This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/Tf9luNXyEq9QxysMyYE_MI2T-Dw.roa File: Tf9luNXyEq9QxysMyYE_MI2T-Dw.roa (raw, json) Hash identifier: JCTZRaYwg2Dc/NrGs0vNosIbeSst/kpqGq9Ss3robz0= Subject key identifier: 4D:FF:65:B8:D5:F2:12:AF:50:C7:2B:0C:C9:81:3F:30:8D:93:F8:3C Certificate issuer: /CN=1d04af28f8f7aa858e27d8e2c76114c6ff49bace Certificate serial: 019ACA86E11CC68EA0B53DCA11AF04C52973 Authority key identifier: 1D:04:AF:28:F8:F7:AA:85:8E:27:D8:E2:C7:61:14:C6:FF:49:BA:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQSvKPj3qoWOJ9jix2EUxv9Jus4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/Tf9luNXyEq9QxysMyYE_MI2T-Dw.roa Signing time: Fri 28 Nov 2025 12:53:48 +0000 ROA not before: Fri 28 Nov 2025 12:53:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 39686 IP address blocks: 37.72.110.0/24 maxlen: 24 185.217.63.0/24 maxlen: 24 2a05:7040::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/HQSvKPj3qoWOJ9jix2EUxv9Jus4.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/HQSvKPj3qoWOJ9jix2EUxv9Jus4.mft rsync://rpki.ripe.net/repository/DEFAULT/HQSvKPj3qoWOJ9jix2EUxv9Jus4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ca:86:e1:1c:c6:8e:a0:b5:3d:ca:11:af:04:c5:29:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d04af28f8f7aa858e27d8e2c76114c6ff49bace Validity Not Before: Nov 28 12:53:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4dff65b8d5f212af50c72b0cc9813f308d93f83c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ca:31:cc:47:da:6a:51:18:92:0d:2a:90:08: b6:88:91:7a:e3:3c:50:ab:05:4a:24:f7:9e:42:d2: 7f:12:a9:c6:ad:e2:1a:ab:47:af:f6:f8:22:54:60: 41:f5:df:14:85:48:5b:f5:8d:50:da:65:24:99:39: de:91:b3:c0:fa:c9:a6:64:84:b8:fe:66:e9:c0:da: 5f:bf:94:d8:b3:bd:ab:49:78:b0:23:a6:88:4a:b2: 3e:c7:9c:93:23:d6:cd:74:04:ec:b2:66:63:fd:a0: bf:a6:03:46:c7:42:9e:03:d3:73:3d:aa:2a:7a:c0: 1d:e6:e7:d9:c9:72:6d:ea:e0:c1:2f:45:45:65:69: a4:7e:35:21:40:23:a5:dc:a5:6f:7f:82:9a:c7:3d: ef:e7:d0:73:02:23:be:5e:6c:d1:69:83:0e:48:a4: e6:06:3d:8b:01:2b:53:22:74:50:d1:ec:b8:d9:8b: 92:0e:c7:67:e1:0a:e6:f9:54:48:96:9c:44:3a:79: 3c:fe:2b:07:5f:56:18:b3:23:07:ad:1c:8a:36:d4: 42:e2:9c:49:8f:d0:59:a2:38:da:f0:8f:0b:65:6d: b3:39:63:5c:17:b7:62:56:aa:0d:b8:d4:f4:7d:a6: 21:50:63:97:7d:e3:53:e4:fd:2f:7d:d7:7d:0c:03: aa:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:FF:65:B8:D5:F2:12:AF:50:C7:2B:0C:C9:81:3F:30:8D:93:F8:3C X509v3 Authority Key Identifier: keyid:1D:04:AF:28:F8:F7:AA:85:8E:27:D8:E2:C7:61:14:C6:FF:49:BA:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQSvKPj3qoWOJ9jix2EUxv9Jus4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/Tf9luNXyEq9QxysMyYE_MI2T-Dw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a6d400-8c43-44cc-9355-70b4e0b3fc9e/1/HQSvKPj3qoWOJ9jix2EUxv9Jus4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.72.110.0/24 