This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/2fl4t7q00Z6Vf4-8yhmMEGkbkiA.roa File: 2fl4t7q00Z6Vf4-8yhmMEGkbkiA.roa (raw, json) Hash identifier: hkD6ASs7Qj8pLvO0tARjKy3xlVzhv6xHuOxacyAQkNc= Subject key identifier: D9:F9:78:B7:BA:B4:D1:9E:95:7F:8F:BC:CA:19:8C:10:69:1B:92:20 Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413 Certificate serial: 019B7AC7F886F46310977DBE9CF04DF1B703 Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/2fl4t7q00Z6Vf4-8yhmMEGkbkiA.roa Signing time: Thu 01 Jan 2026 18:18:04 +0000 ROA not before: Thu 01 Jan 2026 18:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212179 IP address blocks: 212.172.0.0/16 maxlen: 24 212.172.20.0/24 maxlen: 32 212.172.165.128/27 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:f8:86:f4:63:10:97:7d:be:9c:f0:4d:f1:b7:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413 Validity Not Before: Jan 1 18:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d9f978b7bab4d19e957f8fbcca198c10691b9220 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:08:bd:1f:b4:f0:4c:c2:81:83:b9:65:eb:3f: 44:4c:75:b2:8e:9b:e3:dd:4d:83:4a:1a:17:37:d9: 0e:2a:55:93:55:92:6f:02:de:73:8e:19:4d:5e:5c: d9:7c:1d:77:fa:51:3d:77:a2:68:45:3f:6f:d0:7f: 90:66:16:bc:d5:f5:0a:3f:9a:01:09:c9:7c:dc:67: 9b:ff:7b:48:fa:3c:2d:c3:3f:06:20:14:dc:65:35: 2c:4a:85:4f:08:ab:09:f7:5a:6f:b5:9d:3a:69:b4: c7:a6:b7:40:be:48:a4:a0:f9:dc:94:af:a3:70:a4: 10:50:c5:32:55:c1:d5:bc:00:38:4f:99:28:ef:8f: 1c:4d:5b:99:3c:d5:5d:83:76:28:d5:b9:dc:80:be: f1:40:38:11:2a:b6:90:d1:26:4e:be:51:41:f0:7e: ac:46:41:ad:b2:71:05:ce:b4:c7:af:7d:f1:c8:73: 8b:91:a4:4b:23:62:6b:f2:ce:ad:23:0f:a4:60:d8: 38:10:b7:6c:9d:ce:cc:96:9e:e2:45:a6:e9:93:6f: 6e:bc:e8:61:8c:63:b9:54:2e:ee:4f:44:64:8b:c6: 28:0d:f9:45:53:db:02:93:78:85:43:4b:3c:38:79: 5b:b2:dc:ab:ae:e3:03:dd:22:a5:5d:72:7a:c0:f5: 54:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:F9:78:B7:BA:B4:D1:9E:95:7F:8F:BC:CA:19:8C:10:69:1B:92:20 X509v3 Authority Key Identifier: keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/2fl4t7q00Z6Vf4-8yhmMEGkbkiA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.172.0.0/16 Signature Algorithm: sha256WithRSAEncryption 43:e7:7c:49:6c:50:fd:84:5b:02:19:96:31:d0:c1:a1:c6:92: 2c:c9:aa:ef:2d:56:a6:6d:95:07:bc:47:ad:5a:97:e6:76:0d: 80:c7:9e:d0:9e:86:78:08:05:63:29:cc:a4:69:d6:90:c8:a5: 44:e9:ce:9f:b5:2d:ef:15:a9:c0:3f:87:d0:1d:66:42:e5:3f: 67:dc:4d:57:2c:2d:04:05:91:03:e7:8a:f3:36:7c:57:a2:7d: d9:a5:0e:15:a1:dc:fe:e1:cf:17:10:b0:83:19:89:4c:2a:74: 7d:8e:fb:a9:cb:33:65:ce:21:ce:6b:17:d3:30:64:f3:f9:f4: 52:54:11:df:7d:96:be:0c:02:da:b0:e3:27:92:ef:ac:45:d6: b0:2a:c9:a7:7d:d8:a8:e5:e3:23:7d:ee:d0:ec:53:64:33:1a: 2e:40:26:7b:51:57:4c:b8:f8:ec:14:e3:0d:60:0b:86:7b:83: 11:34:7f:f7:dc:9c:74:67:ae:d1:77:69:2e:2d:7a:e4:8f:57: 3e:c2:0f:35:54:17:75:3f:31:35:26:f8:cc:d1:d0:3c:25:07: 16:22:85:e3:92:ba:bd:df:7a:f7:20:a4:62:f9:6d:6c:6e:ee: e1:97:ed:74:8e:c5:44:d0:83:3a:44:83:81:3e:ea:d2:6f:70: 96:33:ca:1f -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt6x/iG9GMQl32+nPBN8bcDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx ZGQ0MTMwHhcNMjYwMTAxMTgxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWY5NzhiN2JhYjRkMTllOTU3ZjhmYmNjYTE5OGMxMDY5MWI5MjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogi9H7TwTMKBg7ll6z9ETHWyjpvj 3U2DShoXN9kOKlWTVZJvAt5zjhlNXlzZfB13+lE9d6JoRT9v0H+QZha81fUKP5oB Ccl83Geb/3tI+jwtwz8GIBTcZTUsSoVPCKsJ91pvtZ06abTHprdAvkikoPnclK+j cKQQUMUyVcHVvAA4T5ko748cTVuZPNVdg3Yo1bncgL7xQDgRKraQ0SZOvlFB8H6s RkGtsnEFzrTHr33xyHOLkaRLI2Jr8s6tIw+kYNg4ELdsnc7Mlp7iRabpk29uvOhh jGO5VC7uT0Rki8YoDflFU9sCk3iFQ0s8OHlbstyrruMD3SKlXXJ6wPVUMQIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFNn5eLe6tNGelX+PvMoZjBBpG5IgMB8GA1UdIwQY MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct OTU4MTEyYTQ4OWE0LzEvMmZsNHQ3cTAwWjZWZjQtOHlobU1FR2tia2lBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0 LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA1KwwDQYJ KoZIhvcNAQELBQADggEBAEPnfElsUP2EWwIZljHQwaHGkizJqu8tVqZtlQe8R61a l+Z2DYDHntCehngIBWMpzKRp1pDIpUTpzp+1Le8VqcA/h9AdZkLlP2fcTVcsLQQF kQPnivM2fFeifdmlDhWh3P7hzxcQsIMZiUwqdH2O+6nLM2XOIc5rF9MwZPP59FJU Ed99lr4MAtqw4yeS76xF1rAqyad92Kjl4yN97tDsU2QzGi5AJntRV0y4+OwU4w1g C4Z7gxE0f/fcnHRnrtF3aS4teuSPVz7CDzVUF3U/MTUm+MzR0DwlBxYiheOSur3f evcgpGL5bWxu7uGX7XSOxUTQgzpEg4E+6tJvcJYzyh8= -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:48 2026 by rpki-client