This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2v1pQuTwC884qOqMuPFIGe3hLEM.roa File: 2v1pQuTwC884qOqMuPFIGe3hLEM.roa (raw, json) Hash identifier: 9QYXHAznoJYbVxUrvlkB+2xgeSleEtgz8F3cc5bCAvg= Subject key identifier: DA:FD:69:42:E4:F0:0B:CF:38:A8:EA:8C:B8:F1:48:19:ED:E1:2C:43 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C744F6B9F914F22D771C1AC139D6D5 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2v1pQuTwC884qOqMuPFIGe3hLEM.roa Signing time: Thu 01 Jan 2026 04:18:26 +0000 ROA not before: Thu 01 Jan 2026 04:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 22516 IP address blocks: 89.34.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:44:f6:b9:f9:14:f2:2d:77:1c:1a:c1:39:d6:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dafd6942e4f00bcf38a8ea8cb8f14819ede12c43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8a:a7:72:3f:e8:d3:fb:7b:5a:ae:38:0c:f8: 0f:d3:82:18:17:6e:37:8c:c1:cf:ab:a4:a8:1e:a5: f5:3f:e1:b7:17:32:f1:f0:1d:ac:75:60:61:2d:6a: 5d:be:b2:c1:51:c6:72:3d:50:69:c3:1c:d6:5f:19: fb:37:a7:03:70:ad:8c:cd:ae:46:ac:f3:e1:dd:8b: 23:a3:d7:c4:d0:04:63:4c:0e:35:ba:1c:ab:ab:b1: 5d:3e:b7:46:49:2f:93:d1:eb:9f:08:16:64:ae:50: c4:53:ff:e6:06:b1:73:42:3a:0a:92:4d:be:01:64: 64:19:14:27:38:e1:bd:8b:80:66:e0:87:89:ab:c6: bc:1d:28:1b:8e:9b:ca:75:2b:88:eb:5e:83:50:0f: 91:32:40:3f:1d:6f:82:0a:02:c9:ca:35:2e:fd:e1: 6f:e5:a7:a5:f2:28:ca:38:89:86:57:d7:19:43:5a: a0:55:2c:a5:94:77:02:fe:e2:9f:a3:70:06:42:b0: 91:c8:44:f9:72:7c:2e:40:08:37:11:83:90:e9:ca: 9c:7b:3a:38:b5:27:1c:63:be:7e:11:c3:8f:0d:08: 9a:ec:b6:8a:5a:8c:af:de:57:4a:ec:f3:6b:c6:fb: b7:4c:c6:c6:11:ae:ea:7c:f7:3e:f0:e8:24:49:0e: b3:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:FD:69:42:E4:F0:0B:CF:38:A8:EA:8C:B8:F1:48:19:ED:E1:2C:43 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/2v1pQuTwC884qOqMuPFIGe3hLEM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.34.171.0/24 Signature Algorithm: sha256WithRSAEncryption 15:f1:31:6b:ee:8b:2f:3d:22:fb:f7:f9:b7:d9:c9:25:de:5e: cb:8a:17:10:73:05:9a:3b:6e:ac:8f:b8:f2:c8:9e:46:70:6c: fe:0e:0b:4b:1a:f6:cf:b4:20:6f:06:ca:28:10:c1:e4:44:7f: fd:71:1b:93:e2:eb:a5:51:f7:ca:69:4b:f2:3e:be:a8:31:0e: b0:c2:ce:c0:72:e4:3a:88:67:87:2c:53:23:af:c7:d9:28:cb: 13:57:fe:d3:92:fb:fd:c6:b3:0b:82:f0:93:1f:bf:fb:77:80: c5:b7:8d:58:0a:a5:ed:c7:38:09:72:93:0c:62:f3:c5:c6:fd: 6a:b4:ce:2c:79:83:ac:c9:de:be:b3:68:dd:74:b7:b5:22:f9: 35:bf:9b:52:d8:6a:ee:e2:31:a0:e7:07:d7:fe:fe:a2:35:ad: 8a:54:9b:dc:54:bc:94:ad:b9:40:60:d0:ac:5e:62:06:dd:a9: 32:6b:0b:da:56:a1:56:39:3d:ba:de:1f:04:79:72:a7:a2:a4: bf:6d:7f:b7:c3:ca:5d:7b:ff:df:9c:a9:d8:2f:04:af:3b:a7: e2:31:59:82:94:82:b0:f1:16:d5:20:e7:17:57:95:62:ed:0a: 57:dc:41:a0:ae:c9:39:b2:ba:1a:5d:58:c0:29:74:73:33:07: a2:4f:67:2c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3x0T2ufkU8i13HBrBOdbVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYWZkNjk0MmU0ZjAwYmNmMzhhOGVhOGNiOGYxNDgxOWVkZTEyYzQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoqncj/o0/t7Wq44DPgP04IYF243 jMHPq6SoHqX1P+G3FzLx8B2sdWBhLWpdvrLBUcZyPVBpwxzWXxn7N6cDcK2Mza5G rPPh3Ysjo9fE0ARjTA41uhyrq7FdPrdGSS+T0eufCBZkrlDEU//mBrFzQjoKkk2+ AWRkGRQnOOG9i4Bm4IeJq8a8HSgbjpvKdSuI616DUA+RMkA/HW+CCgLJyjUu/eFv 5ael8ijKOImGV9cZQ1qgVSyllHcC/uKfo3AGQrCRyET5cnwuQAg3EYOQ6cqcezo4 tSccY75+EcOPDQia7LaKWoyv3ldK7PNrxvu3TMbGEa7qfPc+8OgkSQ6zpwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNr9aULk8AvPOKjqjLjxSBnt4SxDMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvMnYxcFF1VHdDODg0cU9xTXVQRklHZTNoTEVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSKrMA0G CSqGSIb3DQEBCwUAA4IBAQAV8TFr7osvPSL79/m32ckl3l7LihcQcwWaO26sj7jy yJ5GcGz+DgtLGvbPtCBvBsooEMHkRH/9cRuT4uulUffKaUvyPr6oMQ6wws7AcuQ6 iGeHLFMjr8fZKMsTV/7Tkvv9xrMLgvCTH7/7d4DFt41YCqXtxzgJcpMMYvPFxv1q tM4seYOsyd6+s2jddLe1Ivk1v5tS2Gru4jGg5wfX/v6iNa2KVJvcVLyUrblAYNCs XmIG3akyawvaVqFWOT263h8EeXKnoqS/bX+3w8pde//fnKnYLwSvO6fiMVmClIKw 8RbVIOcXV5Vi7QpX3EGgrsk5sroaXVjAKXRzMweiT2cs -----END CERTIFICATE-----Generated at Thu Jan 1 20:23:17 2026 by rpki-client