This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/2yXo53nRzQ6QIXHCKqp0A_hJsyc.roa File: 2yXo53nRzQ6QIXHCKqp0A_hJsyc.roa (raw, json) Hash identifier: fKxrkStH/B851eW4EJrn5I1osQhbxL5xUSbhHaxEJKA= Subject key identifier: DB:25:E8:E7:79:D1:CD:0E:90:21:71:C2:2A:AA:74:03:F8:49:B3:27 Certificate issuer: /CN=f9629775283733a45c454b8d7be5a66df0db1a17 Certificate serial: 019B7DCA5AC1C002B6CA79C57E62265C5E08 Authority key identifier: F9:62:97:75:28:37:33:A4:5C:45:4B:8D:7B:E5:A6:6D:F0:DB:1A:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/2yXo53nRzQ6QIXHCKqp0A_hJsyc.roa Signing time: Fri 02 Jan 2026 08:19:32 +0000 ROA not before: Fri 02 Jan 2026 08:19:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48418 IP address blocks: 185.254.32.0/24 maxlen: 24 185.254.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.mft rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:5a:c1:c0:02:b6:ca:79:c5:7e:62:26:5c:5e:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f9629775283733a45c454b8d7be5a66df0db1a17 Validity Not Before: Jan 2 08:19:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db25e8e779d1cd0e902171c22aaa7403f849b327 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:a2:e9:f4:3f:8c:8a:03:79:d2:9c:71:63:b1: fe:42:21:79:4c:2e:d8:a4:2e:63:f7:29:72:90:bb: be:08:af:18:16:30:1f:72:cb:48:3a:23:03:f6:b8: 9a:a5:14:2f:82:51:7d:a7:ba:b2:99:36:3b:31:cd: 4b:41:8e:29:f5:29:9e:a9:6b:f2:27:7c:3f:32:14: 1b:1f:2f:bb:03:66:b1:3d:0d:d9:ae:33:ba:83:d7: eb:9c:05:39:4d:0d:e6:4b:03:8f:6f:52:03:b5:5a: bc:b0:50:38:9d:f0:82:ac:75:fd:e9:20:42:56:f6: e0:3f:41:d8:01:f3:9b:f1:d0:49:cb:ff:38:05:f5: e9:56:3f:69:e5:2b:8d:ef:1c:c8:f4:1a:93:14:9b: 98:bb:43:60:cd:e1:37:45:d5:d0:8a:9a:f4:0a:a8: 92:35:39:cf:5a:ef:70:22:50:57:99:42:3e:6f:8d: 59:b8:ed:da:87:7b:e8:42:49:90:5a:37:8f:2d:fa: 6d:c4:d6:2b:84:cf:5f:84:ed:60:50:15:fd:4e:f3: b5:c3:1d:66:aa:cc:ca:8e:1a:cf:42:54:fe:1a:32: c6:b7:80:16:17:78:01:50:00:ae:69:9f:48:02:81: 2c:55:53:d3:32:27:f1:e7:e2:49:99:6c:e2:37:e2: a5:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:25:E8:E7:79:D1:CD:0E:90:21:71:C2:2A:AA:74:03:F8:49:B3:27 X509v3 Authority Key Identifier: keyid:F9:62:97:75:28:37:33:A4:5C:45:4B:8D:7B:E5:A6:6D:F0:DB:1A:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/2yXo53nRzQ6QIXHCKqp0A_hJsyc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.254.32.