This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/TCGXmp-ZcJuoO-eDyOqbUVRKJXI.roa File: TCGXmp-ZcJuoO-eDyOqbUVRKJXI.roa (raw, json) Hash identifier: zb8J86h3WDmjGOxtQQnoZ3rsuxycMmwLx3S1o5snyrE= Subject key identifier: 4C:21:97:9A:9F:99:70:9B:A8:3B:E7:83:C8:EA:9B:51:54:4A:25:72 Certificate issuer: /CN=6dfecfa0e6692595cfbea5266076e8e53efd9461 Certificate serial: 019B7F848B2B3412536E14DCE5E8B90FA9E9 Authority key identifier: 6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/TCGXmp-ZcJuoO-eDyOqbUVRKJXI.roa Signing time: Fri 02 Jan 2026 16:22:31 +0000 ROA not before: Fri 02 Jan 2026 16:22:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211882 IP address blocks: 46.231.240.0/23 maxlen: 24 2a0c:e300:12::/48 maxlen: 48 2a0c:e303::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.mft rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:8b:2b:34:12:53:6e:14:dc:e5:e8:b9:0f:a9:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6dfecfa0e6692595cfbea5266076e8e53efd9461 Validity Not Before: Jan 2 16:22:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4c21979a9f99709ba83be783c8ea9b51544a2572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f4:d3:3d:58:de:fb:4e:73:c2:8a:7d:71:3b: 8c:2c:98:3d:41:40:12:8c:3d:d1:d4:b4:38:64:89: 9d:bc:d5:00:f4:dd:e3:bf:39:4b:2d:82:6d:7c:37: 6b:e8:fa:c3:1a:49:9a:2b:bf:da:a5:03:cb:7f:72: a0:58:8d:cb:b7:e6:83:6e:3d:7a:ad:4e:73:14:db: a1:35:e9:0c:c5:32:6e:d6:54:f1:7b:45:26:6e:0d: 60:86:96:fd:e7:aa:e4:65:f2:6a:3a:fd:b8:cf:63: 64:17:12:52:3a:33:d7:4f:ba:c4:b9:95:e6:e1:4b: 05:c6:22:9d:c6:51:de:28:5b:bb:ad:ad:df:a3:15: b6:38:8f:e9:61:0c:fd:e7:68:b4:f3:4e:2e:44:c4: 33:bb:0f:09:77:d4:78:e9:52:1d:49:d0:d3:32:ae: 18:a2:74:b8:59:74:fb:2b:de:b0:43:8f:ff:fc:5a: 27:46:7a:6b:f9:35:98:8e:57:42:99:fa:6f:d8:c0: 48:ad:26:49:69:60:56:39:3a:85:33:b9:d3:5b:8b: fc:77:69:a8:e0:3b:b1:85:da:95:36:71:4a:1c:57: a6:8b:28:4b:b6:36:a8:db:14:f4:b0:a8:ad:bc:ea: 80:93:c4:bf:91:db:45:85:a4:f3:38:f7:02:6c:ba: 26:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:21:97:9A:9F:99:70:9B:A8:3B:E7:83:C8:EA:9B:51:54:4A:25:72 X509v3 Authority Key Identifier: keyid:6D:FE:CF:A0:E6:69:25:95:CF:BE:A5:26:60:76:E8:E5:3E:FD:94:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf7PoOZpJZXPvqUmYHbo5T79lGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/TCGXmp-ZcJuoO-eDyOqbUVRKJXI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fcfec7-d6c3-4b40-ba2c-f988d48e51e8/1/bf7PoOZpJZXPvqUmYHbo5T79lGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.231.240.0/23 