This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Tc4CAh9lS80BZ9dbmj1pr8WLlH8.roa File: Tc4CAh9lS80BZ9dbmj1pr8WLlH8.roa (raw, json) Hash identifier: Dr9i6cOA2yEzX8iFA7R0H7E6G18fvOOWvVpVMLf7nS4= Subject key identifier: 4D:CE:02:02:1F:65:4B:CD:01:67:D7:5B:9A:3D:69:AF:C5:8B:94:7F Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511 Certificate serial: 019B7C801A8167818EFA86866E27EC37A00B Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Tc4CAh9lS80BZ9dbmj1pr8WLlH8.roa Signing time: Fri 02 Jan 2026 02:18:48 +0000 ROA not before: Fri 02 Jan 2026 02:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 37173 IP address blocks: 193.251.153.0/24 maxlen: 24 193.251.218.0/23 maxlen: 24 193.251.222.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:1a:81:67:81:8e:fa:86:86:6e:27:ec:37:a0:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511 Validity Not Before: Jan 2 02:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4dce02021f654bcd0167d75b9a3d69afc58b947f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:06:11:86:5c:48:a5:93:93:11:2a:15:df:d4: aa:ff:8c:2f:e0:32:c7:85:d8:1d:c7:76:81:de:24: ed:ec:5a:cd:8e:24:bc:d8:b0:e3:70:9b:b8:9a:94: 37:7c:51:54:1d:61:79:85:76:3c:37:dd:a2:dc:d8: 5f:ca:da:b4:21:c4:99:09:c7:af:47:c4:50:07:4e: 42:a6:6f:3c:c1:e2:4b:3b:a0:ea:75:1f:0a:46:69: a6:6c:b4:42:a6:79:ef:07:00:90:ee:9b:95:90:81: 69:94:d2:dc:11:d7:2d:fe:d5:da:8f:18:ba:77:e8: 36:f7:91:ca:01:2d:f6:33:05:75:c0:0e:5d:9d:9c: 99:fe:4f:dd:ca:fb:f2:b9:8b:36:94:d7:a4:90:04: b1:2d:67:e0:06:b2:52:ec:03:53:fb:08:bf:c4:44: 5c:4c:66:f5:ce:08:08:7d:2a:00:51:3b:a6:d6:07: 63:93:90:57:53:e2:04:37:dc:5c:fb:2f:2a:90:b2: e9:13:34:71:ae:d1:24:50:b5:54:26:84:c2:8e:11: 32:07:4c:63:a2:33:75:95:e6:0f:04:68:3a:58:ee: 7e:d8:65:bb:ec:d3:7d:13:b1:02:d6:02:ae:dc:09: ec:52:34:0b:da:ac:93:69:a9:62:9e:8a:cd:87:42: 27:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:CE:02:02:1F:65:4B:CD:01:67:D7:5B:9A:3D:69:AF:C5:8B:94:7F X509v3 Authority Key Identifier: keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Tc4CAh9lS80BZ9dbmj1pr8WLlH8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.251.153.0/24 193.251.218.0/23 193.251.222.0/23 Signature Algorithm: sha256WithRSAEncryption 15:70:1c:3d:7a:7e:7c:1e:ba:4e:de:93:96:82:6d:9e:ec:9d: 98:da:e2:9a:2c:e6:00:0b:9b:d7:98:1f:06:72:f0:2c:3d:b4: 92:aa:fc:d7:2e:1f:8b:be:b8:69:26:5d:61:c3:79:8a:b6:66: 90:21:a0:15:e6:aa:b9:6a:70:7c:ab:f6:c1:b4:34:06:bf:e3: 6d:94:ca:6a:5e:b0:1c:19:92:bf:5e:4f:38:b8:d8:4a:55:ae: 31:56:1d:5a:ce:91:17:37:24:37:74:50:1a:33:4d:79:f0:d7: 70:47:7e:66:64:07:2e:11:eb:91:d1:5c:d5:9d:e5:ef:c0:95: b5:dc:e2:63:e1:05:ae:8e:8d:d3:f4:64:c8:71:fd:30:a0:e9: 6a:8d:d8:3f:2f:fd:49:fd:3e:cf:46:f7:c4:6b:ca:65:86:ae: 1f:1c:3c:9e:fd:bd:66:a4:61:ab:38:c7:60:b2:64:4d:49:ca: ec:bb:96:54:be:8a:c8:68:7a:73:be:3a:6c:95:c0:66:a8:2c: c6:fd:78:85:10:57:90:6d:cd:93:c9:ab:83:49:d6:cb:86:47: 8c:6c:52:0f:b3:ad:06:68:c5:3c:fc:58:22:e1:42:d1:e6:f9: 8f:d3:04:d3:a9:ce:39:ad:54:6c:0d:ca:4b:64:2d:e3:01:64: 72:c2:ae:40 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8gBqBZ4GO+oaGbifsN6ALMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh MTA1MTEwHhcNMjYwMTAyMDIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZGNlMDIwMjFmNjU0YmNkMDE2N2Q3NWI5YTNkNjlhZmM1OGI5NDdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngYRhlxIpZOTESoV39Sq/4wv4DLH hdgdx3aB3iTt7FrNjiS82LDjcJu4mpQ3fFFUHWF5hXY8N92i3Nhfytq0IcSZCcev R8RQB05Cpm88weJLO6DqdR8KRmmmbLRCpnnvBwCQ7puVkIFplNLcEdct/tXajxi6 d+g295HKAS32MwV1wA5dnZyZ/k/dyvvyuYs2lNekkASxLWfgBrJS7ANT+wi/xERc TGb1zggIfSoAUTum1gdjk5BXU+IEN9xc+y8qkLLpEzRxrtEkULVUJoTCjhEyB0xj ojN1leYPBGg6WO5+2GW77NN9E7EC1gKu3AnsUjQL2qyTaalinorNh0InNQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFE3OAgIfZUvNAWfXW5o9aa/Fi5R/MB8GA1UdIwQY MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt NDU5MzVmNTA2YTEyLzEvVGM0Q0FoOWxTODBCWjlkYm1qMXByOFdMbEg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwfuZAwQB wfvaAwQBwfveMA0GCSqGSIb3DQEBCwUAA4IBAQAVcBw9en58HrpO3pOWgm2e7J2Y 2uKaLOYAC5vXmB8GcvAsPbSSqvzXLh+LvrhpJl1hw3mKtmaQIaAV5qq5anB8q/bB tDQGv+NtlMpqXrAcGZK/Xk84uNhKVa4xVh1azpEXNyQ3dFAaM0158NdwR35mZAcu EeuR0VzVneXvwJW13OJj4QWujo3T9GTIcf0woOlqjdg/L/1J/T7PRvfEa8plhq4f HDye/b1mpGGrOMdgsmRNScrsu5ZUvorIaHpzvjpslcBmqCzG/XiFEFeQbc2TyauD SdbLhkeMbFIPs60GaMU8/Fgi4ULR5vmP0wTTqc45rVRsDcpLZC3jAWRywq5A -----END CERTIFICATE-----Generated at Sun Jan 25 19:02:41 2026 by rpki-client