This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/tnUfvHuSfgNPmXL_767D6WFBjgM.roa File: tnUfvHuSfgNPmXL_767D6WFBjgM.roa (raw, json) Hash identifier: uzNOTVodxRKJwKVmrKmjew5LKcOtf0ikdclKXzZYG5Y= Subject key identifier: B6:75:1F:BC:7B:92:7E:03:4F:99:72:FF:EF:AE:C3:E9:61:41:8E:03 Certificate issuer: /CN=5754d19527fd85d0d444acadd44a01655fdc7400 Certificate serial: 019B7BA52966C39DEAA1A2664E68081F4F34 Authority key identifier: 57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/tnUfvHuSfgNPmXL_767D6WFBjgM.roa Signing time: Thu 01 Jan 2026 22:19:40 +0000 ROA not before: Thu 01 Jan 2026 22:19:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13445 IP address blocks: 2a00:a640:10::/44 maxlen: 44 2a00:a640:20::/44 maxlen: 44 2a00:a640:100::/40 maxlen: 40 2a00:a640:200::/40 maxlen: 40 2a00:a640:300::/40 maxlen: 40 2a00:a640:400::/40 maxlen: 40 2a00:a640:1010::/44 maxlen: 44 2a00:a640:1020::/44 maxlen: 44 2a00:a640:10a0::/44 maxlen: 48 2a00:a640:1100::/44 maxlen: 44 2a00:a640:1200::/44 maxlen: 44 2a00:a640:1300::/44 maxlen: 44 2a00:a640:1400::/44 maxlen: 44 2a00:a640:2010::/44 maxlen: 44 2a00:a640:2020::/44 maxlen: 44 2a00:a640:20a0::/44 maxlen: 48 2a00:a640:2100::/44 maxlen: 44 2a00:a640:2200::/44 maxlen: 44 2a00:a640:2300::/44 maxlen: 44 2a00:a640:2400::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.mft rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:29:66:c3:9d:ea:a1:a2:66:4e:68:08:1f:4f:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5754d19527fd85d0d444acadd44a01655fdc7400 Validity Not Before: Jan 1 22:19:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b6751fbc7b927e034f9972ffefaec3e961418e03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:05:b7:3d:c8:e1:d9:dc:a3:62:b5:bf:71:a0: c3:b0:35:d2:2f:8c:4e:d0:a0:ca:88:58:fe:bb:3e: 10:93:d3:ca:69:04:ac:87:84:ee:5a:3b:8e:93:dc: f2:e9:6d:ec:dc:75:55:84:18:99:5a:f8:23:2e:99: 4c:0c:fc:bf:65:24:18:8a:06:2b:e0:31:fb:c7:26: 72:63:4e:d2:75:2e:37:58:ee:59:2c:0f:6b:f7:a6: 01:ea:c4:66:f5:69:35:57:be:d7:71:ab:a5:0e:e2: 3b:d2:55:77:20:83:ec:e1:2f:16:3f:fd:9b:d2:e7: 4c:a3:e4:39:34:38:8b:cc:1e:51:d3:cc:78:79:e8: dd:a3:57:5d:1d:49:9e:44:94:9a:58:00:bf:80:9b: 30:84:e4:47:29:a9:09:41:f1:a7:ea:c1:ce:b1:66: 43:a3:b7:30:f7:6f:b4:ba:a6:51:5b:49:46:44:6e: a7:66:08:63:d9:6e:2e:dd:12:79:20:74:6f:a7:1b: 9d:64:63:b9:2b:a9:e8:36:d6:90:d9:f3:fa:49:6c: b9:0d:7f:f0:01:a7:8f:13:8d:a6:31:04:79:c6:0a: ee:0a:53:35:2c:d1:c3:1e:70:79:08:17:f0:59:71: 12:78:55:83:53:b4:3f:6a:7f:70:d0:82:02:ac:be: 9b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:75:1F:BC:7B:92:7E:03:4F:99:72:FF:EF:AE:C3:E9:61:41:8E:03 X509v3 Authority Key Identifier: keyid:57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/tnUfvHuSfgNPmXL_767D6WFBjgM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:a640:10::-2a00:a640:2f:ffff:ffff:ffff:ffff:ffff 2a00:a640:100::-2a00:a640:4ff:ffff:ffff:ffff:ffff:ffff 