This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/2zIgCHVsuwyzUlczHTmtHzKbcqo.roa File: 2zIgCHVsuwyzUlczHTmtHzKbcqo.roa (raw, json) Hash identifier: XtTVvuJ7wJ6AMvDlLc/Z9ph2kaE/WMDOHDw0P5r/pfY= Subject key identifier: DB:32:20:08:75:6C:BB:0C:B3:52:57:33:1D:39:AD:1F:32:9B:72:AA Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47 Certificate serial: 019B76EAE9F87424425F80F905C948D8D5A5 Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/2zIgCHVsuwyzUlczHTmtHzKbcqo.roa Signing time: Thu 01 Jan 2026 00:17:45 +0000 ROA not before: Thu 01 Jan 2026 00:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59574 IP address blocks: 89.188.168.0/22 maxlen: 24 89.188.174.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.mft rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:e9:f8:74:24:42:5f:80:f9:05:c9:48:d8:d5:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47 Validity Not Before: Jan 1 00:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db322008756cbb0cb35257331d39ad1f329b72aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:3e:bb:6d:07:53:5b:18:fa:08:d4:9f:4d:f8: 63:26:f0:6f:4d:c3:2e:8a:9c:f8:08:ec:f8:04:90: 9e:0b:28:fa:78:cd:c0:12:d1:81:bc:39:c1:dc:8f: fa:fb:ae:7b:19:be:8c:b9:83:67:a6:af:68:57:48: 61:67:5e:db:76:df:14:e2:40:85:eb:3c:de:b2:b3: b3:ce:cf:d8:0c:e5:c2:31:9d:d3:9c:83:76:66:80: ab:b9:c8:69:59:35:9b:2b:0d:c9:ad:72:b5:12:32: 12:38:2e:d2:9a:ee:3b:18:d3:43:71:bb:20:39:a7: 47:f4:30:03:e6:e7:01:20:d6:b0:cc:74:6e:9a:5f: 66:05:f1:d5:52:46:14:69:81:07:b8:fd:cc:10:51: 83:d0:4d:fa:0c:1e:5c:9e:f8:9e:26:61:e0:e0:20: 7e:fd:27:87:4d:89:38:c3:da:dc:2b:94:b2:66:9e: 72:30:84:d1:d9:5c:85:f9:b8:63:63:1e:0b:7f:6e: 56:fd:c4:d2:43:1a:07:15:f8:d0:11:82:43:36:61: ec:57:b7:60:b7:37:df:3f:8e:c7:f5:a7:49:c0:98: a2:1f:76:88:fa:46:d8:04:e1:6c:a6:41:e2:60:54: 09:59:b7:86:29:02:e2:c9:69:9c:7f:d3:b2:2d:1e: b2:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:32:20:08:75:6C:BB:0C:B3:52:57:33:1D:39:AD:1F:32:9B:72:AA X509v3 Authority Key Identifier: keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/2zIgCHVsuwyzUlczHTmtHzKbcqo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.188.168.0/22 89.188.174.0/23 Signature Algorithm: sha256WithRSAEncryption 69:87:a9:62:35:8e:db:f5:92:86:c3:8d:2f:bc:e5:c6:74:d5: 09:65:a5:19:40:d5:14:02:e8:54:85:bf:86:9c:0a:92:b1:8c: 18:5a:bd:1a:5a:1b:e4:89:be:f6:5c:c5:0e:40:db:5b:80:6f: 40:08:e9:e1:f1:da:fb:15:ab:a9:e9:c2:76:f6:84:0a:0b:4a: e8:63:c5:82:33:70:50:0d:36:c8:28:5b:26:65:03:a4:71:90: f5:17:58:28:fd:0c:76:57:bb:39:3d:31:3a:72:ed:a4:88:95: 5c:d1:79:6e:a4:df:47:90:78:63:97:39:1d:26:10:3a:38:9c: 3b:ce:db:32:40:f9:71:41:ce:72:3a:7a:97:bf:f9:59:c5:83: 1c:93:8d:a5:0f:4e:a6:de:70:31:b4:65:b9:7a:fe:64:3b:fe: 8a:bc:f9:1f:c0:26:a6:fc:b5:2b:d2:9a:43:e7:97:2f:fa:94: 53:44:f6:08:5f:00:f5:b1:55:83:92:24:30:61:fb:d5:87:14: 44:ab:5d:53:2d:66:75:bd:ee:9f:bb:25:23:21:2b:2b:ee:32: cc:e2:72:9c:69:e8:7b:d8:1e:a7:67:8b:70:9e:61:61:3d:32: 72:f4:3e:f5:f5:4d:ff:8e:00:44:cd:55:0b:03:e9:3f:e4:a5: bb:15:a9:dd -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26un4dCRCX4D5BclI2NWlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj YTBjNDcwHhcNMjYwMTAxMDAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjMyMjAwODc1NmNiYjBjYjM1MjU3MzMxZDM5YWQxZjMyOWI3MmFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j67bQdTWxj6CNSfTfhjJvBvTcMu ipz4COz4BJCeCyj6eM3AEtGBvDnB3I/6+657Gb6MuYNnpq9oV0hhZ17bdt8U4kCF 6zzesrOzzs/YDOXCMZ3TnIN2ZoCruchpWTWbKw3JrXK1EjISOC7Smu47GNNDcbsg OadH9DAD5ucBINawzHRuml9mBfHVUkYUaYEHuP3MEFGD0E36DB5cnvieJmHg4CB+ /SeHTYk4w9rcK5SyZp5yMITR2VyF+bhjYx4Lf25W/cTSQxoHFfjQEYJDNmHsV7dg tzffP47H9adJwJiiH3aI+kbYBOFspkHiYFQJWbeGKQLiyWmcf9OyLR6ytQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNsyIAh1bLsMs1JXMx05rR8ym3KqMB8GA1UdIwQY MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt ZjFiZjBjMzNhOTA4LzEvMnpJZ0NIVnN1d3l6VWxjekhUbXRIektiY3FvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4 LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbyoAwQB WbyuMA0GCSqGSIb3DQEBCwUAA4IBAQBph6liNY7b9ZKGw40vvOXGdNUJZaUZQNUU AuhUhb+GnAqSsYwYWr0aWhvkib72XMUOQNtbgG9ACOnh8dr7Faup6cJ29oQKC0ro Y8WCM3BQDTbIKFsmZQOkcZD1F1go/Qx2V7s5PTE6cu2kiJVc0XlupN9HkHhjlzkd JhA6OJw7ztsyQPlxQc5yOnqXv/lZxYMck42lD06m3nAxtGW5ev5kO/6KvPkfwCam /LUr0ppD55cv+pRTRPYIXwD1sVWDkiQwYfvVhxREq11TLWZ1ve6fuyUjISsr7jLM 4nKcaeh72B6nZ4twnmFhPTJy9D719U3/jgBEzVULA+k/5KW7Fand -----END CERTIFICATE-----Generated at Mon Jan 26 05:39:19 2026 by rpki-client