This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/pRSgM7v51dj4_nnKyTIe5vKbqck.roa File: pRSgM7v51dj4_nnKyTIe5vKbqck.roa (raw, json) Hash identifier: zoPAj53DpixsBYDFs95Rz1APyotRYxKBCaNS8cQmVuY= Subject key identifier: A5:14:A0:33:BB:F9:D5:D8:F8:FE:79:CA:C9:32:1E:E6:F2:9B:A9:C9 Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93 Certificate serial: 019B7A5ADE503EF3382C11DF1534D8C3CA1C Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/pRSgM7v51dj4_nnKyTIe5vKbqck.roa Signing time: Thu 01 Jan 2026 16:18:54 +0000 ROA not before: Thu 01 Jan 2026 16:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21221 IP address blocks: 2.56.226.0/23 maxlen: 24 46.182.176.0/21 maxlen: 24 178.255.192.0/21 maxlen: 24 185.70.208.0/22 maxlen: 24 185.214.148.0/22 maxlen: 24 217.18.64.0/20 maxlen: 24 2a00:19c0::/32 maxlen: 48 2a09:d240::/32 maxlen: 48 2a0b:9cc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.mft rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:de:50:3e:f3:38:2c:11:df:15:34:d8:c3:ca:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93 Validity Not Before: Jan 1 16:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a514a033bbf9d5d8f8fe79cac9321ee6f29ba9c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e1:93:ca:61:01:69:f4:a6:75:d0:84:d1:9d: 4c:87:d9:0a:3d:4d:df:33:67:01:b3:59:9a:60:0a: ff:b1:6f:b7:28:79:43:66:eb:f1:fe:00:ea:c2:64: d3:36:b6:18:11:b3:4f:81:a0:61:db:f7:cf:1f:2d: 42:e2:2b:18:c0:01:0b:54:a4:1d:11:b4:41:b9:93: 68:8d:26:71:f5:74:35:5c:9a:b5:a2:b7:d8:20:4a: de:2a:ed:53:2f:c0:6c:a9:07:16:d9:7d:f1:c7:9c: 1b:35:3f:12:9a:af:ca:93:9c:83:b7:28:08:88:02: 3a:9f:03:ab:b0:74:c3:81:26:16:93:a6:3a:f9:62: d9:19:cd:29:b3:0c:31:5e:51:54:49:4e:1d:e9:f4: c4:47:39:37:8d:08:70:e2:b4:9b:2e:d3:27:6c:c1: e9:4a:24:ef:5e:c4:2c:c6:bb:7e:0a:88:d1:5d:13: 7f:66:26:87:d5:e0:b2:de:3e:d2:ce:af:f9:7f:c8: 50:13:8a:f3:b0:7a:69:9d:aa:86:d7:f7:79:b9:1d: e3:8f:fa:97:fb:97:a9:85:21:e6:eb:04:be:a7:57: 07:43:96:01:56:a5:f0:10:e4:85:47:95:c4:b5:a7: 21:c3:6d:2a:85:3a:bf:de:3b:20:6d:fe:26:48:e5: 79:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:14:A0:33:BB:F9:D5:D8:F8:FE:79:CA:C9:32:1E:E6:F2:9B:A9:C9 X509v3 Authority Key Identifier: keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/pRSgM7v51dj4_nnKyTIe5vKbqck.