This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/tzy3u83jmlgyngV1YTHPz-tnJbo.roa File: tzy3u83jmlgyngV1YTHPz-tnJbo.roa (raw, json) Hash identifier: 5Sj5kZAy8b63qevOyHm2tzPJMOfPpGrfJSnNfHGjNDU= Subject key identifier: B7:3C:B7:BB:CD:E3:9A:58:32:9E:05:75:61:31:CF:CF:EB:67:25:BA Certificate issuer: /CN=5fc90518df70b13d706bfe237aa5a76926a576d1 Certificate serial: 019BF493912A3D6FFFF7578ED273F6A5F6D3 Authority key identifier: 5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/tzy3u83jmlgyngV1YTHPz-tnJbo.roa Signing time: Sun 25 Jan 2026 09:54:30 +0000 ROA not before: Sun 25 Jan 2026 09:54:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31130 IP address blocks: 70.40.188.0/24 maxlen: 24 70.40.189.0/24 maxlen: 24 2001:3780::/32 maxlen: 32 2001:3785::/32 maxlen: 32 2a12:4044::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.mft rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:54:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:f4:93:91:2a:3d:6f:ff:f7:57:8e:d2:73:f6:a5:f6:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5fc90518df70b13d706bfe237aa5a76926a576d1 Validity Not Before: Jan 25 09:54:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b73cb7bbcde39a58329e05756131cfcfeb6725ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:0d:69:72:f0:28:44:0d:41:d5:57:a6:bb:c4: 81:2b:70:32:f9:e5:0d:c8:56:2d:ac:d7:40:4a:e9: f2:c2:87:16:4a:e6:9f:21:32:2d:50:e7:57:56:e8: c9:05:6f:20:50:70:e9:5e:41:ee:79:ac:1b:2b:87: d7:7f:96:93:c7:2b:7e:86:2e:27:2e:eb:e1:36:d8: 38:87:b6:bc:a4:9e:9c:95:a5:66:89:52:b2:f7:5b: b5:1d:58:6e:41:db:44:96:e6:98:6f:98:c0:36:36: 1d:1b:f0:d0:99:0b:cf:87:35:fa:3b:54:22:03:00: de:dc:c0:6b:0c:6b:37:dd:cb:83:4d:1b:2b:9e:f6: ce:44:b7:ea:1d:b9:1d:7d:3e:03:26:93:52:a1:42: c8:36:69:8e:cb:b3:e7:0c:a5:bc:9d:85:64:32:04: cc:09:82:22:8c:25:eb:b9:f2:14:47:ff:5c:fa:c1: 95:eb:3e:a0:97:7e:c2:41:3a:00:36:4f:11:5e:83: 15:be:65:29:6f:f6:4f:40:91:46:7c:58:09:1c:25: e6:8e:18:b3:d0:2d:4c:f3:b2:a4:a1:d5:70:43:45: 59:1b:06:46:4e:3d:32:74:9c:93:d7:06:43:b4:2f: 8c:a9:82:13:88:3b:09:53:1c:59:87:f7:9e:81:71: e4:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:3C:B7:BB:CD:E3:9A:58:32:9E:05:75:61:31:CF:CF:EB:67:25:BA X509v3 Authority Key Identifier: keyid:5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/tzy3u83jmlgyngV1YTHPz-tnJbo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 70.40.188.0/23 IPv6: 2001:3780::/32 2001:3785::/32 