This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tP-ezWKWhAkf4p1w49tg891CKc0.roa File: tP-ezWKWhAkf4p1w49tg891CKc0.roa (raw, json) Hash identifier: qn7gDz9gLjNXw/+mpQ3scMnhqsd9j8XgUWH/XG1i/XQ= Subject key identifier: B4:FF:9E:CD:62:96:84:09:1F:E2:9D:70:E3:DB:60:F3:DD:42:29:CD Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Certificate serial: 019B77C7149050EC08358FE245211F62C4E6 Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tP-ezWKWhAkf4p1w49tg891CKc0.roa Signing time: Thu 01 Jan 2026 04:18:14 +0000 ROA not before: Thu 01 Jan 2026 04:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200554 IP address blocks: 85.133.169.0/24 maxlen: 24 85.133.170.0/24 maxlen: 24 185.41.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:14:90:50:ec:08:35:8f:e2:45:21:1f:62:c4:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702 Validity Not Before: Jan 1 04:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4ff9ecd629684091fe29d70e3db60f3dd4229cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0c:70:81:14:e7:7b:81:53:6a:00:cd:e9:87: 46:aa:ca:03:df:9a:f4:ea:34:78:56:ac:71:0a:83: 55:9c:de:65:67:07:93:1c:39:59:33:b7:7b:eb:45: e6:50:d3:28:8b:55:36:ac:01:2c:65:ee:93:ff:e6: 0e:e1:17:12:fc:43:1d:5b:b7:5f:9e:e1:a2:fa:56: 07:6c:31:9b:93:30:ef:d8:5c:ab:65:66:54:1a:8c: 2f:47:05:78:65:c9:c9:eb:12:fe:9f:37:45:3f:e8: f8:75:e5:3e:54:44:45:86:32:3f:2f:05:81:cc:32: 60:5d:b0:cd:a0:05:f5:25:27:7d:4b:a3:b1:e3:34: 71:a8:94:f3:06:e0:ff:36:98:ff:8d:42:7c:15:bd: 2d:4a:71:7b:9e:01:e4:5a:44:6a:19:fe:2a:98:16: c8:ee:02:d0:0c:07:77:e1:13:12:ca:35:79:30:41: 68:f1:8a:c1:fb:9d:4f:9d:90:d1:bf:43:75:1e:e4: 90:69:0f:64:4e:96:ac:e0:e4:00:ff:80:34:ee:b0: b0:e0:cf:b5:5b:1c:42:cb:67:55:67:fe:99:2c:45: 23:97:e9:a3:16:a6:12:0c:c3:cf:dd:12:d5:05:94: 7f:4c:f1:8b:8e:da:b4:e3:12:59:1b:5a:5e:e7:e6: 6f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:FF:9E:CD:62:96:84:09:1F:E2:9D:70:E3:DB:60:F3:DD:42:29:CD X509v3 Authority Key Identifier: keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/tP-ezWKWhAkf4p1w49tg891CKc0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.133.169.0-85.133.170.255 185.41.0.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:86:e8:51:26:e1:6d:57:99:80:03:3d:13:80:15:8a:29:d2: 42:aa:72:76:7c:cf:5e:ed:b8:f9:37:24:8b:d2:32:51:54:0c: 3b:39:ec:cc:9b:33:e2:e0:56:ad:a9:2c:0d:87:6f:9f:b8:51: 21:a4:01:6c:44:cd:21:c6:81:62:e7:65:bc:c2:16:c0:75:b3: 54:29:19:d6:2d:08:50:48:58:1c:1f:41:7a:70:9e:08:26:0b: 15:00:46:06:7e:1a:a8:fc:89:f8:7a:15:a6:ff:b5:90:4f:7e: ff:18:87:27:5f:f0:06:6e:db:8d:cc:90:06:6a:65:89:62:d3: 55:69:d5:53:6e:a1:b7:c2:e7:d3:55:ef:aa:56:89:d7:76:24: 31:04:a5:d7:7f:40:75:3d:e8:7a:3c:05:46:08:1f:99:82:da: 70:55:e1:40:5e:f5:3d:b2:53:69:79:d7:18:c4:16:fd:22:4d: 6a:a5:b6:32:d4:93:5e:ad:03:6a:ee:72:a2:d6:06:8f:0b:56: 15:a9:6b:62:1e:64:74:63:b2:b6:05:bf:d6:ca:a8:36:64:db: 13:00:e4:f6:65:1d:42:09:59:42:b0:b0:07:00:a9:a7:8d:8d: df:d6:0b:f2:8f:92:a9:de:ee:e0:28:67:17:7d:60:e3:31:58: d3:41:ae:04 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt3xxSQUOwINY/iRSEfYsTmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5 NDY3MDIwHhcNMjYwMTAxMDQxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGZmOWVjZDYyOTY4NDA5MWZlMjlkNzBlM2RiNjBmM2RkNDIyOWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQxwgRTne4FTagDN6YdGqsoD35r0 6jR4VqxxCoNVnN5lZweTHDlZM7d760XmUNMoi1U2rAEsZe6T/+YO4RcS/EMdW7df nuGi+lYHbDGbkzDv2FyrZWZUGowvRwV4ZcnJ6xL+nzdFP+j4deU+VERFhjI/LwWB zDJgXbDNoAX1JSd9S6Ox4zRxqJTzBuD/Npj/jUJ8Fb0tSnF7ngHkWkRqGf4qmBbI 7gLQDAd34RMSyjV5MEFo8YrB+51PnZDRv0N1HuSQaQ9kTpas4OQA/4A07rCw4M+1 WxxCy2dVZ/6ZLEUjl+mjFqYSDMPP3RLVBZR/TPGLjtq04xJZG1pe5+ZvhwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFLT/ns1iloQJH+KdcOPbYPPdQinNMB8GA1UdIwQY MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt NWQxZmE2NmMzNjNiLzEvdFAtZXpXS1doQWtmNHAxdzQ5dGc4OTFDS2MwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABVhakD BABVhaoDBAK5KQAwDQYJKoZIhvcNAQELBQADggEBAG+G6FEm4W1XmYADPROAFYop 0kKqcnZ8z17tuPk3JIvSMlFUDDs57MybM+LgVq2pLA2Hb5+4USGkAWxEzSHGgWLn ZbzCFsB1s1QpGdYtCFBIWBwfQXpwnggmCxUARgZ+Gqj8ifh6Fab/tZBPfv8Yhydf 8AZu243MkAZqZYli01Vp1VNuobfC59NV76pWidd2JDEEpdd/QHU96Ho8BUYIH5mC 2nBV4UBe9T2yU2l51xjEFv0iTWqltjLUk16tA2rucqLWBo8LVhWpa2IeZHRjsrYF v9bKqDZk2xMA5PZlHUIJWUKwsAcAqaeNjd/WC/KPkqne7uAoZxd9YOMxWNNBrgQ= -----END CERTIFICATE-----Generated at Sun Jan 25 22:13:24 2026 by rpki-client