This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/bfb4c8-5655-440f-85b8-c40ce32b6f76/1/tkGMYK-FRtNdjWKXGGPcl_0HZd0.roa File: tkGMYK-FRtNdjWKXGGPcl_0HZd0.roa (raw, json) Hash identifier: nr1Jnpu4QEF6XYpXhVbFfyVrl4MGqSq9qg3cEdw2q4c= Subject key identifier: B6:41:8C:60:AF:85:46:D3:5D:8D:62:97:18:63:DC:97:FD:07:65:DD Certificate issuer: /CN=4635da3a20879e55fe96853e0d7aeeff53386e8b Certificate serial: 019B797E0D1C2AE5A09360462A8738E1BC87 Authority key identifier: 46:35:DA:3A:20:87:9E:55:FE:96:85:3E:0D:7A:EE:FF:53:38:6E:8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RjXaOiCHnlX-loU-DXru_1M4bos.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/bfb4c8-5655-440f-85b8-c40ce32b6f76/1/tkGMYK-FRtNdjWKXGGPcl_0HZd0.roa Signing time: Thu 01 Jan 2026 12:17:42 +0000 ROA not before: Thu 01 Jan 2026 12:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201130 IP address blocks: 5.63.22.0/24 maxlen: 24 194.150.184.0/23 maxlen: 24 2a13:4340::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/bfb4c8-5655-440f-85b8-c40ce32b6f76/1/RjXaOiCHnlX-loU-DXru_1M4bos.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/bfb4c8-5655-440f-85b8-c40ce32b6f76/1/RjXaOiCHnlX-loU-DXru_1M4bos.mft rsync://rpki.ripe.net/repository/DEFAULT/RjXaOiCHnlX-loU-DXru_1M4bos.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:0d:1c:2a:e5:a0:93:60:46:2a:87:38:e1:bc:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4635da3a20879e55fe96853e0d7aeeff53386e8b Validity Not Before: Jan 1 12:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b6418c60af8546d35d8d62971863dc97fd0765dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:5b:4a:70:62:e9:ec:e9:82:b3:2d:9d:6f:ca: 9a:19:e3:fa:02:0b:47:48:4e:d8:5e:5e:a2:ea:02: 29:2e:e3:9c:ca:62:b2:24:64:16:48:5a:8c:7b:c2: b2:a7:97:3a:37:84:38:83:2e:82:7f:28:56:c0:38: 9b:4f:c9:d4:3a:c0:6f:bb:c8:7a:80:64:6d:66:87: a0:99:62:36:77:42:35:2e:8d:ed:e4:73:a7:d6:16: 51:65:b4:70:83:24:43:04:4b:be:58:ed:1e:eb:b1: f5:e3:b2:87:d2:c3:00:90:fb:e5:c1:64:f1:63:91: c1:b9:33:2d:a2:41:69:07:99:60:b5:86:eb:10:89: 39:4b:af:d7:0e:f1:83:da:d4:75:a5:c3:bf:d5:7c: 4b:2f:a2:6a:2a:19:51:d4:ce:36:14:9c:92:ac:ef: 2e:2e:f1:20:86:a0:69:5a:c1:78:de:80:d6:0c:c6: 4c:d3:d3:77:57:f9:00:c0:75:02:a1:a1:35:b5:e9: e5:01:b7:7d:10:5c:d0:f5:8d:21:82:cd:93:a6:8f: c2:01:50:0b:1e:97:32:a7:ce:53:0a:d2:48:1f:6f: 81:55:35:ff:2b:34:50:7a:9d:39:e6:d2:5f:66:9d: 5f:61:f8:04:35:3c:98:d4:2c:d7:01:6d:93:47:f1: 64:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:41:8C:60:AF:85:46:D3:5D:8D:62:97:18:63:DC:97:FD:07:65:DD X509v3 Authority Key Identifier: keyid:46:35:DA:3A:20:87:9E:55:FE:96:85:3E:0D:7A:EE:FF:53:38:6E:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RjXaOiCHnlX-loU-DXru_1M4bos.