This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/Td85PzLGixLgYgdBT3GS17rfwTQ.roa File: Td85PzLGixLgYgdBT3GS17rfwTQ.roa (raw, json) Hash identifier: ZtLYgrcf2o9oO80ckMCQ8oe+MvEY9qGa8/wSqJ2K4VY= Subject key identifier: 4D:DF:39:3F:32:C6:8B:12:E0:62:07:41:4F:71:92:D7:BA:DF:C1:34 Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e Certificate serial: 019B7EA6A0C3BE560560A41D51D844CBAE7E Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/Td85PzLGixLgYgdBT3GS17rfwTQ.roa Signing time: Fri 02 Jan 2026 12:20:07 +0000 ROA not before: Fri 02 Jan 2026 12:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13379 IP address blocks: 157.23.251.0/24 maxlen: 24 157.23.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:a0:c3:be:56:05:60:a4:1d:51:d8:44:cb:ae:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e Validity Not Before: Jan 2 12:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4ddf393f32c68b12e06207414f7192d7badfc134 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:56:1d:58:63:4c:00:f4:0a:0f:d9:22:8e:43: 00:f9:ea:f3:2e:15:ca:41:71:a8:6f:79:ab:4f:00: 76:b6:b7:5d:5e:6d:a9:89:2c:1f:95:e5:8e:6a:52: e6:e9:db:30:83:36:2e:0b:78:dc:0e:89:78:99:ec: a3:a2:d8:a6:2a:1c:2b:04:bb:6b:33:c1:30:bc:29: 52:61:94:d6:b1:15:5d:ac:79:e0:13:15:3d:17:d7: 1d:9d:b2:94:17:6f:ca:28:7d:bf:a6:0b:49:6f:6a: 49:8c:32:dc:62:70:f0:4e:ae:f5:d9:14:d1:3e:69: d5:78:6d:66:21:b3:42:77:a4:89:51:15:c4:7e:5b: 5c:33:6d:52:09:43:2e:30:02:4c:7f:46:7e:c2:51: e8:cf:92:3c:c2:72:48:57:81:0b:89:51:4f:f5:fb: 8b:29:42:ee:36:7f:f4:dd:c0:fc:15:51:14:a3:6a: 5a:0b:3b:dc:a5:11:84:9a:e4:cc:67:60:d4:91:c4: ce:4c:0c:e8:d4:e6:8a:70:35:b4:dc:60:d6:65:2b: 57:8e:3a:54:8b:22:31:7e:48:cb:f0:b6:4b:f9:ee: d4:5d:f3:02:55:2e:63:9e:43:e9:9e:e7:ea:a2:62: 2d:43:b3:9d:60:e4:78:6c:8e:4d:1e:43:8b:b6:1b: 0e:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:DF:39:3F:32:C6:8B:12:E0:62:07:41:4F:71:92:D7:BA:DF:C1:34 X509v3 Authority Key Identifier: keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/Td85PzLGixLgYgdBT3GS17rfwTQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.23.251.0/24 157.23.253.0/24 Signature Algorithm: sha256WithRSAEncryption ac:54:7e:81:88:14:ce:6f:3b:01:b8:59:f6:95:39:1a:b2:31: 99:82:19:fa:fe:4a:69:94:8a:2f:20:db:be:ad:16:c1:b1:f9: 3f:90:a2:ec:4e:48:8f:97:3f:2b:1d:d3:5c:eb:78:c1:5a:e3: 2c:88:8f:8b:75:03:19:ee:43:53:4b:42:fc:b4:0c:23:ab:9d: 14:56:d8:81:20:98:29:1c:87:29:0f:fd:ee:a3:37:af:67:fc: fd:4d:a2:fc:db:38:39:3f:fb:07:89:96:24:ad:7f:0d:ab:a6: ac:fa:ce:7c:68:76:2c:14:6c:a8:19:61:6d:32:31:62:5a:53: dd:3b:23:97:97:8a:e0:09:c1:39:95:ba:57:31:d2:a1:11:10: 90:58:5e:87:74:0e:2c:e1:8b:d0:1e:4b:70:a6:42:24:8d:04: d7:dd:c0:10:ac:4c:32:f0:d2:2a:2e:fb:d3:21:57:bb:af:7d: 23:34:62:53:9b:5e:9a:fa:72:d7:75:7d:b6:ba:40:56:7d:01: 9f:e4:9f:3d:3a:4f:36:89:64:56:78:8d:38:03:35:be:8a:f5: 6a:ca:18:cd:40:72:ec:60:61:52:27:cb:33:79:62:de:2b:3b: fd:a7:33:17:37:0b:f2:4b:ba:57:ba:10:7c:2f:6e:f6:58:ac: bc:66:80:68 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pqDDvlYFYKQdUdhEy65+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5 MzYyNWUwHhcNMjYwMTAyMTIyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZGRmMzkzZjMyYzY4YjEyZTA2MjA3NDE0ZjcxOTJkN2JhZGZjMTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVYdWGNMAPQKD9kijkMA+erzLhXK QXGob3mrTwB2trddXm2piSwfleWOalLm6dswgzYuC3jcDol4meyjotimKhwrBLtr M8EwvClSYZTWsRVdrHngExU9F9cdnbKUF2/KKH2/pgtJb2pJjDLcYnDwTq712RTR PmnVeG1mIbNCd6SJURXEfltcM21SCUMuMAJMf0Z+wlHoz5I8wnJIV4ELiVFP9fuL KULuNn/03cD8FVEUo2paCzvcpRGEmuTMZ2DUkcTOTAzo1OaKcDW03GDWZStXjjpU iyIxfkjL8LZL+e7UXfMCVS5jnkPpnufqomItQ7OdYOR4bI5NHkOLthsOfQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFE3fOT8yxosS4GIHQU9xkte638E0MB8GA1UdIwQY MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt NTk3YjZlMjQ5MmFiLzEvVGQ4NVB6TEdpeExnWWdkQlQzR1MxN3Jmd1RRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnRf7AwQA nRf9MA0GCSqGSIb3DQEBCwUAA4IBAQCsVH6BiBTObzsBuFn2lTkasjGZghn6/kpp lIovINu+rRbBsfk/kKLsTkiPlz8rHdNc63jBWuMsiI+LdQMZ7kNTS0L8tAwjq50U VtiBIJgpHIcpD/3uozevZ/z9TaL82zg5P/sHiZYkrX8Nq6as+s58aHYsFGyoGWFt MjFiWlPdOyOXl4rgCcE5lbpXMdKhERCQWF6HdA4s4YvQHktwpkIkjQTX3cAQrEwy 8NIqLvvTIVe7r30jNGJTm16a+nLXdX22ukBWfQGf5J89Ok82iWRWeI04AzW+ivVq yhjNQHLsYGFSJ8szeWLeKzv9pzMXNwvyS7pXuhB8L272WKy8ZoBo -----END CERTIFICATE-----Generated at Sun Jan 25 14:10:32 2026 by rpki-client