This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/2fN3eFa0bjosUQqjhzxnSC-ZbG4.roa File: 2fN3eFa0bjosUQqjhzxnSC-ZbG4.roa (raw, json) Hash identifier: adZ7mZtP0EOWzdaHjuDb/aCtRN0v7AY6Df2Y3DcoCAs= Subject key identifier: D9:F3:77:78:56:B4:6E:3A:2C:51:0A:A3:87:3C:67:48:2F:99:6C:6E Certificate issuer: /CN=e24bc2870de2599daf66497f5729c74b33ef993a Certificate serial: 019B78A2EEDE329F05D36F3E01321E0313D5 Authority key identifier: E2:4B:C2:87:0D:E2:59:9D:AF:66:49:7F:57:29:C7:4B:33:EF:99:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kvChw3iWZ2vZkl_VynHSzPvmTo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/2fN3eFa0bjosUQqjhzxnSC-ZbG4.roa Signing time: Thu 01 Jan 2026 08:18:22 +0000 ROA not before: Thu 01 Jan 2026 08:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62193 IP address blocks: 185.44.108.0/22 maxlen: 24 2a01:6420::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/4kvChw3iWZ2vZkl_VynHSzPvmTo.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/4kvChw3iWZ2vZkl_VynHSzPvmTo.mft rsync://rpki.ripe.net/repository/DEFAULT/4kvChw3iWZ2vZkl_VynHSzPvmTo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:ee:de:32:9f:05:d3:6f:3e:01:32:1e:03:13:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e24bc2870de2599daf66497f5729c74b33ef993a Validity Not Before: Jan 1 08:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9f3777856b46e3a2c510aa3873c67482f996c6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:8c:04:da:16:04:08:43:c6:e4:7b:70:fc:c4: 11:fe:ef:ca:c7:23:65:f5:90:58:d7:6a:92:35:88: 37:a5:a7:4f:77:7a:98:aa:39:db:ba:4d:1a:d6:55: a8:0b:b7:b2:c9:9e:69:31:3b:4c:d1:84:26:ea:99: aa:f6:18:78:9a:cf:66:97:88:47:b8:49:51:79:5c: 3b:65:57:1a:60:9e:1c:6d:7b:ab:4e:1e:c9:f0:36: 1b:6b:3e:78:0e:bc:dc:d4:d9:cc:04:d7:bf:1c:0e: 9b:50:ff:d2:51:52:06:70:ad:f3:b1:7d:ad:f2:76: 8f:03:7b:54:7e:02:5f:d2:2d:77:0c:59:95:cf:40: b2:7b:91:af:fe:8f:64:0e:0d:41:75:2e:07:ec:ef: 9f:3b:be:e7:c8:19:24:4b:2f:f9:19:e8:ea:83:22: f1:bd:42:02:c3:89:86:14:bc:a3:d6:f9:55:3d:bc: 0c:9d:17:39:39:ba:41:c0:33:ca:80:b9:f7:ae:1d: 45:7b:43:a0:1f:4e:fb:83:e1:d9:f9:85:00:ce:b2: 1f:d0:2c:c3:ba:35:c0:ac:3f:f0:0a:b8:ba:b4:cc: 28:49:55:cd:1d:c6:18:cf:2e:87:1f:1b:78:7b:56: a6:64:8b:bb:6b:db:0b:99:aa:fc:54:7c:b3:38:9d: 6a:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:F3:77:78:56:B4:6E:3A:2C:51:0A:A3:87:3C:67:48:2F:99:6C:6E X509v3 Authority Key Identifier: keyid:E2:4B:C2:87:0D:E2:59:9D:AF:66:49:7F:57:29:C7:4B:33:EF:99:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kvChw3iWZ2vZkl_VynHSzPvmTo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/2fN3eFa0bjosUQqjhzxnSC-ZbG4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/4kvChw3iWZ2vZkl_VynHSzPvmTo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.44.108.0/22 