This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/2aR01OFymFEwZxvW0ul_qajB_MU.roa File: 2aR01OFymFEwZxvW0ul_qajB_MU.roa (raw, json) Hash identifier: uOcW0MztVBXCRsokN174A3EZiiQc7C1Cn12xFKZuxJI= Subject key identifier: D9:A4:74:D4:E1:72:98:51:30:67:1B:D6:D2:E9:7F:A9:A8:C1:FC:C5 Certificate issuer: /CN=5f6b90019d4d2b52ab4caf671c37e9c4d03ada73 Certificate serial: 019B78351FE6451FC26EAC71D091438C6980 Authority key identifier: 5F:6B:90:01:9D:4D:2B:52:AB:4C:AF:67:1C:37:E9:C4:D0:3A:DA:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X2uQAZ1NK1KrTK9nHDfpxNA62nM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/2aR01OFymFEwZxvW0ul_qajB_MU.roa Signing time: Thu 01 Jan 2026 06:18:26 +0000 ROA not before: Thu 01 Jan 2026 06:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61308 IP address blocks: 185.213.136.0/22 maxlen: 22 185.213.136.0/24 maxlen: 24 185.213.137.0/24 maxlen: 24 185.213.138.0/24 maxlen: 24 185.213.139.0/24 maxlen: 24 2001:67c:1188::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/X2uQAZ1NK1KrTK9nHDfpxNA62nM.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/X2uQAZ1NK1KrTK9nHDfpxNA62nM.mft rsync://rpki.ripe.net/repository/DEFAULT/X2uQAZ1NK1KrTK9nHDfpxNA62nM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:1f:e6:45:1f:c2:6e:ac:71:d0:91:43:8c:69:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f6b90019d4d2b52ab4caf671c37e9c4d03ada73 Validity Not Before: Jan 1 06:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9a474d4e172985130671bd6d2e97fa9a8c1fcc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:86:7a:fc:5a:13:de:1e:9f:bc:dc:e7:87:e9: ed:76:44:a9:26:23:aa:24:a6:28:f3:8c:1e:c6:3f: a2:fe:95:0f:48:e6:5c:d8:a8:ad:0f:da:14:4a:f8: c3:2a:8f:88:da:28:41:aa:61:4a:f7:af:2f:1c:a8: 95:83:d0:70:f1:dc:fe:e5:de:bc:ba:1a:8c:83:6a: d8:57:d2:14:30:d1:a6:b8:56:a2:3e:90:a6:4d:74: 49:02:ae:4c:c5:ba:a4:e5:0c:3b:e2:ba:ee:bb:7a: 81:7b:8f:cd:13:d1:54:6d:be:96:a9:a5:d5:46:82: 48:8a:14:56:5f:3a:c4:80:97:00:c9:43:ba:92:5d: 21:76:07:91:a4:93:47:19:81:e4:40:9f:a4:b7:91: f3:31:47:f5:8f:fc:bd:5e:1a:37:63:87:c2:af:4c: 2a:16:71:f7:9b:c7:ae:b3:45:ad:2b:4e:6f:ba:bf: 77:6e:21:0e:46:d6:1e:d0:8a:fc:a8:73:ac:54:99: 94:12:4d:c3:71:03:af:43:ad:ee:48:19:cd:da:6a: 6d:dc:e1:9c:1e:a6:ba:72:a5:c0:79:c3:56:ad:ee: 4d:9b:4b:77:96:1d:ed:ce:c6:0b:84:36:cf:c6:40: 0c:04:4f:d2:82:e2:4f:0a:84:dc:8a:75:68:64:95: 63:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:A4:74:D4:E1:72:98:51:30:67:1B:D6:D2:E9:7F:A9:A8:C1:FC:C5 X509v3 Authority Key Identifier: keyid:5F:6B:90:01:9D:4D:2B:52:AB:4C:AF:67:1C:37:E9:C4:D0:3A:DA:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X2uQAZ1NK1KrTK9nHDfpxNA62nM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/2aR01OFymFEwZxvW0ul_qajB_MU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/809616-a008-4a11-bc0a-7cf031fa75ce/1/X2uQAZ1NK1KrTK9nHDfpxNA62nM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.213.136.0/22 