This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/g2mfEORB4KTxQPtrqS9KmJwGt60.roa File: g2mfEORB4KTxQPtrqS9KmJwGt60.roa (raw, json) Hash identifier: ckCX/PTaFOHfPb57/FfMCnl07XdvXwOjflYamRZ+ttU= Subject key identifier: 83:69:9F:10:E4:41:E0:A4:F1:40:FB:6B:A9:2F:4A:98:9C:06:B7:AD Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900 Certificate serial: 019B7E3838A7EC4E5B2224E176DD022915C8 Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/g2mfEORB4KTxQPtrqS9KmJwGt60.roa Signing time: Fri 02 Jan 2026 10:19:32 +0000 ROA not before: Fri 02 Jan 2026 10:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31257 IP address blocks: 80.65.16.0/20 maxlen: 24 94.73.192.0/18 maxlen: 24 109.226.192.0/19 maxlen: 24 109.226.224.0/20 maxlen: 24 109.226.240.0/22 maxlen: 24 109.226.244.0/22 maxlen: 24 109.226.249.0/24 maxlen: 24 109.226.250.0/23 maxlen: 24 109.226.252.0/22 maxlen: 24 171.33.248.0/21 maxlen: 24 2a05:7400::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:38:a7:ec:4e:5b:22:24:e1:76:dd:02:29:15:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900 Validity Not Before: Jan 2 10:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=83699f10e441e0a4f140fb6ba92f4a989c06b7ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:2f:ca:96:d0:25:cc:d9:79:19:35:5b:cb:48: b2:94:a8:d0:ed:aa:b2:2f:ea:32:5a:57:77:bb:98: 3f:71:b7:53:91:2f:e2:8b:60:47:15:3a:bd:2f:e1: 67:a1:94:f6:ce:9b:f8:1b:6f:4d:33:7b:81:54:50: 3f:e9:cf:71:3a:ad:af:d6:6b:97:e2:24:a6:f5:81: 46:49:99:e9:03:1b:15:ae:d0:95:b8:51:b3:60:82: 42:3c:f9:f6:24:7c:b6:64:05:5d:a8:33:c8:96:f5: da:85:87:29:ff:9b:08:06:3d:0d:12:f1:09:50:8e: 23:56:f3:e7:20:59:5b:1b:31:30:b3:83:7c:96:c8: a9:48:b7:fe:62:19:42:cb:d5:e4:86:29:b9:c7:60: 57:db:79:10:6b:3c:58:ac:c0:63:80:95:8a:99:1f: 81:1b:76:30:d1:0d:49:2d:1c:6f:b2:13:23:62:46: 85:6a:de:67:42:a2:6a:f1:40:60:0a:72:1d:2b:59: af:b3:54:ae:5a:ad:18:df:ef:b6:a3:a2:1f:a9:32: 1a:7f:b9:95:e6:cb:82:71:e0:52:d0:18:ed:2a:5b: 45:2d:5c:1b:46:f2:ee:76:52:3d:7c:f6:48:7c:e8: f7:53:6c:16:d0:1e:10:20:ab:04:1a:7e:a1:8d:68: a6:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:69:9F:10:E4:41:E0:A4:F1:40:FB:6B:A9:2F:4A:98:9C:06:B7:AD X509v3 Authority Key Identifier: keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/g2mfEORB4KTxQPtrqS9KmJwGt60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.65.16.0/20 94.73.192.0/18 109.226.192.0-109.226.247.255 