IPv6: 2a0c:e300:12::/48 2a0c:e303::/32 Signature Algorithm: sha256WithRSAEncryption 2d:18:82:78:f6:ac:b5:6a:4a:f1:df:e4:93:0b:7e:9f:72:be: f0:81:f6:f2:25:73:2b:20:ef:c1:11:c2:0b:26:4c:e7:e2:42: de:22:3e:b5:46:e9:75:78:ae:a9:be:c4:02:70:5f:2e:3e:ee: 2f:d0:67:94:36:50:85:01:38:89:b3:26:93:7d:ea:b1:b2:8d: fe:68:5c:c5:e8:b4:7b:0f:c2:a2:f7:e5:14:27:5e:61:7d:65: 42:e9:43:3e:10:02:41:9e:72:b9:2f:a8:67:b0:89:89:72:01: 35:68:d9:a0:b3:b2:05:38:d5:38:e8:2c:85:48:74:7e:6f:ce: f6:a9:27:af:89:2e:b2:1a:4a:39:36:a3:6e:4f:83:c9:22:94: 39:df:a6:6e:48:fd:b0:71:fa:1a:e7:5e:2d:ab:87:e2:5c:15: b5:6a:9e:98:84:b8:8d:2b:25:37:3a:f6:f3:92:fa:f6:fc:1c: 6a:1d:e8:16:3d:f8:86:c6:67:43:3b:ae:2a:ff:5d:df:b6:93: 36:8b:d8:dd:6a:95:66:f9:94:fd:f1:5d:fe:65:e7:95:2f:f6: 26:5b:55:5f:b8:12:a0:9c:7a:df:62:9b:37:c3:ff:09:ab:fb: d3:30:5a:d8:21:cd:89:11:c2:24:66:31:c1:5d:34:d5:cb:54: 8c:de:0d:02 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt/hIsrNBJTbhTc5ei5D6npMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkZmVjZmEwZTY2OTI1OTVjZmJlYTUyNjYwNzZlOGU1M2Vm ZDk0NjEwHhcNMjYwMTAyMTYyMjMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YzIxOTc5YTlmOTk3MDliYTgzYmU3ODNjOGVhOWI1MTU0NGEyNTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPTTPVje+05zwop9cTuMLJg9QUAS jD3R1LQ4ZImdvNUA9N3jvzlLLYJtfDdr6PrDGkmaK7/apQPLf3KgWI3Lt+aDbj16 rU5zFNuhNekMxTJu1lTxe0Umbg1ghpb956rkZfJqOv24z2NkFxJSOjPXT7rEuZXm 4UsFxiKdxlHeKFu7ra3foxW2OI/pYQz952i0804uRMQzuw8Jd9R46VIdSdDTMq4Y onS4WXT7K96wQ4///FonRnpr+TWYjldCmfpv2MBIrSZJaWBWOTqFM7nTW4v8d2mo 4DuxhdqVNnFKHFemiyhLtjao2xT0sKitvOqAk8S/kdtFhaTzOPcCbLomZQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFEwhl5qfmXCbqDvng8jqm1FUSiVyMB8GA1UdIwQY MBaAFG3+z6DmaSWVz76lJmB26OU+/ZRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMt Zjk4OGQ0OGU1MWU4LzEvVENHWG1wLVpjSnVvTy1lRHlPcWJVVlJLSlhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9mY2ZlYzctZDZjMy00YjQwLWJhMmMtZjk4OGQ0OGU1MWU4 LzEvYmY3UG9PWnBKWlhQdnFVbVlIYm81VDc5bEdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBLufwMBYE AgACMBADBwAqDOMAABIDBQAqDOMDMA0GCSqGSIb3DQEBCwUAA4IBAQAtGIJ49qy1 akrx3+STC36fcr7wgfbyJXMrIO/BEcILJkzn4kLeIj61Rul1eK6pvsQCcF8uPu4v 0GeUNlCFATiJsyaTfeqxso3+aFzF6LR7D8Ki9+UUJ15hfWVC6UM+EAJBnnK5L6hn sImJcgE1aNmgs7IFONU46CyFSHR+b872qSeviS6yGko5NqNuT4PJIpQ536ZuSP2w cfoa514tq4fiXBW1ap6YhLiNKyU3Ovbzkvr2/BxqHegWPfiGxmdDO64q/13ftpM2 i9jdapVm+ZT98V3+ZeeVL/YmW1VfuBKgnHrfYps3w/8Jq/vTMFrYIc2JEcIkZjHB XTTVy1SM3g0C -----END CERTIFICATE-----Generated at Sun Jan 25 22:13:10 2026 by rpki-client