This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c68e5f-8efa-43ff-890f-272960bc4322/1/2l3jy0ks1GMTVrjjYXvE6dhr2UM.roa File: 2l3jy0ks1GMTVrjjYXvE6dhr2UM.roa (raw, json) Hash identifier: L4oxBugG8SBzHeTSIckApzq3w111E1/nbM2VYS8YHuw= Subject key identifier: DA:5D:E3:CB:49:2C:D4:63:13:56:B8:E3:61:7B:C4:E9:D8:6B:D9:43 Certificate issuer: /CN=ff925ba5a410467964634cff4afad77a56da4722 Certificate serial: 019B7A59BD172924879345281C41A9BF9007 Authority key identifier: FF:92:5B:A5:A4:10:46:79:64:63:4C:FF:4A:FA:D7:7A:56:DA:47:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_5JbpaQQRnlkY0z_SvrXelbaRyI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c68e5f-8efa-43ff-890f-272960bc4322/1/2l3jy0ks1GMTVrjjYXvE6dhr2UM.roa Signing time: Thu 01 Jan 2026 16:17:40 +0000 ROA not before: Thu 01 Jan 2026 16:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31673 IP address blocks: 185.62.208.0/22 maxlen: 22 2a03:120::/32 maxlen: 32 2a04:72c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c68e5f-8efa-43ff-890f-272960bc4322/1/_5JbpaQQRnlkY0z_SvrXelbaRyI.crl rsync://rpki.ripe.net/repository/DEFAULT/d4/c68e5f-8efa-43ff-890f-272960bc4322/1/_5JbpaQQRnlkY0z_SvrXelbaRyI.mft rsync://rpki.ripe.net/repository/DEFAULT/_5JbpaQQRnlkY0z_SvrXelbaRyI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:59:bd:17:29:24:87:93:45:28:1c:41:a9:bf:90:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff925ba5a410467964634cff4afad77a56da4722 Validity Not Before: Jan 1 16:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=da5de3cb492cd4631356b8e3617bc4e9d86bd943 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:cc:80:8d:7a:f1:c2:1e:25:dc:9c:b7:aa:0b: fd:5b:72:7c:4b:d8:8b:9a:5a:3b:79:82:c7:3a:38: 50:f9:d4:ee:c2:24:4a:1f:f1:80:f4:51:83:03:44: 12:2d:1f:ad:3f:89:19:1d:de:c0:8b:b6:82:3d:65: 4b:74:34:ce:69:71:b9:7c:94:15:17:f0:90:3c:7a: bd:d3:84:15:19:08:47:3b:b3:ff:2d:d2:e4:b9:48: d0:a8:da:d7:14:c9:31:a1:aa:5c:7f:f9:6c:e8:62: 91:55:d0:3c:b1:89:47:73:56:49:b6:99:e4:19:4f: 28:70:b0:7d:fc:e6:57:78:f2:22:7f:0c:c1:65:9e: d9:95:40:00:6e:bc:ed:fe:48:02:78:42:00:d8:00: 05:50:b0:74:f6:82:c0:74:f4:e9:98:e2:c2:80:a0: 34:cd:83:d8:01:37:fd:86:d7:60:03:0a:0f:10:1e: ed:81:0d:b7:29:b9:28:3a:a7:33:95:9e:ee:6c:41: 4c:46:3e:98:e2:49:16:7c:eb:c2:0a:e8:e3:2a:01: df:e9:13:22:38:70:57:dd:4b:2b:38:be:9c:a5:df: 2e:e2:7c:bb:c6:cf:c7:57:75:e8:e4:a8:df:6e:2f: 77:17:8c:8b:7b:98:67:5f:70:2f:7f:ef:24:a6:45: 27:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:5D:E3:CB:49:2C:D4:63:13:56:B8:E3:61:7B:C4:E9:D8:6B:D9:43 X509v3 Authority Key Identifier: keyid:FF:92:5B:A5:A4:10:46:79:64:63:4C:FF:4A:FA:D7:7A:56:DA:47:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_5JbpaQQRnlkY0z_SvrXelbaRyI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c68e5f-8efa-43ff-890f-272960bc4322/1/2l3jy0ks1GMTVrjjYXvE6dhr2UM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c68e5f-8efa-43ff-890f-272960bc4322/1/_5JbpaQQRnlkY0z_SvrXelbaRyI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.62.208.0/22 