This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/Trm4kxQ4gUhwM6zDV6KZX-ywRKE.roa File: Trm4kxQ4gUhwM6zDV6KZX-ywRKE.roa (raw, json) Hash identifier: E3EsOUvydU2GP/mXzofXHEmABcQ8lrxuyBxUbDage68= Subject key identifier: 4E:B9:B8:93:14:38:81:48:70:33:AC:C3:57:A2:99:5F:EC:B0:44:A1 Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Certificate serial: 019B77595DBE6A03E263FCF189A6D4AAA713 Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/Trm4kxQ4gUhwM6zDV6KZX-ywRKE.roa Signing time: Thu 01 Jan 2026 02:18:23 +0000 ROA not before: Thu 01 Jan 2026 02:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200185 IP address blocks: 86.105.48.0/21 maxlen: 24 89.36.216.0/22 maxlen: 24 89.40.116.0/22 maxlen: 24 89.40.124.0/22 maxlen: 24 94.177.224.0/21 maxlen: 24 94.177.244.0/22 maxlen: 24 185.12.176.0/22 maxlen: 24 194.182.104.0/22 maxlen: 24 217.61.0.0/21 maxlen: 24 217.61.104.0/21 maxlen: 24 2a03:a140::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:5d:be:6a:03:e2:63:fc:f1:89:a6:d4:aa:a7:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c Validity Not Before: Jan 1 02:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4eb9b893143881487033acc357a2995fecb044a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:e6:b8:5b:84:b3:c0:88:c5:34:46:1c:5e:0c: 9d:da:5f:8c:6d:a6:db:98:f0:2d:6c:1d:b5:9d:55: 60:7e:1e:60:2d:c2:5e:1f:43:d1:d5:75:42:12:11: 68:91:9a:28:78:61:56:ea:c7:7d:cc:3d:b8:b4:fe: 61:b9:16:bc:67:f3:90:1a:f5:49:dc:3e:03:a9:95: a8:b7:b4:86:04:c2:20:0b:b3:3d:fb:05:02:53:1c: e7:f9:82:10:ed:49:ba:bc:6b:f6:30:7b:7a:d8:8b: 4b:e8:b0:71:c9:45:31:4e:ed:2a:4f:c9:dd:e2:39: 03:18:1b:0c:da:e0:f1:43:de:a6:71:83:c5:a1:56: 0d:a0:1e:d3:09:7e:37:ee:82:fa:4f:ee:16:b1:48: e5:b8:07:36:1e:bc:24:75:86:b4:6a:4e:ef:5e:06: a8:69:7f:fe:61:1c:6a:c9:68:54:1b:84:1a:d0:9a: 02:81:62:f7:cc:c8:67:00:05:9a:57:75:76:47:a1: 98:34:60:d0:29:17:e6:cc:5e:2f:5c:e9:b6:dc:6d: df:f1:fc:ed:16:af:6c:a8:ff:49:f8:2f:af:92:f4: 39:e1:f9:56:cc:6f:6e:d6:a0:eb:01:76:54:a4:20: 92:8c:7e:19:2a:7f:34:8f:1d:14:64:bb:4a:17:df: b4:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:B9:B8:93:14:38:81:48:70:33:AC:C3:57:A2:99:5F:EC:B0:44:A1 X509v3 Authority Key Identifier: keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/Trm4kxQ4gUhwM6zDV6KZX-ywRKE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.105.48.0/21 89.36.216.0/22 89.40.116.0/22 89.40.124.0/22 94.177.224.0/21 