This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/2-D2-rHW0UIzbvcEd6pGsT2RuDs.roa File: 2-D2-rHW0UIzbvcEd6pGsT2RuDs.roa (raw, json) Hash identifier: 84KNwiWzV+MMBwVN2Y5/SzTCA1WubeFW0cIC9K7nDqI= Subject key identifier: DB:E0:F6:FA:B1:D6:D1:42:33:6E:F7:04:77:AA:46:B1:3D:91:B8:3B Certificate issuer: /CN=1954e32570bbfb9af11c2381e81c797c2f40087c Certificate serial: 019B7CED2424B82DF2CEE4FE13A421EDF76D Authority key identifier: 19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/2-D2-rHW0UIzbvcEd6pGsT2RuDs.roa Signing time: Fri 02 Jan 2026 04:17:54 +0000 ROA not before: Fri 02 Jan 2026 04:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213050 IP address blocks: 144.2.168.0/22 maxlen: 24 149.3.168.0/24 maxlen: 24 2a0c:6ac0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.mft rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:24:24:b8:2d:f2:ce:e4:fe:13:a4:21:ed:f7:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1954e32570bbfb9af11c2381e81c797c2f40087c Validity Not Before: Jan 2 04:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbe0f6fab1d6d142336ef70477aa46b13d91b83b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a6:e9:eb:03:47:19:9a:f0:cd:7b:b7:de:cf: d2:a5:8f:a1:ce:a2:8e:a5:b1:f2:fd:b3:84:51:08: b7:0d:d0:d5:b3:fc:1f:73:fd:a9:7c:e4:0b:3b:27: cf:2c:76:18:b1:0e:ba:c5:8b:7d:9e:90:f5:f6:b9: 24:f2:1f:c4:79:e1:e3:dd:e4:48:d6:72:f6:62:cf: 6d:29:d1:2e:79:7f:1a:17:ed:99:f7:4d:57:a5:b6: c2:4a:31:d2:bc:7d:d5:3c:f8:ca:59:3c:75:04:ac: c3:8d:a0:8d:7d:d7:8d:1e:29:c9:37:c7:2f:be:60: 2f:0b:52:ee:49:af:5c:15:ab:53:f1:26:65:4a:7d: c9:b1:3d:7b:d9:f3:61:e8:3c:53:62:fa:b6:99:5f: ac:61:f8:7a:1c:c4:2b:15:79:64:fe:5a:ef:14:db: 78:7f:42:7f:0e:73:4d:a3:c8:96:06:12:73:83:6d: 4c:3f:c4:a4:23:30:3e:d5:13:cc:24:76:0b:41:54: 0e:44:aa:7d:fc:80:b1:b5:7f:c4:24:c4:b0:a6:b9: da:a9:46:c5:6a:0a:e4:86:8b:83:a4:ce:d7:bd:e5: 78:b0:56:9d:2b:15:95:44:15:33:99:6c:b2:d9:76: c4:aa:05:bf:e9:07:68:76:e2:fb:36:a5:39:bb:c8: ee:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:E0:F6:FA:B1:D6:D1:42:33:6E:F7:04:77:AA:46:B1:3D:91:B8:3B X509v3 Authority Key Identifier: keyid:19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/2-D2-rHW0UIzbvcEd6pGsT2RuDs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.2.168.0/22 149.3.168.0/24 IPv6: 2a0c:6ac0::/29 Signature Algorithm: sha256WithRSAEncryption