This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/TDkaS-JTvMNiWICWG4ymOlGuWbk.roa File: TDkaS-JTvMNiWICWG4ymOlGuWbk.roa (raw, json) Hash identifier: rdEwK1puUd5tKIYhWm5xSUw39iHc4PHVAw0g6tLwiHU= Subject key identifier: 4C:39:1A:4B:E2:53:BC:C3:62:58:80:96:1B:8C:A6:3A:51:AE:59:B9 Certificate issuer: /CN=321ec4626ecde25335aff088b04c71395ae6bc24 Certificate serial: 019B7F158F80F775012D8650FC53213BD78C Authority key identifier: 32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/TDkaS-JTvMNiWICWG4ymOlGuWbk.roa Signing time: Fri 02 Jan 2026 14:21:18 +0000 ROA not before: Fri 02 Jan 2026 14:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62217 IP address blocks: 91.212.182.0/24 maxlen: 24 91.216.93.0/24 maxlen: 24 91.220.127.0/24 maxlen: 24 91.227.220.0/22 maxlen: 22 185.43.108.0/22 maxlen: 24 194.0.252.0/24 maxlen: 24 2a01:6c60::/32 maxlen: 48 2a01:6c61::/32 maxlen: 32 2a01:6c62::/32 maxlen: 32 2a01:6c63::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:8f:80:f7:75:01:2d:86:50:fc:53:21:3b:d7:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=321ec4626ecde25335aff088b04c71395ae6bc24 Validity Not Before: Jan 2 14:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4c391a4be253bcc3625880961b8ca63a51ae59b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:50:ce:90:13:46:57:e8:5b:f3:be:b6:98:6c: 92:27:40:17:bc:aa:63:ca:40:d4:7a:55:32:0f:00: 56:99:33:97:9f:23:23:f9:b8:8b:19:e2:b4:26:1a: 14:72:48:7e:7b:01:d1:41:25:ff:1c:03:7d:1e:6c: c4:40:22:9c:c7:01:77:8b:1d:1a:a1:d5:7d:b7:a8: a0:2f:8a:9a:f4:66:b3:ba:38:d8:0f:15:46:0d:5e: 1e:97:fd:54:a9:df:2c:e4:d2:f8:97:aa:6c:f7:60: c8:2c:ac:d9:96:48:33:5e:c2:00:be:cf:b7:46:10: 00:ac:dc:fa:a8:31:2b:ce:3d:1c:cd:03:cd:83:f2: dc:70:67:10:f9:52:cc:d6:ae:b4:91:97:22:16:63: 98:75:b5:ae:89:f9:1a:9f:4b:fd:c1:97:53:ac:06: 39:78:92:21:fe:56:db:4a:39:29:5c:64:70:ff:54: 44:d2:3f:4f:6e:61:e4:1b:3c:f3:2a:ca:c2:d3:ee: 5a:53:4b:60:51:c5:a1:c5:13:70:6f:f0:ac:1f:93: eb:b3:0d:43:5d:1f:3a:2a:a8:62:2c:39:cc:17:6d: 37:fc:6c:8a:32:9c:3f:19:c6:87:46:47:e3:4d:1a: 49:c6:f5:24:1f:90:95:f2:bd:2b:df:93:b2:2b:ce: b3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:39:1A:4B:E2:53:BC:C3:62:58:80:96:1B:8C:A6:3A:51:AE:59:B9 X509v3 Authority Key Identifier: keyid:32:1E:C4:62:6E:CD:E2:53:35:AF:F0:88:B0:4C:71:39:5A:E6:BC:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/TDkaS-JTvMNiWICWG4ymOlGuWbk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8e08b3-487c-485a-9479-b084c73861b8/1/Mh7EYm7N4lM1r_CIsExxOVrmvCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.212.182.0/24 91.216.93.0/24 