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:73:b0:64:bd:ed:a2:38:50:85:df:6b:49:07:89:e5:37:21: 6f:bc:67:32:e7:8b:32:53:c0:70:cb:be:c9:44:46:81:de:ec: 84:03:8b:5b:28:1f:62:b7:36:c3:81:a4:52:0b:dc:96:80:ec: a3:e2:ee:e3:2e:8f:26:ad:1d:cd:1c:dc:64:81:e4:81:ee:fc: 87:fd:65:0f:81:db:b8:d0:44:02:5b:0e:d9:e3:95:7d:e9:99: 40:e8:1a:00:a7:29:42:06:74:16:d3:00:ff:a1:c4:65:4c:fa: da:6b:fa:e6:94:8b:69:b5:26:54:01:2f:a0:0c:88:11:39:0f: 7f:da:17:5f:78:16:1e:74:bc:57:12:c0:34:f6:22:8c:ee:72: 73:c3:24:96:b9:a0:45:47:c9:b3:14:a8:bf:1e:5a:ad:e5:b4: d8:14:3e:87:7d:4b:04:1f:50:92:a5:86:e0:02:0e:0e:e0:57: 20:e7:6a:4f:90:28:2b:09:c9:33:30:c0:a8:5b:96:8d:47:12: bc:dc:c1:dc:07:35:ff:a2:ea:80:e3:55:40:82:54:d6:4e:71: f7:6b:68:1c:be:dd:87:fe:da:d8:f2:61:67:b2:25:40:ca:78: 7c:22:b9:48:b6:20:38:b9:1f:9a:89:3d:63:ed:ca:03:e9:f2: c3:1a:fa:3e -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt9ylrBwAK2ynnFfmImXF4IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY5NjI5Nzc1MjgzNzMzYTQ1YzQ1NGI4ZDdiZTVhNjZkZjBk YjFhMTcwHhcNMjYwMTAyMDgxOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjI1ZThlNzc5ZDFjZDBlOTAyMTcxYzIyYWFhNzQwM2Y4NDliMzI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaLp9D+MigN50pxxY7H+QiF5TC7Y pC5j9ylykLu+CK8YFjAfcstIOiMD9riapRQvglF9p7qymTY7Mc1LQY4p9SmeqWvy J3w/MhQbHy+7A2axPQ3ZrjO6g9frnAU5TQ3mSwOPb1IDtVq8sFA4nfCCrHX96SBC VvbgP0HYAfOb8dBJy/84BfXpVj9p5SuN7xzI9BqTFJuYu0NgzeE3RdXQipr0CqiS NTnPWu9wIlBXmUI+b41ZuO3ah3voQkmQWjePLfptxNYrhM9fhO1gUBX9TvO1wx1m qszKjhrPQlT+GjLGt4AWF3gBUACuaZ9IAoEsVVPTMifx5+JJmWziN+KlGwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFNsl6Od50c0OkCFxwiqqdAP4SbMnMB8GA1UdIwQY MBaAFPlil3UoNzOkXEVLjXvlpm3w2xoXMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1XS1hkU2czTTZSY1JVdU5lLVdtYmZEYkdoYy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvZWJmY2U2LTI4NTctNDA0Yi05Yjc0 LWIzMjRlMDI1YjkyOS8xLzJ5WG81M25SelE2UUlYSENLcXAwQV9oSnN5Yy5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvN2QvZWJmY2U2LTI4NTctNDA0Yi05Yjc0LWIzMjRlMDI1Yjky OS8xLzEtV0tYZFNnM002UmNSVXVOZS1XbWJmRGJHaGMuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG5/iAw DQYJKoZIhvcNAQELBQADggEBAC9zsGS97aI4UIXfa0kHieU3IW+8ZzLnizJTwHDL vslERoHe7IQDi1soH2K3NsOBpFIL3JaA7KPi7uMujyatHc0c3GSB5IHu/If9ZQ+B 27jQRAJbDtnjlX3pmUDoGgCnKUIGdBbTAP+hxGVM+tpr+uaUi2m1JlQBL6AMiBE5 D3/aF194Fh50vFcSwDT2IozucnPDJJa5oEVHybMUqL8eWq3ltNgUPod9SwQfUJKl huACDg7gVyDnak+QKCsJyTMwwKhblo1HErzcwdwHNf+i6oDjVUCCVNZOcfdraBy+ 3Yf+2tjyYWeyJUDKeHwiuUi2IDi5H5qJPWPtygPp8sMa+j4= -----END CERTIFICATE-----Generated at Mon Jan 26 10:52:53 2026 by rpki-client