94.177.244.0/22 185.12.176.0/22 194.182.104.0/22 217.61.0.0/21 217.61.104.0/21 IPv6: 2a03:a140::/32 Signature Algorithm: sha256WithRSAEncryption a8:8c:5e:0f:00:b3:32:7b:80:5e:ac:d6:bb:52:89:fa:42:82: bc:34:50:6b:59:e4:41:16:5e:84:f3:fe:d2:d6:1d:af:17:7f: 04:68:c9:10:6f:05:98:13:d5:49:96:c7:93:b5:97:8f:13:ed: de:ae:7a:11:2e:40:c0:ee:0f:52:13:40:d0:73:3f:a0:c5:2c: d4:7f:64:01:04:0a:a4:a4:ae:8b:0f:db:8c:a3:0f:af:93:28: 40:0b:a9:ee:32:c8:90:6a:06:cb:67:3d:48:5d:f9:cc:ee:b9: b7:5b:17:02:5e:44:ad:e0:03:5f:a7:07:f3:79:c5:3b:35:c8: bd:06:f7:3f:5e:8d:88:2c:a8:51:cd:35:38:93:25:a8:1d:e4: 87:82:6e:64:60:28:23:09:a6:5e:e3:92:be:c6:c0:50:44:49: 35:f8:45:d8:a4:3f:12:1c:f0:95:64:12:cb:66:b4:59:20:c4: 16:cd:71:c2:2e:13:dd:1a:b3:f9:af:ec:20:1e:77:5d:f8:a0: 5a:e6:2c:e1:ea:0f:42:77:10:77:a2:14:78:af:90:ac:21:1c: 01:e5:02:82:a0:ec:0e:c1:aa:02:79:6c:a0:8d:17:09:10:f0: 90:a4:36:71:04:fd:67:f5:ed:0f:67:b3:5b:02:65:f5:db:68: 01:f0:81:ff -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgISAZt3WV2+agPiY/zxiabUqqcTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5 Mzg2MWMwHhcNMjYwMTAxMDIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZWI5Yjg5MzE0Mzg4MTQ4NzAzM2FjYzM1N2EyOTk1ZmVjYjA0NGExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Oa4W4SzwIjFNEYcXgyd2l+Mbabb mPAtbB21nVVgfh5gLcJeH0PR1XVCEhFokZooeGFW6sd9zD24tP5huRa8Z/OQGvVJ 3D4DqZWot7SGBMIgC7M9+wUCUxzn+YIQ7Um6vGv2MHt62ItL6LBxyUUxTu0qT8nd 4jkDGBsM2uDxQ96mcYPFoVYNoB7TCX437oL6T+4WsUjluAc2HrwkdYa0ak7vXgao aX/+YRxqyWhUG4Qa0JoCgWL3zMhnAAWaV3V2R6GYNGDQKRfmzF4vXOm23G3f8fzt Fq9sqP9J+C+vkvQ54flWzG9u1qDrAXZUpCCSjH4ZKn80jx0UZLtKF9+04wIDAQAB o4ICTjCCAkowHQYDVR0OBBYEFE65uJMUOIFIcDOsw1eimV/ssEShMB8GA1UdIwQY MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt ODQyNjk0MTJkNTYxLzEvVHJtNGt4UTRnVWh3TTZ6RFY2S1pYLXl3UktFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDVmkwAwQC WSTYAwQCWSh0AwQCWSh8AwQDXrHgAwQCXrH0AwQCuQywAwQCwrZoAwQD2T0AAwQD 2T1oMA0EAgACMAcDBQAqA6FAMA0GCSqGSIb3DQEBCwUAA4IBAQCojF4PALMye4Be rNa7Uon6QoK8NFBrWeRBFl6E8/7S1h2vF38EaMkQbwWYE9VJlseTtZePE+3ernoR LkDA7g9SE0DQcz+gxSzUf2QBBAqkpK6LD9uMow+vkyhAC6nuMsiQagbLZz1IXfnM 7rm3WxcCXkSt4ANfpwfzecU7Nci9Bvc/Xo2ILKhRzTU4kyWoHeSHgm5kYCgjCaZe 45K+xsBQREk1+EXYpD8SHPCVZBLLZrRZIMQWzXHCLhPdGrP5r+wgHndd+KBa5izh 6g9CdxB3ohR4r5CsIRwB5QKCoOwOwaoCeWygjRcJEPCQpDZxBP1n9e0PZ7NbAmX1 22gB8IH/ -----END CERTIFICATE-----Generated at Mon Jan 26 02:44:01 2026 by rpki-client