This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/2SUVJ80PsPV5Sm7U3L8hHtyTcHk.roa File: 2SUVJ80PsPV5Sm7U3L8hHtyTcHk.roa (raw, json) Hash identifier: KC9QuJ44Bvhyw7hXPqUGMgqZJZPJd+t4xVPwghxLews= Subject key identifier: D9:25:15:27:CD:0F:B0:F5:79:4A:6E:D4:DC:BF:21:1E:DC:93:70:79 Certificate issuer: /CN=f2de8ebddd084163a90b9ae50397b2db49cb17ad Certificate serial: 019B79103C9150973D283353A62F787B00D3 Authority key identifier: F2:DE:8E:BD:DD:08:41:63:A9:0B:9A:E5:03:97:B2:DB:49:CB:17:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/2SUVJ80PsPV5Sm7U3L8hHtyTcHk.roa Signing time: Thu 01 Jan 2026 10:17:45 +0000 ROA not before: Thu 01 Jan 2026 10:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57626 IP address blocks: 37.9.216.0/21 maxlen: 24 37.9.216.0/22 maxlen: 24 37.9.220.0/22 maxlen: 24 45.158.240.0/22 maxlen: 23 2a07:b700::/29 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.crl rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.mft rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:3c:91:50:97:3d:28:33:53:a6:2f:78:7b:00:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f2de8ebddd084163a90b9ae50397b2db49cb17ad Validity Not Before: Jan 1 10:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9251527cd0fb0f5794a6ed4dcbf211edc937079 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a6:49:53:cd:d4:7b:4d:b7:b0:24:24:9a:47: ae:7d:60:38:26:e0:f9:89:6a:a2:53:85:f6:7b:76: a4:87:29:03:81:b2:a5:ac:47:6a:c0:28:04:ee:4d: 9e:50:c9:72:37:32:24:29:de:52:76:50:93:01:f6: 21:66:1c:2b:ed:f5:40:49:da:ef:1b:16:6e:60:39: aa:4b:c8:72:b3:fb:9a:9d:e3:21:15:35:57:47:73: f9:93:cb:a4:52:4e:41:36:90:f8:3e:02:56:9b:e0: ed:58:1a:cf:a5:72:fa:79:fe:8a:d2:d3:e8:18:7c: 38:97:3b:8a:cb:2e:61:4d:a6:ff:12:d4:79:48:37: 21:9a:0f:da:ad:e6:2d:e0:10:e9:99:00:34:ec:17: a3:0a:48:4d:31:18:4d:3e:79:e8:31:bb:1c:ea:5a: b2:f2:2f:6f:66:85:b7:08:1e:d0:40:29:0c:e2:0c: a8:d8:44:6f:66:58:48:7a:c5:0d:ce:fb:ae:87:5e: c8:05:be:95:d9:49:9b:5b:43:7b:ac:50:39:8f:c7: 61:16:f7:fc:52:70:5a:de:e9:5e:55:f2:08:7c:d1: ec:cf:85:94:68:58:48:0c:09:fb:b0:3b:dc:84:d4: fb:cd:5a:35:6e:2d:a8:f0:64:e2:2b:24:12:f5:47: 07:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:25:15:27:CD:0F:B0:F5:79:4A:6E:D4:DC:BF:21:1E:DC:93:70:79 X509v3 Authority Key Identifier: keyid:F2:DE:8E:BD:DD:08:41:63:A9:0B:9A:E5:03:97:B2:DB:49:CB:17:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8t6Ovd0IQWOpC5rlA5ey20nLF60.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/2SUVJ80PsPV5Sm7U3L8hHtyTcHk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c52682-7ea1-42f7-84db-af1ac0f00417/1/8t6Ovd0IQWOpC5rlA5ey20nLF60.