This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/2j-9yNtktHt5v3A9Kl3uT69XxUQ.roa File: 2j-9yNtktHt5v3A9Kl3uT69XxUQ.roa (raw, json) Hash identifier: kN6K0JrXyJLwNWerB4QQmyVz1nrq+uVY4rleX2HuK30= Subject key identifier: DA:3F:BD:C8:DB:64:B4:7B:79:BF:70:3D:2A:5D:EE:4F:AF:57:C5:44 Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c Certificate serial: 019B79EBC22E0B0EEF63683E167852E34026 Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/2j-9yNtktHt5v3A9Kl3uT69XxUQ.roa Signing time: Thu 01 Jan 2026 14:17:32 +0000 ROA not before: Thu 01 Jan 2026 14:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48931 IP address blocks: 89.42.38.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:c2:2e:0b:0e:ef:63:68:3e:16:78:52:e3:40:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c Validity Not Before: Jan 1 14:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da3fbdc8db64b47b79bf703d2a5dee4faf57c544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:27:ae:cd:0a:bb:c4:6f:47:94:07:d2:3e:2b: ca:32:dd:0a:2d:c8:93:65:25:82:a5:bc:57:90:6e: 9f:2a:c6:88:30:8e:1a:8e:a9:f8:aa:82:dd:7a:ef: ef:5a:b3:2d:a3:a8:c9:4e:4e:f0:4e:f3:bf:e4:d2: 6c:a5:cc:20:2f:15:d2:a0:14:d5:4e:26:f2:74:b9: 89:24:a0:ec:85:cc:52:cf:ec:8c:70:58:55:59:2d: 70:1e:31:b2:a1:65:52:14:7c:e1:bf:c1:91:57:16: 0d:b4:6c:b0:cd:cb:99:8e:2f:56:65:e3:fb:a7:81: 5c:b5:db:8a:c8:69:fc:38:ee:30:92:79:0e:ef:66: 16:2d:6c:99:30:1c:08:41:d4:4c:1a:36:54:1b:f0: 8e:a9:1f:78:22:ed:b4:60:2b:2d:d3:56:e7:c0:99: 4f:4f:7c:84:01:c2:82:5d:91:07:10:8a:23:c5:1d: fb:79:29:ec:2c:bb:7a:9a:6d:c9:db:26:8f:67:02: 8b:95:39:e3:f3:4b:e7:f2:9f:c7:7e:17:3e:41:33: 3b:64:d8:3d:8e:4f:fe:03:d8:ca:b8:88:94:9f:c5: c1:93:eb:5f:bf:94:c9:19:e9:ca:79:77:ee:e9:b2: 7b:af:e3:64:97:2e:b6:e3:62:81:3c:53:37:c1:ab: 5b:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:3F:BD:C8:DB:64:B4:7B:79:BF:70:3D:2A:5D:EE:4F:AF:57:C5:44 X509v3 Authority Key Identifier: keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/2j-9yNtktHt5v3A9Kl3uT69XxUQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.42.38.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:2f:c0:0e:b2:57:86:5a:bd:1f:8e:de:85:5a:30:6e:d6:c8: 3e:0a:21:81:4a:a6:f0:85:a8:17:80:15:92:bc:6f:04:ea:79: dc:02:34:57:70:bf:d8:2e:5d:7e:23:2d:94:41:8e:57:5f:6a: bb:61:5c:f2:cd:6d:10:fd:1f:a8:b9:37:39:5f:3c:b4:cc:2e: 2b:d9:8c:49:56:ce:a0:06:06:ea:40:a6:da:fa:79:e6:fc:11: 29:96:e2:f4:77:7d:7d:73:37:8e:37:1d:af:55:0f:d2:b2:29: b6:df:ae:78:c5:91:c5:e4:94:74:cd:fc:b5:5a:64:01:a1:30: d8:4b:d0:ae:82:96:12:23:e2:1f:9a:f2:8c:f1:98:f4:ee:1e: db:ad:af:07:41:4d:76:bd:d8:2e:df:18:ad:8b:8a:56:0a:23: a3:80:9d:38:49:22:1d:4a:34:89:ff:27:a6:36:59:5c:41:05: 62:1c:3d:d3:60:56:98:e0:2c:95:59:e2:0b:93:a3:78:20:f2: 30:5f:dc:a3:74:b6:e0:5a:8c:81:97:df:97:fa:ae:1f:b9:5d: 2e:8f:f6:2e:0f:ff:f8:d9:be:82:43:a4:79:43:b1:4f:76:40: 7e:91:40:08:d3:6a:9d:c6:22:33:4d:90:ce:64:86:a5:e8:f8: cb:49:f4:55 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt568IuCw7vY2g+FnhS40AmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4 NWZmOGMwHhcNMjYwMTAxMTQxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTNmYmRjOGRiNjRiNDdiNzliZjcwM2QyYTVkZWU0ZmFmNTdjNTQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCeuzQq7xG9HlAfSPivKMt0KLciT ZSWCpbxXkG6fKsaIMI4ajqn4qoLdeu/vWrMto6jJTk7wTvO/5NJspcwgLxXSoBTV TibydLmJJKDshcxSz+yMcFhVWS1wHjGyoWVSFHzhv8GRVxYNtGywzcuZji9WZeP7 p4FctduKyGn8OO4wknkO72YWLWyZMBwIQdRMGjZUG/COqR94Iu20YCst01bnwJlP T3yEAcKCXZEHEIojxR37eSnsLLt6mm3J2yaPZwKLlTnj80vn8p/Hfhc+QTM7ZNg9 jk/+A9jKuIiUn8XBk+tfv5TJGenKeXfu6bJ7r+Nkly6242KBPFM3watbJQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNo/vcjbZLR7eb9wPSpd7k+vV8VEMB8GA1UdIwQY MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt MjVkYmY0MzgwNGM1LzEvMmotOXlOdGt0SHQ1djNBOUtsM3VUNjlYeFVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1 LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSomMA0G CSqGSIb3DQEBCwUAA4IBAQAfL8AOsleGWr0fjt6FWjBu1sg+CiGBSqbwhagXgBWS vG8E6nncAjRXcL/YLl1+Iy2UQY5XX2q7YVzyzW0Q/R+ouTc5Xzy0zC4r2YxJVs6g BgbqQKba+nnm/BEpluL0d319czeONx2vVQ/Ssim23654xZHF5JR0zfy1WmQBoTDY S9CugpYSI+IfmvKM8Zj07h7bra8HQU12vdgu3xiti4pWCiOjgJ04SSIdSjSJ/yem NllcQQViHD3TYFaY4CyVWeILk6N4IPIwX9yjdLbgWoyBl9+X+q4fuV0uj/YuD//4 2b6CQ6R5Q7FPdkB+kUAI02qdxiIzTZDOZIal6PjLSfRV -----END CERTIFICATE-----Generated at Sun Jan 25 22:31:16 2026 by rpki-client