This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/1-TPBZaPgwzpcoaeoNGcACcpRq9w.roa File: 1-TPBZaPgwzpcoaeoNGcACcpRq9w.roa (raw, json) Hash identifier: WRnBW6LaoaDyzWLmINt+9j7JPTxMQsEWQyTKmC15wRY= Subject key identifier: F9:33:C1:65:A3:E0:C3:3A:5C:A1:A7:A8:34:67:00:09:CA:51:AB:DC Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf Certificate serial: 019B7F82C993BA4AFD94B4642EE4E3082E80 Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/1-TPBZaPgwzpcoaeoNGcACcpRq9w.roa Signing time: Fri 02 Jan 2026 16:20:36 +0000 ROA not before: Fri 02 Jan 2026 16:20:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50028 IP address blocks: 2a0f:d300::/48 maxlen: 48 2a0f:d301::/48 maxlen: 48 2a0f:d302::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:c9:93:ba:4a:fd:94:b4:64:2e:e4:e3:08:2e:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf Validity Not Before: Jan 2 16:20:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f933c165a3e0c33a5ca1a7a834670009ca51abdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:06:29:b2:f2:59:d6:dd:c8:f5:38:de:87:09: 76:f0:bb:e6:3c:db:01:bf:a6:c6:33:4c:ac:07:75: 8a:69:08:b0:24:dd:36:da:e2:26:d0:9c:40:13:18: 5c:83:64:39:5b:9b:d0:61:70:10:32:ae:c8:c8:be: cd:c3:bf:fc:11:96:8d:a9:e9:00:d5:57:8f:11:4e: 20:c7:56:c0:62:47:f8:a1:6f:96:ff:f8:09:4f:6b: 55:d5:7b:35:73:7f:bb:b8:35:f0:07:01:e5:67:32: 70:f7:8c:47:4f:44:0b:9b:bb:65:12:95:68:74:03: cd:8f:ca:31:91:6a:31:c2:ad:02:28:73:9e:8e:ef: 99:af:e7:fd:8f:1e:ba:24:00:11:c5:d9:98:70:7e: 1f:11:d8:15:63:28:3e:72:fd:c1:63:e8:89:b1:42: d2:40:55:62:aa:73:48:54:82:f9:bc:62:0e:be:04: ef:72:52:76:82:01:e6:2c:08:bc:2e:ca:64:ad:04: 39:3b:1c:c5:21:09:54:69:e0:2a:d4:cc:f0:33:61: 87:3b:0f:a9:55:86:c3:ca:a5:03:c2:5b:40:73:cf: 51:df:ae:28:43:c8:4a:5a:01:89:a7:92:f0:c8:8a: 5b:78:a4:bc:6e:4a:95:43:4a:47:27:a5:11:c0:a5: 01:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:33:C1:65:A3:E0:C3:3A:5C:A1:A7:A8:34:67:00:09:CA:51:AB:DC X509v3 Authority Key Identifier: keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/1-TPBZaPgwzpcoaeoNGcACcpRq9w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:d300::/48 2a0f:d301::/48 2a0f:d302::/48 Signature Algorithm: sha256WithRSAEncryption 8c:98:2a:c3:1e:c9:cf:c5:9f:aa:44:de:58:66:99:4d:ee:42: 01:f1:52:ab:ab:32:61:6a:01:47:b5:e8:5f:1e:7e:1f:9a:5d: cc:b1:46:d2:83:07:d8:91:4f:c7:63:f6:17:78:b5:f3:41:74: 50:ad:5b:28:7d:f5:d1:b9:3a:e0:02:2c:20:d5:d6:11:73:8e: 1f:de:ef:72:85:5c:3b:fd:10:11:e6:39:06:34:aa:9a:0f:c3: e9:b2:27:23:1c:c3:51:6b:f1:a0:48:d5:63:0d:29:b0:d0:cc: 5d:c1:c8:17:23:a8:92:dd:cf:c5:30:b1:0d:17:a8:6a:e3:5d: ef:18:d5:c6:18:aa:16:17:ab:48:ee:2c:32:f2:c6:99:63:bc: dc:b4:65:c6:8c:9c:76:79:24:d0:a2:14:a7:00:b6:49:19:8d: cc:22:ef:83:6d:7d:4f:4b:e0:fe:18:3e:aa:df:79:8d:90:c0: dc:18:52:9b:92:e5:a7:3e:33:a4:0d:db:e4:37:81:44:be:b9: f5:31:7d:f1:ac:5d:8d:04:9b:b7:4f:1a:a2:5d:b9:ee:b4:0f: 73:8e:78:a2:af:9a:c8:fc:70:95:a8:bb:aa:d8:bb:f3:39:f6: 0b:80:07:d0:68:82:f1:e0:13:27:54:86:e0:9f:c5:1f:4c:ec: 1c:a2:b3:0d -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt/gsmTukr9lLRkLuTjCC6AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi NjMwYmYwHhcNMjYwMTAyMTYyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTMzYzE2NWEzZTBjMzNhNWNhMWE3YTgzNDY3MDAwOWNhNTFhYmRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgYpsvJZ1t3I9Tjehwl28LvmPNsB v6bGM0ysB3WKaQiwJN022uIm0JxAExhcg2Q5W5vQYXAQMq7IyL7Nw7/8EZaNqekA 1VePEU4gx1bAYkf4oW+W//gJT2tV1Xs1c3+7uDXwBwHlZzJw94xHT0QLm7tlEpVo dAPNj8oxkWoxwq0CKHOeju+Zr+f9jx66JAARxdmYcH4fEdgVYyg+cv3BY+iJsULS QFViqnNIVIL5vGIOvgTvclJ2ggHmLAi8LspkrQQ5OxzFIQlUaeAq1MzwM2GHOw+p VYbDyqUDwltAc89R364oQ8hKWgGJp5LwyIpbeKS8bkqVQ0pHJ6URwKUBKQIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFPkzwWWj4MM6XKGnqDRnAAnKUavcMB8GA1UdIwQY MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt MTQ3MGFjMzY0ZGQyLzEvMS1UUEJaYVBnd3pwY29hZW9OR2NBQ2NwUnE5dy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMjMvZjY1NjEwLTU5ZjYtNGFkNi1hOWQ4LTE0NzBhYzM2NGRk Mi8xL2w1OWNxTU1fRTB3OEZYMUl1Y0t1VHBHMk1MOC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwIQQCAAIwGwMHACoP0wAA AAMHACoP0wEAAAMHACoP0wIAADANBgkqhkiG9w0BAQsFAAOCAQEAjJgqwx7Jz8Wf qkTeWGaZTe5CAfFSq6syYWoBR7XoXx5+H5pdzLFG0oMH2JFPx2P2F3i180F0UK1b KH310bk64AIsINXWEXOOH97vcoVcO/0QEeY5BjSqmg/D6bInIxzDUWvxoEjVYw0p sNDMXcHIFyOokt3PxTCxDReoauNd7xjVxhiqFherSO4sMvLGmWO83LRlxoycdnkk 0KIUpwC2SRmNzCLvg219T0vg/hg+qt95jZDA3BhSm5Llpz4zpA3b5DeBRL659TF9 8axdjQSbt08aol257rQPc454oq+ayPxwlai7qti78zn2C4AH0GiC8eATJ1SG4J/F H0zsHKKzDQ== -----END CERTIFICATE-----Generated at Sun Jan 25 09:04:29 2026 by rpki-client