This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/bdede8-735d-4a05-838c-2d49c9bc982d/1/2TqgHYOgfsJXr5AHbOt7Withl0Y.roa File: 2TqgHYOgfsJXr5AHbOt7Withl0Y.roa (raw, json) Hash identifier: JWTP6ZFvwS7du+ja3Z9xJskq88DbPSQc49cLLypWIKw= Subject key identifier: D9:3A:A0:1D:83:A0:7E:C2:57:AF:90:07:6C:EB:7B:5A:2B:61:97:46 Certificate issuer: /CN=d96a58df9aa47ccd21021eb2c6bf06b3b4590c08 Certificate serial: 019BF9D22837CD9CE0839BD2A4046BCDA970 Authority key identifier: D9:6A:58:DF:9A:A4:7C:CD:21:02:1E:B2:C6:BF:06:B3:B4:59:0C:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2WpY35qkfM0hAh6yxr8Gs7RZDAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/bdede8-735d-4a05-838c-2d49c9bc982d/1/2TqgHYOgfsJXr5AHbOt7Withl0Y.roa Signing time: Mon 26 Jan 2026 10:20:58 +0000 ROA not before: Mon 26 Jan 2026 10:20:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3209 IP address blocks: 91.217.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/bdede8-735d-4a05-838c-2d49c9bc982d/1/2WpY35qkfM0hAh6yxr8Gs7RZDAg.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/bdede8-735d-4a05-838c-2d49c9bc982d/1/2WpY35qkfM0hAh6yxr8Gs7RZDAg.mft rsync://rpki.ripe.net/repository/DEFAULT/2WpY35qkfM0hAh6yxr8Gs7RZDAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f9:d2:28:37:cd:9c:e0:83:9b:d2:a4:04:6b:cd:a9:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d96a58df9aa47ccd21021eb2c6bf06b3b4590c08 Validity Not Before: Jan 26 10:20:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d93aa01d83a07ec257af90076ceb7b5a2b619746 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:9f:9c:fa:f6:01:0b:15:9e:2f:56:a3:f7:fe: 12:1c:92:20:02:71:83:80:81:c0:69:0d:35:a6:41: c6:51:db:d7:81:9d:50:4c:4f:50:d8:8a:50:01:67: 37:9b:de:3c:32:1e:67:36:a1:72:36:69:66:ea:9f: ed:39:d5:44:6e:2f:b6:03:de:65:8c:5a:dd:ab:5b: e8:3f:8d:c9:cb:6c:4d:7c:b1:45:4c:2a:84:8e:7d: 30:5c:6a:c9:27:48:0c:5a:68:4f:d1:3b:5a:9b:f3: 7e:64:7c:a3:cc:69:ae:e6:86:0c:ae:31:9b:8f:04: f9:4c:28:b6:af:c7:c3:69:ea:a6:f8:59:9d:29:44: 8a:98:e3:ee:ad:c5:b1:8a:08:ec:49:9f:b8:f6:0a: 2b:e0:02:5b:6d:ad:e8:0d:f9:04:97:b0:a6:25:c1: b1:38:e1:5e:79:02:fb:cf:cd:0b:4e:d2:62:a1:f2: 92:01:fc:3b:99:f2:0d:24:ff:42:dd:00:c2:cf:76: 38:67:fd:22:0c:06:cd:85:31:1a:3e:bf:a3:24:14: c8:63:5b:4b:49:87:db:bb:dc:66:f7:f8:3b:31:55: b5:4a:81:d9:cd:9e:d0:d5:3d:2a:0d:21:52:28:d8: 43:85:58:86:ea:20:42:b2:97:85:04:8d:54:ea:c0: 9e:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:3A:A0:1D:83:A0:7E:C2:57:AF:90:07:6C:EB:7B:5A:2B:61:97:46 X509v3 Authority Key Identifier: keyid:D9:6A:58:DF:9A:A4:7C:CD:21:02:1E:B2:C6:BF:06:B3:B4:59:0C:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2WpY35qkfM0hAh6yxr8Gs7RZDAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/bdede8-735d-4a05-838c-2d49c9bc982d/1/2TqgHYOgfsJXr5AHbOt7Withl0Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/bdede8-735d-4a05-838c-2d49c9bc982d/1/2WpY35qkfM0hAh6yxr8Gs7RZDAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.217.188.0/24 