91.220.127.0/24 91.227.220.0/22 185.43.108.0/22 194.0.252.0/24 IPv6: 2a01:6c60::/30 Signature Algorithm: sha256WithRSAEncryption 20:2c:b9:8f:a0:21:06:af:b4:39:98:43:14:1f:43:8e:0c:84: a9:ef:87:a3:a5:17:6a:42:2a:59:01:e2:5f:33:85:e9:f4:5f: 38:dc:fd:24:9c:15:5a:1e:b6:ce:6a:9a:91:94:a7:65:c3:ca: 5d:43:8c:78:bf:4a:d3:09:42:57:fc:90:95:cf:38:22:c6:9c: bb:c9:4f:91:0d:77:1a:b3:1d:a3:59:1a:ca:79:90:91:69:cd: d0:44:49:bb:40:40:e1:d8:4f:ed:73:c3:49:e1:18:ce:88:38: f1:49:e6:f2:1b:63:72:a8:78:ad:75:df:43:f5:68:e7:49:62: 1a:3f:8d:8a:5e:68:79:be:b7:e9:15:28:1b:50:34:82:16:fb: 4f:e8:84:6e:64:72:96:c4:38:85:70:71:91:ff:f0:e2:1f:9d: b1:22:e4:25:d5:23:a0:be:1e:85:eb:6e:33:72:cd:76:d4:e3: 81:95:66:e6:30:5a:97:19:78:24:0f:da:46:8e:bd:9d:89:77: ba:b9:17:8d:94:e5:8f:31:e8:8b:14:16:7a:3f:60:29:8f:d5: 87:4c:49:8b:b5:e5:6f:d5:6f:16:0c:86:0d:45:f3:e2:58:e4: 8c:4b:d7:51:57:54:42:29:67:5e:4f:00:f0:0c:3e:92:87:93: 4f:e5:75:47 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt/FY+A93UBLYZQ/FMhO9eMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMWVjNDYyNmVjZGUyNTMzNWFmZjA4OGIwNGM3MTM5NWFl NmJjMjQwHhcNMjYwMTAyMTQyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YzM5MWE0YmUyNTNiY2MzNjI1ODgwOTYxYjhjYTYzYTUxYWU1OWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VDOkBNGV+hb8762mGySJ0AXvKpj ykDUelUyDwBWmTOXnyMj+biLGeK0JhoUckh+ewHRQSX/HAN9HmzEQCKcxwF3ix0a odV9t6igL4qa9GazujjYDxVGDV4el/1Uqd8s5NL4l6ps92DILKzZlkgzXsIAvs+3 RhAArNz6qDErzj0czQPNg/LccGcQ+VLM1q60kZciFmOYdbWuifkan0v9wZdTrAY5 eJIh/lbbSjkpXGRw/1RE0j9PbmHkGzzzKsrC0+5aU0tgUcWhxRNwb/CsH5Prsw1D XR86KqhiLDnMF203/GyKMpw/GcaHRkfjTRpJxvUkH5CV8r0r35OyK86zFwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFEw5GkviU7zDYliAlhuMpjpRrlm5MB8GA1UdIwQY MBaAFDIexGJuzeJTNa/wiLBMcTla5rwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0Nzkt YjA4NGM3Mzg2MWI4LzEvVERrYVMtSlR2TU5pV0lDV0c0eW1PbEd1V2JrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC84ZTA4YjMtNDg3Yy00ODVhLTk0NzktYjA4NGM3Mzg2MWI4 LzEvTWg3RVltN040bE0xcl9DSXNFeHhPVnJtdkNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9S2AwQA W9hdAwQAW9x/AwQCW+PcAwQCuStsAwQAwgD8MA0EAgACMAcDBQIqAWxgMA0GCSqG SIb3DQEBCwUAA4IBAQAgLLmPoCEGr7Q5mEMUH0OODISp74ejpRdqQipZAeJfM4Xp 9F843P0knBVaHrbOapqRlKdlw8pdQ4x4v0rTCUJX/JCVzzgixpy7yU+RDXcasx2j WRrKeZCRac3QREm7QEDh2E/tc8NJ4RjOiDjxSebyG2NyqHitdd9D9WjnSWIaP42K Xmh5vrfpFSgbUDSCFvtP6IRuZHKWxDiFcHGR//DiH52xIuQl1SOgvh6F624zcs12 1OOBlWbmMFqXGXgkD9pGjr2diXe6uReNlOWPMeiLFBZ6P2Apj9WHTEmLteVv1W8W DIYNRfPiWOSMS9dRV1RCKWdeTwDwDD6Sh5NP5XVH -----END CERTIFICATE-----Generated at Sun Jan 25 20:00:52 2026 by rpki-client