This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/2yNvnD1lmLbPPKFlQkp9-VHyRE0.roa File: 2yNvnD1lmLbPPKFlQkp9-VHyRE0.roa (raw, json) Hash identifier: zlpNQG2pRqEeG9wmnXhIHFiAawnx6f7m+aNjLjl7SQw= Subject key identifier: DB:23:6F:9C:3D:65:98:B6:CF:3C:A1:65:42:4A:7D:F9:51:F2:44:4D Certificate issuer: /CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e Certificate serial: 019B77C708D78EE0F831CF60AC04B67EC0D0 Authority key identifier: 4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/2yNvnD1lmLbPPKFlQkp9-VHyRE0.roa Signing time: Thu 01 Jan 2026 04:18:11 +0000 ROA not before: Thu 01 Jan 2026 04:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56970 IP address blocks: 176.124.56.0/24 maxlen: 24 176.124.57.0/24 maxlen: 24 2a0e:fa40::/48 maxlen: 48 2a0e:fa40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.mft rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:08:d7:8e:e0:f8:31:cf:60:ac:04:b6:7e:c0:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fb3a8a4a0d8c5ae01a9695b041ed2c6d0296a9e Validity Not Before: Jan 1 04:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db236f9c3d6598b6cf3ca165424a7df951f2444d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:8a:2d:7b:e4:ec:fb:59:7f:f9:21:1c:39:f4: d7:02:8e:63:cf:c3:a0:59:3f:4d:f3:1e:28:55:1d: de:05:21:50:b2:ca:77:e5:c5:ae:34:26:f5:98:d4: b6:80:13:ad:bb:de:82:b6:e9:d7:31:1a:37:7e:a1: 1c:21:2f:f9:63:98:02:43:ea:32:dd:9f:0a:37:c1: 12:28:e4:a4:c7:45:28:a7:63:47:7f:80:ed:81:45: 7a:ef:cb:69:25:88:b3:23:33:da:56:9e:91:da:7a: 43:a7:1c:63:7a:f5:70:72:52:3c:d7:25:70:b5:a0: 7e:4e:61:5a:37:3b:20:b9:bc:e1:49:b2:a2:d5:56: 58:e2:20:d0:04:e4:db:10:82:bb:60:24:96:29:79: 64:2c:78:d7:3a:5b:9e:85:d5:88:fb:76:63:48:1a: 15:c8:df:20:fb:c3:70:15:63:0f:3b:0d:33:cd:3b: 38:cc:d6:15:2c:29:5c:aa:fc:cd:27:6c:4f:7b:eb: fa:2d:4a:85:71:e3:22:28:6a:8e:cd:36:0e:9d:1d: 38:77:9e:f5:4f:8b:52:28:1a:6e:0f:e9:54:df:01: 7c:7e:e3:84:b3:28:6d:09:fb:b3:6e:ad:0b:03:d3: 98:88:a1:f8:03:be:e0:bb:dc:64:6d:38:ec:20:cb: b8:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:23:6F:9C:3D:65:98:B6:CF:3C:A1:65:42:4A:7D:F9:51:F2:44:4D X509v3 Authority Key Identifier: keyid:4F:B3:A8:A4:A0:D8:C5:AE:01:A9:69:5B:04:1E:D2:C6:D0:29:6A:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T7OopKDYxa4BqWlbBB7SxtApap4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/2yNvnD1lmLbPPKFlQkp9-VHyRE0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6ef23e-99ba-4c69-92e3-6bb7080409b4/1/T7OopKDYxa4BqWlbBB7SxtApap4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.124.56.0/23 