9lXUzYD9Jd08gdAI TtR3ICnsdvqaTQgGImthNg6+USQLocyU6oASu5hU0tLJfRCyRc3+kxCZ5Z6QUL6t 9Z5+kBEu9zE3qGtrkFWPL+g4Lrxk7Sj8SJdqVsApnLMPw7PIJ24IU54xYEi7o1dz Al6qoK7amgiJqmO/D6tLIsHsjpOKwhZOtMxymN4ePxRWnnYRGdiRtS6AENp8q92B KPL3ZvbKQB1LQWIvkFAmO7yJ38gh5nVCcH9qObKnfFX29syeS4MHTWk7Jef7gKU6 SCadOKX4IOLQdGuPwa8zVJZx7K6sA7iWYtXxqVNZfa1O/CNcs95HBSZMeQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNmM7YJdSQ0Ihy2yU7oM53xM5OUHMB8GA1UdIwQY MBaAFBcTEp70+kVODwrEB+AI6Veht5WgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEt YzI1ZmRjNGNhMmY2LzEvMll6dGdsMUpEUWlITGJKVHVnem5mRXprNVFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8xNTcyOTktOWQxYy00YzViLTlhNDEtYzI1ZmRjNGNhMmY2 LzEvRnhNU252VDZSVTRQQ3NRSDRBanBWNkczbGFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufA0MA0E AgACMAcDBQMqDHKAMA0GCSqGSIb3DQEBCwUAA4IBAQBdZH0MAVOtqxcPH7sMvQJG f0zRvKkIYJaVmH2zNRRMSadJnDxdJfJ4szZMQ3KV0IZNWzTbDIIs+J+8ElB/nvj4 QaCC00gB0HrXt04+3KBbPmDOMPQ4r+0EHJScGSo8IdeSjqtDPzzC70fsJ91RAdKF wlocCE+Pkj6Aas4nIQfzMHR1Wm/OLJ6dCa2HBMoQ69HNORdc+48XUs8ulT0G/o2f KB8ONIWzGxKcsLKqOKBUsPZTWu0zB60KsL+z689QVnOgZsEtg7ylEmEif8unYVRX hFDJ/8mcZU+pnMLP1UCKKuw7DHLnjN/jYVgb3s/Jk3OiAbQl+7di/xYg83xkSFwW -----END CERTIFICATE-----Generated at Tue Feb 10 03:11:27 2026 by rpki-client