This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/tbcmmXBw3ZIYzwt4SULlG4fEW4c.roa File: tbcmmXBw3ZIYzwt4SULlG4fEW4c.roa (raw, json) Hash identifier: 1XrkcGJtOYvvhy1+G9sGbL7q4EKrPWSn1X+QN9f+LUQ= Subject key identifier: B5:B7:26:99:70:70:DD:92:18:CF:0B:78:49:42:E5:1B:87:C4:5B:87 Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414 Certificate serial: 019BEFC6EE876780C03337A6BF10F58B2C5E Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/tbcmmXBw3ZIYzwt4SULlG4fEW4c.roa Signing time: Sat 24 Jan 2026 11:32:30 +0000 ROA not before: Sat 24 Jan 2026 11:32:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58285 IP address blocks: 2a05:f685::/32 maxlen: 64 2a12:6d00::/29 maxlen: 64 2a12:7c80::/29 maxlen: 64 2a12:b080::/29 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.mft rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ef:c6:ee:87:67:80:c0:33:37:a6:bf:10:f5:8b:2c:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414 Validity Not Before: Jan 24 11:32:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b5b726997070dd9218cf0b784942e51b87c45b87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:d9:66:43:b4:8c:3f:b5:aa:dd:46:19:99:7f: a4:f7:d3:f0:a1:eb:d1:23:8a:30:12:77:15:5c:72: 81:18:c0:19:35:7f:eb:95:da:df:f1:7d:78:2d:a9: bc:cc:49:f0:50:9e:d6:f8:42:bc:9d:e8:59:70:0f: 86:d8:10:06:3f:9e:ca:98:3f:a4:ba:b0:e9:58:c9: bf:54:c1:08:f1:cc:1c:3e:65:35:ca:f6:1d:b0:6a: 1b:52:7f:64:59:46:c3:c8:69:40:7d:1a:fc:70:ab: ea:5b:2e:48:01:43:18:9a:af:bd:d3:5c:b7:44:41: 2b:c0:85:b9:43:4d:52:36:e1:49:b8:06:3d:b8:0a: c1:c8:59:d8:16:c3:2e:de:40:35:c6:82:58:82:b6: f0:d0:fd:f4:cf:41:f1:e7:91:26:5b:d6:73:14:3d: 78:13:e8:fc:9d:62:57:ab:2d:0e:38:3b:11:a8:ad: 59:0c:97:0e:fd:18:52:6c:d5:2a:e6:37:10:6a:c8: d0:62:2a:f3:a7:67:ed:ef:4e:d6:c7:3d:34:07:04: 24:89:c3:53:24:8a:84:3a:7d:52:56:5f:ad:94:05: da:d9:49:12:ec:71:03:4d:61:0b:72:68:8c:17:57: 28:ae:f7:c3:10:b7:37:8c:58:e4:ee:c4:5a:32:e6: 7c:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:B7:26:99:70:70:DD:92:18:CF:0B:78:49:42:E5:1B:87:C4:5B:87 X509v3 Authority Key Identifier: keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/tbcmmXBw3ZIYzwt4SULlG4fEW4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:f685::/32 2a12:6d00::/29 2a12:7c80::/29 2a12:b080::/29 Signature Algorithm: sha256WithRSAEncryption 64:95:33:a3:44:f7:38:b8:93:af:0c:2f:b4:4d:01:5b:42:7a: 2c:51:25:b9:2d:73:e0:aa:49:af:ef:64:74:7a:d7:c8:28:50: 86:b1:21:3b:a9:bb:ce:2f:b6:3a:c5:28:46:45:78:ee:4a:11: 49:42:fb:46:fb:65:f0:3b:18:cf:46:88:fc:15:57:e2:41:f6: a9:2e:02:48:e5:e7:76:65:99:91:2f:d5:86:71:71:47:6c:3f: 4d:0f:e8:54:48:90:1a:31:66:15:53:99:5b:df:f0:dc:21:4f: c6:f2:99:94:0e:c1:9b:a8:cd:30:51:25:c2:ad:8c:64:56:1a: 05:cf:2b:ec:3c:10:9b:ea:58:c4:bb:93:cd:cd:2d:51:a1:f9: bb:0b:7b:64:d8:45:cb:37:7c:5e:30:e9:d2:7a:bb:1a:7c:f0: a2:8b:fb:00:27:9a:bd:5a:04:4f:b9:20:a5:7e:4d:b1:63:db: 00:db:f0:b8:88:93:c5:f5:9d:0a:fc:e4:0a:00:31:db:e0:e0: c8:4f:a4:c8:e4:00:8e:88:0f:49:2b:72:6e:50:a7:57:ba:97: d9:6a:62:7a:a0:88:de:23:d9:6a:df:6e:d4:c4:ec:dc:8b:dd: f3:9f:85:8e:2c:c2:f0:53:9b:a4:d5:3a:50:4d:42:8c:5c:59: c9:3f:40:77 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZvvxu6HZ4DAMzemvxD1iyxeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy ZmY0MTQwHhcNMjYwMTI0MTEzMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNWI3MjY5OTcwNzBkZDkyMThjZjBiNzg0OTQyZTUxYjg3YzQ1Yjg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdlmQ7SMP7Wq3UYZmX+k99PwoevR I4owEncVXHKBGMAZNX/rldrf8X14Lam8zEnwUJ7W+EK8nehZcA+G2BAGP57KmD+k urDpWMm/VMEI8cwcPmU1yvYdsGobUn9kWUbDyGlAfRr8cKvqWy5IAUMYmq+901y3 REErwIW5Q01SNuFJuAY9uArByFnYFsMu3kA1xoJYgrbw0P30z0Hx55EmW9ZzFD14 E+j8nWJXqy0OODsRqK1ZDJcO/RhSbNUq5jcQasjQYirzp2ft707Wxz00BwQkicNT JIqEOn1SVl+tlAXa2UkS7HEDTWELcmiMF1corvfDELc3jFjk7sRaMuZ8TwIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFLW3JplwcN2SGM8LeElC5RuHxFuHMB8GA1UdIwQY MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt Y2ZjNDZhNzZlYzc4LzEvdGJjbW1YQnczWklZend0NFNVTGxHNGZFVzRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4 LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgX2hQMF AyoSbQADBQMqEnyAAwUDKhKwgDANBgkqhkiG9w0BAQsFAAOCAQEAZJUzo0T3OLiT rwwvtE0BW0J6LFEluS1z4KpJr+9kdHrXyChQhrEhO6m7zi+2OsUoRkV47koRSUL7 Rvtl8DsYz0aI/BVX4kH2qS4CSOXndmWZkS/VhnFxR2w/TQ/oVEiQGjFmFVOZW9/w 3CFPxvKZlA7Bm6jNMFElwq2MZFYaBc8r7DwQm+pYxLuTzc0tUaH5uwt7ZNhFyzd8 XjDp0nq7Gnzwoov7ACeavVoET7kgpX5NsWPbANvwuIiTxfWdCvzkCgAx2+DgyE+k yOQAjogPSStyblCnV7qX2WpieqCI3iPZat9u1MTs3Ivd85+FjizC8FObpNU6UE1C jFxZyT9Adw== -----END CERTIFICATE-----Generated at Sun Jan 25 13:33:10 2026 by rpki-client