This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/2rBRtn2VImz8NGlNapuFnTe1QMs.roa File: 2rBRtn2VImz8NGlNapuFnTe1QMs.roa (raw, json) Hash identifier: g8S101o2T04kwWweNxfhN7/ae2GiWrG/LFVp6fAx/g8= Subject key identifier: DA:B0:51:B6:7D:95:22:6C:FC:34:69:4D:6A:9B:85:9D:37:B5:40:CB Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf Certificate serial: 019B7834D1E460092BE7ED63574E8F374892 Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/2rBRtn2VImz8NGlNapuFnTe1QMs.roa Signing time: Thu 01 Jan 2026 06:18:06 +0000 ROA not before: Thu 01 Jan 2026 06:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3209 IP address blocks: 47.64.0.0/13 maxlen: 13 82.82.0.0/15 maxlen: 24 82.82.0.0/20 maxlen: 20 84.56.0.0/13 maxlen: 24 85.238.224.0/19 maxlen: 19 88.64.0.0/12 maxlen: 24 92.72.0.0/13 maxlen: 24 92.208.0.0/14 maxlen: 24 92.212.0.0/15 maxlen: 24 92.214.0.0/15 maxlen: 24 92.216.0.0/14 maxlen: 24 94.216.0.0/13 maxlen: 24 145.253.0.0/16 maxlen: 16 145.253.0.0/20 maxlen: 20 145.254.0.0/16 maxlen: 24 146.60.0.0/16 maxlen: 24 176.94.0.0/17 maxlen: 24 176.94.128.0/17 maxlen: 24 176.95.0.0/16 maxlen: 24 178.0.0.0/12 maxlen: 24 185.2.132.0/22 maxlen: 24 188.96.0.0/12 maxlen: 24 193.25.240.0/22 maxlen: 22 193.25.244.0/23 maxlen: 23 193.25.247.0/24 maxlen: 24 195.50.128.0/18 maxlen: 18 195.158.128.0/19 maxlen: 19 212.144.0.0/16 maxlen: 24 213.23.0.0/16 maxlen: 24 213.128.96.0/19 maxlen: 19 2a00::/22 maxlen: 22 2a00:20::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.mft rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:d1:e4:60:09:2b:e7:ed:63:57:4e:8f:37:48:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf Validity Not Before: Jan 1 06:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dab051b67d95226cfc34694d6a9b859d37b540cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:2c:19:ab:ee:5a:3d:ae:7c:5c:fc:26:16:26: 4f:e6:46:c4:93:3f:3f:19:5a:9c:4b:17:20:42:63: 1c:8f:74:bd:1e:1c:98:34:7e:e0:cd:29:22:7b:05: 3b:7c:55:51:05:65:e6:93:64:96:8f:f5:0b:1c:f8: 84:ee:47:92:c4:e4:a7:07:f7:14:e0:3c:5d:b5:d3: 54:fa:d8:aa:1c:6b:6a:b0:92:3b:4e:51:4b:dc:a1: dc:f7:b0:c7:c9:34:a4:1d:66:c2:c9:b0:c2:49:87: 7f:72:c7:ba:c0:f8:a4:07:a7:d4:36:51:a4:e9:f9: 0f:02:ec:67:49:ad:8f:6f:46:e7:db:e9:6d:1e:c5: 46:91:17:b8:13:42:f0:a8:91:33:8f:83:92:60:90: ab:4e:0e:d3:86:45:90:60:e9:22:3d:e5:a1:88:8e: 43:01:05:24:7a:52:dd:4c:60:89:d3:0f:ef:b6:e9: c5:35:39:6b:8e:a4:d2:90:30:82:6b:c3:9e:f8:46: 1f:35:32:c7:90:a9:4f:94:81:4b:6a:19:88:0b:52: cf:20:5a:4c:c5:9a:f6:1b:09:5b:ae:4d:fb:46:5b: 00:11:82:71:d6:9c:79:df:0c:e8:3d:89:1d:0d:91: a8:0b:08:d4:28:ae:90:b7:c0:cf:12:75:e5:06:54: 06:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:B0:51:B6:7D:95:22:6C:FC:34:69:4D:6A:9B:85:9D:37:B5:40:CB X509v3 Authority Key Identifier: keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/2rBRtn2VImz8NGlNapuFnTe1QMs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 47.64.0.0/13 82.82.0.0/15 84.56.0.0/13 85.238.224.0/19 88.64.0.0/12 92.72.0.0/13 92.208.0.0-92.219.255.255 94.216.0.0/13 145.253.0.0-145.254.255.255 146.60.0.0/16 176.94.0.0/15 178.0.0.0/12 185.2.132.0/22 188.96.0.0/12 193.25.240.0-193.25.245.255 193.25.247.0/24 195.50.128.0/18 195.158.128.0/19 212.144.0.0/16 213.23.0.0/16 213.128.96.0/19 IPv6: 2a00::/22 Signature Algorithm: sha256WithRSAEncryption 6b:36:93:1f:f1:3b:52:bb:fa:fe:b3:ba:6f:82:98:57:6e:bf: c2:03:4f:2b:a5:91:a9:c5:10:0a:f6:03:de:74:10:11:ee:be: 36:4e:44:bc:72:1a:bb:01:a4:dc:b6:a8:05:32:92:c0:a6:03: 14:c8:e9:5a:01:64:2d:01:2d:85:24:f6:fb:a5:6d:2b:35:20: 7d:dc:c6:01:0c:71:42:d0:b3:50:60:55:8c:f5:12:98:a8:b3: ee:ad:7e:57:b3:31:71:b8:37:f0:bf:e9:ae:92:f8:0f:e3:55: 12:6e:a5:7f:69:dc:cc:d4:8b:f4:f7:7a:9f:31:f5:e6:c4:0b: 56:40:fe:81:91:d5:a7:b1:a3:56:57:d6:e8:aa:85:a0:86:7f: 8b:a8:1f:26:04:72:e5:23:b4:42:22:04:65:2a:e2:64:09:e4: 27:94:4a:44:e4:67:a7:54:29:4b:a5:43:4d:1c:ec:c9:ab:b0: b0:47:b2:de:fb:f0:e1:da:1b:c1:79:0f:65:f4:58:cc:a8:5a: aa:fb:4d:6a:49:66:00:c4:20:90:82:c5:66:b8:b4:c2:bc:0b: e6:bb:ba:d4:df:71:8b:7a:3b:6f:45:a7:28:b2:d3:2f:df:d1: 4e:de:6c:9e:ce:18:4d:28:13:aa:59:a6:d1:ed:e7:ba:08:1d: 71:77:cf:6f -----BEGIN CERTIFICATE----- MIIFkDCCBHigAwIBAgISAZt4NNHkYAkr5+1jV06PN0iSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw MzRhYmYwHhcNMjYwMTAxMDYxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYWIwNTFiNjdkOTUyMjZjZmMzNDY5NGQ2YTliODU5ZDM3YjU0MGNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ywZq+5aPa58XPwmFiZP5kbEkz8/ GVqcSxcgQmMcj3S9HhyYNH7gzSkiewU7fFVRBWXmk2SWj/ULHPiE7keSxOSnB/cU 4DxdtdNU+tiqHGtqsJI7TlFL3KHc97DHyTSkHWbCybDCSYd/cse6wPikB6fUNlGk 6fkPAuxnSa2Pb0bn2+ltHsVGkRe4E0LwqJEzj4OSYJCrTg7ThkWQYOkiPeWhiI5D AQUkelLdTGCJ0w/vtunFNTlrjqTSkDCCa8Oe+EYfNTLHkKlPlIFLahmIC1LPIFpM xZr2Gwlbrk37RlsAEYJx1px53wzoPYkdDZGoCwjUKK6Qt8DPEnXlBlQGtQIDAQAB o4ICnDCCApgwHQYDVR0OBBYEFNqwUbZ9lSJs/DRpTWqbhZ03tUDLMB8GA1UdIwQY MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt OTJiNjc5NmM3N2NjLzEvMnJCUnRuMlZJbXo4TkdsTmFwdUZuVGUxUU1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBjQQCAAEwgYYDAwMv QAMDAVJSAwMDVDgDBAVV7uADAwRYQAMDA1xIMAoDAwRc0AMDAlzYAwMDXtgwCgMD AJH9AwMAkf4DAwCSPAMDAbBeAwMEsgADBAK5AoQDAwS8YDAMAwQEwRnwAwQBwRn0 AwQAwRn3AwQGwzKAAwQFw56AAwMA1JADAwDVFwMEBdWAYDAMBAIAAjAGAwQCKgAA MA0GCSqGSIb3DQEBCwUAA4IBAQBrNpMf8TtSu/r+s7pvgphXbr/CA08rpZGpxRAK 9gPedBAR7r42TkS8chq7AaTctqgFMpLApgMUyOlaAWQtAS2FJPb7pW0rNSB93MYB DHFC0LNQYFWM9RKYqLPurX5XszFxuDfwv+mukvgP41USbqV/adzM1Iv093qfMfXm xAtWQP6BkdWnsaNWV9boqoWghn+LqB8mBHLlI7RCIgRlKuJkCeQnlEpE5GenVClL pUNNHOzJq7CwR7Le+/Dh2hvBeQ9l9FjMqFqq+01qSWYAxCCQgsVmuLTCvAvmu7rU 33GLejtvRacostMv39FO3myezhhNKBOqWabR7ee6CB1xd89v -----END CERTIFICATE-----Generated at Sun Jan 25 16:39:56 2026 by rpki-client