This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/2NDM2UnGAd2KPMu3UUA1fO528tk.roa File: 2NDM2UnGAd2KPMu3UUA1fO528tk.roa (raw, json) Hash identifier: WD6GmcclgmWq2djvqA2C1xAumTZt22gmy95ALSn/gmc= Subject key identifier: D8:D0:CC:D9:49:C6:01:DD:8A:3C:CB:B7:51:40:35:7C:EE:76:F2:D9 Certificate issuer: /CN=926b9336fcaf3657cedeba53c47e948010877e20 Certificate serial: 019B7E38EAA51440AA6F73B2A01238FC5E14 Authority key identifier: 92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/2NDM2UnGAd2KPMu3UUA1fO528tk.roa Signing time: Fri 02 Jan 2026 10:20:17 +0000 ROA not before: Fri 02 Jan 2026 10:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200428 IP address blocks: 77.93.92.0/22 maxlen: 22 185.151.60.0/22 maxlen: 22 185.163.4.0/22 maxlen: 22 185.229.208.0/22 maxlen: 22 2a0a:2640::/29 maxlen: 29 2a0a:5800::/29 maxlen: 29 2a0d:ce00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.mft rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ea:a5:14:40:aa:6f:73:b2:a0:12:38:fc:5e:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=926b9336fcaf3657cedeba53c47e948010877e20 Validity Not Before: Jan 2 10:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d8d0ccd949c601dd8a3ccbb75140357cee76f2d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:32:f6:c3:2a:d2:85:ed:a3:5c:dd:57:8b:f1: 86:c9:67:8e:7a:5c:d5:12:1e:35:07:5b:09:7b:3f: b9:6e:b4:94:db:62:97:de:a1:53:90:05:25:3a:27: 94:29:16:c0:a1:c9:6f:22:4f:1b:cf:a3:76:66:46: 27:ea:2f:00:1c:69:02:b4:20:7f:26:71:20:a5:0f: 96:2d:ca:cb:dc:0e:16:ca:86:51:75:77:5b:58:58: c1:e7:df:0d:a0:10:6c:37:46:7a:e4:ad:ea:2c:32: 25:c3:b3:48:72:7d:24:c4:99:5f:7b:f1:69:a5:fd: bb:b3:01:42:a3:9d:04:7d:75:8f:9a:3a:73:54:14: cf:0a:fb:83:da:aa:53:12:5a:a0:c1:c8:e8:c8:d8: 14:c0:da:1f:b1:b7:47:6f:25:44:5e:14:62:c8:1a: 3d:d9:0c:6e:d7:7b:83:8d:25:20:c8:04:08:0c:27: b4:1d:c8:fb:56:fc:e7:60:56:bf:09:58:25:93:2f: 3e:38:64:47:45:25:e1:34:7b:4c:a0:05:59:2e:f3: e8:25:65:51:28:2d:9f:5b:e9:17:73:7d:86:c7:bb: 57:bf:4e:4f:33:26:2b:8a:97:39:03:9f:eb:62:bc: 2d:5a:a7:20:32:8d:c9:84:9a:a4:8c:0f:ac:53:57: 09:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:D0:CC:D9:49:C6:01:DD:8A:3C:CB:B7:51:40:35:7C:EE:76:F2:D9 X509v3 Authority Key Identifier: keyid:92:6B:93:36:FC:AF:36:57:CE:DE:BA:53:C4:7E:94:80:10:87:7E:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmuTNvyvNlfO3rpTxH6UgBCHfiA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/2NDM2UnGAd2KPMu3UUA1fO528tk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/efbbf0-e4fa-4431-b1e7-06a24fa74667/1/kmuTNvyvNlfO3rpTxH6UgBCHfiA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.93.92.0/22 