This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/2nwagyLqxJwRqLdgTLA7_n4lSs8.roa File: 2nwagyLqxJwRqLdgTLA7_n4lSs8.roa (raw, json) Hash identifier: 4fgPknlaVUuj1rnAi5TgALYEc9dAtHGP5otC5r0jNlo= Subject key identifier: DA:7C:1A:83:22:EA:C4:9C:11:A8:B7:60:4C:B0:3B:FE:7E:25:4A:CF Certificate issuer: /CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d Certificate serial: 019B7FF24E5AE708F48CCA06B951AB3A29AB Authority key identifier: FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/2nwagyLqxJwRqLdgTLA7_n4lSs8.roa Signing time: Fri 02 Jan 2026 18:22:24 +0000 ROA not before: Fri 02 Jan 2026 18:22:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201341 IP address blocks: 2a02:e9c3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.mft rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 06 Jan 2026 09:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:4e:5a:e7:08:f4:8c:ca:06:b9:51:ab:3a:29:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffdbfbdb6e975ddca8f6dd968c37a7d5560e691d Validity Not Before: Jan 2 18:22:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da7c1a8322eac49c11a8b7604cb03bfe7e254acf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:89:f5:c6:51:a5:12:4a:a3:63:c5:b4:98:78: d1:13:be:04:4b:49:70:85:d9:77:d3:0d:61:1e:1a: 82:e9:16:3b:3e:b6:1f:2c:9c:7e:ed:00:91:27:3f: bb:91:50:bd:8d:5b:c5:ab:81:ce:9d:31:3d:f7:17: 39:cf:89:87:b2:96:e2:f8:ab:73:02:2d:9f:ba:7f: d3:5e:c0:5e:61:b9:38:a8:6a:f5:f1:97:e6:ef:4d: 9b:8b:f2:7f:75:8f:60:84:fa:b1:10:a9:7f:c1:07: 5c:60:45:53:14:af:0d:be:e9:de:cf:a6:7c:ae:bf: 8f:46:a9:72:2c:ba:95:1a:3e:9e:85:81:99:00:86: cd:f9:81:30:bf:81:b8:c5:04:0d:e9:9b:8e:f0:6d: 73:f1:6a:88:92:67:cb:57:12:11:28:35:2b:10:6d: 5a:6f:36:70:0f:ae:a2:0d:e9:e0:ea:db:0f:1f:ae: 1f:f8:71:60:61:b6:76:dc:cf:43:c8:58:b1:1d:49: 6e:4b:c0:e1:cb:46:41:86:c7:6d:02:e8:c4:03:3b: 81:78:1e:d9:fc:3d:38:75:a9:5e:a3:21:74:bb:36: f9:fb:27:0d:47:25:aa:be:20:f1:06:fd:9b:93:47: 52:f2:38:dd:9b:9d:91:cf:af:6e:42:2f:67:3e:b3: 8b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:7C:1A:83:22:EA:C4:9C:11:A8:B7:60:4C:B0:3B:FE:7E:25:4A:CF X509v3 Authority Key Identifier: keyid:FF:DB:FB:DB:6E:97:5D:DC:A8:F6:DD:96:8C:37:A7:D5:56:0E:69:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_9v7226XXdyo9t2WjDen1VYOaR0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/2nwagyLqxJwRqLdgTLA7_n4lSs8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/66fff3-bfa9-4732-b4b5-19769f578efd/1/_9v7226XXdyo9t2WjDen1VYOaR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:e9c3::/32 