This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/2k317uytVg1LgjGnM4csFnuL6uw.roa File: 2k317uytVg1LgjGnM4csFnuL6uw.roa (raw, json) Hash identifier: X5Q8tV/hqbcuK15v8loayY7mcbXwTofvZ2nrjL9ZwFs= Subject key identifier: DA:4D:F5:EE:EC:AD:56:0D:4B:82:31:A7:33:87:2C:16:7B:8B:EA:EC Certificate issuer: /CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9 Certificate serial: 019B7C7F9CA401BF698FFCE3A7C0088B0A80 Authority key identifier: 4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/2k317uytVg1LgjGnM4csFnuL6uw.roa Signing time: Fri 02 Jan 2026 02:18:16 +0000 ROA not before: Fri 02 Jan 2026 02:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2072 IP address blocks: 185.4.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.mft rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:9c:a4:01:bf:69:8f:fc:e3:a7:c0:08:8b:0a:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9 Validity Not Before: Jan 2 02:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da4df5eeecad560d4b8231a733872c167b8beaec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:19:22:07:33:fd:f8:fc:71:e7:8d:37:82:40: 95:7e:b0:e1:cf:bb:dd:51:bb:c8:af:68:fe:6e:26: c4:bf:e4:e1:10:94:d4:10:d6:ed:54:87:9c:70:1b: bb:b6:79:b8:69:3c:fc:75:9f:ca:8a:27:0f:20:a1: 1c:cc:d1:43:d8:40:19:5b:30:3e:65:1e:21:9f:c7: 2e:2d:42:b3:93:0d:37:ce:5f:9b:ea:cd:3d:64:bc: 1d:d5:6f:2e:0d:b8:6b:30:c1:f1:cf:da:95:d1:bc: c3:7b:46:2c:35:08:c0:e3:0f:35:b5:5b:6f:c7:4f: 5c:4a:d5:2c:11:82:14:a4:d0:8d:40:48:84:fa:22: f3:5d:13:c3:4e:59:c6:52:87:c3:ea:b0:8b:c7:64: df:c6:b5:92:4e:e7:a3:4a:72:08:c7:46:ab:fc:c0: c3:fb:05:80:d3:fb:87:dd:99:3d:0b:43:1a:96:2f: 6d:7d:48:8c:64:d9:e4:5c:79:40:00:5b:a7:86:5e: df:8d:c3:2d:23:21:94:50:b5:fc:07:e5:bb:f5:8a: 06:47:42:08:f0:2d:4e:6d:c4:3a:53:2a:b3:de:fc: 08:16:09:1c:30:26:ba:79:e5:78:fd:4a:96:77:bb: e6:c4:09:97:a7:b0:5a:0b:b9:ad:da:e8:1a:83:99: 64:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:4D:F5:EE:EC:AD:56:0D:4B:82:31:A7:33:87:2C:16:7B:8B:EA:EC X509v3 Authority Key Identifier: keyid:4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/2k317uytVg1LgjGnM4csFnuL6uw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.4.251.0/24 Signature Algorithm: sha256WithRSAEncryption 12:23:62:ae:c3:1f:ef:c0:56:f3:57:70:a6:cb:e5:9d:50:4a: 55:ec:d5:f7:6d:19:fa:22:9f:12:5d:ce:d4:9e:1b:9a:4e:53: 6c:b1:f9:02:14:6f:a7:79:22:d6:06:0a:fe:ab:85:e2:5a:0a: b6:1d:b2:8f:6c:e9:2a:9e:d3:5d:b7:70:74:58:b9:6f:2c:d1: 2a:28:a8:23:8c:e4:e4:5a:57:a4:f7:47:2e:75:f9:e2:5f:d2: c4:53:ba:75:da:94:9a:47:e6:43:b6:89:db:bc:e1:f4:b0:f2: 3d:65:40:34:d7:01:fd:f2:21:9e:51:aa:e1:41:af:8d:db:62: 5d:16:22:cd:4f:11:5f:d2:42:ff:f3:ee:30:83:e8:ee:ea:cc: 8a:d8:c6:ae:a2:15:f9:d6:51:dc:c6:17:3e:1d:33:9d:f2:92: 90:ee:55:1c:4c:7e:d6:24:18:c3:3b:8c:85:89:a9:b1:df:60: 4c:6b:ce:a2:18:e4:36:76:69:5d:c8:04:4e:1a:c4:e0:89:4c: df:75:f3:31:e7:8c:df:09:25:e6:f2:f1:18:eb:b4:82:b1:89: 07:e7:ef:d1:05:39:ae:ae:a1:93:f1:c2:f2:56:6d:76:2b:33: ea:61:05:e4:9e:f6:ed:83:bc:76:1f:de:a4:f1:63:9b:29:46: 4e:8e:39:07 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8f5ykAb9pj/zjp8AIiwqAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlMmEyOTlmMTgyYTFmZDUxZDRiMDM2Mjk5N2FmN2FhYWUw ZDZiZTkwHhcNMjYwMTAyMDIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTRkZjVlZWVjYWQ1NjBkNGI4MjMxYTczMzg3MmMxNjdiOGJlYWVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRkiBzP9+Pxx5403gkCVfrDhz7vd UbvIr2j+bibEv+ThEJTUENbtVIeccBu7tnm4aTz8dZ/KiicPIKEczNFD2EAZWzA+ ZR4hn8cuLUKzkw03zl+b6s09ZLwd1W8uDbhrMMHxz9qV0bzDe0YsNQjA4w81tVtv x09cStUsEYIUpNCNQEiE+iLzXRPDTlnGUofD6rCLx2TfxrWSTuejSnIIx0ar/MDD +wWA0/uH3Zk9C0Mali9tfUiMZNnkXHlAAFunhl7fjcMtIyGUULX8B+W79YoGR0II 8C1ObcQ6Uyqz3vwIFgkcMCa6eeV4/UqWd7vmxAmXp7BaC7mt2ugag5lkNQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNpN9e7srVYNS4IxpzOHLBZ7i+rsMB8GA1UdIwQY MBaAFE4qKZ8YKh/VHUsDYpl696quDWvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAt ZjJjZTc3ZTMxOTFlLzEvMmszMTd1eXRWZzFMZ2pHbk00Y3NGbnVMNnV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAtZjJjZTc3ZTMxOTFl LzEvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQT7MA0G CSqGSIb3DQEBCwUAA4IBAQASI2Kuwx/vwFbzV3Cmy+WdUEpV7NX3bRn6Ip8SXc7U nhuaTlNssfkCFG+neSLWBgr+q4XiWgq2HbKPbOkqntNdt3B0WLlvLNEqKKgjjOTk Wlek90cudfniX9LEU7p12pSaR+ZDtonbvOH0sPI9ZUA01wH98iGeUarhQa+N22Jd FiLNTxFf0kL/8+4wg+ju6syK2MauohX51lHcxhc+HTOd8pKQ7lUcTH7WJBjDO4yF iamx32BMa86iGOQ2dmldyAROGsTgiUzfdfMx54zfCSXm8vEY67SCsYkH5+/RBTmu rqGT8cLyVm12KzPqYQXknvbtg7x2H96k8WObKUZOjjkH -----END CERTIFICATE-----Generated at Mon Jan 26 09:43:19 2026 by rpki-client