This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/2sSNq_23wtPnMvOP3SuOpsmlnPU.roa File: 2sSNq_23wtPnMvOP3SuOpsmlnPU.roa (raw, json) Hash identifier: oiveSY1ih0Dch88HHFrGBoRbCnJhdw1QSsoe9ViLQU4= Subject key identifier: DA:C4:8D:AB:FD:B7:C2:D3:E7:32:F3:8F:DD:2B:8E:A6:C9:A5:9C:F5 Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019C4335EB2450743997095D7232D4B4ED4C Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/2sSNq_23wtPnMvOP3SuOpsmlnPU.roa Signing time: Mon 09 Feb 2026 16:22:12 +0000 ROA not before: Mon 09 Feb 2026 16:22:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 91.217.166.0/24 maxlen: 24 2a05:9080:13::/48 maxlen: 48 2a05:9080:14::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 09:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:35:eb:24:50:74:39:97:09:5d:72:32:d4:b4:ed:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Feb 9 16:22:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dac48dabfdb7c2d3e732f38fdd2b8ea6c9a59cf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a3:97:9d:ad:a0:50:d4:6e:cb:eb:6e:57:4d: c3:27:3d:80:4c:72:ac:d4:e8:63:53:a4:fe:d8:b0: 9d:8b:7b:b0:17:6f:19:fc:9f:83:02:79:97:e0:f6: 3c:1b:af:d4:6b:18:84:8a:aa:ef:ee:ae:35:bf:5a: 03:66:89:98:3f:7b:83:cd:94:b6:ab:85:f4:0c:e2: 47:60:d7:9a:80:e7:6c:42:25:b7:37:91:04:fe:da: 20:4b:98:e8:41:fb:1c:41:51:a9:bd:90:15:1c:8a: bd:df:a4:4d:d9:f0:64:8b:76:9c:4e:7f:d2:6c:ab: df:39:e5:e9:51:7d:04:84:62:01:ac:74:eb:60:a6: 7b:dd:a2:d3:af:49:95:11:51:cc:a3:b0:b5:f0:f9: 47:47:46:7a:76:54:27:05:f2:2b:5c:72:06:18:29: bb:e1:85:d9:3c:32:9b:4b:42:b7:cc:66:70:36:9a: 66:50:ec:56:fa:ba:76:6c:b3:b3:0a:9e:cc:09:0d: 74:ef:78:12:2f:53:f4:c4:dc:a8:3d:2c:20:10:95: 6c:b3:05:34:89:5b:43:5c:7c:50:90:55:2c:32:a4: da:ba:7c:40:ff:14:72:6b:04:68:7b:0b:c0:96:d5: 3a:46:43:e0:49:72:47:1b:a6:69:dd:16:b0:89:77: 10:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:C4:8D:AB:FD:B7:C2:D3:E7:32:F3:8F:DD:2B:8E:A6:C9:A5:9C:F5 X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/2sSNq_23wtPnMvOP3SuOpsmlnPU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.217.166.0/24 IPv6: 2a05:9080:13::-2a05:9080:14:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 84:3d:ca:3a:ed:a6:79:c3:31:61:a4:09:0b:c8:cf:2c:0d:97: 35:e6:36:a4:ca:17:f2:9a:93:4d:ad:dc:07:6b:b1:79:47:0d: c9:df:94:31:57:26:63:0b:64:99:2b:d9:67:0e:30:6f:4f:87: d5:03:ef:38:02:f1:ba:76:20:76:1f:28:a0:95:14:25:e8:f4: 13:98:7d:cb:7d:ac:0e:1c:95:30:7e:87:39:75:a1:16:e8:e2: 77:bc:09:14:2c:db:36:5e:94:ab:a4:95:04:1a:a7:fd:35:38: 22:64:f9:45:ba:22:90:2d:e6:78:7f:4b:fa:94:bf:f9:00:47: 27:c9:ef:f6:9c:15:70:72:d1:97:10:70:44:6f:7d:b4:f2:3b: 22:b3:5c:f7:ec:b5:03:ac:f2:f9:85:b8:c2:b7:a1:82:74:d4: 7d:7d:93:b4:5b:56:b5:43:5b:f6:3f:41:5e:87:b7:b2:21:ca: 30:ae:3b:1c:dc:94:61:10:d8:3e:c0:93:f3:38:b9:fa:18:0b: b9:cc:28:92:3c:67:1e:11:2c:3f:75:16:00:9d:d8:49:5c:bd: 6d:87:68:4d:b2:db:e5:2b:97:a5:1a:9b:a0:8e:32:37:a9:28: 07:f3:1f:fc:d1:7f:6e:fb:87:ca:fb:b2:54:83:6b:0f:e0:d6: a2:47:6a:86 -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZxDNeskUHQ5lwldcjLUtO1MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjYwMjA5MTYyMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYWM0OGRhYmZkYjdjMmQzZTczMmYzOGZkZDJiOGVhNmM5YTU5Y2Y1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6OXna2gUNRuy+tuV03DJz2ATHKs 1OhjU6T+2LCdi3uwF28Z/J+DAnmX4PY8G6/UaxiEiqrv7q41v1oDZomYP3uDzZS2 q4X0DOJHYNeagOdsQiW3N5EE/togS5joQfscQVGpvZAVHIq936RN2fBki3acTn/S bKvfOeXpUX0EhGIBrHTrYKZ73aLTr0mVEVHMo7C18PlHR0Z6dlQnBfIrXHIGGCm7 4YXZPDKbS0K3zGZwNppmUOxW+rp2bLOzCp7MCQ1073gSL1P0xNyoPSwgEJVsswU0 iVtDXHxQkFUsMqTaunxA/xRyawRoewvAltU6RkPgSXJHG6Zp3RawiXcQCQIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFNrEjav9t8LT5zLzj90rjqbJpZz1MB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvMnNTTnFfMjN3dFBuTXZPUDNTdU9wc21sblBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAW9mmMBoE AgACMBQwEgMHACoFkIAAEwMHACoFkIAAFDANBgkqhkiG9w0BAQsFAAOCAQEAhD3K Ou2mecMxYaQJC8jPLA2XNeY2pMoX8pqTTa3cB2uxeUcNyd+UMVcmYwtkmSvZZw4w b0+H1QPvOALxunYgdh8ooJUUJej0E5h9y32sDhyVMH6HOXWhFujid7wJFCzbNl6U q6SVBBqn/TU4ImT5RboikC3meH9L+pS/+QBHJ8nv9pwVcHLRlxBwRG99tPI7IrNc 9+y1A6zy+YW4wrehgnTUfX2TtFtWtUNb9j9BXoe3siHKMK47HNyUYRDYPsCT8zi5 +hgLucwokjxnHhEsP3UWAJ3YSVy9bYdoTbLb5SuXpRqboI4yN6koB/Mf/NF/bvuH yvuyVINrD+DWokdqhg== -----END CERTIFICATE-----Generated at Tue Feb 10 16:22:43 2026 by rpki-client