Signature Algorithm: sha256WithRSAEncryption 64:9c:a3:bb:70:ee:92:05:07:eb:cc:2d:b7:18:c9:04:9a:be: e9:6a:16:66:62:f5:7a:ec:f9:3f:10:95:91:e4:af:e8:90:43: f5:c2:ec:f3:df:6a:99:2e:e1:c7:5d:ae:fd:55:d8:9f:b6:de: f8:03:ea:27:ca:47:31:6b:04:49:4d:9f:91:c1:f7:f0:72:a1: 6a:5a:dd:0a:f8:f8:d0:b1:ad:d1:bf:93:34:9e:3a:55:08:f2: 97:e1:82:ac:9d:f3:a1:57:c3:98:1a:fe:99:f6:0e:92:4a:6b: e5:5a:20:a3:35:36:9e:e4:ee:6d:bd:7c:16:e6:e3:20:c5:8d: b5:7f:7a:56:83:f4:da:7e:0f:b9:f4:9a:57:b9:90:26:7c:9a: f3:1d:6d:92:f5:31:5f:38:30:94:d3:ff:c5:a4:78:4e:75:56: 38:fd:d2:65:67:71:af:db:57:70:90:c8:04:5e:dc:71:85:2c: 47:bd:5b:64:1f:22:ab:fa:65:08:bf:92:d6:22:a2:35:3d:e7: 68:f3:e2:a3:9e:47:cc:a5:23:76:b0:83:79:b3:99:6e:29:2b: de:c1:7a:8a:35:44:dd:74:e9:64:5e:c0:c6:95:fd:3c:2a:b7: 21:8f:3b:19:ba:0d:46:39:1e:f6:e4:d4:60:45:0f:3f:f4:75: e9:60:28:fa -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/8k5a5wj0jMoGuVGrOimrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmZGJmYmRiNmU5NzVkZGNhOGY2ZGQ5NjhjMzdhN2Q1NTYw ZTY5MWQwHhcNMjYwMTAyMTgyMjI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTdjMWE4MzIyZWFjNDljMTFhOGI3NjA0Y2IwM2JmZTdlMjU0YWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYn1xlGlEkqjY8W0mHjRE74ES0lw hdl30w1hHhqC6RY7PrYfLJx+7QCRJz+7kVC9jVvFq4HOnTE99xc5z4mHspbi+Ktz Ai2fun/TXsBeYbk4qGr18Zfm702bi/J/dY9ghPqxEKl/wQdcYEVTFK8Nvunez6Z8 rr+PRqlyLLqVGj6ehYGZAIbN+YEwv4G4xQQN6ZuO8G1z8WqIkmfLVxIRKDUrEG1a bzZwD66iDeng6tsPH64f+HFgYbZ23M9DyFixHUluS8Dhy0ZBhsdtAujEAzuBeB7Z /D04daleoyF0uzb5+ycNRyWqviDxBv2bk0dS8jjdm52Rz69uQi9nPrOLUwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFNp8GoMi6sScEai3YEywO/5+JUrPMB8GA1UdIwQY MBaAFP/b+9tul13cqPbdlow3p9VWDmkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUt MTk3NjlmNTc4ZWZkLzEvMm53YWd5THF4SndScUxkZ1RMQTdfbjRsU3M4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi82NmZmZjMtYmZhOS00NzMyLWI0YjUtMTk3NjlmNTc4ZWZk LzEvXzl2NzIyNlhYZHlvOXQyV2pEZW4xVllPYVIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgLpwzAN BgkqhkiG9w0BAQsFAAOCAQEAZJyju3DukgUH68wttxjJBJq+6WoWZmL1euz5PxCV keSv6JBD9cLs899qmS7hx12u/VXYn7be+APqJ8pHMWsESU2fkcH38HKhalrdCvj4 0LGt0b+TNJ46VQjyl+GCrJ3zoVfDmBr+mfYOkkpr5VogozU2nuTubb18FubjIMWN tX96VoP02n4PufSaV7mQJnya8x1tkvUxXzgwlNP/xaR4TnVWOP3SZWdxr9tXcJDI BF7ccYUsR71bZB8iq/plCL+S1iKiNT3naPPio55HzKUjdrCDebOZbikr3sF6ijVE 3XTpZF7AxpX9PCq3IY87GboNRjke9uTUYEUPP/R16WAo+g== -----END CERTIFICATE-----Generated at Mon Jan 5 14:38:00 2026 by rpki-client