2a12:4044::/32 Signature Algorithm: sha256WithRSAEncryption 31:71:f9:83:ff:09:5d:85:45:41:03:b1:94:d3:0b:57:95:e1: ae:9c:7a:9a:11:56:fe:52:14:81:f2:be:3f:98:9c:90:86:ac: 97:4e:0f:81:60:99:e2:71:cc:69:d7:e3:18:2d:8f:bd:ab:1d: 60:97:40:07:8c:f1:8f:93:25:be:c4:d3:f1:b1:e2:a0:83:a2: 86:c6:ef:93:e2:f7:c8:22:52:ab:88:ef:29:5a:07:62:56:fd: f3:8d:0d:eb:b3:62:76:47:4e:78:99:dc:ba:29:c2:6b:da:b3: b3:88:74:f2:c8:29:d1:d4:5c:94:e6:79:6c:92:cd:b6:37:95: 09:42:27:d4:a5:5b:3c:6e:c6:64:d1:30:7f:af:f9:91:45:eb: df:89:b3:dc:88:ac:70:56:d7:8b:4c:65:4d:65:76:ba:97:dc: fb:24:d3:29:4e:c2:0e:ea:ce:e2:cc:4e:3e:4a:6a:1e:18:75: 60:f4:13:67:fe:8f:fb:00:d6:f4:ef:b5:c5:fd:36:de:eb:81: 9e:59:60:1d:dd:2c:07:da:f3:5d:f0:e3:b4:03:48:2b:ab:5f: 54:be:c3:18:42:4d:d9:77:81:1a:fe:2d:c9:04:c5:81:f1:df: 9d:9c:a9:cb:0b:76:9c:ee:3a:77:d7:4f:f6:53:29:b8:a7:bf: 08:8b:36:82 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZv0k5EqPW//91eO0nP2pfbTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmYzkwNTE4ZGY3MGIxM2Q3MDZiZmUyMzdhYTVhNzY5MjZh NTc2ZDEwHhcNMjYwMTI1MDk1NDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNzNjYjdiYmNkZTM5YTU4MzI5ZTA1NzU2MTMxY2ZjZmViNjcyNWJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsw1pcvAoRA1B1Vemu8SBK3Ay+eUN yFYtrNdASunywocWSuafITItUOdXVujJBW8gUHDpXkHueawbK4fXf5aTxyt+hi4n LuvhNtg4h7a8pJ6claVmiVKy91u1HVhuQdtEluaYb5jANjYdG/DQmQvPhzX6O1Qi AwDe3MBrDGs33cuDTRsrnvbORLfqHbkdfT4DJpNSoULINmmOy7PnDKW8nYVkMgTM CYIijCXrufIUR/9c+sGV6z6gl37CQToANk8RXoMVvmUpb/ZPQJFGfFgJHCXmjhiz 0C1M87KkodVwQ0VZGwZGTj0ydJyT1wZDtC+MqYITiDsJUxxZh/eegXHkgQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFLc8t7vN45pYMp4FdWExz8/rZyW6MB8GA1UdIwQY MBaAFF/JBRjfcLE9cGv+I3qlp2kmpXbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEt YzgzMDJlODJlYTIyLzEvdHp5M3U4M2ptbGd5bmdWMVlUSFB6LXRuSmJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEtYzgzMDJlODJlYTIy LzEvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQBRii8MBsE AgACMBUDBQAgATeAAwUAIAE3hQMFACoSQEQwDQYJKoZIhvcNAQELBQADggEBADFx +YP/CV2FRUEDsZTTC1eV4a6cepoRVv5SFIHyvj+YnJCGrJdOD4FgmeJxzGnX4xgt j72rHWCXQAeM8Y+TJb7E0/Gx4qCDoobG75Pi98giUquI7ylaB2JW/fONDeuzYnZH TniZ3Lopwmvas7OIdPLIKdHUXJTmeWySzbY3lQlCJ9SlWzxuxmTRMH+v+ZFF69+J s9yIrHBW14tMZU1ldrqX3Psk0ylOwg7qzuLMTj5Kah4YdWD0E2f+j/sA1vTvtcX9 Nt7rgZ5ZYB3dLAfa813w47QDSCurX1S+wxhCTdl3gRr+LckExYHx352cqcsLdpzu OnfXT/ZTKbinvwiLNoI= -----END CERTIFICATE-----Generated at Sun Jan 25 18:50:31 2026 by rpki-client