This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/TcH4GIuktxSUfHtquYZnE0nBhtE.roa File: TcH4GIuktxSUfHtquYZnE0nBhtE.roa (raw, json) Hash identifier: rpQl9MUfMf8qQcoJFxTK9nJpUXGjE7ncDisSQXNZN4E= Subject key identifier: 4D:C1:F8:18:8B:A4:B7:14:94:7C:7B:6A:B9:86:67:13:49:C1:86:D1 Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d Certificate serial: 019B7BA3EC4AA9378D850A435FCA99851E37 Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/TcH4GIuktxSUfHtquYZnE0nBhtE.roa Signing time: Thu 01 Jan 2026 22:18:18 +0000 ROA not before: Thu 01 Jan 2026 22:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43180 IP address blocks: 91.239.76.0/24 maxlen: 24 91.239.77.0/24 maxlen: 24 213.111.157.0/24 maxlen: 24 213.111.158.0/23 maxlen: 23 2a11:6101::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.mft rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:ec:4a:a9:37:8d:85:0a:43:5f:ca:99:85:1e:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d Validity Not Before: Jan 1 22:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4dc1f8188ba4b714947c7b6ab986671349c186d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:bb:a0:81:90:a1:25:00:92:86:c6:eb:3f:ac: ba:df:03:f5:95:54:d0:26:dc:71:60:76:1f:29:25: 29:ec:a0:44:82:61:92:45:c7:27:fd:5c:ce:92:45: ea:ec:2e:58:b5:97:c1:e1:23:1f:6a:65:bb:cf:72: 65:d8:b8:92:84:27:62:6d:61:9e:a1:6b:2d:a3:9d: 9e:fb:46:98:2c:24:ac:98:a7:1c:17:52:15:c5:28: 37:ff:7e:b6:ea:49:38:e5:6e:ba:e4:99:77:25:56: 6f:13:ec:64:12:01:8c:7e:30:1d:57:a2:2e:6b:ac: d5:a0:65:cc:eb:1a:d8:78:0a:b9:dc:ea:bc:6b:10: b2:8f:c2:17:3c:62:38:30:18:bf:ba:8d:5e:c6:02: 72:d0:3f:c2:f5:cf:c1:1c:54:6c:9a:ef:e2:69:05: 93:41:7c:e3:60:e0:a0:b4:33:a8:f8:bc:e3:b6:d7: 4a:b6:0e:b7:3f:6d:74:71:d0:a1:5b:43:e2:2d:15: cb:12:22:05:54:b1:bd:cd:7f:64:ec:40:bd:40:82: 87:22:21:64:52:bd:7e:ec:5d:30:b6:8f:cc:11:c8: d3:0f:62:0f:74:e4:a8:8c:85:a1:31:97:85:80:97: 03:36:c3:c7:18:9e:8c:b0:6f:bd:b4:1b:4c:09:16: c5:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:C1:F8:18:8B:A4:B7:14:94:7C:7B:6A:B9:86:67:13:49:C1:86:D1 X509v3 Authority Key Identifier: keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/TcH4GIuktxSUfHtquYZnE0nBhtE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.239.76.0/23 213.111.157.0-213.111.159.255 IPv6: 2a11:6101::/32 Signature Algorithm: sha256WithRSAEncryption 6f:0f:0e:b2:ac:5b:e9:cf:56:96:61:c4:15:7e:c7:5c:12:79: 4d:e9:7b:8f:05:75:3f:d8:c7:69:6c:73:be:91:db:12:8c:d0: d2:df:a7:ea:6e:9a:c5:08:a9:e9:32:82:2d:2b:d6:66:cc:c8: c5:ae:7a:c1:02:36:a4:f9:74:6a:c6:4c:e3:3c:6a:91:2a:dd: 21:b2:d5:46:08:0b:e0:fe:91:58:47:b8:d1:6f:9c:1f:e4:62: 60:fd:a6:3e:99:17:79:0c:50:2e:0c:af:f2:23:7b:8e:4a:e9: 59:c8:92:79:9d:a4:15:60:e3:56:65:72:5d:4d:df:81:1b:35: cb:3d:56:b5:6a:25:5d:6a:6b:ac:08:45:ab:7f:1f:d8:dc:37: 7d:42:63:f4:cb:c0:d9:95:0a:a2:b0:f3:3a:80:11:6d:25:85: 9d:f4:b4:b1:1c:c8:f3:ba:44:eb:a1:94:d9:af:9e:16:d4:f8: bc:88:30:52:d9:8d:d2:04:42:d1:ce:8c:7f:30:6c:7d:07:91: 1c:ab:27:a6:47:aa:4b:a5:b1:01:7a:8a:92:4c:67:56:66:dd: 2b:0a:07:f0:1c:c2:52:71:74:cb:2e:de:c6:6e:b7:95:97:00: b8:c0:8a:62:3f:97:22:d4:09:14:8e:3c:39:46:50:e3:eb:33: 00:15:17:93 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt7o+xKqTeNhQpDX8qZhR43MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl YmM3MGQwHhcNMjYwMTAxMjIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZGMxZjgxODhiYTRiNzE0OTQ3YzdiNmFiOTg2NjcxMzQ5YzE4NmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuruggZChJQCShsbrP6y63wP1lVTQ JtxxYHYfKSUp7KBEgmGSRccn/VzOkkXq7C5YtZfB4SMfamW7z3Jl2LiShCdibWGe oWsto52e+0aYLCSsmKccF1IVxSg3/3626kk45W665Jl3JVZvE+xkEgGMfjAdV6Iu a6zVoGXM6xrYeAq53Oq8axCyj8IXPGI4MBi/uo1exgJy0D/C9c/BHFRsmu/iaQWT QXzjYOCgtDOo+LzjttdKtg63P210cdChW0PiLRXLEiIFVLG9zX9k7EC9QIKHIiFk Ur1+7F0wto/MEcjTD2IPdOSojIWhMZeFgJcDNsPHGJ6MsG+9tBtMCRbF8wIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFE3B+BiLpLcUlHx7armGZxNJwYbRMB8GA1UdIwQY MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt MDg3M2UzOTk0ZDBlLzEvVGNINEdJdWt0eFNVZkh0cXVZWm5FMG5CaHRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBW+9MMAwD BADVb50DBAXVb4AwDQQCAAIwBwMFACoRYQEwDQYJKoZIhvcNAQELBQADggEBAG8P DrKsW+nPVpZhxBV+x1wSeU3pe48FdT/Yx2lsc76R2xKM0NLfp+pumsUIqekygi0r 1mbMyMWuesECNqT5dGrGTOM8apEq3SGy1UYIC+D+kVhHuNFvnB/kYmD9pj6ZF3kM UC4Mr/Ije45K6VnIknmdpBVg41Zlcl1N34EbNcs9VrVqJV1qa6wIRat/H9jcN31C Y/TLwNmVCqKw8zqAEW0lhZ30tLEcyPO6ROuhlNmvnhbU+LyIMFLZjdIEQtHOjH8w bH0HkRyrJ6ZHqkulsQF6ipJMZ1Zm3SsKB/AcwlJxdMsu3sZut5WXALjAimI/lyLU CRSOPDlGUOPrMwAVF5M= -----END CERTIFICATE-----Generated at Sun Jan 25 16:12:36 2026 by rpki-client