IPv6: 2001:67c:1188::/48 Signature Algorithm: sha256WithRSAEncryption 98:60:95:d6:7c:3a:02:2e:c2:ae:96:6c:a4:50:24:1a:31:90: a5:7c:35:03:84:b9:e3:79:fa:a6:b9:dd:93:58:48:61:5d:5f: 2f:0d:2c:9d:b0:60:ce:07:d5:f6:17:66:8a:cd:14:8c:fe:35: e2:cc:27:41:03:0b:73:ce:d1:2e:0f:88:39:c5:0d:3d:a9:88: f5:1e:3d:7d:ed:b5:3c:f4:3e:19:f6:3c:06:73:1f:63:6e:36: c9:1e:cc:20:09:48:fd:30:54:6b:a3:f0:37:da:11:53:9d:98: df:f4:b9:5f:17:79:f3:77:b8:6d:17:86:89:9b:b3:b3:60:4d: 54:66:93:da:c9:ca:90:d3:a4:5d:37:8e:fc:61:b5:24:65:95: 6d:73:54:b4:22:2e:1f:0b:21:f4:9e:bd:54:23:f3:77:ae:f4: 65:b0:f7:8d:39:db:1a:31:72:0c:bf:d8:6f:39:7d:90:ad:59: 9f:87:9e:8e:8a:57:6a:ae:e1:40:b6:d9:a8:3f:90:53:25:ed: 86:da:88:40:df:0d:fe:60:fe:0c:25:89:8f:07:41:fd:7d:21: 15:b7:3f:c5:23:f4:93:61:0c:64:b7:29:d0:99:11:04:d1:c0: b4:ec:90:81:8f:2f:ac:d7:75:3a:af:4f:ff:2b:67:f0:41:a9: 58:b1:db:4d -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4NR/mRR/Cbqxx0JFDjGmAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmNmI5MDAxOWQ0ZDJiNTJhYjRjYWY2NzFjMzdlOWM0ZDAz YWRhNzMwHhcNMjYwMTAxMDYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWE0NzRkNGUxNzI5ODUxMzA2NzFiZDZkMmU5N2ZhOWE4YzFmY2M1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoZ6/FoT3h6fvNznh+ntdkSpJiOq JKYo84wexj+i/pUPSOZc2KitD9oUSvjDKo+I2ihBqmFK968vHKiVg9Bw8dz+5d68 uhqMg2rYV9IUMNGmuFaiPpCmTXRJAq5Mxbqk5Qw74rruu3qBe4/NE9FUbb6WqaXV RoJIihRWXzrEgJcAyUO6kl0hdgeRpJNHGYHkQJ+kt5HzMUf1j/y9Xho3Y4fCr0wq FnH3m8eus0WtK05vur93biEORtYe0Ir8qHOsVJmUEk3DcQOvQ63uSBnN2mpt3OGc Hqa6cqXAecNWre5Nm0t3lh3tzsYLhDbPxkAMBE/SguJPCoTcinVoZJVjzwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNmkdNThcphRMGcb1tLpf6mowfzFMB8GA1UdIwQY MBaAFF9rkAGdTStSq0yvZxw36cTQOtpzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDJ1UUFaMU5LMUtyVEs5bkhEZnB4TkE2Mm5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84MDk2MTYtYTAwOC00YTExLWJjMGEt N2NmMDMxZmE3NWNlLzEvMmFSMDFPRnltRkV3Wnh2VzB1bF9xYWpCX01VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi84MDk2MTYtYTAwOC00YTExLWJjMGEtN2NmMDMxZmE3NWNl LzEvWDJ1UUFaMU5LMUtyVEs5bkhEZnB4TkE2Mm5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCudWIMA8E AgACMAkDBwAgAQZ8EYgwDQYJKoZIhvcNAQELBQADggEBAJhgldZ8OgIuwq6WbKRQ JBoxkKV8NQOEueN5+qa53ZNYSGFdXy8NLJ2wYM4H1fYXZorNFIz+NeLMJ0EDC3PO 0S4PiDnFDT2piPUePX3ttTz0Phn2PAZzH2NuNskezCAJSP0wVGuj8DfaEVOdmN/0 uV8XefN3uG0Xhombs7NgTVRmk9rJypDTpF03jvxhtSRllW1zVLQiLh8LIfSevVQj 83eu9GWw94052xoxcgy/2G85fZCtWZ+Hno6KV2qu4UC22ag/kFMl7YbaiEDfDf5g /gwliY8HQf19IRW3P8Uj9JNhDGS3KdCZEQTRwLTskIGPL6zXdTqvT/8rZ/BBqVix 200= -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:41 2026 by rpki-client