This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/u2LwB7JoPATisCyMgWUoyFBE2IM.roa File: u2LwB7JoPATisCyMgWUoyFBE2IM.roa (raw, json) Hash identifier: zUkwX90Cn5pYIidpA9DzFJzrtYHxnLfOhDQRjwe5oPw= Subject key identifier: BB:62:F0:07:B2:68:3C:04:E2:B0:2C:8C:81:65:28:C8:50:44:D8:83 Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2 Certificate serial: 019B7F82E87B40C526C386B5B5CE026405FF Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/u2LwB7JoPATisCyMgWUoyFBE2IM.roa Signing time: Fri 02 Jan 2026 16:20:44 +0000 ROA not before: Fri 02 Jan 2026 16:20:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210266 IP address blocks: 2a01:b960:2307::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.mft rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:e8:7b:40:c5:26:c3:86:b5:b5:ce:02:64:05:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2 Validity Not Before: Jan 2 16:20:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb62f007b2683c04e2b02c8c816528c85044d883 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:51:aa:2e:0b:96:30:e2:b0:f2:1b:74:ef:12: fb:20:4d:19:d9:39:66:c6:9e:ee:7c:d9:6b:4e:3c: 43:05:61:d6:6d:c0:b6:52:c6:3a:58:81:83:e1:9d: 37:7e:a9:60:96:d5:89:b0:d7:34:9a:9f:b1:d0:c5: f0:03:29:ef:f5:a3:c8:2d:0f:cb:9f:5c:c7:a8:9f: 52:30:51:b9:69:b6:0d:e5:d5:f4:4e:9a:48:74:7a: c1:c5:78:a8:66:78:91:d7:6c:a9:74:01:70:66:54: 59:e5:01:24:40:3d:a5:ee:ac:b9:55:93:34:4a:24: 40:01:19:21:c0:3d:d6:cb:3a:b8:7a:64:bc:5a:72: 90:f6:03:57:93:dd:92:0a:bc:e5:c0:ab:59:25:67: 08:bd:58:60:41:39:ce:18:68:9b:57:0a:55:dc:6f: df:f1:b7:99:18:30:b9:23:3f:4b:db:5f:d9:90:9e: 2c:50:09:7e:88:5e:06:3b:af:e3:25:9f:15:e3:61: 3d:b5:52:97:e5:12:44:16:0e:5d:d3:65:df:64:f8: e2:00:3d:ef:cd:98:22:bf:36:c9:16:ba:9d:eb:95: 8a:9e:23:87:4e:0a:b0:a4:00:2c:6f:cc:f1:d8:44: 8f:9a:0c:ce:92:0d:bd:e0:13:3a:f5:a3:84:bf:9f: 40:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:62:F0:07:B2:68:3C:04:E2:B0:2C:8C:81:65:28:C8:50:44:D8:83 X509v3 Authority Key Identifier: keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/u2LwB7JoPATisCyMgWUoyFBE2IM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:b960:2307::/48 Signature Algorithm: sha256WithRSAEncryption 6e:1a:52:d2:e4:5a:87:f0:99:25:e7:f8:0f:d1:0d:17:3a:b7: 8f:45:07:42:79:9e:2c:ec:bb:ac:e6:64:82:b1:6d:82:d5:ed: 16:25:b8:e3:ea:27:91:a4:32:02:0c:94:0a:4c:b9:85:9c:42: 44:5f:e8:7a:03:6a:ad:6f:f1:d6:c0:d7:70:5e:fc:6d:c0:2c: 5a:aa:f4:cc:51:b7:91:fc:b6:be:b5:dc:8e:c2:f7:09:73:e7: a8:14:d2:b5:d0:cb:69:6e:a1:b3:ae:5c:8c:93:64:b6:21:5b: 2f:f1:2d:54:ad:e7:ad:49:1b:59:9e:10:ff:a9:60:b3:d7:d5: 2a:4f:ce:9d:cd:ad:5a:87:86:92:29:17:e1:46:03:ad:5d:19: 7e:66:18:6b:ea:e6:e8:df:34:99:e7:1f:ac:f4:07:ce:fb:15: e7:85:d7:7b:f2:17:13:7a:22:43:b1:2d:7d:9c:22:47:6b:fa: e8:7b:96:2b:f5:2c:53:a8:12:ed:ef:c2:74:3f:46:e9:ba:ea: b8:54:a2:84:fc:4b:24:91:00:1d:fa:fa:10:39:e5:30:01:9e: 16:15:ac:93:11:2b:fc:ca:1e:b0:29:a0:db:fa:2a:b7:d7:0e: 5f:9e:0d:b4:5b:a7:13:05:bd:c3:03:b1:7a:aa:9e:64:af:85: f8:5f:98:d3 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/guh7QMUmw4a1tc4CZAX/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl MzU5YTIwHhcNMjYwMTAyMTYyMDQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjYyZjAwN2IyNjgzYzA0ZTJiMDJjOGM4MTY1MjhjODUwNDRkODgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VGqLguWMOKw8ht07xL7IE0Z2Tlm xp7ufNlrTjxDBWHWbcC2UsY6WIGD4Z03fqlgltWJsNc0mp+x0MXwAynv9aPILQ/L n1zHqJ9SMFG5abYN5dX0TppIdHrBxXioZniR12ypdAFwZlRZ5QEkQD2l7qy5VZM0 SiRAARkhwD3Wyzq4emS8WnKQ9gNXk92SCrzlwKtZJWcIvVhgQTnOGGibVwpV3G/f 8beZGDC5Iz9L21/ZkJ4sUAl+iF4GO6/jJZ8V42E9tVKX5RJEFg5d02XfZPjiAD3v zZgivzbJFrqd65WKniOHTgqwpAAsb8zx2ESPmgzOkg294BM69aOEv59AYwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFLti8AeyaDwE4rAsjIFlKMhQRNiDMB8GA1UdIwQY MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt ZThlOGQyZmU3MGZlLzEvdTJMd0I3Sm9QQVRpc0N5TWdXVW95RkJFMklNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMH MA0GCSqGSIb3DQEBCwUAA4IBAQBuGlLS5FqH8Jkl5/gP0Q0XOrePRQdCeZ4s7Lus 5mSCsW2C1e0WJbjj6ieRpDICDJQKTLmFnEJEX+h6A2qtb/HWwNdwXvxtwCxaqvTM UbeR/La+tdyOwvcJc+eoFNK10MtpbqGzrlyMk2S2IVsv8S1UreetSRtZnhD/qWCz 19UqT86dza1ah4aSKRfhRgOtXRl+Zhhr6ubo3zSZ5x+s9AfO+xXnhdd78hcTeiJD sS19nCJHa/roe5Yr9SxTqBLt78J0P0bpuuq4VKKE/EskkQAd+voQOeUwAZ4WFayT ESv8yh6wKaDb+iq31w5fng20W6cTBb3DA7F6qp5kr4X4X5jT -----END CERTIFICATE-----Generated at Mon Jan 26 03:15:01 2026 by rpki-client