This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2TlHugjoETm8x3B34Ezb8mdFPs0.roa File: 2TlHugjoETm8x3B34Ezb8mdFPs0.roa (raw, json) Hash identifier: z6lhR0cXYeMjMtE+awiSXqpYRMCnG/00TQgwGjlbIgA= Subject key identifier: D9:39:47:BA:08:E8:11:39:BC:C7:70:77:E0:4C:DB:F2:67:45:3E:CD Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722 Certificate serial: 019B7B36DBEE86D075964C0728DC66840214 Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2TlHugjoETm8x3B34Ezb8mdFPs0.roa Signing time: Thu 01 Jan 2026 20:19:11 +0000 ROA not before: Thu 01 Jan 2026 20:19:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 64267 IP address blocks: 85.115.209.0/24 maxlen: 24 213.145.75.0/24 maxlen: 24 213.145.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:db:ee:86:d0:75:96:4c:07:28:dc:66:84:02:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722 Validity Not Before: Jan 1 20:19:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d93947ba08e81139bcc77077e04cdbf267453ecd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b2:97:f9:a8:16:bc:b6:3a:60:22:6a:98:d5: 36:a0:90:a8:01:ed:ab:f0:ef:a2:0e:ea:87:b6:11: 0d:84:6b:b0:dc:02:8f:13:0c:bd:a8:c0:31:b5:81: d9:b8:3b:b3:5a:98:5f:35:10:84:58:1d:00:e4:79: 2b:69:36:88:91:6d:3b:dc:ca:20:d4:90:66:bd:3b: d3:f7:bb:f7:94:98:e5:93:26:ac:ef:62:16:d1:b3: 25:5d:56:46:e2:9a:79:c8:3e:ff:5b:51:c2:ea:ce: fa:2b:77:33:51:01:eb:0e:4d:a1:32:a8:ed:13:09: 97:f2:60:e8:6b:08:7a:c9:14:b8:4e:c5:46:87:0c: 7c:e2:f3:67:d3:e9:21:ee:85:99:25:69:0b:32:fa: ce:72:f4:ca:9f:d6:99:53:68:9f:e3:16:e0:fa:2f: 35:0c:75:17:b5:8d:64:28:7f:c8:4c:96:e0:f7:1e: da:f6:0b:9b:de:c9:b3:13:16:f6:38:5c:11:70:e9: 6d:df:44:f4:b5:8f:da:6e:62:e6:b4:59:60:bd:27: 6b:3b:f3:39:b5:ea:09:bc:3b:f4:7e:f2:9e:c8:fb: 26:06:fe:ae:94:1a:87:1e:85:f9:0c:8f:54:e2:ce: e1:51:b2:b3:59:ac:36:99:a7:66:5c:87:c8:ab:39: 6a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:39:47:BA:08:E8:11:39:BC:C7:70:77:E0:4C:DB:F2:67:45:3E:CD X509v3 Authority Key Identifier: keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/2TlHugjoETm8x3B34Ezb8mdFPs0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.115.209.0/24 213.145.75.0/24 213.145.95.0/24 Signature Algorithm: sha256WithRSAEncryption 67:fb:e9:ad:d0:43:d4:35:fa:59:3d:87:de:7c:bf:b1:51:b9: a2:27:9b:ce:c3:b5:89:30:12:b9:c0:3e:e9:02:66:df:4d:45: a7:af:31:ba:9b:fc:14:64:00:3f:67:f5:e5:70:21:fb:23:11: 4e:ca:59:89:55:8c:34:a3:ec:f5:ae:0b:06:e4:df:5b:00:34: 1e:f6:1c:f7:de:f8:2e:ef:3a:72:e1:58:7a:d7:35:d7:25:07: 87:6f:07:f2:7a:9c:a8:35:cb:77:71:87:82:37:e9:f6:65:57: 9b:a3:be:1e:84:ba:7e:15:e7:a4:67:8e:61:e5:36:94:2c:79: dd:a7:ff:f4:b5:84:96:06:56:9d:f0:47:08:e5:b9:6c:b2:d3: 06:c4:9f:5e:f0:a9:42:26:60:aa:7c:4f:59:7e:9f:96:1b:bf: a1:61:eb:7f:50:e8:dc:bc:b7:0a:37:bd:9b:d2:f6:f5:3c:76: 67:cd:11:d6:01:68:99:f1:81:46:6b:55:b4:b7:1b:5e:83:1e: 2e:c4:92:af:7a:ce:36:9c:aa:bd:6b:43:72:32:82:86:dd:ac: 19:31:8a:80:e0:f7:e7:b0:10:0e:ed:90:bf:c3:1c:65:8a:38: 47:59:29:f3:4c:ac:34:8f:11:44:b8:b0:0e:3f:01:51:25:dc: 9a:c4:37:67 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7NtvuhtB1lkwHKNxmhAIUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx ZDA3MjIwHhcNMjYwMTAxMjAxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTM5NDdiYTA4ZTgxMTM5YmNjNzcwNzdlMDRjZGJmMjY3NDUzZWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7KX+agWvLY6YCJqmNU2oJCoAe2r 8O+iDuqHthENhGuw3AKPEwy9qMAxtYHZuDuzWphfNRCEWB0A5HkraTaIkW073Mog 1JBmvTvT97v3lJjlkyas72IW0bMlXVZG4pp5yD7/W1HC6s76K3czUQHrDk2hMqjt EwmX8mDoawh6yRS4TsVGhwx84vNn0+kh7oWZJWkLMvrOcvTKn9aZU2if4xbg+i81 DHUXtY1kKH/ITJbg9x7a9gub3smzExb2OFwRcOlt30T0tY/abmLmtFlgvSdrO/M5 teoJvDv0fvKeyPsmBv6ulBqHHoX5DI9U4s7hUbKzWaw2madmXIfIqzlqmQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNk5R7oI6BE5vMdwd+BM2/JnRT7NMB8GA1UdIwQY MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt ZDI0MmI2ZjNhOGExLzEvMlRsSHVnam9FVG04eDNCMzRFemI4bWRGUHMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXPRAwQA 1ZFLAwQA1ZFfMA0GCSqGSIb3DQEBCwUAA4IBAQBn++mt0EPUNfpZPYfefL+xUbmi J5vOw7WJMBK5wD7pAmbfTUWnrzG6m/wUZAA/Z/XlcCH7IxFOylmJVYw0o+z1rgsG 5N9bADQe9hz33vgu7zpy4Vh61zXXJQeHbwfyepyoNct3cYeCN+n2ZVebo74ehLp+ FeekZ45h5TaULHndp//0tYSWBlad8EcI5blsstMGxJ9e8KlCJmCqfE9Zfp+WG7+h Yet/UOjcvLcKN72b0vb1PHZnzRHWAWiZ8YFGa1W0txtegx4uxJKves42nKq9a0Ny MoKG3awZMYqA4PfnsBAO7ZC/wxxlijhHWSnzTKw0jxFEuLAOPwFRJdyaxDdn -----END CERTIFICATE-----Generated at Mon Jan 19 10:37:03 2026 by rpki-client