This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2bjKc7q00X4FIhAPhsU89RiT3mQ.roa File: 2bjKc7q00X4FIhAPhsU89RiT3mQ.roa (raw, json) Hash identifier: c7uD5tIHHHTi/M4ikq1b+STcQjXlF923kcjllGQ+muE= Subject key identifier: D9:B8:CA:73:BA:B4:D1:7E:05:22:10:0F:86:C5:3C:F5:18:93:DE:64 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019AF28C43BF438C24901949128345CF560C Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2bjKc7q00X4FIhAPhsU89RiT3mQ.roa Signing time: Sat 06 Dec 2025 07:24:29 +0000 ROA not before: Sat 06 Dec 2025 07:24:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 203144 IP address blocks: 94.176.111.0/24 maxlen: 24 217.74.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:8c:43:bf:43:8c:24:90:19:49:12:83:45:cf:56:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Dec 6 07:24:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d9b8ca73bab4d17e0522100f86c53cf51893de64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:52:cd:6e:2c:d3:b6:23:1e:fc:9f:0c:15:5b: d9:36:3c:13:06:28:3b:ab:58:02:99:8c:22:72:07: 2a:d2:8c:a8:0f:f4:06:2e:f3:4e:37:c2:5a:ec:3f: bd:45:0b:d8:8e:94:99:ed:48:03:30:33:2c:21:8a: a4:a2:60:56:ff:34:92:1d:33:12:74:cf:ba:55:88: 70:b5:22:be:5a:83:43:6d:bf:6e:49:89:dd:a2:0d: 8b:9b:bf:fe:1c:06:6b:03:26:f0:09:5d:45:93:67: b7:17:c6:b4:fa:f4:f8:e0:ab:f8:c8:1d:ff:9a:8b: 3a:66:5e:58:30:96:dd:5f:0a:ac:67:e8:dc:60:d1: 17:6e:ee:55:a2:c3:32:34:11:28:a5:97:8d:c4:ae: fd:50:31:a1:78:24:32:f6:5a:f0:68:fd:bb:da:a7: 52:74:85:f6:5e:f4:fc:30:35:3f:0b:e4:42:fe:6b: b2:2f:6b:a2:b6:8f:5f:df:db:50:4d:7d:0b:3c:a0: 88:ad:5f:ba:97:8c:9a:95:ad:d1:f4:da:2d:22:37: 55:a4:d3:77:43:8b:a8:ed:66:2b:2b:f2:88:f2:be: db:f0:7e:b2:69:d4:18:76:23:d8:d2:5a:c8:62:e6: 5a:d0:b1:f2:c4:c6:71:43:96:de:82:7b:74:22:4b: 62:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:B8:CA:73:BA:B4:D1:7E:05:22:10:0F:86:C5:3C:F5:18:93:DE:64 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2bjKc7q00X4FIhAPhsU89RiT3mQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.176.111.0/24 217.74.20.0/24 Signature Algorithm: sha256WithRSAEncryption 09:22:49:e9:be:49:71:3f:1d:4a:bb:71:15:59:a7:58:08:2e: 13:50:4a:b1:67:01:3c:42:5c:e0:a0:1d:03:81:37:1d:21:7d: 50:ef:c6:55:6c:a4:4c:b3:40:94:48:16:f9:a0:8f:74:bc:96: 8c:54:5a:0f:55:81:ad:9e:f7:1f:58:43:0e:67:f9:50:a9:b6: 24:58:b9:6e:96:64:6c:c1:3e:31:7c:67:06:8a:75:0b:09:05: 18:a0:e4:90:16:38:5b:3c:b2:29:bc:f8:8a:2a:ed:30:05:1b: c2:bd:a2:6f:3a:bb:58:ea:b6:b4:9d:0d:b0:ce:2d:36:d5:fd: 4b:52:f1:eb:99:ed:d1:cf:78:43:6d:1e:d5:37:96:d3:7f:26: 57:57:3a:13:f8:a3:92:ca:53:af:0c:c7:69:61:98:5c:4d:16: 2e:5e:78:23:59:9c:86:a0:5a:b9:b4:d6:2a:24:76:56:b0:d7: 27:97:71:f2:84:2d:ee:4f:b2:31:9e:75:b8:04:0c:21:66:dc: 18:02:93:dd:3b:c1:62:61:b5:87:5b:d7:55:99:29:cc:31:b7: b4:90:3f:c3:6e:b0:05:f3:ea:bc:57:2a:2b:34:15:9b:34:8d: 83:05:70:74:aa:48:b5:e2:c4:ea:af:2c:4f:cc:cc:2e:f2:79: ec:72:88:ab -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZryjEO/Q4wkkBlJEoNFz1YMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjUxMjA2MDcyNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOWI4Y2E3M2JhYjRkMTdlMDUyMjEwMGY4NmM1M2NmNTE4OTNkZTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1LNbizTtiMe/J8MFVvZNjwTBig7 q1gCmYwicgcq0oyoD/QGLvNON8Ja7D+9RQvYjpSZ7UgDMDMsIYqkomBW/zSSHTMS dM+6VYhwtSK+WoNDbb9uSYndog2Lm7/+HAZrAybwCV1Fk2e3F8a0+vT44Kv4yB3/ mos6Zl5YMJbdXwqsZ+jcYNEXbu5VosMyNBEopZeNxK79UDGheCQy9lrwaP272qdS dIX2XvT8MDU/C+RC/muyL2uito9f39tQTX0LPKCIrV+6l4yala3R9NotIjdVpNN3 Q4uo7WYrK/KI8r7b8H6yadQYdiPY0lrIYuZa0LHyxMZxQ5begnt0IktiYQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNm4ynO6tNF+BSIQD4bFPPUYk95kMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvMmJqS2M3cTAwWDRGSWhBUGhzVTg5UmlUM21RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrBvAwQA 2UoUMA0GCSqGSIb3DQEBCwUAA4IBAQAJIknpvklxPx1Ku3EVWadYCC4TUEqxZwE8 QlzgoB0DgTcdIX1Q78ZVbKRMs0CUSBb5oI90vJaMVFoPVYGtnvcfWEMOZ/lQqbYk WLlulmRswT4xfGcGinULCQUYoOSQFjhbPLIpvPiKKu0wBRvCvaJvOrtY6ra0nQ2w zi021f1LUvHrme3Rz3hDbR7VN5bTfyZXVzoT+KOSylOvDMdpYZhcTRYuXngjWZyG oFq5tNYqJHZWsNcnl3HyhC3uT7IxnnW4BAwhZtwYApPdO8FiYbWHW9dVmSnMMbe0 kD/DbrAF8+q8VyorNBWbNI2DBXB0qki14sTqryxPzMwu8nnscoir -----END CERTIFICATE-----Generated at Sat Dec 6 17:47:47 2025 by rpki-client