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.9.216.0/21 45.158.240.0/22 IPv6: 2a07:b700::/29 Signature Algorithm: sha256WithRSAEncryption ba:71:cb:18:1b:5d:02:a6:23:f7:1b:1b:38:f0:8a:d4:e8:fe: 6b:47:5a:64:d9:de:5c:8a:58:41:a7:ab:ce:18:23:7a:d5:c1: 32:86:da:45:f7:ce:ef:46:7b:8a:90:0c:05:ec:89:77:75:c5: 0d:79:71:b8:d0:c9:e1:1f:53:04:fe:49:6b:c1:d7:2f:37:14: dd:e4:87:f3:b2:eb:9c:54:a5:1b:19:2d:16:6b:c6:7b:82:31: 5a:7a:32:cd:d4:2d:33:3b:c0:e7:28:29:35:69:9c:2a:bf:0c: 38:98:d9:cb:d6:3a:b8:5b:7c:67:80:cf:fe:4d:8c:99:36:a4: 18:eb:bd:53:d4:6a:f3:64:26:e5:d9:cd:bc:c9:4e:9b:eb:f8: 0f:d8:62:52:b5:75:a4:35:f6:76:a0:47:f3:07:53:3e:3b:9b: 7e:59:c0:ee:64:14:58:60:1e:ee:6d:f8:e0:41:cb:ba:fe:02: 9c:52:46:c6:f7:b1:6b:17:09:38:89:c8:40:b9:a8:50:02:d6: 81:b6:41:c0:56:bd:2e:6c:52:60:52:e4:d9:ad:62:ce:c1:07: c6:57:6b:45:41:9d:a7:ca:70:77:6e:42:13:0e:e0:c4:7f:ba: f5:d2:de:4a:3f:46:3e:48:77:ed:c0:9f:3e:74:29:8e:d9:d3: 72:f6:5c:f8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5EDyRUJc9KDNTpi94ewDTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyZGU4ZWJkZGQwODQxNjNhOTBiOWFlNTAzOTdiMmRiNDlj YjE3YWQwHhcNMjYwMTAxMTAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTI1MTUyN2NkMGZiMGY1Nzk0YTZlZDRkY2JmMjExZWRjOTM3MDc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaZJU83Ue023sCQkmkeufWA4JuD5 iWqiU4X2e3akhykDgbKlrEdqwCgE7k2eUMlyNzIkKd5SdlCTAfYhZhwr7fVASdrv GxZuYDmqS8hys/uaneMhFTVXR3P5k8ukUk5BNpD4PgJWm+DtWBrPpXL6ef6K0tPo GHw4lzuKyy5hTab/EtR5SDchmg/areYt4BDpmQA07BejCkhNMRhNPnnoMbsc6lqy 8i9vZoW3CB7QQCkM4gyo2ERvZlhIesUNzvuuh17IBb6V2UmbW0N7rFA5j8dhFvf8 UnBa3uleVfIIfNHsz4WUaFhIDAn7sDvchNT7zVo1bi2o8GTiKyQS9UcHewIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFNklFSfND7D1eUpu1Ny/IR7ck3B5MB8GA1UdIwQY MBaAFPLejr3dCEFjqQua5QOXsttJyxetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHQ2T3ZkMElRV09wQzVybEE1ZXkyMG5MRjYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9jNTI2ODItN2VhMS00MmY3LTg0ZGIt YWYxYWMwZjAwNDE3LzEvMlNVVko4MFBzUFY1U203VTNMOGhIdHlUY0hrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny9jNTI2ODItN2VhMS00MmY3LTg0ZGItYWYxYWMwZjAwNDE3 LzEvOHQ2T3ZkMElRV09wQzVybEE1ZXkyMG5MRjYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJQnYAwQC LZ7wMA0EAgACMAcDBQMqB7cAMA0GCSqGSIb3DQEBCwUAA4IBAQC6ccsYG10CpiP3 Gxs48IrU6P5rR1pk2d5cilhBp6vOGCN61cEyhtpF987vRnuKkAwF7Il3dcUNeXG4 0MnhH1ME/klrwdcvNxTd5IfzsuucVKUbGS0Wa8Z7gjFaejLN1C0zO8DnKCk1aZwq vww4mNnL1jq4W3xngM/+TYyZNqQY671T1GrzZCbl2c28yU6b6/gP2GJStXWkNfZ2 oEfzB1M+O5t+WcDuZBRYYB7ubfjgQcu6/gKcUkbG97FrFwk4ichAuahQAtaBtkHA Vr0ubFJgUuTZrWLOwQfGV2tFQZ2nynB3bkITDuDEf7r10t5KP0Y+SHftwJ8+dCmO 2dNy9lz4 -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:53 2026 by rpki-client