This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/tfjD1TzFroCRpYCznfdPEgCSvX8.roa File: tfjD1TzFroCRpYCznfdPEgCSvX8.roa (raw, json) Hash identifier: u220kJVCWbv+NR8D6urQHZ0h8UgyTPW+PkohUPZwTYQ= Subject key identifier: B5:F8:C3:D5:3C:C5:AE:80:91:A5:80:B3:9D:F7:4F:12:00:92:BD:7F Certificate issuer: /CN=8d3f356a02d9679ce890b5d51e0dec2f3f363361 Certificate serial: 019AE8E30E800C18DDABBB7FA0577C14DECB Authority key identifier: 8D:3F:35:6A:02:D9:67:9C:E8:90:B5:D5:1E:0D:EC:2F:3F:36:33:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/tfjD1TzFroCRpYCznfdPEgCSvX8.roa Signing time: Thu 04 Dec 2025 10:23:05 +0000 ROA not before: Thu 04 Dec 2025 10:23:05 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213042 IP address blocks: 2a11:4e00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.crl rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.mft rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e8:e3:0e:80:0c:18:dd:ab:bb:7f:a0:57:7c:14:de:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d3f356a02d9679ce890b5d51e0dec2f3f363361 Validity Not Before: Dec 4 10:23:05 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b5f8c3d53cc5ae8091a580b39df74f120092bd7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4b:55:cc:a8:ee:6e:5e:84:44:5b:71:75:26: 8f:bf:bf:b8:1c:91:c6:75:7d:a9:45:13:85:c2:a5: d9:c0:ef:cc:a0:5b:0b:bc:c8:f0:f8:68:ba:50:02: 51:0b:4b:97:23:c1:77:01:39:03:98:f6:c7:89:b4: 10:b8:bc:30:59:42:5d:bd:ab:27:59:07:9a:17:77: a5:22:47:f1:97:c3:54:6c:fb:74:4f:0c:5f:24:cb: af:a1:a6:66:b1:e4:c6:6b:33:1b:98:e8:e8:13:3d: 34:d9:09:65:a5:ee:5b:cc:8c:2c:3c:2e:02:fe:b2: be:d4:00:40:a7:46:aa:57:f7:ab:a8:cd:83:ec:93: 07:50:ac:61:a6:03:77:fa:9e:8d:5a:b2:ae:3b:d0: 83:e0:17:d2:24:b9:a3:42:61:b1:77:30:a0:bf:78: 84:15:2d:ab:59:b3:d0:34:12:9f:59:c8:52:ac:de: 21:3b:9b:78:b6:36:18:c5:1b:66:8b:b5:93:f0:5f: 5c:ac:da:ff:26:42:08:f0:18:dd:be:8d:6f:38:b2: 58:c6:e5:9e:ad:1d:34:56:fa:db:a5:4d:67:b6:92: 3d:1c:2f:79:ac:bf:c6:14:5e:0f:cd:92:59:f7:5e: 5e:b1:73:c9:5b:53:76:bd:85:d7:f9:15:74:c1:51: 22:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:F8:C3:D5:3C:C5:AE:80:91:A5:80:B3:9D:F7:4F:12:00:92:BD:7F X509v3 Authority Key Identifier: keyid:8D:3F:35:6A:02:D9:67:9C:E8:90:B5:D5:1E:0D:EC:2F:3F:36:33:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jT81agLZZ5zokLXVHg3sLz82M2E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/tfjD1TzFroCRpYCznfdPEgCSvX8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/566cb1-7915-4ffd-8570-6b93af613d7d/1/jT81agLZZ5zokLXVHg3sLz82M2E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:4e00::/29 