185.151.60.0/22 185.163.4.0/22 185.229.208.0/22 IPv6: 2a0a:2640::/29 2a0a:5800::/29 2a0d:ce00::/29 Signature Algorithm: sha256WithRSAEncryption 33:d6:3e:d9:be:b4:f6:86:0b:7c:7f:25:dd:ba:ce:0c:3a:7e: 6b:3b:a0:2c:1e:8d:92:e2:5c:fb:ef:0f:e6:a5:50:86:f2:31: 96:6f:d7:2f:6c:10:0b:dc:6e:6f:ac:66:01:30:b0:86:d2:93: db:f8:cf:e1:c1:ea:ab:f9:43:3d:55:74:b6:b1:b5:11:52:9b: 99:d9:6d:7d:ed:28:07:6b:d8:c7:98:1a:71:68:c3:b9:d9:5c: d8:31:90:11:6d:75:88:8c:63:73:52:32:ca:d6:0e:9b:a8:24: fa:91:c6:a2:d7:67:67:4b:57:55:84:eb:c7:be:1a:5a:82:14: ed:4b:c8:3d:52:72:d3:e2:e8:2e:33:dd:7c:5f:13:1f:37:44: e4:d8:52:e2:a8:11:cf:f0:45:56:41:dd:18:56:4f:4e:27:57: 16:6f:16:06:bd:db:8e:34:6d:fe:c3:33:0c:9d:46:f8:2c:8c: 73:ec:15:81:11:83:8d:1c:79:b0:dc:a2:aa:78:a0:8b:1d:9e: 72:e0:4d:5d:9d:fc:9d:7e:c5:59:10:39:09:22:c5:a2:a1:67: e2:61:21:43:17:74:46:7b:83:87:e5:6f:bf:bd:d0:bd:0c:df: e3:46:45:87:3c:ee:f4:fe:89:4b:55:2e:22:2b:7a:5b:63:60: c2:aa:fb:bb -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt+OOqlFECqb3OyoBI4/F4UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyNmI5MzM2ZmNhZjM2NTdjZWRlYmE1M2M0N2U5NDgwMTA4 NzdlMjAwHhcNMjYwMTAyMTAyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOGQwY2NkOTQ5YzYwMWRkOGEzY2NiYjc1MTQwMzU3Y2VlNzZmMmQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTL2wyrShe2jXN1Xi/GGyWeOelzV Eh41B1sJez+5brSU22KX3qFTkAUlOieUKRbAoclvIk8bz6N2ZkYn6i8AHGkCtCB/ JnEgpQ+WLcrL3A4WyoZRdXdbWFjB598NoBBsN0Z65K3qLDIlw7NIcn0kxJlfe/Fp pf27swFCo50EfXWPmjpzVBTPCvuD2qpTElqgwcjoyNgUwNofsbdHbyVEXhRiyBo9 2Qxu13uDjSUgyAQIDCe0Hcj7VvznYFa/CVglky8+OGRHRSXhNHtMoAVZLvPoJWVR KC2fW+kXc32Gx7tXv05PMyYripc5A5/rYrwtWqcgMo3JhJqkjA+sU1cJhwIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFNjQzNlJxgHdijzLt1FANXzudvLZMB8GA1UdIwQY MBaAFJJrkzb8rzZXzt66U8R+lIAQh34gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTct MDZhMjRmYTc0NjY3LzEvMk5ETTJVbkdBZDJLUE11M1VVQTFmTzUyOHRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi9lZmJiZjAtZTRmYS00NDMxLWIxZTctMDZhMjRmYTc0NjY3 LzEva211VE52eXZObGZPM3JwVHhINlVnQkNIZmlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCTV1cAwQC uZc8AwQCuaMEAwQCueXQMBsEAgACMBUDBQMqCiZAAwUDKgpYAAMFAyoNzgAwDQYJ KoZIhvcNAQELBQADggEBADPWPtm+tPaGC3x/Jd26zgw6fms7oCwejZLiXPvvD+al UIbyMZZv1y9sEAvcbm+sZgEwsIbSk9v4z+HB6qv5Qz1VdLaxtRFSm5nZbX3tKAdr 2MeYGnFow7nZXNgxkBFtdYiMY3NSMsrWDpuoJPqRxqLXZ2dLV1WE68e+GlqCFO1L yD1SctPi6C4z3XxfEx83ROTYUuKoEc/wRVZB3RhWT04nVxZvFga92440bf7DMwyd RvgsjHPsFYERg40cebDcoqp4oIsdnnLgTV2d/J1+xVkQOQkixaKhZ+JhIUMXdEZ7 g4flb7+90L0M3+NGRYc87vT+iUtVLiIreltjYMKq+7s= -----END CERTIFICATE-----Generated at Sun Jan 25 18:21:00 2026 by rpki-client