This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/2SDdZbZHox8NMplwQIrxvgKSu34.roa File: 2SDdZbZHox8NMplwQIrxvgKSu34.roa (raw, json) Hash identifier: kvbkJLaXOyyLA1zVWaE+vWipg18u/BOLkqhk/qFEJP8= Subject key identifier: D9:20:DD:65:B6:47:A3:1F:0D:32:99:70:40:8A:F1:BE:02:92:BB:7E Certificate issuer: /CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1 Certificate serial: 019B7B35F814FB7B39242B67930790F62CAC Authority key identifier: 2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/2SDdZbZHox8NMplwQIrxvgKSu34.roa Signing time: Thu 01 Jan 2026 20:18:13 +0000 ROA not before: Thu 01 Jan 2026 20:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210972 IP address blocks: 2a03:302:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.mft rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:f8:14:fb:7b:39:24:2b:67:93:07:90:f6:2c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a1e65f8083c859bcd0d2c52a1e061eb5131f5f1 Validity Not Before: Jan 1 20:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d920dd65b647a31f0d329970408af1be0292bb7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fa:de:5f:30:f8:c1:59:95:f2:0e:b3:3f:cb: fd:bd:3e:51:50:00:90:33:12:7f:1a:f6:bd:b6:91: 84:82:1c:96:db:a3:1d:dd:12:e8:67:fa:e2:ab:63: d6:e7:1c:b2:fe:7a:b2:b1:06:54:74:f7:ed:64:c8: 10:dc:65:71:f6:23:dc:03:f0:fe:8f:ad:dc:97:97: 49:7a:81:75:df:f5:03:ad:ab:27:01:94:d7:e5:ec: b3:ce:83:d8:6b:6b:70:91:b4:63:02:2b:6c:19:15: 4d:70:61:c9:d5:d7:bd:fb:cb:28:8d:1d:2c:82:98: e4:19:0f:0a:36:48:83:2b:a9:b8:fd:26:d1:7c:d7: a3:ef:c3:04:9e:b0:d9:51:82:a6:52:17:c2:37:34: 2b:5a:f1:bc:e1:e9:ea:7e:07:8e:0a:3f:f2:67:03: 48:9d:76:da:60:3a:3b:69:fd:27:ca:8b:84:63:ed: fa:98:db:3a:b4:e2:0a:de:7a:a9:66:6b:61:dc:3e: 44:2a:54:bd:25:d5:78:15:5e:8d:86:4d:35:3d:13: b7:e6:e0:05:bf:c0:82:98:90:a4:d4:08:dd:92:c5: 8b:24:21:38:0b:f5:3f:42:58:00:af:6f:22:19:84: 66:24:41:ed:8f:32:6b:c4:96:b6:48:9e:7d:7c:66: 41:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:20:DD:65:B6:47:A3:1F:0D:32:99:70:40:8A:F1:BE:02:92:BB:7E X509v3 Authority Key Identifier: keyid:2A:1E:65:F8:08:3C:85:9B:CD:0D:2C:52:A1:E0:61:EB:51:31:F5:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/2SDdZbZHox8NMplwQIrxvgKSu34.