IPv6: 2a0e:fa40::/47 Signature Algorithm: sha256WithRSAEncryption a3:d2:23:c7:14:f9:72:50:4f:e8:0f:75:48:19:35:d9:a6:d0: cf:38:29:e6:e8:e4:84:64:92:cb:02:62:4e:90:d6:d7:57:17: 96:b2:4e:11:3a:2c:50:4f:0b:ac:c9:dc:bb:1c:7a:26:6b:01: 67:98:b5:75:ea:9f:3d:72:32:a8:88:39:a4:28:43:00:f1:8a: d6:e1:2a:22:62:61:de:a5:00:08:7e:04:6a:7a:c0:94:26:7a: 78:6e:c4:70:44:40:46:41:ea:78:51:35:84:ad:46:ac:e4:ea: af:2f:a1:34:10:cc:0c:82:3c:bf:6c:37:d8:65:28:ce:e6:ff: 0a:48:5d:5c:09:09:31:c6:07:d8:09:66:79:86:b0:87:1e:54: b8:0d:84:43:58:eb:e3:6a:1d:38:42:e0:aa:90:1e:b2:31:e8: 97:fc:7b:3b:36:da:96:8f:2f:6d:6a:01:c4:40:42:11:53:5a: 6a:8a:8c:23:6d:a2:01:f4:04:bc:fd:37:8d:18:7e:cb:9c:9e: ac:81:72:3a:83:b9:6d:de:a8:83:26:40:42:f9:ee:17:65:dc: b3:1c:6e:4a:47:24:30:6b:0a:ff:10:c5:e1:36:df:ce:72:1d: 3e:7f:29:1f:dc:a9:f3:05:57:24:7b:94:bb:f3:e3:0a:ed:59: 96:20:b3:85 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3xwjXjuD4Mc9grAS2fsDQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmYjNhOGE0YTBkOGM1YWUwMWE5Njk1YjA0MWVkMmM2ZDAy OTZhOWUwHhcNMjYwMTAxMDQxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjIzNmY5YzNkNjU5OGI2Y2YzY2ExNjU0MjRhN2RmOTUxZjI0NDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoote+Ts+1l/+SEcOfTXAo5jz8Og WT9N8x4oVR3eBSFQssp35cWuNCb1mNS2gBOtu96CtunXMRo3fqEcIS/5Y5gCQ+oy 3Z8KN8ESKOSkx0Uop2NHf4DtgUV678tpJYizIzPaVp6R2npDpxxjevVwclI81yVw taB+TmFaNzsgubzhSbKi1VZY4iDQBOTbEIK7YCSWKXlkLHjXOluehdWI+3ZjSBoV yN8g+8NwFWMPOw0zzTs4zNYVLClcqvzNJ2xPe+v6LUqFceMiKGqOzTYOnR04d571 T4tSKBpuD+lU3wF8fuOEsyhtCfuzbq0LA9OYiKH4A77gu9xkbTjsIMu4bQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNsjb5w9ZZi2zzyhZUJKfflR8kRNMB8GA1UdIwQY MBaAFE+zqKSg2MWuAalpWwQe0sbQKWqeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMt NmJiNzA4MDQwOWI0LzEvMnlOdm5EMWxtTGJQUEtGbFFrcDktVkh5UkUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi82ZWYyM2UtOTliYS00YzY5LTkyZTMtNmJiNzA4MDQwOWI0 LzEvVDdPb3BLRFl4YTRCcVdsYkJCN1N4dEFwYXA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBsHw4MA8E AgACMAkDBwEqDvpAAAAwDQYJKoZIhvcNAQELBQADggEBAKPSI8cU+XJQT+gPdUgZ Ndmm0M84Kebo5IRkkssCYk6Q1tdXF5ayThE6LFBPC6zJ3LsceiZrAWeYtXXqnz1y MqiIOaQoQwDxitbhKiJiYd6lAAh+BGp6wJQmenhuxHBEQEZB6nhRNYStRqzk6q8v oTQQzAyCPL9sN9hlKM7m/wpIXVwJCTHGB9gJZnmGsIceVLgNhENY6+NqHThC4KqQ HrIx6Jf8ezs22paPL21qAcRAQhFTWmqKjCNtogH0BLz9N40YfsucnqyBcjqDuW3e qIMmQEL57hdl3LMcbkpHJDBrCv8QxeE2385yHT5/KR/cqfMFVyR7lLvz4wrtWZYg s4U= -----END CERTIFICATE-----Generated at Tue Feb 10 01:29:12 2026 by rpki-client