This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/hl2ItpSJbgNc8RoWoL4bCpNDXxw.roa File: hl2ItpSJbgNc8RoWoL4bCpNDXxw.roa (raw, json) Hash identifier: ThfYHLL+zFBLeQn7rt4aKrE2rh3ZM5jimecJ6acAoR4= Subject key identifier: 86:5D:88:B6:94:89:6E:03:5C:F1:1A:16:A0:BE:1B:0A:93:43:5F:1C Certificate issuer: /CN=cec63b87a8aec093dbe47dcca92860ea841228e0 Certificate serial: 019B7EA6FF970B441E5A036A334549324D84 Authority key identifier: CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/hl2ItpSJbgNc8RoWoL4bCpNDXxw.roa Signing time: Fri 02 Jan 2026 12:20:32 +0000 ROA not before: Fri 02 Jan 2026 12:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29513 IP address blocks: 37.60.184.0/21 maxlen: 21 46.31.208.0/21 maxlen: 21 89.251.48.0/20 maxlen: 20 146.66.144.0/21 maxlen: 21 146.66.149.0/24 maxlen: 24 193.105.225.0/24 maxlen: 24 194.180.228.0/22 maxlen: 22 217.64.48.0/20 maxlen: 20 2a01:1c0::/32 maxlen: 32 2a06:15c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:ff:97:0b:44:1e:5a:03:6a:33:45:49:32:4d:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cec63b87a8aec093dbe47dcca92860ea841228e0 Validity Not Before: Jan 2 12:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=865d88b694896e035cf11a16a0be1b0a93435f1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:56:cb:b9:ac:31:51:38:29:bc:f4:15:5a:e1: 6d:5e:c2:92:7c:de:eb:1d:24:67:3b:80:e3:6f:54: b1:de:97:3b:f0:7a:73:50:ea:9c:dc:e5:15:44:3d: 65:23:65:02:72:3e:a5:41:3a:ce:82:44:6f:30:0b: 8b:1d:64:ce:6a:e9:ec:d7:a1:2b:93:0d:e1:f8:3c: 9d:04:8a:cc:51:2b:9d:6c:d5:9d:7e:f8:bc:a1:bb: 17:f8:b0:f7:13:01:80:41:1e:ea:91:6f:1d:be:02: 90:a9:00:5c:0a:a1:92:9c:f9:95:c1:a8:5b:87:e3: d8:44:86:df:3a:f8:85:ae:80:5a:5f:51:c0:2d:5d: 7d:75:ef:49:1a:69:aa:32:6d:fa:cd:80:eb:ab:0d: 0b:f3:89:3a:ed:71:0c:ec:fe:6d:8f:4c:e4:7a:0a: 50:c6:04:f2:87:dc:46:f9:06:45:6c:78:8e:fa:22: ba:ec:0a:49:7f:28:2c:86:c9:7b:75:dc:7a:d7:42: 8f:13:41:01:f3:48:dd:7f:99:a6:a7:52:63:5f:d5: e2:ae:a0:b5:5e:d5:4d:33:40:5d:49:91:87:22:0d: 3d:89:91:3a:7c:bc:86:c4:74:84:4a:24:55:d5:72: 03:76:6a:40:de:71:1e:a8:42:d4:f5:bf:52:98:56: b5:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:5D:88:B6:94:89:6E:03:5C:F1:1A:16:A0:BE:1B:0A:93:43:5F:1C X509v3 Authority Key Identifier: keyid:CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/hl2ItpSJbgNc8RoWoL4bCpNDXxw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.60.184.0/21 46.31.208.0/21 89.251.48.0/20 146.66.144.0/21 193.105.225.0/24 194.180.228.0/22 217.64.48.0/20 