This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/k2hSi2ktn1RbhMfBtzCDueEGIkY.roa File: k2hSi2ktn1RbhMfBtzCDueEGIkY.roa (raw, json) Hash identifier: x5d5j8eNv5Fwu5BVRBGFqtr5FQuqOiyNVXsyTIPzWhw= Subject key identifier: 93:68:52:8B:69:2D:9F:54:5B:84:C7:C1:B7:30:83:B9:E1:06:22:46 Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456 Certificate serial: 019B7E38D42B2024A9E0762ED7B2DC826A52 Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/k2hSi2ktn1RbhMfBtzCDueEGIkY.roa Signing time: Fri 02 Jan 2026 10:20:12 +0000 ROA not before: Fri 02 Jan 2026 10:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198309 IP address blocks: 158.58.152.0/21 maxlen: 21 158.58.152.0/23 maxlen: 23 185.97.84.0/22 maxlen: 22 2a00:a540::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:d4:2b:20:24:a9:e0:76:2e:d7:b2:dc:82:6a:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456 Validity Not Before: Jan 2 10:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9368528b692d9f545b84c7c1b73083b9e1062246 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:80:89:76:dd:53:65:ed:bb:b2:ab:28:c0:49: b5:4c:96:90:80:30:1a:1e:05:e7:d4:70:90:45:7e: 91:7f:91:5f:7e:93:98:c7:9c:55:79:09:d3:b1:40: fd:d0:2f:29:09:68:4c:e6:65:7f:dc:f1:06:65:e9: 84:6b:3c:9f:df:ee:44:89:47:41:13:bb:35:92:46: b6:25:01:21:5e:16:8a:af:5f:c5:1f:bb:1c:cc:43: 9d:f2:9a:c2:06:b3:9b:60:b5:af:b7:93:94:5a:6d: b7:49:a5:71:96:9b:81:f8:03:52:85:af:0f:10:03: 7a:ea:c2:86:be:e7:06:89:83:91:ed:92:71:69:68: 4e:a6:31:e6:d9:80:9a:1b:89:97:90:08:39:5f:39: ba:09:bf:ad:d6:e8:4a:b9:fc:90:cf:98:5c:df:11: 81:16:92:bf:47:12:d6:82:a1:a4:0d:78:c6:dd:64: a7:28:43:96:d2:96:12:0d:af:da:60:f3:4e:2f:59: 6d:3f:4a:db:59:29:96:07:cf:cb:1c:22:42:82:a5: 8e:1a:68:7f:f2:9c:b8:4a:7e:12:56:8b:ba:fe:0a: 27:a7:92:37:bd:f3:77:e2:82:6e:b6:ef:e6:82:fe: c6:d4:d8:38:4c:a5:7a:55:25:35:93:50:03:79:57: ca:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:68:52:8B:69:2D:9F:54:5B:84:C7:C1:B7:30:83:B9:E1:06:22:46 X509v3 Authority Key Identifier: keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/k2hSi2ktn1RbhMfBtzCDueEGIkY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.58.152.0/21 185.97.84.0/22 IPv6: 2a00:a540::/32 Signature Algorithm: sha256WithRSAEncryption 8f:ab:c8:9f:13:18:bd:d6:6d:98:cf:ff:b0:4d:dc:27:f3:49: b9:04:dd:32:74:03:ca:19:42:a3:de:52:1b:e7:e9:51:cf:b8: e2:e3:b5:a6:31:e4:f9:21:ee:6a:50:1a:11:47:15:8f:a2:0f: fd:76:3b:34:65:47:49:ca:76:3d:fa:c3:de:1d:4c:f4:55:70: f6:b1:90:ea:b6:41:5c:f8:3d:03:b2:b8:66:27:ac:41:f0:18: ec:e4:b3:36:ee:8e:ef:da:50:9a:8e:96:7c:32:b6:f4:ba:1f: ee:87:37:34:74:0a:0b:8d:ec:67:d0:74:83:ba:92:34:62:41: fe:b6:ce:a3:73:86:62:01:46:b1:df:7d:a6:e7:a8:db:b6:0c: 8c:4c:96:37:5d:c0:72:04:d4:04:d5:a8:69:56:d2:76:b1:8c: 71:73:8d:f6:ac:3d:4f:7e:3d:54:72:4d:8a:a5:76:64:a3:28: d5:1d:a8:90:fd:f5:9c:d8:92:6b:c3:d8:1b:ac:71:67:b5:be: 32:ec:13:f2:3e:72:66:be:1b:2b:dd:ad:39:15:5d:9a:6c:aa: f6:ee:c9:01:b5:51:eb:ed:88:2d:73:16:bb:ff:42:9d:bb:c8: 3e:3a:b2:ee:19:7d:6c:d8:3b:16:d3:52:ca:7b:90:0f:67:96: 78:51:d4:18 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+ONQrICSp4HYu17LcgmpSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0 Y2Y0NTYwHhcNMjYwMTAyMTAyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MzY4NTI4YjY5MmQ5ZjU0NWI4NGM3YzFiNzMwODNiOWUxMDYyMjQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooCJdt1TZe27sqsowEm1TJaQgDAa HgXn1HCQRX6Rf5FffpOYx5xVeQnTsUD90C8pCWhM5mV/3PEGZemEazyf3+5EiUdB E7s1kka2JQEhXhaKr1/FH7sczEOd8prCBrObYLWvt5OUWm23SaVxlpuB+ANSha8P EAN66sKGvucGiYOR7ZJxaWhOpjHm2YCaG4mXkAg5Xzm6Cb+t1uhKufyQz5hc3xGB FpK/RxLWgqGkDXjG3WSnKEOW0pYSDa/aYPNOL1ltP0rbWSmWB8/LHCJCgqWOGmh/ 8py4Sn4SVou6/gonp5I3vfN34oJutu/mgv7G1Ng4TKV6VSU1k1ADeVfK4wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJNoUotpLZ9UW4THwbcwg7nhBiJGMB8GA1UdIwQY MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt YjlmMjk4YTc5OGU0LzEvazJoU2kya3RuMVJiaE1mQnR6Q0R1ZUVHSWtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0 LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnjqYAwQC uWFUMA0EAgACMAcDBQAqAKVAMA0GCSqGSIb3DQEBCwUAA4IBAQCPq8ifExi91m2Y z/+wTdwn80m5BN0ydAPKGUKj3lIb5+lRz7ji47WmMeT5Ie5qUBoRRxWPog/9djs0 ZUdJynY9+sPeHUz0VXD2sZDqtkFc+D0DsrhmJ6xB8Bjs5LM27o7v2lCajpZ8Mrb0 uh/uhzc0dAoLjexn0HSDupI0YkH+ts6jc4ZiAUax332m56jbtgyMTJY3XcByBNQE 1ahpVtJ2sYxxc432rD1Pfj1Uck2KpXZkoyjVHaiQ/fWc2JJrw9gbrHFntb4y7BPy PnJmvhsr3a05FV2abKr27skBtVHr7Ygtcxa7/0Kdu8g+OrLuGX1s2DsW01LKe5AP Z5Z4UdQY -----END CERTIFICATE-----Generated at Mon Jan 26 10:24:08 2026 by rpki-client