This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/1tq3O762pd4piMgBW1bA4-OkYdE.roa File: 1tq3O762pd4piMgBW1bA4-OkYdE.roa (raw, json) Hash identifier: 5SImQwh0Wwz5tGyZ+mkSamCxnSlJbvkXrVz7wNpOrGA= Subject key identifier: D6:DA:B7:3B:BE:B6:A5:DE:29:88:C8:01:5B:56:C0:E3:E3:A4:61:D1 Certificate issuer: /CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee Certificate serial: 019B7834E217D3C3244475E8A2AF2BCD3286 Authority key identifier: 25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/1tq3O762pd4piMgBW1bA4-OkYdE.roa Signing time: Thu 01 Jan 2026 06:18:10 +0000 ROA not before: Thu 01 Jan 2026 06:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61125 IP address blocks: 45.66.35.0/24 maxlen: 24 2a09:61c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.mft rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:e2:17:d3:c3:24:44:75:e8:a2:af:2b:cd:32:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=25cf9d8d552cdc7d8c0dc6f649b301f2351409ee Validity Not Before: Jan 1 06:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d6dab73bbeb6a5de2988c8015b56c0e3e3a461d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:92:c6:ef:9c:c2:5f:15:0f:4a:9f:01:3b:a1: 88:b5:ef:32:fc:0c:f5:42:35:68:02:ad:6b:0c:e5: 51:9b:98:b4:ba:d4:95:ff:f6:79:68:ca:47:1f:51: 27:8e:77:8f:af:3e:cd:66:7c:2e:20:b4:e8:ea:8e: 98:54:83:07:bd:40:e3:7a:b7:03:0a:53:ea:c5:a9: 7f:2e:30:7a:bb:1d:d1:74:8b:eb:31:b6:01:45:2e: a4:19:15:4d:52:27:0f:8c:5c:b1:a2:3b:50:2a:a5: 9b:e5:a1:f3:09:24:99:33:db:33:09:57:e0:58:c6: e6:96:07:07:79:28:0b:b3:c7:1a:20:f4:5a:9e:16: 24:e6:4c:9a:21:be:7f:1f:ad:87:99:9b:1c:ea:cc: d7:e0:54:ee:28:19:87:9b:c1:55:5c:aa:6a:b8:ef: 6d:30:60:f5:b8:42:5e:55:14:cd:3b:ed:7a:21:78: 5a:e0:e2:24:de:16:4f:a5:34:6f:98:83:f7:40:7a: 5e:92:d2:af:44:ab:19:c7:0f:ca:9a:a8:39:99:52: 00:b8:db:fc:4e:97:72:03:e8:89:8c:6e:74:cd:b2: 47:75:52:79:05:21:20:d7:a4:a0:e2:05:a7:e6:b2: 27:14:e5:e7:da:f2:20:d1:b0:79:da:5a:87:40:48: 27:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:DA:B7:3B:BE:B6:A5:DE:29:88:C8:01:5B:56:C0:E3:E3:A4:61:D1 X509v3 Authority Key Identifier: keyid:25:CF:9D:8D:55:2C:DC:7D:8C:0D:C6:F6:49:B3:01:F2:35:14:09:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jc-djVUs3H2MDcb2SbMB8jUUCe4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/1tq3O762pd4piMgBW1bA4-OkYdE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/a0e08a-9ff0-44b4-bcc4-a10690a744e4/1/Jc-djVUs3H2MDcb2SbMB8jUUCe4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.35.0/24 