IPv6: 2a03:120::/32 2a04:72c0::/29 Signature Algorithm: sha256WithRSAEncryption 12:1e:c0:6e:54:b2:2a:0b:db:9c:b2:b9:52:6a:17:56:ad:97: b6:01:b0:23:de:51:de:f1:5c:40:c2:59:b4:df:7b:76:0e:87: 0e:c2:c6:e1:ef:fd:15:a8:26:26:fc:79:12:bf:0d:16:c0:ef: a4:d1:08:15:97:e1:6a:79:93:1b:99:d4:2a:4e:20:35:65:e5: c0:8f:bf:81:af:b4:44:f7:77:bb:3e:cf:e9:c3:60:8b:7d:2b: f0:cf:ed:fe:12:90:93:b0:ec:e0:86:cc:69:00:d6:8f:ec:e7: 3c:8c:30:f5:ab:00:e0:5a:65:26:d2:5f:42:4c:35:a1:0e:6a: 6b:0f:7d:21:cc:13:42:9b:b1:82:a6:f5:e2:8c:00:ff:5e:34: 1d:5c:bb:ed:1d:06:4a:10:48:17:64:ae:3a:f8:5f:d6:c6:0e: a3:4c:85:a3:97:8c:6e:85:9d:de:ad:8a:2a:2f:a5:55:44:28: 34:e2:42:6b:61:52:14:56:1c:bb:56:f5:8f:52:7c:0f:67:1a: e0:1d:d7:05:21:e9:3f:b2:6f:fa:8b:cc:c3:44:ba:28:ac:d9: 57:e4:52:c8:55:e5:b4:62:48:27:7d:63:7a:45:5e:47:0a:b1: ec:89:8c:d5:68:cf:2a:d2:4d:44:8b:0f:ad:13:89:9b:a5:b2: 5f:77:6a:2a -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt6Wb0XKSSHk0UoHEGpv5AHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmOTI1YmE1YTQxMDQ2Nzk2NDYzNGNmZjRhZmFkNzdhNTZk YTQ3MjIwHhcNMjYwMTAxMTYxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYTVkZTNjYjQ5MmNkNDYzMTM1NmI4ZTM2MTdiYzRlOWQ4NmJkOTQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcyAjXrxwh4l3Jy3qgv9W3J8S9iL mlo7eYLHOjhQ+dTuwiRKH/GA9FGDA0QSLR+tP4kZHd7Ai7aCPWVLdDTOaXG5fJQV F/CQPHq904QVGQhHO7P/LdLkuUjQqNrXFMkxoapcf/ls6GKRVdA8sYlHc1ZJtpnk GU8ocLB9/OZXePIifwzBZZ7ZlUAAbrzt/kgCeEIA2AAFULB09oLAdPTpmOLCgKA0 zYPYATf9htdgAwoPEB7tgQ23KbkoOqczlZ7ubEFMRj6Y4kkWfOvCCujjKgHf6RMi OHBX3UsrOL6cpd8u4ny7xs/HV3Xo5Kjfbi93F4yLe5hnX3Avf+8kpkUnlQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFNpd48tJLNRjE1a442F7xOnYa9lDMB8GA1UdIwQY MBaAFP+SW6WkEEZ5ZGNM/0r613pW2kciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzVKYnBhUVFSbmxrWTB6X1N2clhlbGJhUnlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jNjhlNWYtOGVmYS00M2ZmLTg5MGYt MjcyOTYwYmM0MzIyLzEvMmwzankwa3MxR01UVnJqallYdkU2ZGhyMlVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNC9jNjhlNWYtOGVmYS00M2ZmLTg5MGYtMjcyOTYwYmM0MzIy LzEvXzVKYnBhUVFSbmxrWTB6X1N2clhlbGJhUnlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuT7QMBQE AgACMA4DBQAqAwEgAwUDKgRywDANBgkqhkiG9w0BAQsFAAOCAQEAEh7AblSyKgvb nLK5UmoXVq2XtgGwI95R3vFcQMJZtN97dg6HDsLG4e/9FagmJvx5Er8NFsDvpNEI FZfhanmTG5nUKk4gNWXlwI+/ga+0RPd3uz7P6cNgi30r8M/t/hKQk7Ds4IbMaQDW j+znPIww9asA4FplJtJfQkw1oQ5qaw99IcwTQpuxgqb14owA/140HVy77R0GShBI F2SuOvhf1sYOo0yFo5eMboWd3q2KKi+lVUQoNOJCa2FSFFYcu1b1j1J8D2ca4B3X BSHpP7Jv+ovMw0S6KKzZV+RSyFXltGJIJ31jekVeRwqx7ImM1WjPKtJNRIsPrROJ m6WyX3dqKg== -----END CERTIFICATE-----Generated at Mon Jan 26 06:20:33 2026 by rpki-client