This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/2zI8jBLi5kTvvbvcUnl50Ehk5gY.roa File: 2zI8jBLi5kTvvbvcUnl50Ehk5gY.roa (raw, json) Hash identifier: WNF1raziVnQCeA87DqMKwfhuLT4j0906+NRcAUiOzpY= Subject key identifier: DB:32:3C:8C:12:E2:E6:44:EF:BD:BB:DC:52:79:79:D0:48:64:E6:06 Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA77DE37F878FE361DFCF18B8F4B632 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/2zI8jBLi5kTvvbvcUnl50Ehk5gY.roa Signing time: Fri 02 Jan 2026 12:21:04 +0000 ROA not before: Fri 02 Jan 2026 12:21:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56619 IP address blocks: 79.98.249.0/24 maxlen: 24 90.188.196.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:7d:e3:7f:87:8f:e3:61:df:cf:18:b8:f4:b6:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db323c8c12e2e644efbdbbdc527979d04864e606 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1b:1e:76:e9:f4:9a:98:57:75:67:82:fe:0a: 20:9d:c1:bf:10:0b:d3:18:71:77:ae:64:af:91:01: 80:da:5c:f1:46:64:db:8d:e8:65:2c:39:fb:d2:34: 13:5a:a1:15:c2:89:ae:41:23:7e:e2:b8:7f:4a:40: a7:00:5e:5c:b9:9d:d8:a6:b8:ad:3a:a0:0e:ef:88: ed:cc:dc:50:a7:2c:15:27:8a:3c:4c:8f:f8:68:49: e3:4d:9c:b6:1c:83:8a:8a:ce:7b:68:0b:c6:f9:ef: 12:db:ca:e2:f0:2d:e3:0f:85:82:c2:ac:aa:d6:7d: 73:6b:41:db:c6:57:12:5e:76:ac:99:ea:12:4d:e4: 64:f4:29:5e:03:76:7a:dc:70:f6:71:5e:44:51:f7: 73:2d:3a:b7:fc:6b:44:c1:c8:73:8f:85:70:c9:c8: 81:c2:44:02:a7:9c:bd:a5:54:1d:84:bb:b5:31:a1: 68:17:e6:da:f3:93:22:31:4f:c2:b4:d8:7f:9b:bc: bd:1f:a1:85:8c:b3:be:4b:09:15:f2:03:1e:00:0a: b3:f9:51:74:77:16:3e:06:26:2c:83:eb:77:1d:06: 7c:be:ea:c6:fc:7a:4e:05:68:0c:36:b4:8e:0f:4f: 99:b5:a1:4e:1d:7a:63:99:75:cb:0e:60:68:d0:df: 7f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:32:3C:8C:12:E2:E6:44:EF:BD:BB:DC:52:79:79:D0:48:64:E6:06 X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/2zI8jBLi5kTvvbvcUnl50Ehk5gY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.98.249.0/24 90.188.196.0/24 Signature Algorithm: sha256WithRSAEncryption 17:5c:f0:55:b1:0b:b1:c2:54:4e:80:c0:82:1c:cd:1d:4b:aa: 71:23:ec:26:8d:5e:f7:a3:5a:a5:34:c4:6c:3f:ab:66:be:ca: 9b:73:cb:b4:74:e3:f8:41:85:96:0c:57:e6:85:c3:aa:fb:64: 48:a1:05:de:f2:4f:09:8d:46:65:e7:09:a5:ef:b1:c6:e3:09: 69:98:88:57:fc:eb:7e:af:ff:16:4a:dd:3c:85:a6:9b:e9:2f: c4:6c:b2:d6:6e:b1:11:e9:65:ad:3d:bb:6c:7c:a8:dc:99:7a: d6:bf:51:d7:40:5c:4b:42:d0:04:35:81:c1:c9:55:f0:7f:c0: 1c:7d:00:94:fb:08:5e:3d:e4:81:7c:f6:54:9c:4c:86:96:d9: 98:a0:32:48:ab:8b:a6:88:dd:62:0b:51:ab:d0:4a:f5:5c:c8: 11:c9:bb:10:64:2d:1d:90:98:3f:70:12:92:68:57:7f:e7:00: ad:69:ef:02:af:b0:1c:c0:42:f7:4c:b4:38:89:d3:c9:47:ec: b7:f6:8f:8c:dd:d6:7e:83:4e:f6:c5:57:1c:d7:ce:2e:e3:e5: 50:80:eb:ab:4f:64:99:f8:7e:87:bb:10:7b:01:4e:d5:9e:b3: 78:ca:25:0f:26:61:a7:de:9c:bc:d1:56:1c:30:30:d9:23:f0: 7c:52:33:1c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+p33jf4eP42Hfzxi49LYyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjMyM2M4YzEyZTJlNjQ0ZWZiZGJiZGM1Mjc5NzlkMDQ4NjRlNjA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBsedun0mphXdWeC/gogncG/EAvT GHF3rmSvkQGA2lzxRmTbjehlLDn70jQTWqEVwomuQSN+4rh/SkCnAF5cuZ3Yprit OqAO74jtzNxQpywVJ4o8TI/4aEnjTZy2HIOKis57aAvG+e8S28ri8C3jD4WCwqyq 1n1za0HbxlcSXnasmeoSTeRk9CleA3Z63HD2cV5EUfdzLTq3/GtEwchzj4VwyciB wkQCp5y9pVQdhLu1MaFoF+ba85MiMU/CtNh/m7y9H6GFjLO+SwkV8gMeAAqz+VF0 dxY+BiYsg+t3HQZ8vurG/HpOBWgMNrSOD0+ZtaFOHXpjmXXLDmBo0N9/CQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNsyPIwS4uZE77273FJ5edBIZOYGMB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvMnpJOGpCTGk1a1R2dmJ2Y1VubDUwRWhrNWdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT2L5AwQA WrzEMA0GCSqGSIb3DQEBCwUAA4IBAQAXXPBVsQuxwlROgMCCHM0dS6pxI+wmjV73 o1qlNMRsP6tmvsqbc8u0dOP4QYWWDFfmhcOq+2RIoQXe8k8JjUZl5wml77HG4wlp mIhX/Ot+r/8WSt08haab6S/EbLLWbrER6WWtPbtsfKjcmXrWv1HXQFxLQtAENYHB yVXwf8AcfQCU+whePeSBfPZUnEyGltmYoDJIq4umiN1iC1Gr0Er1XMgRybsQZC0d kJg/cBKSaFd/5wCtae8Cr7AcwEL3TLQ4idPJR+y39o+M3dZ+g072xVcc184u4+VQ gOurT2SZ+H6HuxB7AU7VnrN4yiUPJmGn3py80VYcMDDZI/B8UjMc -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:29 2026 by rpki-client