This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/TYL3fd3U3hdntx9HEZmBNJvIfy8.roa File: TYL3fd3U3hdntx9HEZmBNJvIfy8.roa (raw, json) Hash identifier: e+FavOHdj6PxW9K+YpaIIbMqrQ5M/B4rSbRg/GiLGdY= Subject key identifier: 4D:82:F7:7D:DD:D4:DE:17:67:B7:1F:47:11:99:81:34:9B:C8:7F:2F Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5 Certificate serial: 019B7AC88EF71123DFAACCA639315FC565C8 Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/TYL3fd3U3hdntx9HEZmBNJvIfy8.roa Signing time: Thu 01 Jan 2026 18:18:42 +0000 ROA not before: Thu 01 Jan 2026 18:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20943 IP address blocks: 194.58.206.0/24 maxlen: 24 2001:67c:2558::/48 maxlen: 48 2a01:3f7:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.mft rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:8e:f7:11:23:df:aa:cc:a6:39:31:5f:c5:65:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5 Validity Not Before: Jan 1 18:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d82f77dddd4de1767b71f47119981349bc87f2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:74:de:31:94:0e:50:2b:9c:cb:9b:2e:65:61: 31:03:d8:7b:c6:86:55:20:a2:f7:c1:cc:4a:f1:39: b5:d5:a8:07:32:0e:f3:6f:52:e3:86:b8:52:0c:35: a8:8a:e6:48:78:6f:32:9c:2d:58:44:8d:47:cb:44: 46:52:54:a0:5f:00:08:60:54:c7:3c:be:69:62:11: b5:bd:f8:5c:3f:76:06:e4:fc:42:21:f8:b8:48:de: 76:0f:a8:b1:4f:8d:c5:13:94:1f:4a:61:e5:c2:9e: f2:ea:5f:25:73:c6:ed:cd:aa:2e:87:99:d7:01:6e: ac:80:22:30:91:19:c1:e8:d6:0a:b8:c1:60:5f:15: 02:72:27:a8:b0:ec:1b:6e:05:b8:19:10:54:60:3b: 22:99:b9:94:42:4c:fa:39:83:2f:e8:5d:f5:2d:46: 29:3f:44:1e:67:ff:9c:32:36:e9:f9:dd:87:eb:fe: 00:2f:d9:7e:51:62:08:41:a6:fd:ab:45:3f:58:ac: 7e:71:7e:a6:2c:ea:7b:7b:b2:3c:62:3f:60:a3:c0: d4:49:e0:2d:d8:0e:d0:22:d9:f9:7c:b5:00:58:a9: a3:70:fe:b9:82:c1:16:3e:24:6b:d0:50:72:26:1f: 2e:5e:d5:5d:a9:96:0e:ce:b5:3c:ec:55:a7:06:f5: af:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:82:F7:7D:DD:D4:DE:17:67:B7:1F:47:11:99:81:34:9B:C8:7F:2F X509v3 Authority Key Identifier: keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/TYL3fd3U3hdntx9HEZmBNJvIfy8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.58.206.0/24 IPv6: 2001:67c:2558::/48 2a01:3f7:6::/48 Signature Algorithm: sha256WithRSAEncryption 7a:35:24:ca:35:58:c5:d0:bd:b2:59:fc:dc:cc:f4:38:0d:fc: 20:7d:83:da:88:5e:ad:02:33:a9:1d:c4:e3:53:36:b2:3e:10: 79:04:2f:52:0a:71:29:c3:7e:74:a9:29:2f:4e:26:a4:96:a2: 98:7c:a2:30:e8:24:7f:ba:ff:fa:84:b5:6d:0e:d5:2d:87:c9: 2a:cb:28:d1:b6:62:8c:8d:db:8a:d6:4c:8f:f5:d0:7a:a8:77: be:46:d1:45:21:d6:9a:b8:21:4d:fc:68:17:bc:fc:47:db:e2: 05:24:15:fe:2f:43:ef:a3:d1:39:4f:bf:22:b4:59:94:85:86: e5:9d:bd:d2:3b:34:a9:15:de:45:aa:5b:82:83:e4:48:a5:d0: ad:f6:2c:78:52:c4:45:ef:cf:f8:fc:c5:28:13:70:f6:96:f9: 72:2f:ba:6b:6b:f7:11:22:c7:91:c0:d9:45:0c:48:a7:c9:8b: be:fa:98:78:fd:b9:8f:82:0c:dc:ca:9d:cf:98:5f:39:b2:71: 7b:93:a1:5f:ec:10:82:e3:3e:97:a0:01:de:ca:cf:cd:03:db: f8:9e:68:39:97:db:12:ba:f6:d1:bd:d2:92:51:da:92:30:e4: 4a:70:34:d9:a1:e2:f6:3b:e3:7e:15:83:37:8a:c0:ba:0d:8a: 57:66:c6:87 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt6yI73ESPfqsymOTFfxWXIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0 MzBkYTUwHhcNMjYwMTAxMTgxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDgyZjc3ZGRkZDRkZTE3NjdiNzFmNDcxMTk5ODEzNDliYzg3ZjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnTeMZQOUCucy5suZWExA9h7xoZV IKL3wcxK8Tm11agHMg7zb1LjhrhSDDWoiuZIeG8ynC1YRI1Hy0RGUlSgXwAIYFTH PL5pYhG1vfhcP3YG5PxCIfi4SN52D6ixT43FE5QfSmHlwp7y6l8lc8btzaouh5nX AW6sgCIwkRnB6NYKuMFgXxUCcieosOwbbgW4GRBUYDsimbmUQkz6OYMv6F31LUYp P0QeZ/+cMjbp+d2H6/4AL9l+UWIIQab9q0U/WKx+cX6mLOp7e7I8Yj9go8DUSeAt 2A7QItn5fLUAWKmjcP65gsEWPiRr0FByJh8uXtVdqZYOzrU87FWnBvWv2wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFE2C933d1N4XZ7cfRxGZgTSbyH8vMB8GA1UdIwQY MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt NDNmNjRiY2VhOTlkLzEvVFlMM2ZkM1UzaGRudHg5SEVabUJOSnZJZnk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwjrOMBgE AgACMBIDBwAgAQZ8JVgDBwAqAQP3AAYwDQYJKoZIhvcNAQELBQADggEBAHo1JMo1 WMXQvbJZ/NzM9DgN/CB9g9qIXq0CM6kdxONTNrI+EHkEL1IKcSnDfnSpKS9OJqSW oph8ojDoJH+6//qEtW0O1S2HySrLKNG2YoyN24rWTI/10Hqod75G0UUh1pq4IU38 aBe8/Efb4gUkFf4vQ++j0TlPvyK0WZSFhuWdvdI7NKkV3kWqW4KD5Eil0K32LHhS xEXvz/j8xSgTcPaW+XIvumtr9xEix5HA2UUMSKfJi776mHj9uY+CDNzKnc+YXzmy cXuToV/sEILjPpegAd7Kz80D2/ieaDmX2xK69tG90pJR2pIw5EpwNNmh4vY7434V gzeKwLoNildmxoc= -----END CERTIFICATE-----Generated at Sun Jan 25 16:36:24 2026 by rpki-client