Signature Algorithm: sha256WithRSAEncryption 23:2f:06:ad:d0:9a:60:ee:e5:71:68:e3:d6:32:ca:f1:ed:47: 67:70:4d:1f:8a:f2:c6:77:91:d5:51:6a:ae:09:3a:3b:6c:dc: e5:16:da:a8:13:b4:d0:7b:47:20:15:ca:93:f6:eb:a7:9d:61: c4:52:e6:ce:f2:73:f2:a6:dd:2a:56:79:cc:ba:19:34:b2:ec: 50:f1:90:c0:4d:fb:d7:0f:94:11:7b:7f:fa:0b:d6:15:0a:b3: ac:12:93:ba:9f:c3:b6:ad:6c:9a:9f:10:f2:85:3f:a2:74:57: d6:5f:a4:6b:08:3c:89:29:11:b6:ec:87:e7:10:95:0b:73:95: 3a:55:19:e0:f9:1e:f0:f8:06:4e:a6:c6:9e:5e:73:73:f2:5b: 79:fc:0c:eb:fd:2a:fe:36:1d:27:8e:db:3f:78:9f:fb:33:f7: 5f:5d:80:73:35:f9:80:80:60:62:fe:c4:2a:d9:91:ae:a5:3f: 02:d2:1d:18:67:dc:70:97:79:ef:6a:92:2c:da:36:2e:2e:30: 15:fc:6d:33:bb:cf:2a:52:7a:fd:86:8f:60:3e:a7:29:3f:e3: f0:bb:cf:43:5a:3b:34:e5:9c:c5:25:c6:80:d1:02:bf:b3:89: b5:82:46:f3:da:41:dd:22:57:fd:57:da:51:4a:60:b2:89:00: 8e:04:d7:e6 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZro4w6ADBjdq7t/oFd8FN7LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkM2YzNTZhMDJkOTY3OWNlODkwYjVkNTFlMGRlYzJmM2Yz NjMzNjEwHhcNMjUxMjA0MTAyMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNWY4YzNkNTNjYzVhZTgwOTFhNTgwYjM5ZGY3NGYxMjAwOTJiZDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwktVzKjubl6ERFtxdSaPv7+4HJHG dX2pRROFwqXZwO/MoFsLvMjw+Gi6UAJRC0uXI8F3ATkDmPbHibQQuLwwWUJdvasn WQeaF3elIkfxl8NUbPt0TwxfJMuvoaZmseTGazMbmOjoEz002Qllpe5bzIwsPC4C /rK+1ABAp0aqV/erqM2D7JMHUKxhpgN3+p6NWrKuO9CD4BfSJLmjQmGxdzCgv3iE FS2rWbPQNBKfWchSrN4hO5t4tjYYxRtmi7WT8F9crNr/JkII8Bjdvo1vOLJYxuWe rR00VvrbpU1ntpI9HC95rL/GFF4PzZJZ915esXPJW1N2vYXX+RV0wVEiKwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFLX4w9U8xa6AkaWAs533TxIAkr1/MB8GA1UdIwQY MBaAFI0/NWoC2Wec6JC11R4N7C8/NjNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalQ4MWFnTFpaNXpva0xYVkhnM3NMejgyTTJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81NjZjYjEtNzkxNS00ZmZkLTg1NzAt NmI5M2FmNjEzZDdkLzEvdGZqRDFUekZyb0NScFlDem5mZFBFZ0NTdlg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny81NjZjYjEtNzkxNS00ZmZkLTg1NzAtNmI5M2FmNjEzZDdk LzEvalQ4MWFnTFpaNXpva0xYVkhnM3NMejgyTTJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhFOADAN BgkqhkiG9w0BAQsFAAOCAQEAIy8GrdCaYO7lcWjj1jLK8e1HZ3BNH4ryxneR1VFq rgk6O2zc5RbaqBO00HtHIBXKk/brp51hxFLmzvJz8qbdKlZ5zLoZNLLsUPGQwE37 1w+UEXt/+gvWFQqzrBKTup/Dtq1smp8Q8oU/onRX1l+kawg8iSkRtuyH5xCVC3OV OlUZ4Pke8PgGTqbGnl5zc/JbefwM6/0q/jYdJ47bP3if+zP3X12AczX5gIBgYv7E KtmRrqU/AtIdGGfccJd572qSLNo2Li4wFfxtM7vPKlJ6/YaPYD6nKT/j8LvPQ1o7 NOWcxSXGgNECv7OJtYJG89pB3SJX/VfaUUpgsokAjgTX5g== -----END CERTIFICATE-----Generated at Sat Dec 6 23:57:46 2025 by rpki-client