This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/2pZ-2FjfKp_AUPJehyyyCmO33Hc.roa File: 2pZ-2FjfKp_AUPJehyyyCmO33Hc.roa (raw, json) Hash identifier: KSo6Uo4KGXQ+gy+hLjBUZoC/tbnGR8dO325Q6LPyilM= Subject key identifier: DA:96:7E:D8:58:DF:2A:9F:C0:50:F2:5E:87:2C:B2:0A:63:B7:DC:77 Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a Certificate serial: 019B7F150FE7E3DA15661201781A183F3DAA Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/2pZ-2FjfKp_AUPJehyyyCmO33Hc.roa Signing time: Fri 02 Jan 2026 14:20:45 +0000 ROA not before: Fri 02 Jan 2026 14:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197922 IP address blocks: 89.234.142.0/23 maxlen: 23 89.234.148.0/24 maxlen: 24 89.234.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:0f:e7:e3:da:15:66:12:01:78:1a:18:3f:3d:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a Validity Not Before: Jan 2 14:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da967ed858df2a9fc050f25e872cb20a63b7dc77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:c6:ea:f3:f2:61:b6:33:1c:7c:c9:86:78:89: 0d:12:6e:64:d2:10:70:5d:4f:36:6a:df:cc:dd:60: ad:ba:84:5c:49:b4:bd:f5:66:ed:b8:bd:13:be:80: e7:84:29:a2:7e:dd:6e:f8:e7:72:00:cf:96:59:0a: 5d:b6:8c:d0:d5:51:c7:f4:53:9a:39:4a:92:fd:1d: 12:94:fc:ab:fd:19:c3:e9:6b:34:cf:71:01:80:85: e7:10:89:07:94:1c:d3:fe:fb:8d:37:56:16:aa:56: d9:9c:a8:02:62:54:6a:1a:be:09:97:e6:95:32:e1: 87:fe:1d:70:0e:8a:e1:05:88:7d:23:7b:5a:dc:bf: e7:8d:63:40:cb:04:82:6c:c9:7c:8f:d7:b4:57:c2: 78:4a:8f:00:8a:19:b1:26:b6:41:2e:05:46:cb:d0: e8:79:40:d2:4c:18:3c:ea:b3:b5:4d:85:86:21:c1: 87:8a:8c:93:59:56:d5:5d:97:b2:d2:6a:09:15:c5: 31:ac:9f:16:1e:20:96:be:62:67:53:57:fe:a0:8b: f3:a1:09:69:01:c4:79:ee:5b:81:95:1f:19:3c:0e: fb:b1:bf:4b:05:65:4b:d3:6a:fd:72:7a:82:01:9f: e2:bf:3a:06:c2:e7:9b:1f:ca:9d:5f:74:71:60:f8: 5e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:96:7E:D8:58:DF:2A:9F:C0:50:F2:5E:87:2C:B2:0A:63:B7:DC:77 X509v3 Authority Key Identifier: keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/2pZ-2FjfKp_AUPJehyyyCmO33Hc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.234.142.0/23 89.234.148.0/23 Signature Algorithm: sha256WithRSAEncryption ca:0f:7f:bb:31:16:0d:8e:b2:16:1b:5d:57:78:dc:50:d9:37: 2e:88:36:cb:b6:ba:db:a5:73:98:9d:7c:6b:30:0d:f3:84:d4: 5b:04:6d:d9:ef:bf:5c:c7:13:5c:60:aa:4f:91:ba:57:cc:f1: 52:1e:3a:e9:37:bc:b0:7c:ea:b2:93:ce:00:3b:ca:bf:9f:0d: f9:8f:ca:11:49:46:b9:ce:27:8e:14:7b:d4:82:80:f8:d5:b8: 9a:f9:10:6e:ce:27:df:dc:a2:98:fc:ba:25:e9:bd:b8:0e:b3: c1:84:12:29:3f:65:2e:9d:66:c8:8d:7b:47:89:b1:f6:78:1b: f0:a0:ec:8c:35:0d:7e:15:8c:6e:45:d8:90:a2:85:d1:29:a4: b7:18:16:5f:a7:30:89:7e:81:aa:9f:61:76:d1:17:3d:23:52: d3:a5:8d:61:0f:77:bc:fa:d7:46:71:ff:47:52:6d:dc:3b:4a: 79:39:38:de:ad:56:7b:d0:ea:58:b7:40:13:7c:69:13:9a:c8: b1:49:a7:0a:3f:2a:63:78:f7:4b:17:7f:94:7f:aa:ba:80:8c: 3f:60:e3:27:f7:db:a5:ce:b0:57:8a:66:bc:72:b8:f6:79:7a: 1d:73:2c:e4:ac:8b:7d:4e:8b:25:a4:12:e6:9b:d6:fc:da:0f: f8:a5:12:2d -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/FQ/n49oVZhIBeBoYPz2qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw OGNkNGEwHhcNMjYwMTAyMTQyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTk2N2VkODU4ZGYyYTlmYzA1MGYyNWU4NzJjYjIwYTYzYjdkYzc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cbq8/JhtjMcfMmGeIkNEm5k0hBw XU82at/M3WCtuoRcSbS99WbtuL0TvoDnhCmift1u+OdyAM+WWQpdtozQ1VHH9FOa OUqS/R0SlPyr/RnD6Ws0z3EBgIXnEIkHlBzT/vuNN1YWqlbZnKgCYlRqGr4Jl+aV MuGH/h1wDorhBYh9I3ta3L/njWNAywSCbMl8j9e0V8J4So8AihmxJrZBLgVGy9Do eUDSTBg86rO1TYWGIcGHioyTWVbVXZey0moJFcUxrJ8WHiCWvmJnU1f+oIvzoQlp AcR57luBlR8ZPA77sb9LBWVL02r9cnqCAZ/ivzoGwuebH8qdX3RxYPheyQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFNqWfthY3yqfwFDyXocssgpjt9x3MB8GA1UdIwQY MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm LTk2NWQ2ZDYwM2JmYS8xLzJwWi0yRmpmS3BfQVVQSmVoeXl5Q21PMzNIYy5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAFZ6o4D BAFZ6pQwDQYJKoZIhvcNAQELBQADggEBAMoPf7sxFg2OshYbXVd43FDZNy6INsu2 utulc5idfGswDfOE1FsEbdnvv1zHE1xgqk+RulfM8VIeOuk3vLB86rKTzgA7yr+f DfmPyhFJRrnOJ44Ue9SCgPjVuJr5EG7OJ9/copj8uiXpvbgOs8GEEik/ZS6dZsiN e0eJsfZ4G/Cg7Iw1DX4VjG5F2JCihdEppLcYFl+nMIl+gaqfYXbRFz0jUtOljWEP d7z610Zx/0dSbdw7Snk5ON6tVnvQ6li3QBN8aROayLFJpwo/KmN490sXf5R/qrqA jD9g4yf326XOsFeKZrxyuPZ5eh1zLOSsi31OiyWkEuab1vzaD/ilEi0= -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:58 2026 by rpki-client