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bfb4c8-5655-440f-85b8-c40ce32b6f76/1/tkGMYK-FRtNdjWKXGGPcl_0HZd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bfb4c8-5655-440f-85b8-c40ce32b6f76/1/RjXaOiCHnlX-loU-DXru_1M4bos.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.63.22.0/24 194.150.184.0/23 IPv6: 2a13:4340::/29 Signature Algorithm: sha256WithRSAEncryption 20:bf:19:fe:7a:7b:e5:09:47:38:fa:f8:62:b9:7c:09:6f:c5: bf:0d:77:18:c3:82:0f:a4:d6:6c:9c:c5:b3:71:d9:b9:d8:b3: 88:14:30:a0:59:7e:b9:bf:b8:2b:d0:c9:93:fc:73:75:a7:0d: 80:39:ca:bd:4f:5c:b7:17:cb:b4:4e:d5:ad:7f:27:9b:8b:8f: 81:4c:f1:e2:43:04:71:c9:73:5d:df:9d:58:ea:83:14:3f:d1: f1:75:0c:1c:6b:4f:99:85:6e:ab:bf:ad:36:a8:99:36:dd:bc: 85:2d:26:3e:f3:71:6e:de:a9:0c:75:14:1f:42:e0:3a:53:92: fe:2f:64:b4:a1:72:29:11:cb:85:31:29:e9:cb:d7:da:71:db: 08:b4:d4:a7:6d:30:7e:40:df:b2:10:b3:56:ae:2e:02:33:7c: d2:28:b6:08:80:ad:89:ff:9e:cc:09:1c:db:4f:e1:2e:f9:01: d0:c0:ed:00:33:ad:3c:20:48:06:f0:1f:50:c4:a8:f7:b1:d8: 4f:93:67:28:42:b1:e5:30:e8:6c:a7:f2:f8:08:cc:fd:c8:8c: 1c:0c:55:c3:45:23:8e:8f:0c:d7:ab:2f:07:1d:b3:5d:42:7a: 2b:f9:30:e9:60:8e:94:79:a8:79:ee:95:93:68:74:b8:e8:8a: ed:7d:01:3e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fg0cKuWgk2BGKoc44byHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2MzVkYTNhMjA4NzllNTVmZTk2ODUzZTBkN2FlZWZmNTMz ODZlOGIwHhcNMjYwMTAxMTIxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjQxOGM2MGFmODU0NmQzNWQ4ZDYyOTcxODYzZGM5N2ZkMDc2NWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVtKcGLp7OmCsy2db8qaGeP6AgtH SE7YXl6i6gIpLuOcymKyJGQWSFqMe8Kyp5c6N4Q4gy6CfyhWwDibT8nUOsBvu8h6 gGRtZoegmWI2d0I1Lo3t5HOn1hZRZbRwgyRDBEu+WO0e67H147KH0sMAkPvlwWTx Y5HBuTMtokFpB5lgtYbrEIk5S6/XDvGD2tR1pcO/1XxLL6JqKhlR1M42FJySrO8u LvEghqBpWsF43oDWDMZM09N3V/kAwHUCoaE1tenlAbd9EFzQ9Y0hgs2Tpo/CAVAL Hpcyp85TCtJIH2+BVTX/KzRQep055tJfZp1fYfgENTyY1CzXAW2TR/FkSQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLZBjGCvhUbTXY1ilxhj3Jf9B2XdMB8GA1UdIwQY MBaAFEY12jogh55V/paFPg167v9TOG6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUmpYYU9pQ0hubFgtbG9VLURYcnVfMU00Ym9zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iZmI0YzgtNTY1NS00NDBmLTg1Yjgt YzQwY2UzMmI2Zjc2LzEvdGtHTVlLLUZSdE5kaldLWEdHUGNsXzBIWmQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9iZmI0YzgtNTY1NS00NDBmLTg1YjgtYzQwY2UzMmI2Zjc2 LzEvUmpYYU9pQ0hubFgtbG9VLURYcnVfMU00Ym9zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABT8WAwQB wpa4MA0EAgACMAcDBQMqE0NAMA0GCSqGSIb3DQEBCwUAA4IBAQAgvxn+envlCUc4 +vhiuXwJb8W/DXcYw4IPpNZsnMWzcdm52LOIFDCgWX65v7gr0MmT/HN1pw2AOcq9 T1y3F8u0TtWtfyebi4+BTPHiQwRxyXNd351Y6oMUP9HxdQwca0+ZhW6rv602qJk2 3byFLSY+83Fu3qkMdRQfQuA6U5L+L2S0oXIpEcuFMSnpy9facdsItNSnbTB+QN+y ELNWri4CM3zSKLYIgK2J/57MCRzbT+Eu+QHQwO0AM608IEgG8B9QxKj3sdhPk2co QrHlMOhsp/L4CMz9yIwcDFXDRSOOjwzXqy8HHbNdQnor+TDpYI6Ueah57pWTaHS4 6IrtfQE+ -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:32 2026 by rpki-client