This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/8nh2nz59r4IDN5IE02ZK_JnePnU.roa File: 8nh2nz59r4IDN5IE02ZK_JnePnU.roa (raw, json) Hash identifier: EoqGd1iJrSXTEZ94UblIUe3hHKZv1dQEjjg+tiyKHkY= Subject key identifier: F2:78:76:9F:3E:7D:AF:82:03:37:92:04:D3:66:4A:FC:99:DE:3E:75 Certificate issuer: /CN=2ca37da970c466457583bbe02b2a0e72fbdc6328 Certificate serial: 019B7AC911D451A80ECD22B6084E64E121E8 Authority key identifier: 2C:A3:7D:A9:70:C4:66:45:75:83:BB:E0:2B:2A:0E:72:FB:DC:63:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LKN9qXDEZkV1g7vgKyoOcvvcYyg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/8nh2nz59r4IDN5IE02ZK_JnePnU.roa Signing time: Thu 01 Jan 2026 18:19:16 +0000 ROA not before: Thu 01 Jan 2026 18:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59729 IP address blocks: 80.89.12.0/24 maxlen: 24 80.89.13.0/24 maxlen: 24 80.89.14.0/24 maxlen: 24 80.89.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/LKN9qXDEZkV1g7vgKyoOcvvcYyg.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/LKN9qXDEZkV1g7vgKyoOcvvcYyg.mft rsync://rpki.ripe.net/repository/DEFAULT/LKN9qXDEZkV1g7vgKyoOcvvcYyg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:11:d4:51:a8:0e:cd:22:b6:08:4e:64:e1:21:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ca37da970c466457583bbe02b2a0e72fbdc6328 Validity Not Before: Jan 1 18:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f278769f3e7daf8203379204d3664afc99de3e75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d6:0c:b8:4d:23:ad:d8:7c:be:c1:09:c0:8c: 46:5a:fb:a6:2e:93:1c:b5:32:0e:68:91:b4:ee:74: 89:91:f2:9a:37:e5:8f:86:1d:f6:f2:7c:51:bc:fb: 5d:03:c5:44:ee:e2:82:a9:ef:12:31:ef:f7:46:bf: 4c:69:08:a1:54:94:65:ef:de:cd:ae:72:bf:89:6e: 97:11:61:be:82:b7:88:a9:90:91:03:8f:3b:ea:30: 3a:16:cc:4c:a2:03:84:25:b2:bb:43:01:f4:13:61: 45:7a:84:c3:f6:05:a7:c4:93:4f:98:e7:1e:ae:cc: 78:ee:7c:7b:6c:74:81:70:7d:ae:d3:fe:c3:1d:90: 00:f4:bb:06:71:5b:f7:2b:74:dd:e3:dd:9f:67:be: 62:5d:9a:8f:eb:6e:d8:a6:18:75:2b:ff:c3:a0:c2: eb:ac:f9:fd:c2:63:27:10:0b:b4:c7:e5:33:b8:72: fd:10:71:2c:85:88:58:d9:28:6d:f8:e1:42:09:ba: dc:4e:1a:a9:ac:64:8d:41:d9:4b:c9:66:3e:0e:33: 71:53:a9:a6:85:9f:f6:15:2f:42:c0:c3:ad:27:67: e5:de:4a:d1:ca:e4:ec:ed:17:11:d1:f7:fc:b4:64: 6f:e5:15:7d:4d:60:2e:79:06:dc:d0:ec:fd:c0:38: 99:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:78:76:9F:3E:7D:AF:82:03:37:92:04:D3:66:4A:FC:99:DE:3E:75 X509v3 Authority Key Identifier: keyid:2C:A3:7D:A9:70:C4:66:45:75:83:BB:E0:2B:2A:0E:72:FB:DC:63:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LKN9qXDEZkV1g7vgKyoOcvvcYyg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/8nh2nz59r4IDN5IE02ZK_JnePnU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2492fd-6e37-4582-84e8-8ca25f488ebf/1/LKN9qXDEZkV1g7vgKyoOcvvcYyg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.89.12.0/22 