This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/Td6ePlmmjfj3QDaFtTuHW3D9dC0.roa File: Td6ePlmmjfj3QDaFtTuHW3D9dC0.roa (raw, json) Hash identifier: 08i4lHbdORnvMw2omeJpM2jEVbltVT01xGE4VC+1/bo= Subject key identifier: 4D:DE:9E:3E:59:A6:8D:F8:F7:40:36:85:B5:3B:87:5B:70:FD:74:2D Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca Certificate serial: 019B7EA721CA2CE329D25DDF5E9497264A47 Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/Td6ePlmmjfj3QDaFtTuHW3D9dC0.roa Signing time: Fri 02 Jan 2026 12:20:40 +0000 ROA not before: Fri 02 Jan 2026 12:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 136787 IP address blocks: 2a13:240:8000::/40 maxlen: 40 2a13:240:8888::/48 maxlen: 48 2a13:240:9999::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.mft rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:21:ca:2c:e3:29:d2:5d:df:5e:94:97:26:4a:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca Validity Not Before: Jan 2 12:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4dde9e3e59a68df8f7403685b53b875b70fd742d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ba:0c:6c:1f:ef:33:d8:f0:b2:e0:d2:f1:dc: e0:d1:58:57:46:b3:6d:58:76:ce:fe:37:05:31:79: d4:03:90:18:4e:9f:b3:8f:e7:27:52:30:67:ea:8e: d7:43:34:a0:d1:46:a5:47:24:ee:60:22:1b:96:98: 41:60:ef:92:ea:17:5b:ca:b1:d0:70:30:b3:35:0f: a1:b4:ee:4b:f0:02:6b:b7:c6:71:b8:ae:24:9c:a5: 35:80:10:02:d4:6d:9e:7e:d5:b3:88:a0:92:e0:a2: 39:79:cb:c0:3a:be:66:35:78:cd:df:06:ad:a6:47: 20:e3:87:67:eb:c1:4d:6f:91:ec:79:5a:82:b1:27: dd:cc:7c:8a:db:9e:c8:cb:1f:6b:94:a9:bb:96:93: ec:46:1c:8e:0b:5f:df:1c:08:1a:45:6c:88:ea:2f: 1b:e7:f3:71:7d:53:f2:39:51:67:7b:3f:bc:c2:d4: 73:f3:38:34:0a:da:27:90:9d:35:86:bc:3a:e8:d4: 01:b7:8b:48:8d:67:d3:43:8d:7c:e9:85:c4:2b:cd: 08:29:ec:e3:77:45:36:e8:af:f8:1f:c9:ec:9b:5a: 21:8d:70:83:ad:eb:01:61:df:ec:81:e5:47:96:09: aa:f2:64:48:ca:96:e4:50:f5:a7:e7:b4:00:82:a3: a0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:DE:9E:3E:59:A6:8D:F8:F7:40:36:85:B5:3B:87:5B:70:FD:74:2D X509v3 Authority Key Identifier: keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/Td6ePlmmjfj3QDaFtTuHW3D9dC0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:240:8000::/40 2a13:240:8888::/48 2a13:240:9999::/48 Signature Algorithm: sha256WithRSAEncryption c8:6b:98:c1:e4:15:1a:c7:4d:51:27:8a:bc:c1:0d:5e:b2:8a: 6d:ed:58:50:19:56:c2:6d:61:b9:0d:ef:bd:2f:2b:21:fa:62: d7:6c:a0:e4:17:b1:63:ca:80:ca:b1:e9:68:2e:94:e3:1f:fd: ee:98:3e:e9:17:12:9d:b4:40:f7:3e:4a:0c:b8:31:03:42:b5: 0f:56:5b:79:dd:c1:8a:84:96:53:8a:f0:7d:91:8d:df:3e:1e: c2:60:6b:03:66:83:0c:35:8e:a9:e3:ab:6f:2e:8c:2f:7e:7a: 5d:25:37:a3:f4:ae:d4:ec:60:31:27:dc:ef:43:34:86:80:b1: 92:1d:54:2f:6e:9a:39:2a:00:ce:73:15:c2:2f:91:1e:92:15: 1e:21:0f:47:94:8f:30:31:2d:05:44:83:44:b1:72:31:8f:ec: 65:14:6f:24:71:4e:60:af:03:94:58:85:e1:73:84:e6:65:45: 6d:52:88:a1:f8:9b:98:95:af:3e:f3:c0:ee:8e:32:6b:3f:05: df:a8:98:9a:a6:1a:09:f9:7f:57:d3:90:f4:fd:c3:2a:66:9a: 12:9e:ec:cd:b3:30:ea:c0:20:32:bc:88:73:74:d6:f7:8e:2c: 9b:96:a4:4f:7f:b4:ac:60:31:f2:db:8c:f1:12:46:53:c1:62: 5d:2c:d2:aa -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt+pyHKLOMp0l3fXpSXJkpHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3 Mjk3Y2EwHhcNMjYwMTAyMTIyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZGRlOWUzZTU5YTY4ZGY4Zjc0MDM2ODViNTNiODc1YjcwZmQ3NDJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvroMbB/vM9jwsuDS8dzg0VhXRrNt WHbO/jcFMXnUA5AYTp+zj+cnUjBn6o7XQzSg0UalRyTuYCIblphBYO+S6hdbyrHQ cDCzNQ+htO5L8AJrt8ZxuK4knKU1gBAC1G2eftWziKCS4KI5ecvAOr5mNXjN3wat pkcg44dn68FNb5HseVqCsSfdzHyK257Iyx9rlKm7lpPsRhyOC1/fHAgaRWyI6i8b 5/NxfVPyOVFnez+8wtRz8zg0CtonkJ01hrw66NQBt4tIjWfTQ4186YXEK80IKezj d0U26K/4H8nsm1ohjXCDresBYd/sgeVHlgmq8mRIypbkUPWn57QAgqOg0wIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFE3enj5Zpo3490A2hbU7h1tw/XQtMB8GA1UdIwQY MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt NTM1ODQwMWZiNzk2LzEvVGQ2ZVBsbW1qZmozUURhRnRUdUhXM0Q5ZEMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2 LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYAKhMCQIAD BwAqEwJAiIgDBwAqEwJAmZkwDQYJKoZIhvcNAQELBQADggEBAMhrmMHkFRrHTVEn irzBDV6yim3tWFAZVsJtYbkN770vKyH6YtdsoOQXsWPKgMqx6WgulOMf/e6YPukX Ep20QPc+Sgy4MQNCtQ9WW3ndwYqEllOK8H2Rjd8+HsJgawNmgww1jqnjq28ujC9+ el0lN6P0rtTsYDEn3O9DNIaAsZIdVC9umjkqAM5zFcIvkR6SFR4hD0eUjzAxLQVE g0SxcjGP7GUUbyRxTmCvA5RYheFzhOZlRW1SiKH4m5iVrz7zwO6OMms/Bd+omJqm Ggn5f1fTkPT9wypmmhKe7M2zMOrAIDK8iHN01veOLJuWpE9/tKxgMfLbjPESRlPB Yl0s0qo= -----END CERTIFICATE-----Generated at Sun Jan 25 13:01:21 2026 by rpki-client