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/d097bf-b0f5-43e1-86a2-cfb8da549067/1/Kh5l-Ag8hZvNDSxSoeBh61Ex9fE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a03:302:ffff::/48 Signature Algorithm: sha256WithRSAEncryption 3f:70:4a:b0:78:e1:f5:1a:12:97:d5:4c:23:98:3f:b5:50:e5: 78:e7:34:85:fe:a4:72:e9:cb:ab:d2:04:70:cb:f9:e0:76:51: ee:15:74:3a:25:a8:9f:1a:7f:43:e5:7b:53:c6:45:8e:bc:43: 9e:36:95:94:91:ae:97:e6:ed:9a:4c:28:2a:91:7f:0c:c4:7d: 45:c9:02:67:a6:6e:ec:92:43:3e:1b:b4:e2:c7:f9:d6:45:76: cb:be:33:5c:09:41:f1:7c:9b:8d:cb:ba:78:69:0e:44:10:61: 9f:11:db:9a:a3:08:ac:6e:dc:01:2f:b9:06:37:50:ca:4c:ca: 03:ba:a6:cd:69:40:55:9b:ca:27:39:36:c3:5c:fb:d5:96:36: 33:46:68:2c:cf:1b:9f:58:c8:14:a0:7d:ef:a6:a4:31:e7:2c: 39:75:24:90:7a:5c:db:98:78:23:00:0a:c9:69:40:7e:86:66: 4f:9f:39:a7:9b:31:b4:4c:fd:60:17:25:31:e8:34:43:76:de: 4b:27:40:8f:d7:12:86:36:66:8f:65:36:c5:03:5e:b2:21:1c: 61:91:52:ca:11:8b:d5:16:55:88:7c:83:1e:32:2e:fb:a0:55: 16:05:23:4a:67:5f:b8:40:b7:ee:5a:18:3e:17:89:d1:3d:a0: 3c:73:91:86 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt7NfgU+3s5JCtnkweQ9iysMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMWU2NWY4MDgzYzg1OWJjZDBkMmM1MmExZTA2MWViNTEz MWY1ZjEwHhcNMjYwMTAxMjAxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTIwZGQ2NWI2NDdhMzFmMGQzMjk5NzA0MDhhZjFiZTAyOTJiYjdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvreXzD4wVmV8g6zP8v9vT5RUACQ MxJ/Gva9tpGEghyW26Md3RLoZ/riq2PW5xyy/nqysQZUdPftZMgQ3GVx9iPcA/D+ j63cl5dJeoF13/UDrasnAZTX5eyzzoPYa2twkbRjAitsGRVNcGHJ1de9+8sojR0s gpjkGQ8KNkiDK6m4/SbRfNej78MEnrDZUYKmUhfCNzQrWvG84enqfgeOCj/yZwNI nXbaYDo7af0nyouEY+36mNs6tOIK3nqpZmth3D5EKlS9JdV4FV6Nhk01PRO35uAF v8CCmJCk1AjdksWLJCE4C/U/QlgAr28iGYRmJEHtjzJrxJa2SJ59fGZBtwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNkg3WW2R6MfDTKZcECK8b4Ckrt+MB8GA1UdIwQY MBaAFCoeZfgIPIWbzQ0sUqHgYetRMfXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTIt Y2ZiOGRhNTQ5MDY3LzEvMlNEZFpiWkhveDhOTXBsd1FJcnh2Z0tTdTM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS9kMDk3YmYtYjBmNS00M2UxLTg2YTItY2ZiOGRhNTQ5MDY3 LzEvS2g1bC1BZzhoWnZORFN4U29lQmg2MUV4OWZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMDAv// MA0GCSqGSIb3DQEBCwUAA4IBAQA/cEqweOH1GhKX1UwjmD+1UOV45zSF/qRy6cur 0gRwy/ngdlHuFXQ6JaifGn9D5XtTxkWOvEOeNpWUka6X5u2aTCgqkX8MxH1FyQJn pm7skkM+G7Tix/nWRXbLvjNcCUHxfJuNy7p4aQ5EEGGfEduaowisbtwBL7kGN1DK TMoDuqbNaUBVm8onOTbDXPvVljYzRmgszxufWMgUoH3vpqQx5yw5dSSQelzbmHgj AArJaUB+hmZPnzmnmzG0TP1gFyUx6DRDdt5LJ0CP1xKGNmaPZTbFA16yIRxhkVLK EYvVFlWIfIMeMi77oFUWBSNKZ1+4QLfuWhg+F4nRPaA8c5GG -----END CERTIFICATE-----Generated at Mon Jan 26 07:07:26 2026 by rpki-client