Signature Algorithm: sha256WithRSAEncryption d3:dd:01:c5:29:47:0a:44:e2:03:e2:ab:f9:4e:62:57:d3:fa: 9d:9b:5c:27:04:f4:62:31:f1:e9:85:da:a4:7c:e6:11:30:d8: ac:7c:29:90:fe:92:1b:92:cf:e9:51:1b:63:07:64:b7:7b:e4: b3:04:ce:38:83:db:42:75:28:d8:0e:4c:ec:1a:fa:69:10:b5: 72:15:e8:79:a4:e8:81:fa:d4:ae:f8:d7:a9:1b:54:52:ea:32: aa:73:1b:01:b1:4c:d9:b3:3a:d5:26:e0:cc:88:5d:ae:0d:ef: 02:30:12:92:5b:34:0e:61:a6:fd:75:21:a9:d3:26:03:49:d6: 95:f1:44:e3:1c:ed:79:9b:8e:36:de:28:91:c9:ef:b1:b2:ed: 69:ec:c9:61:4e:2c:8d:52:9b:b5:e3:2f:50:76:92:9b:ed:d1: 2a:ae:f7:fc:b8:7a:44:bc:28:e9:9f:c4:27:5d:15:7d:22:c7: 82:2e:37:58:13:5d:4a:e6:62:f5:4e:46:ab:2f:9f:09:75:94: e0:ee:28:db:ca:35:fa:ea:cc:1e:2c:4b:fc:b2:7e:05:ed:4d: a1:6d:bc:08:10:12:50:ab:c0:b6:a1:3f:3b:1f:d8:2e:9a:9f: bc:3d:ce:93:3a:3e:92:51:54:42:3d:c8:fa:22:81:ed:04:fc: 9d:f7:5a:83 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yRHUUagOzSK2CE5k4SHoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYTM3ZGE5NzBjNDY2NDU3NTgzYmJlMDJiMmEwZTcyZmJk YzYzMjgwHhcNMjYwMTAxMTgxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjc4NzY5ZjNlN2RhZjgyMDMzNzkyMDRkMzY2NGFmYzk5ZGUzZTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudYMuE0jrdh8vsEJwIxGWvumLpMc tTIOaJG07nSJkfKaN+WPhh328nxRvPtdA8VE7uKCqe8SMe/3Rr9MaQihVJRl797N rnK/iW6XEWG+greIqZCRA4876jA6FsxMogOEJbK7QwH0E2FFeoTD9gWnxJNPmOce rsx47nx7bHSBcH2u0/7DHZAA9LsGcVv3K3Td492fZ75iXZqP627Yphh1K//DoMLr rPn9wmMnEAu0x+UzuHL9EHEshYhY2Sht+OFCCbrcThqprGSNQdlLyWY+DjNxU6mm hZ/2FS9CwMOtJ2fl3krRyuTs7RcR0ff8tGRv5RV9TWAueQbc0Oz9wDiZ6wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPJ4dp8+fa+CAzeSBNNmSvyZ3j51MB8GA1UdIwQY MBaAFCyjfalwxGZFdYO74CsqDnL73GMoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEtOOXFYREVaa1YxZzd2Z0t5b09jdnZjWXlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yNDkyZmQtNmUzNy00NTgyLTg0ZTgt OGNhMjVmNDg4ZWJmLzEvOG5oMm56NTlyNElETjVJRTAyWktfSm5lUG5VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi8yNDkyZmQtNmUzNy00NTgyLTg0ZTgtOGNhMjVmNDg4ZWJm LzEvTEtOOXFYREVaa1YxZzd2Z0t5b09jdnZjWXlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUFkMMA0G CSqGSIb3DQEBCwUAA4IBAQDT3QHFKUcKROID4qv5TmJX0/qdm1wnBPRiMfHphdqk fOYRMNisfCmQ/pIbks/pURtjB2S3e+SzBM44g9tCdSjYDkzsGvppELVyFeh5pOiB +tSu+NepG1RS6jKqcxsBsUzZszrVJuDMiF2uDe8CMBKSWzQOYab9dSGp0yYDSdaV 8UTjHO15m4423iiRye+xsu1p7MlhTiyNUpu14y9QdpKb7dEqrvf8uHpEvCjpn8Qn XRV9IseCLjdYE11K5mL1TkarL58JdZTg7ijbyjX66sweLEv8sn4F7U2hbbwIEBJQ q8C2oT87H9gump+8Pc6TOj6SUVRCPcj6IoHtBPyd91qD -----END CERTIFICATE-----Generated at Sun Jan 25 16:11:54 2026 by rpki-client