This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/TSHJR7t_h4lY6OtODk4NYZYIvoI.roa File: TSHJR7t_h4lY6OtODk4NYZYIvoI.roa (raw, json) Hash identifier: nZZ1K88HLdIq7tvKgkaT5D6x3S02smPWRQep/qDoAIk= Subject key identifier: 4D:21:C9:47:BB:7F:87:89:58:E8:EB:4E:0E:4E:0D:61:96:08:BE:82 Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C801FC755F57B36BB62EC952E09A28C Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/TSHJR7t_h4lY6OtODk4NYZYIvoI.roa Signing time: Fri 02 Jan 2026 02:18:50 +0000 ROA not before: Fri 02 Jan 2026 02:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47818 IP address blocks: 194.2.42.0/24 maxlen: 24 217.109.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:1f:c7:55:f5:7b:36:bb:62:ec:95:2e:09:a2:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d21c947bb7f878958e8eb4e0e4e0d619608be82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:0d:4e:c1:b3:da:db:e1:f7:db:42:85:3f:d1: 70:cf:8a:86:c5:31:f6:34:67:97:89:a0:8d:06:12: 0e:31:f2:70:53:21:5c:87:b4:16:b8:40:8f:8d:89: 4d:79:c3:a8:3e:49:43:a5:e1:e3:31:1d:2d:2e:11: 86:6c:d0:66:04:cf:7c:7a:39:fc:3b:d1:4b:89:4d: 1e:2b:63:40:79:bf:ad:99:ef:06:d2:d1:c1:a7:61: 3e:0f:5e:1b:67:cf:59:d4:b5:c2:97:f9:25:53:6f: 39:8f:6f:97:aa:27:af:3b:d5:7f:44:74:0c:3e:b9: 44:95:5f:3e:98:23:38:88:2d:f4:8b:2b:a4:05:ad: b7:59:e4:41:68:fc:86:62:1b:d3:51:d0:b2:c5:d3: 34:5f:d5:c5:3d:dc:3c:d7:14:52:4e:5b:6c:71:1e: 43:ba:39:97:c3:24:ed:54:f0:37:91:25:0a:3e:77: fe:81:85:e3:6d:45:fa:fe:3b:54:c8:38:5b:29:81: e4:f0:7e:d5:a3:9b:67:83:7c:55:fc:9e:15:87:3a: 46:0a:88:ad:b5:12:d4:f6:ee:a4:b8:3a:37:c7:32: 04:c5:e2:d6:35:ea:07:55:38:e7:c9:99:84:b6:57: c9:99:f8:eb:a1:03:cb:83:64:4d:44:20:5c:32:d2: af:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:21:C9:47:BB:7F:87:89:58:E8:EB:4E:0E:4E:0D:61:96:08:BE:82 X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/TSHJR7t_h4lY6OtODk4NYZYIvoI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.2.42.0/24 217.109.108.0/24 Signature Algorithm: sha256WithRSAEncryption a3:76:d9:f1:48:9e:8c:77:e9:49:1a:6a:ca:80:89:f2:5a:68: b2:fa:e1:38:b6:1f:62:33:48:03:47:a6:a6:03:9c:c2:bf:74: bc:1e:9b:17:b0:33:65:f1:6e:5e:01:4c:68:f2:e8:c5:c2:9c: ea:0e:6c:eb:10:dc:2f:cb:7b:fd:51:85:82:3b:89:40:17:b0: 52:ff:71:a8:06:fc:3e:37:df:5a:ff:20:65:b4:6c:5e:54:61: 56:dc:52:60:49:58:ff:91:0f:10:94:2d:0c:1d:4b:3b:ca:26: 43:9d:02:d1:34:2e:a9:1b:d6:58:5f:9a:31:92:65:10:b2:64: 61:61:41:53:4a:52:48:87:cd:a4:8a:dd:c3:66:08:af:31:f1: 0d:d3:0c:d6:da:7d:f0:10:e5:04:06:95:25:f9:f9:da:77:d9: 30:12:e7:01:7e:49:69:0b:45:ba:8a:78:c7:cb:e0:04:5f:be: 31:e9:aa:76:97:1a:e4:69:04:a2:15:0d:a9:b0:7a:f2:04:67: a1:f6:1f:f4:61:89:6e:ea:45:dd:c1:d4:73:f5:d9:9c:a9:c3: 27:00:cf:1f:4f:f4:40:ff:74:54:76:96:9a:16:f2:4f:14:97: 5c:56:ce:f1:fa:64:2e:be:09:b9:4d:22:71:85:8c:31:1c:9e: 0b:f9:b1:f2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gB/HVfV7Nrti7JUuCaKMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDIxYzk0N2JiN2Y4Nzg5NThlOGViNGUwZTRlMGQ2MTk2MDhiZTgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ1OwbPa2+H320KFP9Fwz4qGxTH2 NGeXiaCNBhIOMfJwUyFch7QWuECPjYlNecOoPklDpeHjMR0tLhGGbNBmBM98ejn8 O9FLiU0eK2NAeb+tme8G0tHBp2E+D14bZ89Z1LXCl/klU285j2+XqievO9V/RHQM PrlElV8+mCM4iC30iyukBa23WeRBaPyGYhvTUdCyxdM0X9XFPdw81xRSTltscR5D ujmXwyTtVPA3kSUKPnf+gYXjbUX6/jtUyDhbKYHk8H7Vo5tng3xV/J4VhzpGCoit tRLU9u6kuDo3xzIExeLWNeoHVTjnyZmEtlfJmfjroQPLg2RNRCBcMtKvSQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFE0hyUe7f4eJWOjrTg5ODWGWCL6CMB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvVFNISlI3dF9oNGxZNk90T0RrNE5ZWllJdm9JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgIqAwQA 2W1sMA0GCSqGSIb3DQEBCwUAA4IBAQCjdtnxSJ6Md+lJGmrKgInyWmiy+uE4th9i M0gDR6amA5zCv3S8HpsXsDNl8W5eAUxo8ujFwpzqDmzrENwvy3v9UYWCO4lAF7BS /3GoBvw+N99a/yBltGxeVGFW3FJgSVj/kQ8QlC0MHUs7yiZDnQLRNC6pG9ZYX5ox kmUQsmRhYUFTSlJIh82kit3DZgivMfEN0wzW2n3wEOUEBpUl+fnad9kwEucBfklp C0W6injHy+AEX74x6ap2lxrkaQSiFQ2psHryBGeh9h/0YYlu6kXdwdRz9dmcqcMn AM8fT/RA/3RUdpaaFvJPFJdcVs7x+mQuvgm5TSJxhYwxHJ4L+bHy -----END CERTIFICATE-----Generated at Sun Jan 25 19:01:17 2026 by rpki-client