This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/2YkU-KlvlcIh_M7FIIm73x5dHfA.roa File: 2YkU-KlvlcIh_M7FIIm73x5dHfA.roa (raw, json) Hash identifier: SdTWFWGh+2RmhNZYbN14E4xNqRJjMV5KacVktQgyXJs= Subject key identifier: D9:89:14:F8:A9:6F:95:C2:21:FC:CE:C5:20:89:BB:DF:1E:5D:1D:F0 Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b Certificate serial: 019AEDD2D96567DDB33F2444DD5D49125637 Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/2YkU-KlvlcIh_M7FIIm73x5dHfA.roa Signing time: Fri 05 Dec 2025 09:23:29 +0000 ROA not before: Fri 05 Dec 2025 09:23:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 208172 IP address blocks: 81.27.86.0/24 maxlen: 24 159.26.96.0/24 maxlen: 24 159.26.97.0/24 maxlen: 24 159.26.98.0/24 maxlen: 24 159.26.99.0/24 maxlen: 24 159.26.100.0/24 maxlen: 24 159.26.101.0/24 maxlen: 24 159.26.102.0/24 maxlen: 24 159.26.103.0/24 maxlen: 24 159.26.104.0/24 maxlen: 24 159.26.105.0/24 maxlen: 24 159.26.106.0/24 maxlen: 24 159.26.107.0/24 maxlen: 24 159.26.108.0/24 maxlen: 24 159.26.109.0/24 maxlen: 24 159.26.110.0/24 maxlen: 24 159.26.111.0/24 maxlen: 24 159.26.112.0/24 maxlen: 24 159.26.113.0/24 maxlen: 24 159.26.114.0/24 maxlen: 24 159.26.115.0/24 maxlen: 24 159.26.116.0/24 maxlen: 24 159.26.117.0/24 maxlen: 24 159.26.118.0/24 maxlen: 24 159.26.119.0/24 maxlen: 24 159.26.120.0/24 maxlen: 24 159.26.121.0/24 maxlen: 24 159.26.122.0/24 maxlen: 24 159.26.123.0/24 maxlen: 24 159.26.124.0/24 maxlen: 24 159.26.125.0/24 maxlen: 24 159.26.126.0/24 maxlen: 24 159.26.127.0/24 maxlen: 24 205.147.16.0/24 maxlen: 24 205.147.17.0/24 maxlen: 24 205.147.18.0/24 maxlen: 24 205.147.19.0/24 maxlen: 24 205.147.20.0/24 maxlen: 24 205.147.21.0/24 maxlen: 24 205.147.22.0/24 maxlen: 24 205.147.23.0/24 maxlen: 24 205.147.27.0/24 maxlen: 24 205.147.28.0/24 maxlen: 24 205.147.29.0/24 maxlen: 24 205.147.30.0/24 maxlen: 24 205.147.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ed:d2:d9:65:67:dd:b3:3f:24:44:dd:5d:49:12:56:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b Validity Not Before: Dec 5 09:23:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d98914f8a96f95c221fccec52089bbdf1e5d1df0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:9d:9f:cc:6b:f9:8f:16:b2:5d:f5:6a:11:3b: 17:c8:ac:fd:92:15:09:4f:5d:8e:b3:d5:77:95:63: ad:2a:aa:c9:3a:f4:fa:37:51:04:f9:a8:ce:89:8d: 5c:2f:9d:8b:fd:70:30:d5:68:07:04:66:d6:39:8b: f0:15:8b:c0:d9:6e:e9:89:59:9e:95:09:9a:b1:4c: 0d:b5:b7:97:60:de:d0:89:9b:f7:2d:de:7c:ec:92: b9:10:ec:cd:bd:b3:05:ca:95:6f:d9:74:20:11:91: 37:7b:27:00:39:e7:5d:45:de:81:39:c5:9d:aa:11: 77:0e:07:30:ee:ad:60:e4:64:81:de:4a:f5:e5:1a: 48:08:32:e4:27:41:c7:9f:6a:b9:b1:8f:5b:ed:58: 4a:66:7e:f5:10:d2:5c:a3:12:17:d0:b7:f6:66:c6: 6f:67:0b:1d:48:8e:91:53:c2:ee:93:db:70:70:ab: af:18:49:40:af:26:f6:e7:46:00:40:4a:4c:1e:b0: 