This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tNl2UUnZ4217WSLfqRDSI0O_BWU.roa File: tNl2UUnZ4217WSLfqRDSI0O_BWU.roa (raw, json) Hash identifier: TJsFtOL6bWviF8Z8b9ypqKLo31djdrQdvLmCXkT7uLQ= Subject key identifier: B4:D9:76:51:49:D9:E3:6D:7B:59:22:DF:A9:10:D2:23:43:BF:05:65 Certificate issuer: /CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a Certificate serial: 019B79ED2D5219AD3344B0FD2CDA5CF4B691 Authority key identifier: B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tNl2UUnZ4217WSLfqRDSI0O_BWU.roa Signing time: Thu 01 Jan 2026 14:19:05 +0000 ROA not before: Thu 01 Jan 2026 14:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39679 IP address blocks: 45.67.156.0/24 maxlen: 24 45.67.158.0/24 maxlen: 24 45.67.159.0/24 maxlen: 24 2a09:7ac0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.mft rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:2d:52:19:ad:33:44:b0:fd:2c:da:5c:f4:b6:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5427ea49f972d19c56393a689e7cbeb990d5d7a Validity Not Before: Jan 1 14:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4d9765149d9e36d7b5922dfa910d22343bf0565 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1f:1a:28:69:dc:cf:61:c1:e6:f0:dd:54:66: 94:3b:d7:d5:ac:c8:be:0a:7b:12:a8:47:58:d3:5d: b3:e9:93:3f:5e:2e:60:c7:c7:5e:49:68:ed:e4:85: 75:f1:89:cf:8b:77:f9:6d:1e:8f:d6:b6:4a:67:2b: 04:07:f7:6a:8b:98:4f:e8:de:ea:b4:87:c3:69:88: d2:8d:2a:25:cb:e4:eb:3a:ef:2f:1d:09:71:14:24: 89:e3:08:3d:ee:00:7f:12:48:98:3e:32:ce:b5:43: 11:9d:a2:a2:f4:75:74:f2:d5:68:8c:83:d9:d4:c5: d6:f5:98:88:49:54:f2:ad:70:97:b2:e0:00:94:9b: 8b:3a:b8:14:d2:21:8c:c8:8c:c4:6c:94:f5:db:93: 07:f8:e5:e7:11:69:41:f5:95:2b:c5:a9:82:92:9a: cb:0f:da:74:ee:fb:24:0e:6b:52:87:9d:f8:33:4d: 80:a3:9f:64:8c:78:87:36:82:ad:17:1f:73:82:30: 84:91:ce:27:45:6c:b2:8c:8c:49:46:c7:9f:46:a7: b3:0f:70:49:03:e1:c6:0d:b9:8d:3c:44:11:6e:53: 69:6e:11:83:21:bd:7d:6c:03:8c:10:2e:69:71:7a: 48:48:98:c1:74:eb:cb:7d:f3:b8:84:e1:e9:ed:8a: ed:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:D9:76:51:49:D9:E3:6D:7B:59:22:DF:A9:10:D2:23:43:BF:05:65 X509v3 Authority Key Identifier: keyid:B5:42:7E:A4:9F:97:2D:19:C5:63:93:A6:89:E7:CB:EB:99:0D:5D:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUJ-pJ-XLRnFY5OmiefL65kNXXo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tNl2UUnZ4217WSLfqRDSI0O_BWU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d2bb68-9bc7-4791-8528-0c495477ca10/1/tUJ-pJ-XLRnFY5OmiefL65kNXXo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.156.0/24 