This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/TPflC2tWkm5_6P9IemHAg3jDH38.roa File: TPflC2tWkm5_6P9IemHAg3jDH38.roa (raw, json) Hash identifier: 7haADyJs1k9uwE2EhKfl4+X3oqT2rg7BL60uh8bbzNo= Subject key identifier: 4C:F7:E5:0B:6B:56:92:6E:7F:E8:FF:48:7A:61:C0:83:78:C3:1F:7F Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00 Certificate serial: 019B79EC49596E0B387D84359D928E5E88FD Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/TPflC2tWkm5_6P9IemHAg3jDH38.roa Signing time: Thu 01 Jan 2026 14:18:06 +0000 ROA not before: Thu 01 Jan 2026 14:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204259 IP address blocks: 185.76.83.0/24 maxlen: 24 212.110.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:49:59:6e:0b:38:7d:84:35:9d:92:8e:5e:88:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00 Validity Not Before: Jan 1 14:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4cf7e50b6b56926e7fe8ff487a61c08378c31f7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:74:f6:c6:71:2b:c4:38:42:79:57:fc:89:07: a1:71:f8:6d:22:64:47:1c:24:36:9e:29:ea:b1:99: 9c:e1:8c:ab:97:1e:cd:c1:30:7d:c3:1c:0f:d1:3c: ad:d1:4c:10:42:dc:cd:b8:80:31:17:7e:5a:40:11: 46:b0:a9:7b:e2:e0:bf:94:41:fa:c1:31:17:da:f1: a2:e0:88:a6:63:e6:f1:63:a3:f5:13:53:3a:2d:20: 6d:75:2a:e9:bd:c3:dd:bb:a5:22:c0:ae:b5:d5:be: 08:2a:26:61:91:9d:b3:07:2f:d7:86:e7:97:ec:cb: 42:fc:c8:77:c7:d1:56:72:27:0d:8b:6e:85:76:7e: be:51:e9:9b:5c:90:80:30:01:55:48:d0:2d:28:d2: b6:3e:f0:01:c9:54:d2:ae:d4:8c:e0:6f:f4:34:85: 46:e1:e9:3a:97:97:f6:e7:1e:8a:2c:3f:cd:41:fe: f3:b1:46:15:a4:02:66:99:ec:4b:36:24:30:d9:71: 53:5d:f7:5d:45:96:50:6c:4e:7d:c0:4c:38:c1:71: 0a:27:d6:a7:13:ff:54:6d:43:9a:3e:7c:a7:57:57: 94:74:1a:b5:c6:83:84:83:71:00:41:05:42:d2:09: ec:20:ff:da:72:e9:7a:e5:63:8c:db:88:71:46:0b: e7:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:F7:E5:0B:6B:56:92:6E:7F:E8:FF:48:7A:61:C0:83:78:C3:1F:7F X509v3 Authority Key Identifier: keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/TPflC2tWkm5_6P9IemHAg3jDH38.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.76.83.0/24 212.110.159.0/24 Signature Algorithm: sha256WithRSAEncryption 97:98:a3:71:dc:df:e0:b2:7b:e7:88:af:42:c3:36:46:ec:9d: 53:01:25:a6:58:c9:e0:f3:c8:d1:c2:10:1c:f7:28:9e:62:61: 35:e6:0a:1b:74:12:68:fc:76:61:8a:0f:48:63:a0:83:47:35: 2f:e1:20:91:72:78:8a:a4:56:89:0d:24:b0:85:cf:b8:61:7d: a0:ce:e3:4e:9c:83:e1:a1:5b:ed:2d:fe:c7:5a:48:ec:f1:06: 8b:01:8a:36:e5:30:4b:41:c8:1c:90:2d:94:3f:e6:7a:f6:2f: 13:48:09:83:b3:b1:b0:09:a8:91:89:09:82:7c:fb:cf:6c:ac: 73:12:db:89:25:28:87:ca:b9:7a:82:38:94:34:d2:ed:c1:30: 0f:d9:3a:81:f3:0b:56:28:0e:17:28:48:f1:1a:2f:75:a9:ca: 3d:e0:1c:27:eb:c4:fe:62:27:bc:03:fb:d9:35:ea:90:8a:eb: f9:b1:26:fb:0a:b4:7c:c1:3f:c6:53:b8:89:c7:d0:58:96:72: fb:20:9a:b7:e9:98:4c:73:eb:7c:a0:23:1b:07:67:f0:b5:16: f0:cf:5a:c3:cf:1a:0c:ce:9b:51:c0:10:0e:e3:db:fb:d1:99: 83:10:35:54:d4:76:4a:e4:34:b3:fc:86:bd:b1:94:30:be:05: cf:ec:44:43 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57ElZbgs4fYQ1nZKOXoj9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh ZGZhMDAwHhcNMjYwMTAxMTQxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Y2Y3ZTUwYjZiNTY5MjZlN2ZlOGZmNDg3YTYxYzA4Mzc4YzMxZjdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnT2xnErxDhCeVf8iQehcfhtImRH HCQ2ninqsZmc4Yyrlx7NwTB9wxwP0Tyt0UwQQtzNuIAxF35aQBFGsKl74uC/lEH6 wTEX2vGi4IimY+bxY6P1E1M6LSBtdSrpvcPdu6UiwK611b4IKiZhkZ2zBy/XhueX 7MtC/Mh3x9FWcicNi26Fdn6+UembXJCAMAFVSNAtKNK2PvAByVTSrtSM4G/0NIVG 4ek6l5f25x6KLD/NQf7zsUYVpAJmmexLNiQw2XFTXfddRZZQbE59wEw4wXEKJ9an E/9UbUOaPnynV1eUdBq1xoOEg3EAQQVC0gnsIP/acul65WOM24hxRgvnnwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEz35QtrVpJuf+j/SHphwIN4wx9/MB8GA1UdIwQY MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt OGRmMzYzMzdlNmJjLzEvVFBmbEMydFdrbTVfNlA5SWVtSEFnM2pESDM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUxTAwQA 1G6fMA0GCSqGSIb3DQEBCwUAA4IBAQCXmKNx3N/gsnvniK9CwzZG7J1TASWmWMng 88jRwhAc9yieYmE15gobdBJo/HZhig9IY6CDRzUv4SCRcniKpFaJDSSwhc+4YX2g zuNOnIPhoVvtLf7HWkjs8QaLAYo25TBLQcgckC2UP+Z69i8TSAmDs7GwCaiRiQmC fPvPbKxzEtuJJSiHyrl6gjiUNNLtwTAP2TqB8wtWKA4XKEjxGi91qco94Bwn68T+ Yie8A/vZNeqQiuv5sSb7CrR8wT/GU7iJx9BYlnL7IJq36ZhMc+t8oCMbB2fwtRbw z1rDzxoMzptRwBAO49v70ZmDEDVU1HZK5DSz/Ia9sZQwvgXP7ERD -----END CERTIFICATE-----Generated at Mon Jan 26 12:26:02 2026 by rpki-client