This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/II2FD1f4xCm3D1NbPKz8FS6h0Jc.roa File: II2FD1f4xCm3D1NbPKz8FS6h0Jc.roa (raw, json) Hash identifier: 7LsFeRZGlNF+Y+qphYoLdVC4raU4LnXBUOFidUeAFTk= Subject key identifier: 20:8D:85:0F:57:F8:C4:29:B7:0F:53:5B:3C:AC:FC:15:2E:A1:D0:97 Certificate issuer: /CN=cac9804e227eaac9ac09b0821fc07ee2817777b5 Certificate serial: 019B7A5B8C8A99635120185AEAB882ED16FF Authority key identifier: CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/II2FD1f4xCm3D1NbPKz8FS6h0Jc.roa Signing time: Thu 01 Jan 2026 16:19:38 +0000 ROA not before: Thu 01 Jan 2026 16:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 45.91.255.0/24 maxlen: 24 193.57.172.0/24 maxlen: 24 2a11:5ec0::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.mft rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:8c:8a:99:63:51:20:18:5a:ea:b8:82:ed:16:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cac9804e227eaac9ac09b0821fc07ee2817777b5 Validity Not Before: Jan 1 16:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=208d850f57f8c429b70f535b3cacfc152ea1d097 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:59:33:04:c3:7a:6f:46:47:ad:c1:59:7f:f2: b1:66:f9:22:61:da:9a:0f:f8:38:7c:2e:38:1d:cf: 1e:32:49:37:ac:fe:a2:5d:4b:e7:ab:19:ad:7a:17: 2b:44:50:72:68:ae:c7:ba:ad:31:ce:48:f5:96:99: 28:82:42:05:43:71:e9:29:d7:fa:38:1c:27:2a:a9: 37:dd:d8:68:25:53:ba:ac:c6:ca:68:6a:7c:bb:99: 9c:b7:fc:b7:49:08:63:0a:34:b9:58:7d:4f:88:6f: 1c:84:ee:42:ac:96:aa:db:b2:54:6e:ff:73:d2:9a: b2:66:7a:cc:36:3c:0f:12:a5:87:61:8c:ec:f2:7b: ed:6f:97:eb:79:21:2e:62:20:df:53:70:b8:74:ff: 77:c2:4c:80:89:56:7d:c5:f5:90:0f:fc:ed:19:17: 1a:c3:4d:a0:df:2d:2a:9c:7a:30:ad:8d:4c:9e:fe: b8:21:66:e0:ac:25:44:7c:c5:a7:05:a2:ed:bc:7c: 0b:da:bd:ad:be:65:7a:4e:2d:67:3f:71:bf:13:5e: 85:1d:58:eb:67:2b:eb:1b:62:34:57:1f:d7:72:5b: 18:98:25:e8:69:f9:74:b5:2c:87:43:1c:89:2b:10: cd:5b:24:20:be:03:c8:58:48:82:6e:f6:21:63:cc: 27:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:8D:85:0F:57:F8:C4:29:B7:0F:53:5B:3C:AC:FC:15:2E:A1:D0:97 X509v3 Authority Key Identifier: keyid:CA:C9:80:4E:22:7E:AA:C9:AC:09:B0:82:1F:C0:7E:E2:81:77:77:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ysmATiJ-qsmsCbCCH8B-4oF3d7U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/II2FD1f4xCm3D1NbPKz8FS6h0Jc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/bcea5d-514e-4f52-b49a-90fb57d40ca7/1/ysmATiJ-qsmsCbCCH8B-4oF3d7U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.91.255.0/24 193.57.172.0/24 IPv6: 2a11:5ec0::/40 Signature Algorithm: sha256WithRSAEncryption 1f:60:09:3a:f6:b4:38:7b:43:78:60:d0:b9:d9:f9:b5:7c:62: 4d:a5:d9:bd:1e:24:25:4d:18:a9:ff:33:f7:49:47:35:21:9a: 2f:25:65:a1:3c:db:e8:da:31:71:75:02:31:e1:f3:47:d3:49: 02:3e:5e:e7:51:25:1c:39:11:96:52:0c:86:6e:85:25:0c:c9: 6e:9d:42:92:12:44:ad:a8:d4:4d:42:9f:67:9e:35:f0:3a:3d: 3e:3a:de:c0:24:8c:29:d2:5b:2a:bf:22:ca:0f:b4:6c:65:00: 7d:00:3b:3a:5c:ea:50:60:8e:5b:88:d3:6a:6b:96:a7:7a:b2: a9:51:dc:31:17:16:69:7c:8e:c5:5c:44:2e:8e:c3:7b:7e:ca: 36:f9:98:44:a9:7d:4a:b0:d5:9f:ea:c6:b8:2b:52:87:8e:9b: 60:c9:5b:45:6c:d1:cc:91:27:9e:c1:66:4f:8a:57:0b:1b:13: 29:7e:c7:77:da:87:d6:7b:e5:66:98:56:91:69:1e:b7:d8:3c: 4e:e0:e0:e5:f8:bb:ec:75:61:76:61:1d:29:cd:49:42:67:2c: 5a:4f:2b:fe:85:eb:00:08:fd:02:d8:21:44:e2:42:59:ab:3e: 9c:dc:af:89:13:f9:a0:5b:29:75:f4:19:75:ba:df:34:b9:3a: b7:24:df:47 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt6W4yKmWNRIBha6riC7Rb/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhYzk4MDRlMjI3ZWFhYzlhYzA5YjA4MjFmYzA3ZWUyODE3 Nzc3YjUwHhcNMjYwMTAxMTYxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDhkODUwZjU3ZjhjNDI5YjcwZjUzNWIzY2FjZmMxNTJlYTFkMDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FkzBMN6b0ZHrcFZf/KxZvkiYdqa D/g4fC44Hc8eMkk3rP6iXUvnqxmtehcrRFByaK7Huq0xzkj1lpkogkIFQ3HpKdf6 OBwnKqk33dhoJVO6rMbKaGp8u5mct/y3SQhjCjS5WH1PiG8chO5CrJaq27JUbv9z 0pqyZnrMNjwPEqWHYYzs8nvtb5freSEuYiDfU3C4dP93wkyAiVZ9xfWQD/ztGRca w02g3y0qnHowrY1Mnv64IWbgrCVEfMWnBaLtvHwL2r2tvmV6Ti1nP3G/E16FHVjr ZyvrG2I0Vx/XclsYmCXoafl0tSyHQxyJKxDNWyQgvgPIWEiCbvYhY8wnfwIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFCCNhQ9X+MQptw9TWzys/BUuodCXMB8GA1UdIwQY MBaAFMrJgE4ifqrJrAmwgh/AfuKBd3e1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXNtQVRpSi1xc21zQ2JDQ0g4Qi00b0YzZDdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9iY2VhNWQtNTE0ZS00ZjUyLWI0OWEt OTBmYjU3ZDQwY2E3LzEvSUkyRkQxZjR4Q20zRDFOYlBLejhGUzZoMEpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9iY2VhNWQtNTE0ZS00ZjUyLWI0OWEtOTBmYjU3ZDQwY2E3 LzEveXNtQVRpSi1xc21zQ2JDQ0g4Qi00b0YzZDdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQALVv/AwQA wTmsMA4EAgACMAgDBgAqEV7AADANBgkqhkiG9w0BAQsFAAOCAQEAH2AJOva0OHtD eGDQudn5tXxiTaXZvR4kJU0Yqf8z90lHNSGaLyVloTzb6NoxcXUCMeHzR9NJAj5e 51ElHDkRllIMhm6FJQzJbp1CkhJErajUTUKfZ5418Do9PjrewCSMKdJbKr8iyg+0 bGUAfQA7OlzqUGCOW4jTamuWp3qyqVHcMRcWaXyOxVxELo7De37KNvmYRKl9SrDV n+rGuCtSh46bYMlbRWzRzJEnnsFmT4pXCxsTKX7Hd9qH1nvlZphWkWket9g8TuDg 5fi77HVhdmEdKc1JQmcsWk8r/oXrAAj9AtghROJCWas+nNyviRP5oFspdfQZdbrf NLk6tyTfRw== -----END CERTIFICATE-----Generated at Fri Jan 9 00:58:31 2026 by rpki-client