IPv6: 2a09:61c0::/48 Signature Algorithm: sha256WithRSAEncryption c1:92:ff:52:b6:91:48:e4:ac:52:8e:0a:ea:0e:0e:38:21:7d: b5:bf:d5:73:82:74:08:4d:f1:e6:ed:ab:78:f2:13:3b:08:f8: 55:66:9e:37:5e:b7:3d:ac:36:f3:c7:d3:96:e6:f7:ee:0d:c5: f4:18:b9:03:19:19:e3:d8:4c:c9:37:b4:0a:b3:8a:ce:3b:8f: d3:d4:f2:df:e1:f0:d6:29:1f:88:bd:b7:bf:8d:8b:34:83:31: 46:5c:10:c7:bc:54:3a:00:a1:02:b8:4c:88:57:98:87:c6:1a: 34:ef:34:6a:1d:ea:a6:15:d9:63:dd:1e:2b:18:78:ce:af:f8: 48:3e:4f:49:10:a5:b6:bf:77:a4:2d:0f:34:db:01:d1:4f:34: e8:5c:39:8b:8a:f5:55:d0:34:60:0d:7d:af:15:cb:5d:b9:f4: eb:5a:7a:09:45:c2:83:f3:14:40:03:7b:a3:6d:af:b5:7d:04: cc:fc:b7:52:18:28:d9:b3:09:4e:24:fb:df:27:3f:e3:9f:09: 3f:46:d5:05:48:18:39:20:64:68:17:b9:12:41:9b:f6:c0:46: 88:31:1b:c4:14:cf:d1:53:17:2e:a5:e5:66:d9:4f:15:f2:59: 0f:ad:da:65:2d:4f:52:3f:84:f0:ad:14:9e:29:f2:a4:66:d2: 7d:64:39:82 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4NOIX08MkRHXooq8rzTKGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI1Y2Y5ZDhkNTUyY2RjN2Q4YzBkYzZmNjQ5YjMwMWYyMzUx NDA5ZWUwHhcNMjYwMTAxMDYxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNmRhYjczYmJlYjZhNWRlMjk4OGM4MDE1YjU2YzBlM2UzYTQ2MWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJLG75zCXxUPSp8BO6GIte8y/Az1 QjVoAq1rDOVRm5i0utSV//Z5aMpHH1EnjnePrz7NZnwuILTo6o6YVIMHvUDjercD ClPqxal/LjB6ux3RdIvrMbYBRS6kGRVNUicPjFyxojtQKqWb5aHzCSSZM9szCVfg WMbmlgcHeSgLs8caIPRanhYk5kyaIb5/H62HmZsc6szX4FTuKBmHm8FVXKpquO9t MGD1uEJeVRTNO+16IXha4OIk3hZPpTRvmIP3QHpektKvRKsZxw/Kmqg5mVIAuNv8 TpdyA+iJjG50zbJHdVJ5BSEg16Sg4gWn5rInFOXn2vIg0bB52lqHQEgnvwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNbatzu+tqXeKYjIAVtWwOPjpGHRMB8GA1UdIwQY MBaAFCXPnY1VLNx9jA3G9kmzAfI1FAnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQt YTEwNjkwYTc0NGU0LzEvMXRxM083NjJwZDRwaU1nQlcxYkE0LU9rWWRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9hMGUwOGEtOWZmMC00NGI0LWJjYzQtYTEwNjkwYTc0NGU0 LzEvSmMtZGpWVXMzSDJNRGNiMlNiTUI4alVVQ2U0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALUIjMA8E AgACMAkDBwAqCWHAAAAwDQYJKoZIhvcNAQELBQADggEBAMGS/1K2kUjkrFKOCuoO DjghfbW/1XOCdAhN8ebtq3jyEzsI+FVmnjdetz2sNvPH05bm9+4NxfQYuQMZGePY TMk3tAqzis47j9PU8t/h8NYpH4i9t7+NizSDMUZcEMe8VDoAoQK4TIhXmIfGGjTv NGod6qYV2WPdHisYeM6v+Eg+T0kQpba/d6QtDzTbAdFPNOhcOYuK9VXQNGANfa8V y1259OtaeglFwoPzFEADe6Ntr7V9BMz8t1IYKNmzCU4k+98nP+OfCT9G1QVIGDkg ZGgXuRJBm/bARogxG8QUz9FTFy6l5WbZTxXyWQ+t2mUtT1I/hPCtFJ4p8qRm0n1k OYI= -----END CERTIFICATE-----Generated at Sun Jan 25 16:17:32 2026 by rpki-client