This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/tl1f86llPD22KqYkoRY9Jm1PXyE.roa File: tl1f86llPD22KqYkoRY9Jm1PXyE.roa (raw, json) Hash identifier: ul9AiFBUfTck4Svk3QXKlfp7mOg49JnGIM3eiu8rsOA= Subject key identifier: B6:5D:5F:F3:A9:65:3C:3D:B6:2A:A6:24:A1:16:3D:26:6D:4F:5F:21 Certificate issuer: /CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef Certificate serial: 019B7F16064427A49E52E7B2BD3CB9BF2300 Authority key identifier: 9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/tl1f86llPD22KqYkoRY9Jm1PXyE.roa Signing time: Fri 02 Jan 2026 14:21:48 +0000 ROA not before: Fri 02 Jan 2026 14:21:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205219 IP address blocks: 217.197.100.0/24 maxlen: 24 2a09:b7c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.crl rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.mft rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:16:06:44:27:a4:9e:52:e7:b2:bd:3c:b9:bf:23:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef Validity Not Before: Jan 2 14:21:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b65d5ff3a9653c3db62aa624a1163d266d4f5f21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:eb:3d:1a:6a:33:48:c6:e9:45:77:2d:1a:f0: 07:bc:44:f2:30:cc:9d:7a:d1:5d:5d:97:57:e2:da: 06:8f:24:07:0e:15:4d:20:df:80:5a:3d:4c:0e:da: 1c:5a:3a:b1:44:1c:f3:38:6a:c2:98:be:74:7f:ce: 62:79:91:76:b3:5e:f6:d1:0f:c1:a8:6c:18:41:dd: d0:c2:2e:cb:72:15:f0:be:b6:bc:08:53:ad:d3:bc: 51:8b:7b:cb:94:eb:16:43:da:b0:68:39:54:ea:06: cd:20:e5:c2:7c:d6:cb:1d:c9:11:f1:48:67:9e:52: 70:9e:b7:82:7b:ef:55:fb:53:64:50:6e:53:ac:9f: bf:14:7d:23:50:c3:87:88:e8:4a:72:3b:e2:d5:34: 6d:ec:7d:7e:ce:d4:51:62:70:74:ff:f7:7c:cc:2c: f2:bc:f3:f1:f4:06:e1:dd:95:90:2d:68:05:8f:bf: 9a:44:11:ed:62:7a:7f:31:75:17:74:74:9e:dc:bb: dc:42:a3:d3:a2:5a:3b:75:fd:53:7a:e4:9e:30:e0: f8:36:39:8b:e1:e7:84:ef:4e:ff:29:5f:7c:1c:0e: af:0e:f4:17:93:7d:57:ab:b8:37:42:64:08:04:17: 7d:3f:6e:c2:93:fa:cc:b9:19:41:42:15:43:b9:bb: 36:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:5D:5F:F3:A9:65:3C:3D:B6:2A:A6:24:A1:16:3D:26:6D:4F:5F:21 X509v3 Authority Key Identifier: keyid:9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/tl1f86llPD22KqYkoRY9Jm1PXyE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.197.100.0/24 IPv6: 2a09:b7c0::/29 Signature Algorithm: sha256WithRSAEncryption 05:96:5b:01:7f:cc:95:f7:b8:90:3e:7d:4e:a0:05:f4:a8:c1: 46:5a:cc:77:21:b7:be:59:7a:ce:5d:27:bf:a9:c5:7c:6c:11: b9:05:bc:53:cc:19:ea:78:ae:e1:91:90:95:40:ea:fd:f9:3d: cd:5c:84:32:f2:d3:23:9b:79:57:0e:69:1f:81:e6:79:92:ba: 96:a9:e5:1a:bd:9b:9f:68:fc:69:b3:a5:ec:1d:2f:f8:7f:a0: 9a:14:1b:80:93:e1:83:74:ac:60:89:e5:aa:6a:96:97:be:3a: c6:a5:21:f8:b1:68:32:a7:b7:ce:a0:ab:2a:c5:ce:b1:63:cd: 38:2d:23:38:ca:de:e3:9a:be:c4:dd:d7:d9:29:5d:f8:ca:d0: a6:8b:2c:5f:8b:5a:88:db:4e:a4:5e:81:ec:e2:32:8c:94:61: b6:ec:93:68:61:86:5e:61:ac:f8:cb:ef:8a:38:33:0e:e2:52: 89:70:fe:11:b1:26:02:d3:84:bc:3c:2e:2a:3c:e5:a6:43:79: 8c:02:fd:36:f5:de:d7:77:a9:a7:91:0d:f8:fd:52:c6:ec:87: 21:c3:64:0e:2f:6a:c8:40:fb:d1:ea:79:ab:cf:40:2f:9a:ee: 6a:fd:fb:b0:84:e2:2d:2b:d8:a9:45:1d:9f:fa:1f:a1:0c:cc: f9:f7:3b:0d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FgZEJ6SeUueyvTy5vyMAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDljMjFhNWU0Y2Y2ZTllMmU3MDMzOGFlZWJmYTBkMTU4OGQ3 M2I2ZWYwHhcNMjYwMTAyMTQyMTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjVkNWZmM2E5NjUzYzNkYjYyYWE2MjRhMTE2M2QyNjZkNGY1ZjIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAres9GmozSMbpRXctGvAHvETyMMyd etFdXZdX4toGjyQHDhVNIN+AWj1MDtocWjqxRBzzOGrCmL50f85ieZF2s1720Q/B qGwYQd3Qwi7LchXwvra8CFOt07xRi3vLlOsWQ9qwaDlU6gbNIOXCfNbLHckR8Uhn nlJwnreCe+9V+1NkUG5TrJ+/FH0jUMOHiOhKcjvi1TRt7H1+ztRRYnB0//d8zCzy vPPx9Abh3ZWQLWgFj7+aRBHtYnp/MXUXdHSe3LvcQqPTolo7df1TeuSeMOD4NjmL 4eeE707/KV98HA6vDvQXk31Xq7g3QmQIBBd9P27Ck/rMuRlBQhVDubs27wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLZdX/OpZTw9tiqmJKEWPSZtT18hMB8GA1UdIwQY MBaAFJwhpeTPbp4ucDOK7r+g0ViNc7bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDIt NTI4ZWZmNTJmZWJkLzEvdGwxZjg2bGxQRDIyS3FZa29SWTlKbTFQWHlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDItNTI4ZWZmNTJmZWJk LzEvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2cVkMA0E AgACMAcDBQMqCbfAMA0GCSqGSIb3DQEBCwUAA4IBAQAFllsBf8yV97iQPn1OoAX0 qMFGWsx3Ibe+WXrOXSe/qcV8bBG5BbxTzBnqeK7hkZCVQOr9+T3NXIQy8tMjm3lX DmkfgeZ5krqWqeUavZufaPxps6XsHS/4f6CaFBuAk+GDdKxgieWqapaXvjrGpSH4 sWgyp7fOoKsqxc6xY804LSM4yt7jmr7E3dfZKV34ytCmiyxfi1qI206kXoHs4jKM lGG27JNoYYZeYaz4y++KODMO4lKJcP4RsSYC04S8PC4qPOWmQ3mMAv029d7Xd6mn kQ34/VLG7Ichw2QOL2rIQPvR6nmrz0Avmu5q/fuwhOItK9ipRR2f+h+hDMz59zsN -----END CERTIFICATE-----Generated at Mon Jan 26 00:24:23 2026 by rpki-client