2a00:a640:1010::-2a00:a640:102f:ffff:ffff:ffff:ffff:ffff 2a00:a640:10a0::/44 2a00:a640:1100::/44 2a00:a640:1200::/44 2a00:a640:1300::/44 2a00:a640:1400::/44 2a00:a640:2010::-2a00:a640:202f:ffff:ffff:ffff:ffff:ffff 2a00:a640:20a0::/44 2a00:a640:2100::/44 2a00:a640:2200::/44 2a00:a640:2300::/44 2a00:a640:2400::/44 Signature Algorithm: sha256WithRSAEncryption ce:90:6a:52:1b:5b:63:41:52:dd:ec:e6:2a:89:d5:3a:8f:95: f2:85:d6:bb:9d:bd:0b:ba:f2:39:1b:b1:09:cf:3c:3f:09:ba: ec:81:2a:bf:52:6f:37:cd:e0:1c:92:f4:92:e8:61:01:67:51: 8c:44:06:ef:f8:67:91:60:75:8f:c9:d3:08:65:e3:f9:5b:2a: f8:a4:cb:22:5e:41:42:8f:50:60:24:26:10:de:7b:16:0f:2f: 7a:17:8f:a1:ac:82:e9:e7:65:95:c9:e0:89:cd:1b:df:c5:9c: 24:6f:29:14:cf:c6:c5:be:ff:2e:e3:b5:8a:4d:4f:4b:cc:e5: 0b:ec:86:ac:38:00:a7:12:d6:9b:85:e5:d5:79:1e:a8:45:f7: 22:64:86:06:24:06:f5:b4:64:b0:65:5d:a9:8c:07:92:e2:ad: 71:77:47:9d:8e:be:b9:88:39:b4:b1:21:84:f9:55:72:fe:4f: 7b:33:d8:a0:cb:8c:20:3d:2c:0f:72:05:fa:ed:f5:13:7f:eb: df:0a:0b:27:22:4f:85:ec:eb:08:65:c7:dd:bb:c1:c9:ce:dd: 61:61:a1:40:e0:6d:2f:f2:cf:22:79:c5:ba:95:fa:76:cd:3d: e3:c2:d6:1c:1c:9f:a9:40:c5:ff:84:f7:28:55:0f:c6:1a:e7: 4f:a6:fe:c0 -----BEGIN CERTIFICATE----- MIIFpDCCBIygAwIBAgISAZt7pSlmw53qoaJmTmgIH080MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3NTRkMTk1MjdmZDg1ZDBkNDQ0YWNhZGQ0NGEwMTY1NWZk Yzc0MDAwHhcNMjYwMTAxMjIxOTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjc1MWZiYzdiOTI3ZTAzNGY5OTcyZmZlZmFlYzNlOTYxNDE4ZTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQW3Pcjh2dyjYrW/caDDsDXSL4xO 0KDKiFj+uz4Qk9PKaQSsh4TuWjuOk9zy6W3s3HVVhBiZWvgjLplMDPy/ZSQYigYr 4DH7xyZyY07SdS43WO5ZLA9r96YB6sRm9Wk1V77XcaulDuI70lV3IIPs4S8WP/2b 0udMo+Q5NDiLzB5R08x4eejdo1ddHUmeRJSaWAC/gJswhORHKakJQfGn6sHOsWZD o7cw92+0uqZRW0lGRG6nZghj2W4u3RJ5IHRvpxudZGO5K6noNtaQ2fP6SWy5DX/w AaePE42mMQR5xgruClM1LNHDHnB5CBfwWXESeFWDU7Q/an9w0IICrL6bTQIDAQAB o4ICsDCCAqwwHQYDVR0OBBYEFLZ1H7x7kn4DT5ly/++uw+lhQY4DMB8GA1UdIwQY MBaAFFdU0ZUn/YXQ1ESsrdRKAWVf3HQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYt MTE3NzYwMzE0MTVmLzEvdG5VZnZIdVNmZ05QbVhMXzc2N0Q2V0ZCamdNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYtMTE3NzYwMzE0MTVm LzEvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAIwgagwEgMH BCoApkAAEAMHBCoApkAAIDAQAwYAKgCmQAEDBgAqAKZABDASAwcEKgCmQBAQAwcE KgCmQBAgAwcEKgCmQBCgAwcEKgCmQBEAAwcEKgCmQBIAAwcEKgCmQBMAAwcEKgCm QBQAMBIDBwQqAKZAIBADBwQqAKZAICADBwQqAKZAIKADBwQqAKZAIQADBwQqAKZA IgADBwQqAKZAIwADBwQqAKZAJAAwDQYJKoZIhvcNAQELBQADggEBAM6QalIbW2NB Ut3s5iqJ1TqPlfKF1rudvQu68jkbsQnPPD8JuuyBKr9SbzfN4ByS9JLoYQFnUYxE Bu/4Z5FgdY/J0whl4/lbKvikyyJeQUKPUGAkJhDeexYPL3oXj6GsgunnZZXJ4InN G9/FnCRvKRTPxsW+/y7jtYpNT0vM5Qvshqw4AKcS1puF5dV5HqhF9yJkhgYkBvW0 ZLBlXamMB5LirXF3R52OvrmIObSxIYT5VXL+T3sz2KDLjCA9LA9yBfrt9RN/698K CyciT4Xs6whlx927wcnO3WFhoUDgbS/yzyJ5xbqV+nbNPePC1hwcn6lAxf+E9yhV D8Ya50+m/sA= -----END CERTIFICATE-----Generated at Sun Jan 25 16:55:29 2026 by rpki-client