This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/ToZEV5JGyeFOLj8ty2PbNgby5sE.roa File: ToZEV5JGyeFOLj8ty2PbNgby5sE.roa (raw, json) Hash identifier: DsdlMKnutBPPcHsH+/R1jP5sFhln6SW7LBjUC07NiYc= Subject key identifier: 4E:86:44:57:92:46:C9:E1:4E:2E:3F:2D:CB:63:DB:36:06:F2:E6:C1 Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126 Certificate serial: 019B7834EB6C60E0F67712DDD45DDD17AD55 Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/ToZEV5JGyeFOLj8ty2PbNgby5sE.roa Signing time: Thu 01 Jan 2026 06:18:12 +0000 ROA not before: Thu 01 Jan 2026 06:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5420 IP address blocks: 192.40.72.0/24 maxlen: 24 192.40.73.0/24 maxlen: 24 192.40.74.0/24 maxlen: 24 192.40.75.0/24 maxlen: 24 2001:67c:21a4::/48 maxlen: 48 2a06:f040::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.mft rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:eb:6c:60:e0:f6:77:12:dd:d4:5d:dd:17:ad:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126 Validity Not Before: Jan 1 06:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4e8644579246c9e14e2e3f2dcb63db3606f2e6c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:06:44:94:37:3f:60:e9:ad:cc:a4:1a:13:8a: e8:14:3d:48:5d:6c:98:14:b7:12:70:c7:c5:80:22: 55:cc:b9:d4:bc:c6:4b:33:cb:b8:35:47:15:37:34: 86:0d:74:e6:21:7b:1c:05:1f:af:0b:ff:28:c9:52: 9e:5b:f7:57:d8:98:66:2a:fd:a7:8a:58:f0:d2:08: dd:4c:f5:8d:c2:96:52:f3:53:ad:0f:7a:93:08:a2: fd:91:92:94:b4:37:98:5b:d1:f9:cb:1e:11:92:39: b1:b5:db:06:6c:bc:54:17:b3:19:3d:e6:59:d5:e4: 88:d7:4c:88:9b:11:a3:77:76:fd:d7:81:25:dc:87: 42:0b:b2:68:19:e7:b8:ee:69:8b:2c:69:c9:f9:c4: 75:9b:88:05:1d:49:5e:1b:c0:75:30:7f:9f:91:ff: 5b:1e:7d:15:4e:8c:c0:28:bb:09:f2:1a:35:f0:3f: 49:b4:8f:6f:1c:21:76:c9:7f:ab:ea:a3:bf:e4:8e: 2d:0d:2f:91:76:c2:47:cb:6a:b8:0d:74:a9:b8:26: 74:85:7b:a8:cf:28:b6:ad:0d:57:5e:49:28:c9:38: 52:59:33:4a:51:cd:59:1b:f0:b3:bc:e7:56:f4:c6: b7:b4:df:dc:72:54:be:00:fa:9b:5d:42:b2:f3:ff: aa:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:86:44:57:92:46:C9:E1:4E:2E:3F:2D:CB:63:DB:36:06:F2:E6:C1 X509v3 Authority Key Identifier: keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/ToZEV5JGyeFOLj8ty2PbNgby5sE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.40.72.0/22 IPv6: 2001:67c:21a4::/48 2a06:f040::/32 Signature Algorithm: sha256WithRSAEncryption 0d:6b:6d:bf:81:5c:b9:aa:4a:6c:4a:17:f1:10:5e:9f:db:93: f6:42:67:87:a4:46:c3:f6:17:5c:d8:f5:79:0c:3a:7c:6a:ae: a2:89:ff:cf:9f:c9:04:f6:35:18:91:bc:ba:01:33:d6:5d:53: ca:43:fb:20:ed:10:d3:ba:e3:42:d0:cb:db:f0:56:34:07:47: 12:f6:78:a7:5e:d8:d8:c8:2b:9a:9a:c0:ec:d2:47:92:1e:a3: 3f:f5:19:c3:27:a7:91:a5:5b:cc:dc:90:d4:40:f5:07:f9:cb: 21:46:7c:95:56:5e:7f:35:ac:26:c5:c9:46:52:3b:a9:fb:3b: 12:61:56:78:74:28:fc:a3:ec:5d:82:96:0e:67:ec:bf:e7:89: 1d:22:0a:c1:8d:c4:cc:c8:7e:a5:cc:a2:fa:f6:fb:c1:82:6a: 78:90:f9:49:64:4b:70:eb:45:c1:dc:5e:94:0f:65:70:93:c8: c8:c7:05:32:71:b5:1e:08:92:82:0c:8d:9c:c6:8d:2f:3d:04: c2:3f:2d:72:0d:43:57:ba:96:63:4f:b3:5c:88:ea:db:26:1e: de:5a:9a:9d:cf:d2:94:42:24:d5:10:b8:5f:3e:eb:1b:31:24: 23:cb:66:fd:78:05:25:e9:2a:a3:fe:05:72:37:fe:49:57:f6: 62:fc:67:2c -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt4NOtsYOD2dxLd1F3dF61VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk YTExMjYwHhcNMjYwMTAxMDYxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZTg2NDQ1NzkyNDZjOWUxNGUyZTNmMmRjYjYzZGIzNjA2ZjJlNmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wZElDc/YOmtzKQaE4roFD1IXWyY FLcScMfFgCJVzLnUvMZLM8u4NUcVNzSGDXTmIXscBR+vC/8oyVKeW/dX2JhmKv2n iljw0gjdTPWNwpZS81OtD3qTCKL9kZKUtDeYW9H5yx4RkjmxtdsGbLxUF7MZPeZZ 1eSI10yImxGjd3b914El3IdCC7JoGee47mmLLGnJ+cR1m4gFHUleG8B1MH+fkf9b Hn0VTozAKLsJ8ho18D9JtI9vHCF2yX+r6qO/5I4tDS+RdsJHy2q4DXSpuCZ0hXuo zyi2rQ1XXkkoyThSWTNKUc1ZG/CzvOdW9Ma3tN/cclS+APqbXUKy8/+q5wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFE6GRFeSRsnhTi4/Lctj2zYG8ubBMB8GA1UdIwQY MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw LWI1YWJmNDQwZTg5My8xL1RvWkVWNUpHeWVGT0xqOHR5MlBiTmdieTVzRS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5 My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMAwEAgABMAYDBALAKEgw FgQCAAIwEAMHACABBnwhpAMFACoG8EAwDQYJKoZIhvcNAQELBQADggEBAA1rbb+B XLmqSmxKF/EQXp/bk/ZCZ4ekRsP2F1zY9XkMOnxqrqKJ/8+fyQT2NRiRvLoBM9Zd U8pD+yDtENO640LQy9vwVjQHRxL2eKde2NjIK5qawOzSR5Ieoz/1GcMnp5GlW8zc kNRA9Qf5yyFGfJVWXn81rCbFyUZSO6n7OxJhVnh0KPyj7F2Clg5n7L/niR0iCsGN xMzIfqXMovr2+8GCaniQ+UlkS3DrRcHcXpQPZXCTyMjHBTJxtR4IkoIMjZzGjS89 BMI/LXINQ1e6lmNPs1yI6tsmHt5amp3P0pRCJNUQuF8+6xsxJCPLZv14BSXpKqP+ BXI3/klX9mL8Zyw= -----END CERTIFICATE-----Generated at Sun Jan 25 19:59:13 2026 by rpki-client