This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/2SpwrO6K0EQk8qayjEpp_xZ4_wg.roa File: 2SpwrO6K0EQk8qayjEpp_xZ4_wg.roa (raw, json) Hash identifier: /eCsd3Bhg9xFbAs/4U2EOV2JeWdYeKmfkwHyIef/wIk= Subject key identifier: D9:2A:70:AC:EE:8A:D0:44:24:F2:A6:B2:8C:4A:69:FF:16:78:FF:08 Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315 Certificate serial: 019B7D5D1A2D6C166A2B3CC60F708938545D Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/2SpwrO6K0EQk8qayjEpp_xZ4_wg.roa Signing time: Fri 02 Jan 2026 06:20:11 +0000 ROA not before: Fri 02 Jan 2026 06:20:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203833 IP address blocks: 79.133.32.0/23 maxlen: 23 79.133.43.0/24 maxlen: 24 159.100.24.0/22 maxlen: 24 2a01:7e1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.mft rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:1a:2d:6c:16:6a:2b:3c:c6:0f:70:89:38:54:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315 Validity Not Before: Jan 2 06:20:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d92a70acee8ad04424f2a6b28c4a69ff1678ff08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:71:ff:b9:6e:64:77:f2:26:2a:64:7a:5e:0e: d6:e5:7c:d6:c0:87:ff:7c:65:d3:81:df:34:03:5c: ed:22:b0:be:7a:4b:df:06:b4:52:db:80:d5:13:3e: 03:2c:93:e0:eb:d2:02:52:8c:3f:14:51:2f:0d:ad: 2f:25:e9:01:70:2a:48:a7:e7:f2:a5:3a:f8:04:b2: d0:9e:86:74:36:2f:69:74:f3:3e:02:8d:16:40:83: 03:4e:3e:80:4d:92:18:49:ff:7e:17:67:b0:e7:fe: 39:dc:a3:17:90:08:0e:81:d6:46:4f:81:2f:50:f1: 57:99:12:8a:f4:6a:7a:f2:71:05:21:1d:f5:08:80: c9:14:58:80:ef:7e:68:b6:67:58:36:90:9e:a6:83: 8c:62:ef:12:20:57:fb:d5:c9:76:e4:2a:15:64:ab: 71:9f:2a:36:90:3b:65:cd:21:da:f2:09:ba:9a:a0: ff:81:bf:ed:e0:0c:4f:cd:87:a8:84:7e:59:2d:24: cd:8e:f3:f4:5a:4a:47:6b:32:8a:ce:e5:36:4f:45: 1a:4d:3a:6e:86:96:54:9a:11:14:86:61:c2:8c:76: 85:ed:16:6b:8e:7c:2b:d9:4c:6b:07:47:1e:ef:ee: 71:c5:05:a6:50:4e:8e:aa:e3:23:6a:2e:2c:37:38: cc:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:2A:70:AC:EE:8A:D0:44:24:F2:A6:B2:8C:4A:69:FF:16:78:FF:08 X509v3 Authority Key Identifier: keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/2SpwrO6K0EQk8qayjEpp_xZ4_wg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.133.32.0/23 79.133.43.0/24 159.100.24.0/22 IPv6: 2a01:7e1::/32 Signature Algorithm: sha256WithRSAEncryption 3f:c8:7a:48:c6:73:6b:4b:c0:a5:42:fe:cc:0f:8a:f8:bc:dc: 32:14:ce:7b:4c:9c:96:ad:03:db:68:1b:de:9f:a1:4a:8d:fb: 95:6e:4b:eb:1d:cb:16:24:a7:a4:a7:c3:eb:8f:50:c4:6e:82: bf:af:c2:66:bd:50:bd:03:ad:34:6f:63:61:ec:79:c8:24:ab: 0b:01:ef:07:ca:80:16:f5:9b:3d:5a:c6:58:99:a0:ab:c6:58: 84:c8:96:a3:e0:08:b0:d3:12:ea:d1:79:46:7e:13:80:98:b2: 4b:5b:74:8b:49:d2:aa:aa:9f:8e:3b:c3:e8:3b:ef:89:ac:b1: 32:62:e8:f9:a8:bd:c7:6f:67:ff:0e:2e:f2:4c:57:43:43:33: 8f:61:e9:4f:11:85:16:e2:71:64:c7:86:8a:71:dd:0e:06:98: 17:51:f0:ba:50:c1:d7:d2:5b:4f:59:91:7a:fa:35:33:3c:49: 2c:4a:0c:fe:cf:a1:ef:52:99:bd:bc:32:75:2e:d3:28:04:c4: 13:fe:ed:a8:f0:9c:99:b7:5b:c4:b9:40:b5:42:39:63:86:18: 22:a1:c9:f9:cd:68:69:42:c8:0f:75:52:1c:34:51:81:de:43: a6:69:b5:6b:39:d7:4e:34:da:10:8d:ec:16:b9:f4:29:79:3e: 06:ea:ba:4c -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt9XRotbBZqKzzGD3CJOFRdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3 NWQzMTUwHhcNMjYwMTAyMDYyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTJhNzBhY2VlOGFkMDQ0MjRmMmE2YjI4YzRhNjlmZjE2NzhmZjA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23H/uW5kd/ImKmR6Xg7W5XzWwIf/ fGXTgd80A1ztIrC+ekvfBrRS24DVEz4DLJPg69ICUow/FFEvDa0vJekBcCpIp+fy pTr4BLLQnoZ0Ni9pdPM+Ao0WQIMDTj6ATZIYSf9+F2ew5/453KMXkAgOgdZGT4Ev UPFXmRKK9Gp68nEFIR31CIDJFFiA735otmdYNpCepoOMYu8SIFf71cl25CoVZKtx nyo2kDtlzSHa8gm6mqD/gb/t4AxPzYeohH5ZLSTNjvP0WkpHazKKzuU2T0UaTTpu hpZUmhEUhmHCjHaF7RZrjnwr2UxrB0ce7+5xxQWmUE6OquMjai4sNzjMaQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFNkqcKzuitBEJPKmsoxKaf8WeP8IMB8GA1UdIwQY MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt MzNkNzI4NDMzYzExLzEvMlNwd3JPNkswRVFrOHFheWpFcHBfeFo0X3dnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBT4UgAwQA T4UrAwQCn2QYMA0EAgACMAcDBQAqAQfhMA0GCSqGSIb3DQEBCwUAA4IBAQA/yHpI xnNrS8ClQv7MD4r4vNwyFM57TJyWrQPbaBven6FKjfuVbkvrHcsWJKekp8Prj1DE boK/r8JmvVC9A600b2Nh7HnIJKsLAe8HyoAW9Zs9WsZYmaCrxliEyJaj4Aiw0xLq 0XlGfhOAmLJLW3SLSdKqqp+OO8PoO++JrLEyYuj5qL3Hb2f/Di7yTFdDQzOPYelP EYUW4nFkx4aKcd0OBpgXUfC6UMHX0ltPWZF6+jUzPEksSgz+z6HvUpm9vDJ1LtMo BMQT/u2o8JyZt1vEuUC1Qjljhhgiocn5zWhpQsgPdVIcNFGB3kOmabVrOddONNoQ jewWufQpeT4G6rpM -----END CERTIFICATE-----Generated at Sun Jan 25 20:58:56 2026 by rpki-client