a5:51:4d:89:94:34:b5:45:ec:1a:da:9b:1c:e4:bf:45:91:b2: bb:5c:0b:d2:5b:78:0d:86:8e:ca:b7:52:d9:f0:40:3d:5d:d3: 52:34:2e:b4:72:53:84:73:7a:a4:b0:1f:00:a9:ee:70:34:11: 2f:46:65:0b:87:52:b3:fa:ea:5d:64:64:4f:a6:6f:31:0e:d1: 2d:59:02:af:73:b5:e8:31:19:46:04:a1:8e:41:6f:b9:b6:86: 67:5a:65:4d:3e:dc:5a:18:b3:a6:a5:e1:3b:60:a1:2b:a7:67: b5:35:de:51:c3:ca:f4:30:66:45:4b:31:31:33:9e:dd:ca:82: ca:89:f1:fd:f6:5a:5b:79:06:ae:20:b5:1f:3f:dd:67:77:a5: 46:50:31:56:4f:52:bd:f6:44:1c:c6:37:1e:3f:d4:8c:e0:31: 06:e9:d9:c0:6b:ba:8a:05:64:4f:da:d1:cc:03:79:cc:c9:d1: 3e:e9:39:e1:99:4c:26:02:6c:85:3c:4c:1a:1d:1a:ab:ac:b1: c6:85:07:48:19:1a:50:8e:84:11:bf:af:9e:d1:3d:d3:10:7a: 90:6b:43:54:da:f9:1f:b5:07:91:d0:5f:56:fd:f5:5e:d1:b0: 5f:a7:6c:f2:af:36:81:21:24:b4:e2:a3:a0:a3:d1:da:9a:d5: de:39:51:45 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt87SQkuC3yzuT+E6Qh7fdtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5NTRlMzI1NzBiYmZiOWFmMTFjMjM4MWU4MWM3OTdjMmY0 MDA4N2MwHhcNMjYwMTAyMDQxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmUwZjZmYWIxZDZkMTQyMzM2ZWY3MDQ3N2FhNDZiMTNkOTFiODNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqbp6wNHGZrwzXu33s/SpY+hzqKO pbHy/bOEUQi3DdDVs/wfc/2pfOQLOyfPLHYYsQ66xYt9npD19rkk8h/EeeHj3eRI 1nL2Ys9tKdEueX8aF+2Z901XpbbCSjHSvH3VPPjKWTx1BKzDjaCNfdeNHinJN8cv vmAvC1LuSa9cFatT8SZlSn3JsT172fNh6DxTYvq2mV+sYfh6HMQrFXlk/lrvFNt4 f0J/DnNNo8iWBhJzg21MP8SkIzA+1RPMJHYLQVQORKp9/ICxtX/EJMSwprnaqUbF agrkhouDpM7XveV4sFadKxWVRBUzmWyy2XbEqgW/6QdoduL7NqU5u8ju1wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNvg9vqx1tFCM273BHeqRrE9kbg7MB8GA1UdIwQY MBaAFBlU4yVwu/ua8RwjgegceXwvQAh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2Qt MjY4MTZjYTkyY2EwLzEvMi1EMi1ySFcwVUl6YnZjRWQ2cEdzVDJSdURzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2QtMjY4MTZjYTkyY2Ew LzEvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCkAKoAwQA lQOoMA0EAgACMAcDBQMqDGrAMA0GCSqGSIb3DQEBCwUAA4IBAQClUU2JlDS1Rewa 2psc5L9FkbK7XAvSW3gNho7Kt1LZ8EA9XdNSNC60clOEc3qksB8Aqe5wNBEvRmUL h1Kz+updZGRPpm8xDtEtWQKvc7XoMRlGBKGOQW+5toZnWmVNPtxaGLOmpeE7YKEr p2e1Nd5Rw8r0MGZFSzExM57dyoLKifH99lpbeQauILUfP91nd6VGUDFWT1K99kQc xjceP9SM4DEG6dnAa7qKBWRP2tHMA3nMydE+6TnhmUwmAmyFPEwaHRqrrLHGhQdI GRpQjoQRv6+e0T3TEHqQa0NU2vkftQeR0F9W/fVe0bBfp2zyrzaBISS04qOgo9Ha mtXeOVFF -----END CERTIFICATE-----Generated at Mon Feb 9 18:38:02 2026 by rpki-client