This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/2P_mnvRGq7nbPzXbLxyW071t7w8.roa File: 2P_mnvRGq7nbPzXbLxyW071t7w8.roa (raw, json) Hash identifier: NFXjsYJt0BQFvOLAg0g/ZH0BMq5pM5WRtqueyCuv7tg= Subject key identifier: D8:FF:E6:9E:F4:46:AB:B9:DB:3F:35:DB:2F:1C:96:D3:BD:6D:EF:0F Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f Certificate serial: 019B783497B5727AA2C3AE629BAFBFDFFF9B Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/2P_mnvRGq7nbPzXbLxyW071t7w8.roa Signing time: Thu 01 Jan 2026 06:17:51 +0000 ROA not before: Thu 01 Jan 2026 06:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 91.108.88.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:97:b5:72:7a:a2:c3:ae:62:9b:af:bf:df:ff:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f Validity Not Before: Jan 1 06:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8ffe69ef446abb9db3f35db2f1c96d3bd6def0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4e:04:ad:b9:49:d3:60:2c:5e:0d:32:c8:ae: 8c:3b:8b:ef:9d:4e:85:8a:17:fb:cb:55:75:a4:50: 7e:ec:0b:f6:a8:a8:f7:c3:66:4d:ad:57:4f:d3:c3: f6:07:1f:06:e5:26:d7:9a:fa:e7:d0:34:01:ab:e1: 9f:64:fa:28:c6:4d:e2:e6:95:af:ce:59:de:2a:76: 97:e3:67:a6:18:d3:29:16:3a:6f:14:e8:13:b1:d7: 63:01:74:ea:1a:73:89:3e:fb:57:a2:ff:e9:99:82: 20:ef:c5:bf:72:09:7a:04:f2:48:e8:94:3c:4d:25: fb:e7:31:fe:f5:2b:6d:42:49:e9:a6:79:45:fa:84: 85:fd:c5:2a:ca:ad:62:54:f5:ac:fe:75:0f:33:9b: 6a:36:e8:0e:07:fa:3a:03:24:10:bc:7c:07:8a:b3: 20:94:1c:8f:09:f0:40:03:4b:56:8b:71:2c:8b:6b: 8b:fb:41:36:63:6f:b8:ca:3d:aa:2a:9b:b5:a6:fc: c7:c3:48:31:34:a6:94:8d:9b:dc:e4:82:ab:df:09: 9a:4e:9f:fe:04:62:af:cf:4e:a9:4d:02:8f:04:7c: 39:bd:ff:3b:5c:6d:bc:96:25:d8:44:87:05:91:2d: 6a:23:56:29:ef:f1:fd:1d:90:4e:b4:31:25:7e:6a: 89:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:FF:E6:9E:F4:46:AB:B9:DB:3F:35:DB:2F:1C:96:D3:BD:6D:EF:0F X509v3 Authority Key Identifier: keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/2P_mnvRGq7nbPzXbLxyW071t7w8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.108.88.0/21 Signature Algorithm: sha256WithRSAEncryption ac:9b:65:fa:ac:95:b4:bb:59:a4:d2:86:54:80:78:6e:c2:2d: 4a:8b:6e:cb:6c:f7:0a:fc:f6:ee:98:a7:9f:0f:b9:24:c7:fa: b7:0f:89:29:3b:a6:8b:9e:7a:8f:97:b8:ee:ff:18:c9:49:79: 49:da:da:39:6f:a4:44:8a:27:1e:86:47:24:c5:1a:1e:a1:6e: a8:bf:65:44:af:c9:ae:32:ff:23:ae:63:fd:ca:7d:b1:e1:05: 0f:7d:a7:58:80:bd:07:51:59:0b:59:4b:f0:fb:7b:91:7a:13: 1e:43:c0:d3:a1:2a:49:a5:b1:e0:44:01:64:d6:79:d4:86:86: 68:88:7a:ad:94:76:04:a0:dc:67:5b:66:c5:da:d2:11:d7:66: 5f:17:1c:3f:89:68:d6:60:eb:73:52:ea:43:01:2e:e4:b0:f2: 8e:c6:d9:ef:c2:33:b5:97:05:d1:3a:51:8b:72:27:c5:9e:ee: 00:30:ad:64:3c:52:86:14:64:8b:1f:c5:c9:02:70:50:f8:1b: c8:56:f1:25:68:f8:d1:01:5e:05:9e:be:1f:4b:6e:30:51:86: dc:d5:48:98:c8:44:b9:6e:80:73:8a:ee:36:8f:7a:85:6e:ab: df:6c:10:83:c0:dd:ba:05:4f:9a:4b:73:24:64:f5:55:35:02: 71:d5:90:35 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NJe1cnqiw65im6+/3/+bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2 ZGRlNmYwHhcNMjYwMTAxMDYxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGZmZTY5ZWY0NDZhYmI5ZGIzZjM1ZGIyZjFjOTZkM2JkNmRlZjBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE4ErblJ02AsXg0yyK6MO4vvnU6F ihf7y1V1pFB+7Av2qKj3w2ZNrVdP08P2Bx8G5SbXmvrn0DQBq+GfZPooxk3i5pWv zlneKnaX42emGNMpFjpvFOgTsddjAXTqGnOJPvtXov/pmYIg78W/cgl6BPJI6JQ8 TSX75zH+9SttQknppnlF+oSF/cUqyq1iVPWs/nUPM5tqNugOB/o6AyQQvHwHirMg lByPCfBAA0tWi3Esi2uL+0E2Y2+4yj2qKpu1pvzHw0gxNKaUjZvc5IKr3wmaTp/+ BGKvz06pTQKPBHw5vf87XG28liXYRIcFkS1qI1Yp7/H9HZBOtDElfmqJyQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNj/5p70Rqu52z812y8cltO9be8PMB8GA1UdIwQY MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt NDQxNDU1OGZkY2JiLzEvMlBfbW52UkdxN25iUHpYYkx4eVcwNzF0N3c4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW2xYMA0G CSqGSIb3DQEBCwUAA4IBAQCsm2X6rJW0u1mk0oZUgHhuwi1Ki27LbPcK/PbumKef D7kkx/q3D4kpO6aLnnqPl7ju/xjJSXlJ2to5b6REiicehkckxRoeoW6ov2VEr8mu Mv8jrmP9yn2x4QUPfadYgL0HUVkLWUvw+3uRehMeQ8DToSpJpbHgRAFk1nnUhoZo iHqtlHYEoNxnW2bF2tIR12ZfFxw/iWjWYOtzUupDAS7ksPKOxtnvwjO1lwXROlGL cifFnu4AMK1kPFKGFGSLH8XJAnBQ+BvIVvElaPjRAV4Fnr4fS24wUYbc1UiYyES5 boBziu42j3qFbqvfbBCDwN26BU+aS3MkZPVVNQJx1ZA1 -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:30 2026 by rpki-client