IPv6: 2a01:1c0::/32 2a06:15c0::/29 Signature Algorithm: sha256WithRSAEncryption 49:af:3d:7f:d1:1f:68:e1:2e:e6:83:17:91:46:7e:50:86:85: b8:c7:fa:3c:dc:8b:62:32:e1:70:0a:04:ae:54:01:20:50:32: 1a:5d:15:fe:98:55:6d:a2:1d:23:c9:af:48:97:ad:2e:a4:d4: ad:94:b9:99:3b:8c:41:97:31:ac:3d:26:3f:af:a6:70:c0:3f: 51:9f:da:03:7c:da:a9:dd:17:aa:73:af:d4:cc:dc:91:7d:91: ea:72:2f:86:56:bd:12:3d:b1:98:28:ab:56:35:64:9e:17:15: a6:1f:2c:69:25:c3:e7:37:d4:a3:c9:c6:51:fc:54:d9:b8:06: c1:38:88:1b:83:1a:ee:c0:d1:96:10:8e:3a:b3:89:71:8d:e3: 28:d1:99:ba:89:94:aa:09:b6:e5:9b:c6:c0:76:dc:63:8e:32: e6:54:34:89:17:54:19:ef:7b:e0:de:7e:43:5b:72:e1:92:2e: dd:bb:73:75:f9:3d:84:f7:4a:af:8c:2c:c3:70:be:1c:19:bf: f2:24:07:ff:52:55:47:78:56:94:11:af:4d:b4:f8:2f:1c:b6: c8:98:d0:39:ab:85:56:c1:b1:b4:84:ef:93:92:4f:90:c3:82: ae:69:d4:dc:fb:e1:a0:28:0f:e1:fb:7a:5d:47:44:00:9e:ce: 77:35:fd:9b -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgISAZt+pv+XC0QeWgNqM0VJMk2EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlYzYzYjg3YThhZWMwOTNkYmU0N2RjY2E5Mjg2MGVhODQx MjI4ZTAwHhcNMjYwMTAyMTIyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjVkODhiNjk0ODk2ZTAzNWNmMTFhMTZhMGJlMWIwYTkzNDM1ZjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFbLuawxUTgpvPQVWuFtXsKSfN7r HSRnO4Djb1Sx3pc78HpzUOqc3OUVRD1lI2UCcj6lQTrOgkRvMAuLHWTOauns16Er kw3h+DydBIrMUSudbNWdfvi8obsX+LD3EwGAQR7qkW8dvgKQqQBcCqGSnPmVwahb h+PYRIbfOviFroBaX1HALV19de9JGmmqMm36zYDrqw0L84k67XEM7P5tj0zkegpQ xgTyh9xG+QZFbHiO+iK67ApJfygshsl7ddx610KPE0EB80jdf5mmp1JjX9XirqC1 XtVNM0BdSZGHIg09iZE6fLyGxHSESiRV1XIDdmpA3nEeqELU9b9SmFa1nwIDAQAB o4ICQzCCAj8wHQYDVR0OBBYEFIZdiLaUiW4DXPEaFqC+GwqTQ18cMB8GA1UdIwQY MBaAFM7GO4eorsCT2+R9zKkoYOqEEijgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWIt ODNiZDY2ZjRlNmY2LzEvaGwySXRwU0piZ05jOFJvV29MNGJDcE5EWHh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWItODNiZDY2ZjRlNmY2 LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDJTy4AwQD Lh/QAwQEWfswAwQDkkKQAwQAwWnhAwQCwrTkAwQE2UAwMBQEAgACMA4DBQAqAQHA AwUDKgYVwDANBgkqhkiG9w0BAQsFAAOCAQEASa89f9EfaOEu5oMXkUZ+UIaFuMf6 PNyLYjLhcAoErlQBIFAyGl0V/phVbaIdI8mvSJetLqTUrZS5mTuMQZcxrD0mP6+m cMA/UZ/aA3zaqd0XqnOv1MzckX2R6nIvhla9Ej2xmCirVjVknhcVph8saSXD5zfU o8nGUfxU2bgGwTiIG4Ma7sDRlhCOOrOJcY3jKNGZuomUqgm25ZvGwHbcY44y5lQ0 iRdUGe974N5+Q1ty4ZIu3btzdfk9hPdKr4wsw3C+HBm/8iQH/1JVR3hWlBGvTbT4 Lxy2yJjQOauFVsGxtITvk5JPkMOCrmnU3PvhoCgP4ft6XUdEAJ7OdzX9mw== -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:31 2026 by rpki-client