This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/G2_PiUJpUwNaL9OFJdICG-GBzaI.roa File: G2_PiUJpUwNaL9OFJdICG-GBzaI.roa (raw, json) Hash identifier: lDduugUTdXOP9UBT5qryDM5SzsJ+d6xRkObDWeT06oc= Subject key identifier: 1B:6F:CF:89:42:69:53:03:5A:2F:D3:85:25:D2:02:1B:E1:81:CD:A2 Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120 Certificate serial: 019B797F2E4FE7DE16E00766DBA803FD6013 Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/G2_PiUJpUwNaL9OFJdICG-GBzaI.roa Signing time: Thu 01 Jan 2026 12:18:56 +0000 ROA not before: Thu 01 Jan 2026 12:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58010 IP address blocks: 37.208.104.0/21 maxlen: 24 37.208.108.0/24 maxlen: 24 185.26.156.0/22 maxlen: 24 185.219.100.0/22 maxlen: 24 185.219.100.0/24 maxlen: 24 193.243.164.0/23 maxlen: 24 195.74.88.0/23 maxlen: 24 2a00:d0c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.mft rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:2e:4f:e7:de:16:e0:07:66:db:a8:03:fd:60:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120 Validity Not Before: Jan 1 12:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1b6fcf89426953035a2fd38525d2021be181cda2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b8:5b:68:ec:90:a7:f3:48:30:2c:79:81:ae: 7d:aa:62:aa:9a:e0:e3:30:f5:7f:33:bb:1b:5d:97: 9c:3d:44:ab:df:f2:25:34:27:d2:c5:5b:ac:02:9a: 53:d6:df:5d:f8:56:03:98:e7:d8:0d:be:07:69:c3: b5:4c:b0:d8:33:c8:dd:5f:15:95:da:52:fc:aa:4c: 7a:dc:1e:13:fc:72:41:dc:17:96:30:0f:c0:24:ec: e2:53:1b:a0:f7:c4:b3:ec:08:c9:a6:33:9c:23:2d: fa:51:f6:f5:39:8e:c4:6c:61:db:8b:4a:b1:4a:6b: 18:5d:68:6e:bb:5e:ed:ce:c9:55:85:c5:82:d6:ed: d5:a9:61:12:6e:4b:3b:75:e8:e8:69:d5:b4:7a:d1: f6:4e:8f:73:fe:6a:c4:50:00:3f:e5:c2:f2:3a:18: 05:1f:94:1e:3f:ec:06:22:7b:0a:dc:28:11:7b:02: 28:35:eb:4d:33:47:43:22:53:e6:9b:8f:e8:46:b7: 4c:fa:9a:45:57:9d:1b:84:26:b0:7e:89:71:05:53: 9a:f2:ab:2a:fb:5e:28:4c:ff:a2:a9:1a:61:53:40: 81:d1:51:3b:71:43:1d:96:c1:71:81:6b:5d:32:5e: c4:1c:42:c0:04:04:b2:c4:cd:6e:23:db:16:de:09: 09:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:6F:CF:89:42:69:53:03:5A:2F:D3:85:25:D2:02:1B:E1:81:CD:A2 X509v3 Authority Key Identifier: keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/G2_PiUJpUwNaL9OFJdICG-GBzaI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.208.104.0/21 185.26.156.0/22 185.219.100.0/22 193.243.164.0/23 195.74.88.0/23 IPv6: 2a00:d0c0::/32 Signature Algorithm: sha256WithRSAEncryption 9d:4c:c6:a0:62:01:34:5c:2c:3e:ee:68:68:58:ef:7f:9c:71: b8:3b:5f:80:67:c5:33:29:b8:e3:46:5d:e4:44:41:9c:58:31: 12:e2:1c:b6:11:21:43:d1:4e:95:2e:99:0c:79:6e:c3:fb:25: d7:27:3a:b5:c9:13:34:5f:aa:72:dd:a5:a0:49:70:1a:82:47: a4:17:15:21:be:cd:08:c3:13:cb:0a:94:23:a1:68:73:ed:b0: 0b:3e:13:c4:20:61:f3:a6:9b:1d:7f:f7:6a:19:17:b8:c7:a7: 6b:3d:d2:93:1c:2d:80:80:3b:bc:30:c1:f1:ee:f6:0e:4d:1b: da:e6:08:83:63:93:76:3d:0a:aa:fc:57:a4:34:3a:18:2e:4b: 5b:0f:dd:d6:cb:5a:c7:49:22:ce:40:f4:e3:8e:26:3d:41:3f: b6:7f:19:35:ef:2d:16:4c:c0:5c:23:59:0d:fe:0c:eb:27:ed: b8:08:98:84:e9:5a:fe:b6:0c:fe:4f:e9:56:ed:26:21:25:d3: 16:7e:bb:45:dc:24:0c:78:63:c7:f4:43:05:39:02:86:33:3f: fd:15:30:78:7f:4c:61:b8:81:41:e4:8c:4d:fe:34:38:67:97: ec:28:fd:c7:86:e7:d7:0a:60:7d:c2:01:24:e3:f3:9d:0a:65: 7a:80:2d:4d -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt5fy5P594W4Adm26gD/WATMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy NjExMjAwHhcNMjYwMTAxMTIxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxYjZmY2Y4OTQyNjk1MzAzNWEyZmQzODUyNWQyMDIxYmUxODFjZGEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLhbaOyQp/NIMCx5ga59qmKqmuDj MPV/M7sbXZecPUSr3/IlNCfSxVusAppT1t9d+FYDmOfYDb4HacO1TLDYM8jdXxWV 2lL8qkx63B4T/HJB3BeWMA/AJOziUxug98Sz7AjJpjOcIy36Ufb1OY7EbGHbi0qx SmsYXWhuu17tzslVhcWC1u3VqWESbks7dejoadW0etH2To9z/mrEUAA/5cLyOhgF H5QeP+wGInsK3CgRewIoNetNM0dDIlPmm4/oRrdM+ppFV50bhCawfolxBVOa8qsq +14oTP+iqRphU0CB0VE7cUMdlsFxgWtdMl7EHELABASyxM1uI9sW3gkJQQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFBtvz4lCaVMDWi/ThSXSAhvhgc2iMB8GA1UdIwQY MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt ZDA1Mzc0NWMyYWNjLzEvRzJfUGlVSnBVd05hTDlPRkpkSUNHLUdCemFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdBoAwQC uRqcAwQCudtkAwQBwfOkAwQBw0pYMA0EAgACMAcDBQAqANDAMA0GCSqGSIb3DQEB CwUAA4IBAQCdTMagYgE0XCw+7mhoWO9/nHG4O1+AZ8UzKbjjRl3kREGcWDES4hy2 ESFD0U6VLpkMeW7D+yXXJzq1yRM0X6py3aWgSXAagkekFxUhvs0IwxPLCpQjoWhz 7bALPhPEIGHzppsdf/dqGRe4x6drPdKTHC2AgDu8MMHx7vYOTRva5giDY5N2PQqq /FekNDoYLktbD93Wy1rHSSLOQPTjjiY9QT+2fxk17y0WTMBcI1kN/gzrJ+24CJiE 6Vr+tgz+T+lW7SYhJdMWfrtF3CQMeGPH9EMFOQKGMz/9FTB4f0xhuIFB5IxN/jQ4 Z5fsKP3HhufXCmB9wgEk4/OdCmV6gC1N -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:51 2026 by rpki-client