IPv6: 2a01:6420::/29 Signature Algorithm: sha256WithRSAEncryption 44:ff:8b:75:4c:4f:45:a8:d7:74:6c:2a:47:09:1a:8e:de:9c: 5e:41:a8:52:e8:96:99:12:f4:37:18:98:4b:3e:7e:b7:16:e5: f8:7d:52:80:81:9f:5f:4f:de:eb:11:ed:27:2d:c2:df:94:ef: 59:98:79:22:14:b0:d8:d5:77:15:15:ee:fe:be:46:c5:e0:cb: e0:5c:e8:65:5a:87:76:30:d4:47:0c:2f:c0:7e:de:d2:7d:04: 91:b2:ef:51:3d:f4:ff:13:74:e1:98:c2:e6:90:01:93:93:0b: e3:ef:07:34:63:0a:dd:ae:36:a2:2e:36:64:28:46:62:15:7b: 26:f9:df:06:ef:2b:0b:c4:6a:90:6f:93:e2:dc:92:5d:15:1d: f6:5d:e6:c5:f2:85:a5:73:df:89:9d:78:f6:4b:9a:1b:56:75: 95:a5:68:e9:c7:15:fb:ca:ea:d9:51:87:b7:b5:d2:8d:14:0d: 74:f0:af:ef:97:8a:4a:d7:3a:bb:3f:40:e5:ab:83:7e:f7:f4: ea:04:da:77:96:14:e2:6d:33:d2:f2:5c:9c:2c:15:c0:e0:4a: 3e:9c:aa:d0:75:f0:dc:49:e7:d9:cb:fb:0d:51:d8:ac:90:e3: 99:5b:c3:32:a6:ae:d6:96:68:da:91:52:7d:8b:77:9e:0d:72: 7d:24:9f:bc -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4ou7eMp8F028+ATIeAxPVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyNGJjMjg3MGRlMjU5OWRhZjY2NDk3ZjU3MjljNzRiMzNl Zjk5M2EwHhcNMjYwMTAxMDgxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWYzNzc3ODU2YjQ2ZTNhMmM1MTBhYTM4NzNjNjc0ODJmOTk2YzZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04wE2hYECEPG5Htw/MQR/u/KxyNl 9ZBY12qSNYg3padPd3qYqjnbuk0a1lWoC7eyyZ5pMTtM0YQm6pmq9hh4ms9ml4hH uElReVw7ZVcaYJ4cbXurTh7J8DYbaz54Drzc1NnMBNe/HA6bUP/SUVIGcK3zsX2t 8naPA3tUfgJf0i13DFmVz0Cye5Gv/o9kDg1BdS4H7O+fO77nyBkkSy/5GejqgyLx vUICw4mGFLyj1vlVPbwMnRc5ObpBwDPKgLn3rh1Fe0OgH077g+HZ+YUAzrIf0CzD ujXArD/wCri6tMwoSVXNHcYYzy6HHxt4e1amZIu7a9sLmar8VHyzOJ1qjQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNnzd3hWtG46LFEKo4c8Z0gvmWxuMB8GA1UdIwQY MBaAFOJLwocN4lmdr2ZJf1cpx0sz75k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGt2Q2h3M2lXWjJ2WmtsX1Z5bkhTelB2bVRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iZTE3MjAtODAxZS00ZjllLWE1YzEt NjhhMmYwYmI1YjdhLzEvMmZOM2VGYTBiam9zVVFxamh6eG5TQy1aYkc0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC9iZTE3MjAtODAxZS00ZjllLWE1YzEtNjhhMmYwYmI1Yjdh LzEvNGt2Q2h3M2lXWjJ2WmtsX1Z5bkhTelB2bVRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSxsMA0E AgACMAcDBQMqAWQgMA0GCSqGSIb3DQEBCwUAA4IBAQBE/4t1TE9FqNd0bCpHCRqO 3pxeQahS6JaZEvQ3GJhLPn63FuX4fVKAgZ9fT97rEe0nLcLflO9ZmHkiFLDY1XcV Fe7+vkbF4MvgXOhlWod2MNRHDC/Aft7SfQSRsu9RPfT/E3ThmMLmkAGTkwvj7wc0 YwrdrjaiLjZkKEZiFXsm+d8G7ysLxGqQb5Pi3JJdFR32XebF8oWlc9+JnXj2S5ob VnWVpWjpxxX7yurZUYe3tdKNFA108K/vl4pK1zq7P0Dlq4N+9/TqBNp3lhTibTPS 8lycLBXA4Eo+nKrQdfDcSefZy/sNUdiskOOZW8Mypq7WlmjakVJ9i3eeDXJ9JJ+8 -----END CERTIFICATE-----Generated at Sat Jan 10 22:34:38 2026 by rpki-client