90:76:51:10:99:af:c1:e3:e2:1f:2d:7b:3e:22:76: 60:b8:30:a7:e2:8f:a0:3f:5e:23:be:3a:ed:a9:fd: a5:c0:4d:7a:94:02:95:86:18:72:28:8c:a3:ca:b8: 9b:89:ae:be:9b:49:c1:fc:32:06:76:5b:35:6b:53: 1d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:89:14:F8:A9:6F:95:C2:21:FC:CE:C5:20:89:BB:DF:1E:5D:1D:F0 X509v3 Authority Key Identifier: keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/2YkU-KlvlcIh_M7FIIm73x5dHfA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.27.86.0/24 159.26.96.0/19 205.147.16.0/21 205.147.27.0-205.147.31.255 Signature Algorithm: sha256WithRSAEncryption 9d:6d:1b:ba:a5:39:1f:4b:73:c5:6e:44:35:45:42:34:08:24: 41:01:01:cd:fd:9e:e1:63:0b:ad:b0:c8:23:83:95:a6:64:7f: e5:6e:c3:9a:c3:92:c3:6d:9e:32:cd:c4:f2:94:21:66:bb:79: ca:a1:5f:32:8c:b0:e6:53:e5:0c:bf:dd:83:d2:97:0a:dd:26: 71:14:97:70:5f:a3:7b:20:7c:08:01:e0:8e:db:1f:80:d1:ef: 96:58:85:70:f5:b5:94:1e:b7:ee:c1:1f:30:37:d6:33:1a:a6: 45:a0:f7:ce:07:ab:7e:2e:14:6e:a2:a7:6a:d9:d6:3a:71:04: d9:f6:eb:e1:a0:5a:08:23:8b:dd:de:7f:21:24:03:92:2a:b8: 29:fe:38:e3:5f:d8:a2:36:48:61:3a:e4:ff:39:15:3c:91:04: 70:76:a9:0b:ee:16:05:7b:ac:15:b3:0d:4a:34:aa:dc:43:6f: 01:67:f7:ac:45:60:fd:91:5a:f3:2f:8c:3f:00:85:6a:38:f9: 89:f8:8e:ce:94:ce:bb:93:f5:7d:b2:dc:15:c4:a8:24:7e:84: 02:a3:41:cb:d7:3f:26:7e:4a:5b:e8:99:2b:f6:2c:49:c6:c9: d6:9c:0c:3e:e3:08:f7:15:34:e8:0c:31:21:bb:94:47:82:8e: fc:30:ba:a0 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZrt0tllZ92zPyRE3V1JElY3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz NWUyMmIwHhcNMjUxMjA1MDkyMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTg5MTRmOGE5NmY5NWMyMjFmY2NlYzUyMDg5YmJkZjFlNWQxZGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Z2fzGv5jxayXfVqETsXyKz9khUJ T12Os9V3lWOtKqrJOvT6N1EE+ajOiY1cL52L/XAw1WgHBGbWOYvwFYvA2W7piVme lQmasUwNtbeXYN7QiZv3Ld587JK5EOzNvbMFypVv2XQgEZE3eycAOeddRd6BOcWd qhF3Dgcw7q1g5GSB3kr15RpICDLkJ0HHn2q5sY9b7VhKZn71ENJcoxIX0Lf2ZsZv ZwsdSI6RU8Luk9twcKuvGElAryb250YAQEpMHrCQdlEQma/B4+IfLXs+InZguDCn 4o+gP14jvjrtqf2lwE16lAKVhhhyKIyjyribia6+m0nB/DIGdls1a1MdtwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFNmJFPipb5XCIfzOxSCJu98eXR3wMB8GA1UdIwQY MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt MWE4MGEyZjdkN2VhLzEvMllrVS1LbHZsY0loX003RklJbTczeDVkSGZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAURtWAwQF nxpgAwQDzZMQMAwDBADNkxsDBAXNkwAwDQYJKoZIhvcNAQELBQADggEBAJ1tG7ql OR9Lc8VuRDVFQjQIJEEBAc39nuFjC62wyCODlaZkf+Vuw5rDksNtnjLNxPKUIWa7 ecqhXzKMsOZT5Qy/3YPSlwrdJnEUl3Bfo3sgfAgB4I7bH4DR75ZYhXD1tZQet+7B HzA31jMapkWg984Hq34uFG6ip2rZ1jpxBNn26+GgWggji93efyEkA5IquCn+OONf 2KI2SGE65P85FTyRBHB2qQvuFgV7rBWzDUo0qtxDbwFn96xFYP2RWvMvjD8AhWo4 +Yn4js6UzruT9X2y3BXEqCR+hAKjQcvXPyZ+SlvomSv2LEnGydacDD7jCPcVNOgM MSG7lEeCjvwwuqA= -----END CERTIFICATE-----Generated at Sat Dec 6 08:55:29 2025 by rpki-client