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.226.0/23 46.182.176.0/21 178.255.192.0/21 185.70.208.0/22 185.214.148.0/22 217.18.64.0/20 IPv6: 2a00:19c0::/32 2a09:d240::/32 2a0b:9cc0::/29 Signature Algorithm: sha256WithRSAEncryption 51:39:7f:3c:36:d3:98:15:e1:67:ba:a2:d4:42:53:03:b1:97: 05:76:d2:0f:28:01:7b:a8:14:5b:04:b7:fa:ab:bc:f2:0f:84: f8:5c:63:00:a6:04:cc:f1:4c:62:d6:6c:e2:7b:5e:65:9c:e7: c0:94:95:36:1a:9d:bd:5b:04:73:6e:c6:48:cc:1b:73:7a:3e: ea:65:27:ca:0d:b6:18:60:91:ad:c2:00:fa:e9:c5:65:58:94: c9:db:42:92:20:2c:9e:d0:e0:65:2d:d2:4a:3a:74:a2:93:67: 0c:c9:da:ed:89:be:67:d3:b3:8a:5f:26:82:21:c7:d1:1c:5c: 27:db:15:8e:80:37:29:a1:5e:f9:5a:e2:d9:62:01:5a:49:4d: 38:c7:f8:b0:a1:fe:40:fd:a0:8f:9b:33:a3:80:58:33:e9:65: aa:aa:6d:7d:c2:4c:78:90:ed:52:8b:d3:d2:83:65:ea:19:5d: ef:c8:0e:25:05:ca:75:86:b1:df:e0:99:95:9c:9b:fd:e1:38: 3e:f7:89:0d:7d:cd:ab:5e:1f:33:0d:3d:a9:55:eb:3d:c5:06: e8:f4:be:72:52:e9:33:2a:a7:b0:62:54:97:ee:96:4a:c2:71: f2:3a:dc:a8:d7:b9:9c:67:a7:a4:89:a1:3f:53:b7:09:e8:c2: ba:d0:09:d9 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgISAZt6Wt5QPvM4LBHfFTTYw8ocMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz NTNlOTMwHhcNMjYwMTAxMTYxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNTE0YTAzM2JiZjlkNWQ4ZjhmZTc5Y2FjOTMyMWVlNmYyOWJhOWM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOGTymEBafSmddCE0Z1Mh9kKPU3f M2cBs1maYAr/sW+3KHlDZuvx/gDqwmTTNrYYEbNPgaBh2/fPHy1C4isYwAELVKQd EbRBuZNojSZx9XQ1XJq1orfYIEreKu1TL8BsqQcW2X3xx5wbNT8Smq/Kk5yDtygI iAI6nwOrsHTDgSYWk6Y6+WLZGc0pswwxXlFUSU4d6fTERzk3jQhw4rSbLtMnbMHp SiTvXsQsxrt+CojRXRN/ZiaH1eCy3j7Szq/5f8hQE4rzsHppnaqG1/d5uR3jj/qX +5ephSHm6wS+p1cHQ5YBVqXwEOSFR5XEtachw20qhTq/3jsgbf4mSOV5IwIDAQAB o4ICRDCCAkAwHQYDVR0OBBYEFKUUoDO7+dXY+P55yskyHubym6nJMB8GA1UdIwQY MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt MjVkZDRjYmIzNjk4LzEvcFJTZ003djUxZGo0X25uS3lUSWU1dkticWNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4 LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQBAjjiAwQD LrawAwQDsv/AAwQCuUbQAwQCudaUAwQE2RJAMBsEAgACMBUDBQAqABnAAwUAKgnS QAMFAyoLnMAwDQYJKoZIhvcNAQELBQADggEBAFE5fzw205gV4We6otRCUwOxlwV2 0g8oAXuoFFsEt/qrvPIPhPhcYwCmBMzxTGLWbOJ7XmWc58CUlTYanb1bBHNuxkjM G3N6PuplJ8oNthhgka3CAPrpxWVYlMnbQpIgLJ7Q4GUt0ko6dKKTZwzJ2u2JvmfT s4pfJoIhx9EcXCfbFY6ANymhXvla4tliAVpJTTjH+LCh/kD9oI+bM6OAWDPpZaqq bX3CTHiQ7VKL09KDZeoZXe/IDiUFynWGsd/gmZWcm/3hOD73iQ19zateHzMNPalV 6z3FBuj0vnJS6TMqp7BiVJfulkrCcfI63KjXuZxnp6SJoT9TtwnowrrQCdk= -----END CERTIFICATE-----Generated at Sun Jan 25 22:41:49 2026 by rpki-client