This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/2hev3Ozu25IR4V2dL7dAcH9H-38.roa File: 2hev3Ozu25IR4V2dL7dAcH9H-38.roa (raw, json) Hash identifier: JMnA8s2ygn9eCJpbiMUYRSb0p9eo/efu/ihrpcvOxF0= Subject key identifier: DA:17:AF:DC:EC:EE:DB:92:11:E1:5D:9D:2F:B7:40:70:7F:47:FB:7F Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3 Certificate serial: 019B7E390AEC883FAFA0AC843DB35847927C Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/2hev3Ozu25IR4V2dL7dAcH9H-38.roa Signing time: Fri 02 Jan 2026 10:20:26 +0000 ROA not before: Fri 02 Jan 2026 10:20:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198584 IP address blocks: 176.65.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:0a:ec:88:3f:af:a0:ac:84:3d:b3:58:47:92:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3 Validity Not Before: Jan 2 10:20:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da17afdceceedb9211e15d9d2fb740707f47fb7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:45:eb:89:3b:a3:52:02:10:7f:ad:84:57:0c: 1b:5a:d4:47:f0:8f:b0:8e:79:57:22:93:2a:f8:6d: ba:87:a2:53:21:d0:b4:e8:94:9e:3d:7f:e4:12:e5: 7e:b9:be:bd:33:4a:fb:ef:0d:28:99:76:e9:a2:12: 63:e3:2a:14:6c:d0:89:00:c1:ba:e5:8f:a0:5c:7a: 46:af:71:d4:28:4e:91:44:15:55:ff:db:65:74:14: 8c:90:02:0c:2f:53:a1:5b:ad:13:ec:5e:da:08:4a: cc:14:f2:0d:88:84:d4:db:1a:f2:a2:5f:25:1b:57: 8d:51:3a:bd:16:bf:9a:c1:68:61:0d:18:c1:e5:ce: bd:4d:a1:d1:77:3d:02:97:ca:a5:05:16:c2:2f:93: e9:7a:ca:20:ce:39:9f:f5:07:46:5e:5f:54:3a:09: 9c:88:bc:4a:15:3a:6c:b1:14:26:54:99:9d:8a:28: 40:a1:00:f6:fe:5b:a3:a8:2b:e5:e5:b3:96:a8:09: 1f:2c:fa:55:ae:09:60:d0:a1:1f:22:be:12:6d:a9: 33:78:cf:d6:1e:a2:ea:dd:56:f1:45:a7:8a:6a:e5: f8:85:f6:42:37:62:1f:19:c9:db:79:65:59:d2:d7: 65:55:52:6b:f7:16:3b:9a:42:3b:c6:42:7a:be:d5: 42:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:17:AF:DC:EC:EE:DB:92:11:E1:5D:9D:2F:B7:40:70:7F:47:FB:7F X509v3 Authority Key Identifier: keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/2hev3Ozu25IR4V2dL7dAcH9H-38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.65.138.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:44:cf:57:28:fa:1a:cc:dc:40:e5:e9:6c:59:8c:f3:3e:ff: 87:a8:c1:8f:3e:13:6f:69:57:91:06:6b:ee:ca:7d:b2:d2:65: de:ed:6b:d7:e4:82:32:b6:56:6a:26:ef:6b:0e:b7:f1:33:3f: 60:2a:98:f6:d2:80:8d:fb:56:9c:93:df:3d:91:03:5f:d8:06: 02:f7:02:9b:e8:43:e9:9c:a9:cb:8d:f5:87:a3:4e:df:30:16: 71:d6:36:46:02:8b:41:d3:43:57:e4:a8:65:fe:82:51:c5:1f: c6:00:c0:86:ab:f1:05:8c:8c:82:65:65:5c:40:5a:d3:d2:80: 3a:17:27:aa:b8:78:b7:cc:9c:f4:95:b8:21:b6:79:00:ee:f4: da:56:8f:9f:af:ab:e2:6a:3c:16:c9:f3:05:ab:eb:e8:64:f5: 9a:2b:50:12:6a:90:c0:04:62:04:4a:74:f9:6f:01:3d:37:cb: 35:7e:29:69:4c:d5:77:f7:8b:9e:08:77:46:f8:6e:fb:e6:2b: 8c:bb:a3:25:81:34:bc:de:a3:62:de:10:1a:97:20:d3:60:98: 02:c1:98:ac:be:e3:e7:65:02:5a:a6:7c:39:ad:a7:8c:f1:17: ae:0d:2d:be:ee:18:97:e0:bb:26:a3:cf:c7:06:d8:a0:84:40: 26:de:28:5b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OQrsiD+voKyEPbNYR5J8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx MTI4YzMwHhcNMjYwMTAyMTAyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTE3YWZkY2VjZWVkYjkyMTFlMTVkOWQyZmI3NDA3MDdmNDdmYjdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EXriTujUgIQf62EVwwbWtRH8I+w jnlXIpMq+G26h6JTIdC06JSePX/kEuV+ub69M0r77w0omXbpohJj4yoUbNCJAMG6 5Y+gXHpGr3HUKE6RRBVV/9tldBSMkAIML1OhW60T7F7aCErMFPINiITU2xryol8l G1eNUTq9Fr+awWhhDRjB5c69TaHRdz0Cl8qlBRbCL5Ppesogzjmf9QdGXl9UOgmc iLxKFTpssRQmVJmdiihAoQD2/lujqCvl5bOWqAkfLPpVrglg0KEfIr4SbakzeM/W HqLq3VbxRaeKauX4hfZCN2IfGcnbeWVZ0tdlVVJr9xY7mkI7xkJ6vtVCsQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNoXr9zs7tuSEeFdnS+3QHB/R/t/MB8GA1UdIwQY MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt MzE5YjBjODc0NDQwLzEvMmhldjNPenUyNUlSNFYyZEw3ZEFjSDlILTM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsEGKMA0G CSqGSIb3DQEBCwUAA4IBAQBKRM9XKPoazNxA5elsWYzzPv+HqMGPPhNvaVeRBmvu yn2y0mXe7WvX5IIytlZqJu9rDrfxMz9gKpj20oCN+1ack989kQNf2AYC9wKb6EPp nKnLjfWHo07fMBZx1jZGAotB00NX5Khl/oJRxR/GAMCGq/EFjIyCZWVcQFrT0oA6 FyequHi3zJz0lbghtnkA7vTaVo+fr6viajwWyfMFq+voZPWaK1ASapDABGIESnT5 bwE9N8s1filpTNV394ueCHdG+G775iuMu6MlgTS83qNi3hAalyDTYJgCwZisvuPn ZQJapnw5raeM8ReuDS2+7hiX4Lsmo8/HBtighEAm3ihb -----END CERTIFICATE-----Generated at Sun Jan 25 13:07:28 2026 by rpki-client