185.217.63.0/24 IPv6: 2a05:7040::/32 Signature Algorithm: sha256WithRSAEncryption 41:d9:87:b6:9f:3a:6d:0b:e6:3f:bd:5b:fd:8d:20:f1:28:11: a8:b2:81:85:9c:d8:24:a2:94:38:58:70:f6:70:ea:ae:0d:b4: 06:de:f9:b8:0e:b9:e0:62:34:76:16:a8:cb:ed:6a:ff:fa:37: 71:81:3d:ba:fc:20:a2:d0:62:b4:93:88:ef:58:1b:f1:a1:28: 50:32:eb:ed:20:0b:f7:b3:b7:30:28:32:a3:9b:e8:8d:f7:2b: b0:e5:a3:b9:60:49:dd:70:16:58:1c:a4:4d:ca:1a:50:e9:d5: fb:ae:e4:8a:47:1d:94:82:f2:ea:3f:18:70:02:85:62:4e:a4: 34:e6:82:16:4d:97:39:93:03:a9:56:f2:d6:b2:1b:26:13:d5: 49:0e:15:98:d8:eb:b7:2d:e2:25:10:b0:34:90:8d:36:81:90: f0:1d:03:70:82:d6:48:1c:7d:97:87:78:76:4c:79:0c:de:ad: bf:cf:9a:75:82:23:6b:29:b5:24:98:23:68:64:6d:0c:d6:82: d1:3c:2f:4b:fd:c4:69:d0:b2:90:f8:27:c9:73:bb:11:7d:4f: 94:f5:36:d2:30:e3:23:a2:ae:1d:59:8b:6a:92:47:da:34:67: 70:35:17:e2:fc:cb:ab:ad:16:a3:b2:8e:96:9d:62:76:22:2c: ef:43:8e:c8 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZrKhuEcxo6gtT3KEa8ExSlzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkMDRhZjI4ZjhmN2FhODU4ZTI3ZDhlMmM3NjExNGM2ZmY0 OWJhY2UwHhcNMjUxMTI4MTI1MzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZGZmNjViOGQ1ZjIxMmFmNTBjNzJiMGNjOTgxM2YzMDhkOTNmODNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68oxzEfaalEYkg0qkAi2iJF64zxQ qwVKJPeeQtJ/EqnGreIaq0ev9vgiVGBB9d8UhUhb9Y1Q2mUkmTnekbPA+smmZIS4 /mbpwNpfv5TYs72rSXiwI6aISrI+x5yTI9bNdATssmZj/aC/pgNGx0KeA9NzPaoq esAd5ufZyXJt6uDBL0VFZWmkfjUhQCOl3KVvf4Kaxz3v59BzAiO+XmzRaYMOSKTm Bj2LAStTInRQ0ey42YuSDsdn4Qrm+VRIlpxEOnk8/isHX1YYsyMHrRyKNtRC4pxJ j9BZojja8I8LZW2zOWNcF7diVqoNuNT0faYhUGOXfeNT5P0vfdd9DAOqpQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFE3/ZbjV8hKvUMcrDMmBPzCNk/g8MB8GA1UdIwQY MBaAFB0Eryj496qFjifY4sdhFMb/SbrOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFFTdktQajNxb1dPSjlqaXgyRVV4djlKdXM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hNmQ0MDAtOGM0My00NGNjLTkzNTUt NzBiNGUwYjNmYzllLzEvVGY5bHVOWHlFcTlReHlzTXlZRV9NSTJULUR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS9hNmQ0MDAtOGM0My00NGNjLTkzNTUtNzBiNGUwYjNmYzll LzEvSFFTdktQajNxb1dPSjlqaXgyRVV4djlKdXM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAJUhuAwQA udk/MA0EAgACMAcDBQAqBXBAMA0GCSqGSIb3DQEBCwUAA4IBAQBB2Ye2nzptC+Y/ vVv9jSDxKBGosoGFnNgkopQ4WHD2cOquDbQG3vm4DrngYjR2FqjL7Wr/+jdxgT26 /CCi0GK0k4jvWBvxoShQMuvtIAv3s7cwKDKjm+iN9yuw5aO5YEndcBZYHKRNyhpQ 6dX7ruSKRx2UgvLqPxhwAoViTqQ05oIWTZc5kwOpVvLWshsmE9VJDhWY2Ou3LeIl ELA0kI02gZDwHQNwgtZIHH2Xh3h2THkM3q2/z5p1giNrKbUkmCNoZG0M1oLRPC9L /cRp0LKQ+CfJc7sRfU+U9TbSMOMjoq4dWYtqkkfaNGdwNRfi/MurrRajso6WnWJ2 IizvQ47I -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:39 2025 by rpki-client