This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/2SzXHkxCLVLxwqT1VXOIbH7zS1U.roa File: 2SzXHkxCLVLxwqT1VXOIbH7zS1U.roa (raw, json) Hash identifier: aCYVx/y4t8hASeqhW625AjPBxOCwC/8c0JG862QvXD0= Subject key identifier: D9:2C:D7:1E:4C:42:2D:52:F1:C2:A4:F5:55:73:88:6C:7E:F3:4B:55 Certificate issuer: /CN=e465acc90809efb45ccda250a1057618494b86eb Certificate serial: 019B79ECF1110D38A2C85F58DAAAD660A633 Authority key identifier: E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/2SzXHkxCLVLxwqT1VXOIbH7zS1U.roa Signing time: Thu 01 Jan 2026 14:18:49 +0000 ROA not before: Thu 01 Jan 2026 14:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1104 IP address blocks: 185.153.60.0/22 maxlen: 24 192.16.185.0/24 maxlen: 24 192.16.186.0/24 maxlen: 24 192.16.192.0/24 maxlen: 24 192.16.194.0/24 maxlen: 24 192.16.195.0/24 maxlen: 24 192.16.199.0/24 maxlen: 24 2a07:8500::/29 maxlen: 48 2a07:8500::/32 maxlen: 48 2a07:8504::/32 maxlen: 48 2a07:8504:1a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.mft rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:f1:11:0d:38:a2:c8:5f:58:da:aa:d6:60:a6:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e465acc90809efb45ccda250a1057618494b86eb Validity Not Before: Jan 1 14:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d92cd71e4c422d52f1c2a4f55573886c7ef34b55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:87:b2:b8:48:ef:c4:10:c5:87:13:95:c9:de: 03:09:f9:09:e7:c9:4d:11:3a:98:b7:34:40:ff:92: cc:2d:06:dc:12:e0:a6:29:61:ea:cd:fe:ec:03:be: 34:1a:a8:c1:8f:48:73:58:8e:ba:1e:02:fb:3c:88: b2:05:3d:f5:f4:72:b9:a0:98:c1:ad:57:65:a3:d1: c0:ab:b6:f7:30:89:97:ad:57:e4:53:c9:9d:aa:55: 11:53:bd:61:6c:86:e4:a1:d0:2d:16:37:63:50:cf: 30:57:e3:64:6f:60:ff:4f:aa:e2:5f:31:53:cc:0e: 0a:96:4c:63:0a:ca:48:bc:45:c7:d1:dc:f3:3e:78: 91:0d:3b:a9:43:a3:78:94:b4:cc:23:b8:8e:c0:2d: b4:fb:f7:a3:02:b8:6e:f6:02:ce:3d:77:c5:bb:68: 32:81:8a:89:36:5c:a5:1a:7c:e9:bf:aa:87:46:b0: e9:af:75:e5:8e:f9:3b:ad:70:ed:0e:8f:f7:1a:e1: d6:f0:cc:56:b7:55:dd:9d:02:88:e1:bd:de:b8:87: 88:92:be:c2:54:55:63:07:51:e6:cf:24:69:d5:01: 13:32:ae:e6:32:6b:d0:f1:6c:6b:79:e7:0c:b4:58: 32:b9:99:27:14:81:92:6c:cc:b2:aa:bd:a9:a8:c2: 58:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:2C:D7:1E:4C:42:2D:52:F1:C2:A4:F5:55:73:88:6C:7E:F3:4B:55 X509v3 Authority Key Identifier: keyid:E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/2SzXHkxCLVLxwqT1VXOIbH7zS1U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.153.60.0/22 192.16.185.0-192.16.186.255 