This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u2gqoi3OTEmbzJUg4Pml4VrXHBY.roa File: u2gqoi3OTEmbzJUg4Pml4VrXHBY.roa (raw, json) Hash identifier: f3Y1gCC2gMAu3UDSM52PvBl7RR5OtNUAKIUaSc2f2SA= Subject key identifier: BB:68:2A:A2:2D:CE:4C:49:9B:CC:95:20:E0:F9:A5:E1:5A:D7:1C:16 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B7834724B806CC79E172F8523FBFEBE72 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u2gqoi3OTEmbzJUg4Pml4VrXHBY.roa Signing time: Thu 01 Jan 2026 06:17:41 +0000 ROA not before: Thu 01 Jan 2026 06:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61102 IP address blocks: 192.71.27.0/24 maxlen: 24 193.182.144.0/24 maxlen: 24 193.182.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:72:4b:80:6c:c7:9e:17:2f:85:23:fb:fe:be:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bb682aa22dce4c499bcc9520e0f9a5e15ad71c16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:7b:07:d8:f2:7d:0f:ab:4d:c0:6b:38:57:ea: ee:cc:3e:fd:22:57:0c:0a:7c:41:61:39:96:3f:b1: 9e:6d:9a:98:a6:b7:97:ba:22:ec:2d:25:06:13:45: 46:fb:d3:2e:9f:cb:81:57:0d:17:74:20:fe:70:65: 11:e3:12:05:d1:46:39:fc:ac:65:08:a6:17:12:61: 88:b6:bb:f9:bf:6e:de:1f:c7:00:32:49:9d:35:01: 21:ba:31:81:ef:2c:3e:3e:a3:37:fa:5a:10:cd:91: 62:d6:06:54:34:ac:b1:ce:c9:58:c1:0c:43:3f:3e: 9a:86:ab:ec:b9:e6:64:a9:d4:37:7c:d5:60:18:dd: 2a:a3:b1:d3:87:75:81:2c:5e:a2:94:69:00:8c:ab: d9:3a:1c:68:25:69:ba:02:72:e6:8a:d9:51:e6:50: 62:9d:9f:1e:8d:bb:72:db:fe:60:5d:68:6a:06:bc: 82:5f:21:21:93:95:3a:86:11:f2:8a:ba:51:04:73: 58:52:2d:f5:51:ac:0d:1a:b7:87:b9:e6:65:a9:6f: 89:4e:0b:9f:49:51:57:9f:2e:bd:27:08:6a:91:97: 1c:3c:e6:37:af:67:73:de:44:29:8d:1a:03:12:fb: 97:4d:fe:15:10:01:ec:4a:33:0f:3b:de:b4:96:b1: ba:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:68:2A:A2:2D:CE:4C:49:9B:CC:95:20:E0:F9:A5:E1:5A:D7:1C:16 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/u2gqoi3OTEmbzJUg4Pml4VrXHBY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.71.27.0/24 193.182.144.0/23 Signature Algorithm: sha256WithRSAEncryption 22:14:73:53:07:71:e0:a1:73:16:7f:db:f4:9f:88:1f:31:05: ed:d7:43:d3:ed:2e:4c:32:67:73:67:7c:e3:c1:c9:18:0d:8b: 30:2c:b0:ac:61:c2:5a:69:e1:f8:08:6a:2e:4b:57:5f:73:71: a9:0e:cc:e9:d4:f2:ff:73:8c:5d:e0:83:53:81:4e:5c:5d:fa: 44:f6:bd:94:6b:17:4a:7c:08:44:e0:b4:d8:b1:e1:1a:57:75: 93:03:3d:27:33:79:8c:bd:04:11:d9:20:b3:9c:25:92:2d:b3: 18:81:29:72:79:85:37:b6:36:fc:92:0a:cf:c2:86:98:18:e8: cb:b4:16:2c:b8:5c:3c:cc:e3:81:13:59:2b:b7:c4:1c:77:2c: 7a:ee:86:9e:94:c9:f2:50:1d:0a:d1:d3:0e:17:82:07:e2:a4: 07:96:f8:21:da:30:c0:5a:84:1f:dd:7b:0e:f2:a4:c0:b4:59: 21:ca:ad:36:23:5e:9f:2e:55:9c:a8:63:bb:ca:f4:f0:21:fb: d9:b3:b3:8e:de:3d:44:2e:6f:00:e1:10:cd:a9:de:e5:a8:7d: 0b:38:9c:5b:b8:27:c0:17:c4:02:5e:4c:05:e5:a2:ec:5f:1b: d1:1b:d2:45:26:dd:fa:0e:d6:d5:55:f8:5a:62:90:86:ce:c6: 61:a1:d0:b7 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4NHJLgGzHnhcvhSP7/r5yMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYjY4MmFhMjJkY2U0YzQ5OWJjYzk1MjBlMGY5YTVlMTVhZDcxYzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHsH2PJ9D6tNwGs4V+ruzD79IlcM CnxBYTmWP7GebZqYpreXuiLsLSUGE0VG+9Mun8uBVw0XdCD+cGUR4xIF0UY5/Kxl CKYXEmGItrv5v27eH8cAMkmdNQEhujGB7yw+PqM3+loQzZFi1gZUNKyxzslYwQxD Pz6ahqvsueZkqdQ3fNVgGN0qo7HTh3WBLF6ilGkAjKvZOhxoJWm6AnLmitlR5lBi nZ8ejbty2/5gXWhqBryCXyEhk5U6hhHyirpRBHNYUi31UawNGreHueZlqW+JTguf SVFXny69JwhqkZccPOY3r2dz3kQpjRoDEvuXTf4VEAHsSjMPO960lrG6rQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLtoKqItzkxJm8yVIOD5peFa1xwWMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvdTJncW9pM09URW1iekpVZzRQbWw0VnJYSEJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEcbAwQB wbaQMA0GCSqGSIb3DQEBCwUAA4IBAQAiFHNTB3HgoXMWf9v0n4gfMQXt10PT7S5M MmdzZ3zjwckYDYswLLCsYcJaaeH4CGouS1dfc3GpDszp1PL/c4xd4INTgU5cXfpE 9r2UaxdKfAhE4LTYseEaV3WTAz0nM3mMvQQR2SCznCWSLbMYgSlyeYU3tjb8kgrP woaYGOjLtBYsuFw8zOOBE1krt8Qcdyx67oaelMnyUB0K0dMOF4IH4qQHlvgh2jDA WoQf3XsO8qTAtFkhyq02I16fLlWcqGO7yvTwIfvZs7OO3j1ELm8A4RDNqd7lqH0L OJxbuCfAF8QCXkwF5aLsXxvRG9JFJt36DtbVVfhaYpCGzsZhodC3 -----END CERTIFICATE-----Generated at Sun Jan 25 11:01:51 2026 by rpki-client