This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/2UOn5hLyRStz2AaXDff3yHdPj5Y.roa File: 2UOn5hLyRStz2AaXDff3yHdPj5Y.roa (raw, json) Hash identifier: 5kRNvsBj9U69NfOc0jPJOLMDekNIrXIH85Fd7k/Y9GQ= Subject key identifier: D9:43:A7:E6:12:F2:45:2B:73:D8:06:97:0D:F7:F7:C8:77:4F:8F:96 Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3 Certificate serial: 019B7D5CB110BFCD1A39918868588D2F5447 Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/2UOn5hLyRStz2AaXDff3yHdPj5Y.roa Signing time: Fri 02 Jan 2026 06:19:45 +0000 ROA not before: Fri 02 Jan 2026 06:19:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207080 IP address blocks: 2a0c:2f06::/32 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.mft rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 03:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:b1:10:bf:cd:1a:39:91:88:68:58:8d:2f:54:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3 Validity Not Before: Jan 2 06:19:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d943a7e612f2452b73d806970df7f7c8774f8f96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:20:ff:25:0e:92:a5:c3:69:b9:b2:3c:21:d2: 11:ed:bf:c4:f0:94:05:11:88:02:f9:0f:c7:27:3c: e8:f2:ed:d8:8c:35:5f:fa:13:db:ba:01:8b:7c:1e: fc:b6:1a:ee:ee:d4:b7:73:41:9d:6d:ea:0b:c9:74: 86:88:9a:65:07:c9:13:14:ce:52:45:c2:9a:c3:75: 69:27:ca:a6:1a:f3:d3:e7:87:62:99:48:c0:05:de: f4:c4:50:65:37:e5:7a:cc:cf:75:04:11:b9:50:2c: 31:71:26:9d:d6:5f:13:af:ed:a0:ef:68:7f:c2:1b: 49:b6:aa:66:c1:ff:5c:d5:16:37:72:ce:76:eb:44: 90:f6:ac:e6:75:26:d7:ec:06:e7:49:f3:8c:60:ec: 22:3e:32:87:b0:6b:65:7a:16:13:b0:83:aa:00:d6: 69:6a:a7:63:32:79:60:29:fa:77:aa:1c:78:63:c8: 3d:6d:26:4f:50:28:87:92:6a:15:49:f6:e3:c8:16: 75:0e:64:b0:68:75:28:3c:10:46:bc:b9:55:21:13: 7b:1c:10:f8:a2:38:0a:fe:37:02:d7:24:ac:be:50: 00:c6:b9:f7:f2:99:af:33:f3:3f:d4:01:18:d3:e7: 1b:d0:02:17:57:51:b2:2e:12:e1:31:ff:f2:60:07: ec:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:43:A7:E6:12:F2:45:2B:73:D8:06:97:0D:F7:F7:C8:77:4F:8F:96 X509v3 Authority Key Identifier: keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/2UOn5hLyRStz2AaXDff3yHdPj5Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:2f06::/32 Signature Algorithm: sha256WithRSAEncryption 1b:02:d6:c1:44:cd:08:2b:c5:b1:8a:0d:69:64:a6:6e:b0:6d: 83:d2:65:68:04:07:0d:bf:f4:6a:8f:3b:b6:e7:51:9b:58:05: 85:c3:68:8c:fa:f0:d5:a7:37:80:f8:49:55:4e:1e:fc:c4:05: 34:2b:46:d7:49:fc:fb:e0:3f:c8:f8:c5:a9:1e:c0:2d:16:3e: e6:93:18:6f:eb:36:52:36:22:98:29:73:4f:0d:48:a4:7a:7b: d4:f1:01:35:89:55:bc:7a:10:df:df:96:1c:01:8e:d5:93:3a: f2:66:44:d6:84:d8:d8:0b:62:5b:52:e8:e4:53:ad:31:d6:78: e1:be:47:b1:4b:58:1e:52:5e:e9:26:31:e4:3f:91:83:41:49: 32:3f:d9:4e:49:8b:89:fa:80:79:ad:24:d1:c9:e1:d5:37:fa: 89:90:c5:f8:af:d1:04:12:d5:71:da:4f:aa:67:62:c0:51:1a: 8c:f6:a4:e8:c2:fe:04:34:99:d0:2c:b7:56:3a:0e:38:94:2c: 5e:3f:aa:8a:b9:1b:26:3f:03:d6:a5:50:09:d9:9f:63:32:d5: 00:e4:29:67:5c:6d:aa:29:70:86:4b:c8:ac:f8:85:f4:b5:12: f4:e0:e5:83:23:1b:a3:6c:9e:6a:57:cc:17:c5:e5:38:a0:13: df:16:ee:f7 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9XLEQv80aOZGIaFiNL1RHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3 YjM4ZDMwHhcNMjYwMTAyMDYxOTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTQzYTdlNjEyZjI0NTJiNzNkODA2OTcwZGY3ZjdjODc3NGY4Zjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCD/JQ6SpcNpubI8IdIR7b/E8JQF EYgC+Q/HJzzo8u3YjDVf+hPbugGLfB78thru7tS3c0GdbeoLyXSGiJplB8kTFM5S RcKaw3VpJ8qmGvPT54dimUjABd70xFBlN+V6zM91BBG5UCwxcSad1l8Tr+2g72h/ whtJtqpmwf9c1RY3cs5260SQ9qzmdSbX7AbnSfOMYOwiPjKHsGtlehYTsIOqANZp aqdjMnlgKfp3qhx4Y8g9bSZPUCiHkmoVSfbjyBZ1DmSwaHUoPBBGvLlVIRN7HBD4 ojgK/jcC1ySsvlAAxrn38pmvM/M/1AEY0+cb0AIXV1GyLhLhMf/yYAfs0wIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFNlDp+YS8kUrc9gGlw3398h3T4+WMB8GA1UdIwQY MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt MWRlYzQwNTg0ODA2LzEvMlVPbjVoTHlSU3R6MkFhWERmZjN5SGRQajVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2 LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgwvBjAN BgkqhkiG9w0BAQsFAAOCAQEAGwLWwUTNCCvFsYoNaWSmbrBtg9JlaAQHDb/0ao87 tudRm1gFhcNojPrw1ac3gPhJVU4e/MQFNCtG10n8++A/yPjFqR7ALRY+5pMYb+s2 UjYimClzTw1IpHp71PEBNYlVvHoQ39+WHAGO1ZM68mZE1oTY2AtiW1Lo5FOtMdZ4 4b5HsUtYHlJe6SYx5D+Rg0FJMj/ZTkmLifqAea0k0cnh1Tf6iZDF+K/RBBLVcdpP qmdiwFEajPak6ML+BDSZ0Cy3VjoOOJQsXj+qirkbJj8D1qVQCdmfYzLVAOQpZ1xt qilwhkvIrPiF9LUS9ODlgyMbo2yealfMF8XlOKAT3xbu9w== -----END CERTIFICATE-----Generated at Sun Jan 25 14:10:30 2026 by rpki-client