192.16.192.0/24 192.16.194.0/23 192.16.199.0/24 IPv6: 2a07:8500::/29 Signature Algorithm: sha256WithRSAEncryption 5b:05:de:d9:f5:b5:87:4f:34:0c:34:04:51:09:f2:65:e8:74: ed:56:54:6b:8d:f5:67:f5:02:53:04:f3:ef:52:82:5f:4a:20: 66:2b:fe:bc:a8:ce:5b:a0:2a:f8:24:16:59:74:27:04:e1:9c: 05:15:96:7a:4c:54:fc:24:ba:b0:ee:c2:77:8c:68:17:d5:34: 27:48:57:ec:6f:3d:34:51:9f:18:1e:2a:e1:40:27:d4:68:aa: 9a:68:ac:c9:33:19:e8:d0:eb:00:65:39:c5:3d:b8:d6:07:ae: 7d:25:8c:2a:f6:4e:86:9e:ae:e1:cd:40:dc:1f:ea:82:58:25: 08:ee:85:cd:3c:3c:1e:5b:23:1a:2e:d1:6f:9b:ef:a8:c6:1b: 26:27:b3:6b:fb:1f:f5:41:f5:2a:73:41:f9:d1:ad:58:79:c6: 56:f0:a3:c8:81:a6:39:3a:27:e8:c2:f4:5a:3e:6c:0b:35:17: 59:37:cb:89:6c:fc:78:cb:10:4f:60:e6:2a:4a:ca:7d:3d:49: 6a:87:81:21:b9:7b:ab:c3:09:81:04:bd:e1:d8:77:fd:3a:af: 29:56:de:a3:7a:80:3c:8b:52:76:ef:bf:3e:e8:8a:9a:1b:45: 78:30:33:4d:8e:71:c7:9b:ff:00:96:20:2b:8b:ab:3f:25:cd: a5:96:c1:5f -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt57PERDTiiyF9Y2qrWYKYzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0NjVhY2M5MDgwOWVmYjQ1Y2NkYTI1MGExMDU3NjE4NDk0 Yjg2ZWIwHhcNMjYwMTAxMTQxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTJjZDcxZTRjNDIyZDUyZjFjMmE0ZjU1NTczODg2YzdlZjM0YjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIeyuEjvxBDFhxOVyd4DCfkJ58lN ETqYtzRA/5LMLQbcEuCmKWHqzf7sA740GqjBj0hzWI66HgL7PIiyBT319HK5oJjB rVdlo9HAq7b3MImXrVfkU8mdqlURU71hbIbkodAtFjdjUM8wV+Nkb2D/T6riXzFT zA4KlkxjCspIvEXH0dzzPniRDTupQ6N4lLTMI7iOwC20+/ejArhu9gLOPXfFu2gy gYqJNlylGnzpv6qHRrDpr3Xljvk7rXDtDo/3GuHW8MxWt1XdnQKI4b3euIeIkr7C VFVjB1HmzyRp1QETMq7mMmvQ8WxreecMtFgyuZknFIGSbMyyqr2pqMJYvwIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFNks1x5MQi1S8cKk9VVziGx+80tVMB8GA1UdIwQY MBaAFORlrMkICe+0XM2iUKEFdhhJS4brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYt YzBiM2IwZjU0YmViLzEvMlN6WEhreENMVkx4d3FUMVZYT0liSDd6UzFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYtYzBiM2IwZjU0YmVi LzEvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuZk8MAwD BADAELkDBADAELoDBADAEMADBAHAEMIDBADAEMcwDQQCAAIwBwMFAyoHhQAwDQYJ KoZIhvcNAQELBQADggEBAFsF3tn1tYdPNAw0BFEJ8mXodO1WVGuN9Wf1AlME8+9S gl9KIGYr/ryozlugKvgkFll0JwThnAUVlnpMVPwkurDuwneMaBfVNCdIV+xvPTRR nxgeKuFAJ9RoqpporMkzGejQ6wBlOcU9uNYHrn0ljCr2ToaeruHNQNwf6oJYJQju hc08PB5bIxou0W+b76jGGyYns2v7H/VB9SpzQfnRrVh5xlbwo8iBpjk6J+jC9Fo+ bAs1F1k3y4ls/HjLEE9g5ipKyn09SWqHgSG5e6vDCYEEveHYd/06rylW3qN6gDyL Unbvvz7oipobRXgwM02Occeb/wCWICuLqz8lzaWWwV8= -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:11 2026 by rpki-client