Signature Algorithm: sha256WithRSAEncryption 43:10:8a:a8:89:ef:cf:5b:8b:68:d4:5b:fd:24:be:3f:78:06: c7:2d:85:da:b8:83:8a:3e:33:9d:17:2f:5c:f6:a3:97:cb:64: 99:98:e6:b1:64:0c:6d:33:59:5b:d6:ba:46:6c:2a:3d:d4:73: cd:4f:14:72:ba:2c:74:d9:db:03:64:12:e3:c5:0b:96:ec:c7: 6b:02:bf:34:c2:00:18:a2:cc:e0:5b:94:83:aa:67:f7:e4:dd: 05:c0:de:45:86:87:95:b6:26:56:8c:a8:28:3f:d6:e2:3f:0d: 5e:cd:23:8e:71:97:1a:19:a6:4b:46:fa:42:96:ca:f7:6f:3a: 65:fc:78:22:8e:dd:18:37:67:e4:d2:9c:ee:91:75:f0:66:e4: 0b:9d:da:fb:27:40:6c:1f:1f:26:6b:25:83:5a:40:06:83:67: 4e:c2:64:58:6e:5d:ef:8c:d0:fd:b9:fa:01:00:57:b8:70:57: ae:4d:aa:eb:1e:08:e4:20:9a:f4:2c:9f:51:94:e1:86:f4:b9: 4a:df:56:77:0d:d6:6e:b9:00:cd:c7:17:28:b7:c4:5a:27:fa: 01:8c:12:7f:31:d6:66:97:d4:cb:31:09:32:2a:ff:e2:98:eb: b9:78:9f:af:2c:ea:c6:a8:3d:42:72:d1:02:45:33:d4:eb:6a: 2c:a0:b2:5b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZv50ig3zZzgg5vSpARrzalwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5NmE1OGRmOWFhNDdjY2QyMTAyMWViMmM2YmYwNmIzYjQ1 OTBjMDgwHhcNMjYwMTI2MTAyMDU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTNhYTAxZDgzYTA3ZWMyNTdhZjkwMDc2Y2ViN2I1YTJiNjE5NzQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ+c+vYBCxWeL1aj9/4SHJIgAnGD gIHAaQ01pkHGUdvXgZ1QTE9Q2IpQAWc3m948Mh5nNqFyNmlm6p/tOdVEbi+2A95l jFrdq1voP43Jy2xNfLFFTCqEjn0wXGrJJ0gMWmhP0Ttam/N+ZHyjzGmu5oYMrjGb jwT5TCi2r8fDaeqm+FmdKUSKmOPurcWxigjsSZ+49gor4AJbba3oDfkEl7CmJcGx OOFeeQL7z80LTtJiofKSAfw7mfINJP9C3QDCz3Y4Z/0iDAbNhTEaPr+jJBTIY1tL SYfbu9xm9/g7MVW1SoHZzZ7Q1T0qDSFSKNhDhViG6iBCspeFBI1U6sCeFwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNk6oB2DoH7CV6+QB2zre1orYZdGMB8GA1UdIwQY MBaAFNlqWN+apHzNIQIessa/BrO0WQwIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMldwWTM1cWtmTTBoQWg2eXhyOEdzN1JaREFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iZGVkZTgtNzM1ZC00YTA1LTgzOGMt MmQ0OWM5YmM5ODJkLzEvMlRxZ0hZT2dmc0pYcjVBSGJPdDdXaXRobDBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9iZGVkZTgtNzM1ZC00YTA1LTgzOGMtMmQ0OWM5YmM5ODJk LzEvMldwWTM1cWtmTTBoQWg2eXhyOEdzN1JaREFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9m8MA0G CSqGSIb3DQEBCwUAA4IBAQBDEIqoie/PW4to1Fv9JL4/eAbHLYXauIOKPjOdFy9c 9qOXy2SZmOaxZAxtM1lb1rpGbCo91HPNTxRyuix02dsDZBLjxQuW7MdrAr80wgAY oszgW5SDqmf35N0FwN5FhoeVtiZWjKgoP9biPw1ezSOOcZcaGaZLRvpClsr3bzpl /Hgijt0YN2fk0pzukXXwZuQLndr7J0BsHx8mayWDWkAGg2dOwmRYbl3vjND9ufoB AFe4cFeuTarrHgjkIJr0LJ9RlOGG9LlK31Z3DdZuuQDNxxcot8RaJ/oBjBJ/MdZm l9TLMQkyKv/imOu5eJ+vLOrGqD1CctECRTPU62osoLJb -----END CERTIFICATE-----Generated at Mon Jan 26 21:32:13 2026 by rpki-client