109.226.249.0-109.226.255.255 171.33.248.0/21 IPv6: 2a05:7400::/34 Signature Algorithm: sha256WithRSAEncryption 38:cc:bf:3c:c9:cf:65:c2:69:64:79:80:38:59:02:ec:7d:07: 6c:d1:8c:eb:23:e6:88:36:b8:e7:04:56:ec:d2:8e:a7:8e:35: 51:fb:6c:a5:e2:71:df:8a:c1:4c:26:03:19:f7:01:f5:4b:1a: 6f:c4:53:40:43:c8:fe:23:03:a0:1d:c3:24:58:1f:d3:d2:e2: d8:19:fb:fe:60:20:32:64:18:63:f9:d9:8e:37:7b:10:2d:c5: f7:f0:4a:06:2c:de:2f:c5:84:91:5a:5d:33:b3:50:21:2b:e9: ad:8e:63:ea:38:a5:7c:48:83:cb:b1:d4:fd:c6:a4:8e:b9:7c: 3f:d5:b6:70:c7:a6:a1:60:f4:d3:ac:81:b7:4b:a9:f0:76:b0: d9:6c:85:e5:61:31:2c:87:08:85:0b:32:bf:d8:99:87:39:c2: d6:2d:6c:1a:86:dc:05:3a:03:77:ee:d7:eb:fb:56:ef:11:63: 21:98:c8:a9:eb:58:5c:3f:b2:85:bd:74:42:37:70:1b:9b:65: 84:e1:08:6c:53:0a:62:7d:6b:9e:f4:f8:e3:a4:78:fd:dd:00: d6:1d:10:67:f7:11:5a:3b:97:0f:a0:3c:b3:48:ed:1b:cb:15: cb:7b:bf:90:76:9a:42:27:20:b2:75:cd:3b:15:51:d4:87:6a: bd:a5:3b:6d -----BEGIN CERTIFICATE----- MIIFNDCCBBygAwIBAgISAZt+ODin7E5bIiThdt0CKRXIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1 M2U5MDAwHhcNMjYwMTAyMTAxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzY5OWYxMGU0NDFlMGE0ZjE0MGZiNmJhOTJmNGE5ODljMDZiN2FkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty/KltAlzNl5GTVby0iylKjQ7aqy L+oyWld3u5g/cbdTkS/ii2BHFTq9L+FnoZT2zpv4G29NM3uBVFA/6c9xOq2v1muX 4iSm9YFGSZnpAxsVrtCVuFGzYIJCPPn2JHy2ZAVdqDPIlvXahYcp/5sIBj0NEvEJ UI4jVvPnIFlbGzEws4N8lsipSLf+YhlCy9Xkhim5x2BX23kQazxYrMBjgJWKmR+B G3Yw0Q1JLRxvshMjYkaFat5nQqJq8UBgCnIdK1mvs1SuWq0Y3++2o6IfqTIaf7mV 5suCceBS0BjtKltFLVwbRvLudlI9fPZIfOj3U2wW0B4QIKsEGn6hjWim7QIDAQAB o4ICQDCCAjwwHQYDVR0OBBYEFINpnxDkQeCk8UD7a6kvSpicBretMB8GA1UdIwQY MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et YzZmMWU2YWM5YmE5LzEvZzJtZkVPUkI0S1R4UVB0cnFTOUttSndHdDYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5 LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAzBAIAATAtAwQEUEEQAwQG XknAMAwDBAZt4sADBANt4vAwCwMEAG3i+QMDAG3iAwQDqyH4MA4EAgACMAgDBgYq BXQAADANBgkqhkiG9w0BAQsFAAOCAQEAOMy/PMnPZcJpZHmAOFkC7H0HbNGM6yPm iDa45wRW7NKOp441UftspeJx34rBTCYDGfcB9Usab8RTQEPI/iMDoB3DJFgf09Li 2Bn7/mAgMmQYY/nZjjd7EC3F9/BKBizeL8WEkVpdM7NQISvprY5j6jilfEiDy7HU /cakjrl8P9W2cMemoWD006yBt0up8Haw2WyF5WExLIcIhQsyv9iZhznC1i1sGobc BToDd+7X6/tW7xFjIZjIqetYXD+yhb10QjdwG5tlhOEIbFMKYn1rnvT446R4/d0A 1h0QZ/cRWjuXD6A8s0jtG8sVy3u/kHaaQicgsnXNOxVR1IdqvaU7bQ== -----END CERTIFICATE-----Generated at Mon Feb 9 21:00:23 2026 by rpki-client