45.67.158.0/23 IPv6: 2a09:7ac0::/32 Signature Algorithm: sha256WithRSAEncryption 17:4d:03:85:d8:0e:5c:2e:21:af:36:60:7e:1e:ea:b6:a9:45: 53:52:06:e0:8e:ae:57:ae:3d:50:0b:2c:2d:ca:f8:2e:b1:d6: 92:84:eb:d6:89:56:ea:aa:2f:d7:d5:52:2d:10:e1:ab:99:47: b5:c2:d6:5b:31:1c:96:c9:fb:04:e2:92:a4:0f:5f:a7:d6:7a: 13:3f:ef:6f:77:c8:01:47:ce:a9:6f:03:6b:05:e3:18:8b:8c: 05:4d:93:8b:82:eb:1c:bd:2b:80:f7:46:a1:26:93:2c:cd:40: a5:f3:2a:f3:e7:d1:9a:3c:9f:1b:27:57:08:07:96:25:7e:a9: 5e:3a:da:06:db:23:33:1d:a2:9d:76:74:71:40:5d:12:a5:df: c2:f0:1d:eb:4c:02:43:91:45:8f:40:2d:f4:f2:e0:b8:0a:1e: 5c:63:7c:62:de:75:fd:0d:ce:18:3f:8b:56:78:d3:f5:79:9c: f2:68:fc:51:db:f2:91:34:65:da:de:92:dc:f9:0a:8f:21:b0: e4:eb:a3:b9:06:8c:81:fb:a0:94:7e:da:96:e5:4d:b3:9d:a2: 68:26:b3:4b:b4:51:67:c9:a0:77:6c:17:01:ce:88:aa:37:d6: 7d:50:41:de:81:2c:f1:32:27:6f:5c:69:d8:8a:aa:e1:7e:45: 3e:0c:47:d2 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57S1SGa0zRLD9LNpc9LaRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NDI3ZWE0OWY5NzJkMTljNTYzOTNhNjg5ZTdjYmViOTkw ZDVkN2EwHhcNMjYwMTAxMTQxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGQ5NzY1MTQ5ZDllMzZkN2I1OTIyZGZhOTEwZDIyMzQzYmYwNTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR8aKGncz2HB5vDdVGaUO9fVrMi+ CnsSqEdY012z6ZM/Xi5gx8deSWjt5IV18YnPi3f5bR6P1rZKZysEB/dqi5hP6N7q tIfDaYjSjSoly+TrOu8vHQlxFCSJ4wg97gB/EkiYPjLOtUMRnaKi9HV08tVojIPZ 1MXW9ZiISVTyrXCXsuAAlJuLOrgU0iGMyIzEbJT125MH+OXnEWlB9ZUrxamCkprL D9p07vskDmtSh534M02Ao59kjHiHNoKtFx9zgjCEkc4nRWyyjIxJRsefRqezD3BJ A+HGDbmNPEQRblNpbhGDIb19bAOMEC5pcXpISJjBdOvLffO4hOHp7YrtZwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLTZdlFJ2eNte1ki36kQ0iNDvwVlMB8GA1UdIwQY MBaAFLVCfqSfly0ZxWOTponny+uZDV16MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1Mjgt MGM0OTU0NzdjYTEwLzEvdE5sMlVVblo0MjE3V1NMZnFSRFNJME9fQldVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC9kMmJiNjgtOWJjNy00NzkxLTg1MjgtMGM0OTU0NzdjYTEw LzEvdFVKLXBKLVhMUm5GWTVPbWllZkw2NWtOWFhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALUOcAwQB LUOeMA0EAgACMAcDBQAqCXrAMA0GCSqGSIb3DQEBCwUAA4IBAQAXTQOF2A5cLiGv NmB+Huq2qUVTUgbgjq5Xrj1QCywtyvgusdaShOvWiVbqqi/X1VItEOGrmUe1wtZb MRyWyfsE4pKkD1+n1noTP+9vd8gBR86pbwNrBeMYi4wFTZOLguscvSuA90ahJpMs zUCl8yrz59GaPJ8bJ1cIB5YlfqleOtoG2yMzHaKddnRxQF0Spd/C8B3rTAJDkUWP QC308uC4Ch5cY3xi3nX9Dc4YP4tWeNP1eZzyaPxR2/KRNGXa3pLc+QqPIbDk66O5 BoyB+6CUftqW5U2znaJoJrNLtFFnyaB3bBcBzoiqN9Z9UEHegSzxMidvXGnYiqrh fkU+DEfS -----END CERTIFICATE-----Generated at Sun Jan 25 22:13:31 2026 by rpki-client