This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2F25F5zGnhNVHAR8X2pOAy7qcFs.roa File: 2F25F5zGnhNVHAR8X2pOAy7qcFs.roa (raw, json) Hash identifier: nxGgY8x0nK8vBPRxHifE4MLnoBAH6nw31eW1pXlo1yM= Subject key identifier: D8:5D:B9:17:9C:C6:9E:13:55:1C:04:7C:5F:6A:4E:03:2E:EA:70:5B Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Certificate serial: 019B7758ED9AAC47759960A7FB467E33D550 Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2F25F5zGnhNVHAR8X2pOAy7qcFs.roa Signing time: Thu 01 Jan 2026 02:17:55 +0000 ROA not before: Thu 01 Jan 2026 02:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200462 IP address blocks: 2.58.52.0/23 maxlen: 32 2.58.53.0/24 maxlen: 24 5.180.192.0/23 maxlen: 24 45.86.124.0/23 maxlen: 24 94.247.43.0/24 maxlen: 32 2a00:f826:8::/48 maxlen: 48 2a07:6fc0:10::/44 maxlen: 48 2a09:e1c0::/32 maxlen: 128 2a0c:8900::/29 maxlen: 128 2a0c:8905::/32 maxlen: 32 2a0c:8906::/32 maxlen: 32 2a0e:de80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 14:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:ed:9a:ac:47:75:99:60:a7:fb:46:7e:33:d5:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Validity Not Before: Jan 1 02:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d85db9179cc69e13551c047c5f6a4e032eea705b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:17:2b:7f:ba:59:df:c3:aa:d5:74:a7:bf:e0: a5:c8:9c:d5:17:79:ef:e8:e5:da:c0:a8:d4:13:10: c7:38:5f:66:b0:2e:44:5a:7b:eb:1c:e3:2f:f7:dc: a8:7c:e7:75:95:51:b6:43:6f:05:70:61:3f:e3:91: 49:18:95:33:9c:19:68:8b:53:b7:7a:8f:6c:28:ec: 5c:d0:0c:57:2d:ac:49:e7:ce:da:f2:b4:68:fe:cd: 64:02:da:cd:a0:6b:8e:28:33:a8:16:cd:f7:0a:58: a3:a0:de:35:5a:fe:6a:9f:d1:c0:8a:89:39:35:99: 71:ce:c5:09:ec:52:db:4c:0d:09:b8:2e:52:56:bb: bc:d5:2f:e0:92:60:c5:52:58:c6:96:d1:1d:2b:bc: cf:0e:5e:18:fb:09:42:64:18:3a:8d:7b:ff:de:b5: 1e:69:dd:07:6f:b4:77:aa:7b:02:a5:bb:89:1d:ae: 46:34:8b:6a:ba:3c:65:d4:aa:4d:72:4b:d1:0a:54: 7b:4b:16:a9:35:b0:e7:94:36:d1:22:32:a7:2b:81: e3:64:09:ff:1e:41:7b:05:9e:9c:f3:cb:3a:82:e5: d3:18:8c:79:0e:f2:c4:f0:5d:15:75:3f:18:5d:cf: a1:d7:6f:30:03:f3:f4:df:52:80:50:1d:aa:0f:e5: 48:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:5D:B9:17:9C:C6:9E:13:55:1C:04:7C:5F:6A:4E:03:2E:EA:70:5B X509v3 Authority Key Identifier: keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/2F25F5zGnhNVHAR8X2pOAy7qcFs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.52.0/23 5.180.192.0/23 45.86.124.0/23 94.247.43.0/24 IPv6: 2a00:f826:8::/48 2a07:6fc0:10::/44 2a09:e1c0::/32 2a0c:8900::/29 2a0e:de80::/29 Signature Algorithm: sha256WithRSAEncryption 90:04:c6:d6:3c:b8:12:8d:65:a0:5e:4a:65:53:cb:c3:a9:73: 9e:2f:60:14:6e:7e:1e:b5:21:5e:ca:84:1b:e9:f7:65:c3:ba: f0:27:85:84:af:44:2e:67:68:96:f6:5c:5b:a2:f6:0d:7b:de: 75:d0:14:ed:fd:13:24:86:b0:3d:4d:35:1b:16:1d:95:83:ce: e9:75:94:02:ea:17:a5:6c:d7:d4:8e:c9:f4:fc:4b:8d:fa:ab: a7:0c:3f:d2:31:48:ea:2c:43:2b:d5:2a:cd:12:31:98:bb:91: 8b:15:c7:4a:3e:a6:73:14:d3:3c:01:66:6f:ee:c9:86:00:a7: dd:1b:c0:41:35:4e:f7:f8:87:3b:dc:d2:e1:42:ac:a5:cc:d7: ad:ef:05:d7:fb:f4:5b:dc:3a:e7:f7:1b:21:12:91:23:0b:d8: d5:c3:03:71:52:ae:60:5c:d8:bf:0d:f8:7b:42:71:02:0c:5a: 98:14:6b:ee:55:e1:7d:b4:be:c3:ac:5f:68:6e:e6:bd:a7:6f: 27:0e:e5:2b:37:ec:4f:75:8f:bc:2e:74:1b:a7:2f:8e:2e:cd: 95:6a:70:c9:a9:af:1e:79:19:7a:37:5d:ed:70:de:73:d6:d9: 82:e7:b6:51:d0:c4:47:50:56:95:91:37:dd:de:9e:4f:68:04: c4:ac:83:44 -----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgISAZt3WO2arEd1mWCn+0Z+M9VQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi MGZhZGIwHhcNMjYwMTAxMDIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkODVkYjkxNzljYzY5ZTEzNTUxYzA0N2M1ZjZhNGUwMzJlZWE3MDViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBcrf7pZ38Oq1XSnv+ClyJzVF3nv 6OXawKjUExDHOF9msC5EWnvrHOMv99yofOd1lVG2Q28FcGE/45FJGJUznBloi1O3 eo9sKOxc0AxXLaxJ587a8rRo/s1kAtrNoGuOKDOoFs33ClijoN41Wv5qn9HAiok5 NZlxzsUJ7FLbTA0JuC5SVru81S/gkmDFUljGltEdK7zPDl4Y+wlCZBg6jXv/3rUe ad0Hb7R3qnsCpbuJHa5GNItqujxl1KpNckvRClR7SxapNbDnlDbRIjKnK4HjZAn/ HkF7BZ6c88s6guXTGIx5DvLE8F0VdT8YXc+h128wA/P031KAUB2qD+VICwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNhduRecxp4TVRwEfF9qTgMu6nBbMB8GA1UdIwQY MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt NThiMzhmNWFjODBiLzEvMkYyNUY1ekduaE5WSEFSOFgycE9BeTdxY0ZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB BbTAAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAJAExtY8uBKNZaBeSmVT y8Opc54vYBRufh61IV7KhBvp92XDuvAnhYSvRC5naJb2XFui9g173nXQFO39EySG sD1NNRsWHZWDzul1lALqF6Vs19SOyfT8S436q6cMP9IxSOosQyvVKs0SMZi7kYsV x0o+pnMU0zwBZm/uyYYAp90bwEE1Tvf4hzvc0uFCrKXM163vBdf79FvcOuf3GyES kSML2NXDA3FSrmBc2L8N+HtCcQIMWpgUa+5V4X20vsOsX2hu5r2nbycO5Ss37E91 j7wudBunL44uzZVqcMmprx55GXo3Xe1w3nPW2YLntlHQxEdQVpWRN93enk9oBMSs g0Q= -----END CERTIFICATE-----Generated at Wed Jan 21 00:03:48 2026 by rpki-client