This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/TSB5mTZZzRTTPnt6-Y8o-3CQEPA.roa File: TSB5mTZZzRTTPnt6-Y8o-3CQEPA.roa (raw, json) Hash identifier: PsDTk/dMLVROLGkVcO0KwNjR8rb+3K2JtemVORHSo8Y= Subject key identifier: 4D:20:79:99:36:59:CD:14:D3:3E:7B:7A:F9:8F:28:FB:70:90:10:F0 Certificate issuer: /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911 Certificate serial: 019B7DCB687209C8CD842DCFE44F6289955C Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/TSB5mTZZzRTTPnt6-Y8o-3CQEPA.roa Signing time: Fri 02 Jan 2026 08:20:40 +0000 ROA not before: Fri 02 Jan 2026 08:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206495 IP address blocks: 81.28.252.0/22 maxlen: 22 185.186.242.0/24 maxlen: 24 194.9.56.0/23 maxlen: 23 194.9.80.0/23 maxlen: 23 194.150.68.0/23 maxlen: 23 194.150.70.0/23 maxlen: 23 2a04:1080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.mft rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 23:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:68:72:09:c8:cd:84:2d:cf:e4:4f:62:89:95:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911 Validity Not Before: Jan 2 08:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d2079993659cd14d33e7b7af98f28fb709010f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:10:46:9c:d7:40:7c:56:1a:78:50:f3:d1:91: 2e:45:26:cf:25:92:01:75:91:2a:89:02:7e:f6:e6: 85:21:36:85:f0:c0:81:ed:bc:2e:48:9f:f8:bd:ce: 65:3e:30:b1:73:4d:c5:90:d9:77:9f:98:48:d5:f1: bb:4a:ef:cc:67:4c:51:cb:d0:1c:e7:1f:60:cf:59: 8e:1d:84:30:c9:00:ca:88:10:36:db:8b:d3:43:9c: 7f:00:b4:ec:8d:49:f0:2f:01:5f:dd:ac:e8:83:09: 3e:a6:bf:95:6d:09:4a:53:01:89:c9:b9:d9:b4:e6: 02:a2:1a:33:8b:7e:87:00:92:fb:49:b1:1c:3d:5e: f4:e2:28:51:5e:31:79:ca:e3:e6:5e:d3:40:32:9a: 32:52:fb:33:6f:b1:86:ed:99:42:13:8f:44:3a:46: 81:eb:55:10:dd:48:a8:58:80:bd:22:e1:dc:ee:9a: e4:5b:fe:98:56:73:b7:ae:7d:42:de:48:58:58:a7: ca:71:cb:7d:a8:fb:f5:4a:07:82:c4:ed:d8:c8:46: 22:c4:27:e9:fd:23:e9:9a:4e:64:a4:28:d0:d2:12: 5a:6a:66:47:7f:a7:d3:a3:f4:20:62:25:f5:e6:84: 20:c0:12:c9:af:5a:7c:08:43:dc:d5:c4:fa:cc:53: c4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:20:79:99:36:59:CD:14:D3:3E:7B:7A:F9:8F:28:FB:70:90:10:F0 X509v3 Authority Key Identifier: keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/TSB5mTZZzRTTPnt6-Y8o-3CQEPA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.28.252.0/22 185.186.242.0/24 194.9.56.0/23 194.9.80.0/23 194.150.68.0/22 IPv6: 2a04:1080::/29 Signature Algorithm: sha256WithRSAEncryption 79:1b:db:dc:7d:a5:c6:c6:8a:bd:48:55:09:66:7a:37:0b:b5: 4a:6f:3a:90:24:65:da:7e:50:19:fa:4b:30:76:3d:5e:03:4a: 15:9f:36:e7:84:84:7a:49:b5:d5:02:44:3d:72:54:e9:8a:1f: 4d:98:02:5b:5f:20:bf:f3:68:59:90:dc:ba:94:16:52:0f:71: 1b:c3:d8:02:5b:72:c3:bd:8a:1b:02:e5:3e:e0:e2:03:db:79: bd:f3:87:85:42:b5:1d:46:86:34:56:37:17:12:fa:23:7e:79: 75:00:0e:7c:48:ce:52:21:5c:46:31:9e:8d:71:60:79:e3:26: fd:f2:df:5b:cf:51:b3:98:36:61:b4:ee:f7:8b:90:b6:07:3b: 1b:13:d2:28:b7:57:ff:7b:08:0e:96:57:ff:4f:17:ac:53:a9: d5:77:32:b3:79:71:54:c1:ca:4b:82:0b:bd:35:a5:d2:f4:75: 2f:43:54:29:96:a5:12:3c:c2:ee:d6:60:97:26:8a:ab:c7:6c: 31:83:27:0c:a5:21:d0:2f:50:ea:08:39:32:57:77:ec:c8:12: 8c:ff:aa:d1:4d:ae:2f:ad:ca:13:38:e4:48:04:e1:28:ee:46: 58:72:94:a4:b8:93:08:52:89:52:41:36:63:60:33:a8:ef:90: 6e:7a:8d:92 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt9y2hyCcjNhC3P5E9iiZVcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi MDY5MTEwHhcNMjYwMTAyMDgyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDIwNzk5OTM2NTljZDE0ZDMzZTdiN2FmOThmMjhmYjcwOTAxMGYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BBGnNdAfFYaeFDz0ZEuRSbPJZIB dZEqiQJ+9uaFITaF8MCB7bwuSJ/4vc5lPjCxc03FkNl3n5hI1fG7Su/MZ0xRy9Ac 5x9gz1mOHYQwyQDKiBA224vTQ5x/ALTsjUnwLwFf3azogwk+pr+VbQlKUwGJybnZ tOYCohozi36HAJL7SbEcPV704ihRXjF5yuPmXtNAMpoyUvszb7GG7ZlCE49EOkaB 61UQ3UioWIC9IuHc7prkW/6YVnO3rn1C3khYWKfKcct9qPv1SgeCxO3YyEYixCfp /SPpmk5kpCjQ0hJaamZHf6fTo/QgYiX15oQgwBLJr1p8CEPc1cT6zFPEVwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFE0geZk2Wc0U0z57evmPKPtwkBDwMB8GA1UdIwQY MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt ZWU4MTBiODNhZGNkLzEvVFNCNW1UWlp6UlRUUG50Ni1ZOG8tM0NRRVBBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCURz8AwQA ubryAwQBwgk4AwQBwglQAwQCwpZEMA0EAgACMAcDBQMqBBCAMA0GCSqGSIb3DQEB CwUAA4IBAQB5G9vcfaXGxoq9SFUJZno3C7VKbzqQJGXaflAZ+kswdj1eA0oVnzbn hIR6SbXVAkQ9clTpih9NmAJbXyC/82hZkNy6lBZSD3Ebw9gCW3LDvYobAuU+4OID 23m984eFQrUdRoY0VjcXEvojfnl1AA58SM5SIVxGMZ6NcWB54yb98t9bz1GzmDZh tO73i5C2BzsbE9Iot1f/ewgOllf/TxesU6nVdzKzeXFUwcpLggu9NaXS9HUvQ1Qp lqUSPMLu1mCXJoqrx2wxgycMpSHQL1DqCDkyV3fsyBKM/6rRTa4vrcoTOORIBOEo 7kZYcpSkuJMIUolSQTZjYDOo75Bueo2S -----END CERTIFICATE-----Generated at Mon Jan 26 08:57:46 2026 by rpki-client