This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TJsT8hmlZvIXfDX5SC_qU2dK2d4.roa File: TJsT8hmlZvIXfDX5SC_qU2dK2d4.roa (raw, json) Hash identifier: zllsgLU4OwgD2YP+ywN8sVe5hXPnAPPDVlbXaxg9Sbg= Subject key identifier: 4C:9B:13:F2:19:A5:66:F2:17:7C:35:F9:48:2F:EA:53:67:4A:D9:DE Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A30588CE28B85ED3CB135DA5910549 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TJsT8hmlZvIXfDX5SC_qU2dK2d4.roa Signing time: Thu 01 Jan 2026 08:18:28 +0000 ROA not before: Thu 01 Jan 2026 08:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49421 IP address blocks: 2a00:1728:2a::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:05:88:ce:28:b8:5e:d3:cb:13:5d:a5:91:05:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4c9b13f219a566f2177c35f9482fea53674ad9de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:06:6d:02:ce:42:85:70:59:63:c9:a2:04:38: 29:81:10:d3:ee:82:31:81:25:47:d3:bd:ed:16:d2: 09:ac:5c:58:7e:5e:d1:c6:26:ec:dd:b7:22:de:41: 8e:9d:19:d9:cc:04:15:95:21:23:2d:65:18:8c:15: e0:48:3b:c8:6e:e0:3f:35:03:85:69:55:42:c5:32: 1a:00:26:75:9f:bc:e8:63:00:b6:2d:e3:55:d7:c4: 92:9d:07:c3:60:79:8a:4f:20:30:95:a3:e4:f6:8b: c7:ed:50:ee:f1:d3:17:69:d9:cd:46:fa:12:59:c5: 8e:af:45:6e:4e:7e:36:bc:95:24:c9:cc:9a:69:87: 4a:26:db:78:f7:17:0a:ac:d9:fb:1b:a8:b6:7d:f6: b8:44:1d:8f:65:99:ed:d7:0f:c0:55:91:37:42:46: b0:e3:52:ed:15:be:1e:08:86:d7:0d:dd:53:ed:fb: 17:79:5c:47:33:75:bd:a6:30:35:ef:c5:ab:a3:0f: 0a:80:3f:f6:9e:5e:3b:a6:6c:32:61:74:6c:05:82: 04:96:75:18:c0:a7:8d:82:c7:c1:23:20:6f:09:4a: 1e:1c:1a:87:ad:2f:a1:c8:61:f3:d3:0f:76:89:a6: de:2a:80:87:dc:f6:7b:f2:c6:75:74:da:fd:13:7d: b0:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:9B:13:F2:19:A5:66:F2:17:7C:35:F9:48:2F:EA:53:67:4A:D9:DE X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TJsT8hmlZvIXfDX5SC_qU2dK2d4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1728:2a::/48 Signature Algorithm: sha256WithRSAEncryption 09:57:36:8c:09:5d:c0:3e:f7:de:bf:2f:bc:ff:f7:dc:b1:7f: de:d5:65:34:e4:ed:26:b3:1e:97:f2:f0:21:e0:53:7f:bf:37: 04:fb:df:3f:8c:88:95:14:fb:9f:57:10:17:9a:84:e2:74:e9: 7c:ca:27:b8:ed:31:af:31:4d:c4:e5:ee:c9:10:db:d7:fd:72: 7f:5f:ba:78:85:b1:4c:f3:11:6a:76:9a:55:56:fe:8d:01:9d: f6:f4:c1:03:1a:9a:39:2f:4a:80:24:48:2d:15:e6:fe:c0:ae: 0b:2d:22:2a:61:c5:c3:91:d9:01:bf:58:75:60:80:87:dd:3c: 33:18:28:d9:65:ee:b3:88:f9:25:ac:43:6b:ee:fe:7d:59:58: df:c2:ab:d6:9b:65:d7:ba:59:f1:ac:7b:64:e0:04:33:02:0e: 9a:8a:a9:11:43:d0:c3:6d:ad:24:77:54:97:65:4e:e9:7e:d0: b9:2c:96:37:82:ba:a5:75:19:d5:e0:35:ab:07:c0:b7:70:d8: e6:68:9e:9f:6f:b2:b1:c0:3c:38:3b:4d:ef:a2:dc:ab:11:40: 7e:3f:0d:07:a1:91:3f:c5:ff:22:10:0b:51:f1:28:66:d0:68: 59:aa:63:b7:7f:f0:d9:f5:f9:ac:7a:5f:38:21:fb:c1:c1:7b: 52:bf:8d:aa -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4owWIzii4XtPLE12lkQVJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YzliMTNmMjE5YTU2NmYyMTc3YzM1Zjk0ODJmZWE1MzY3NGFkOWRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswZtAs5ChXBZY8miBDgpgRDT7oIx gSVH073tFtIJrFxYfl7Rxibs3bci3kGOnRnZzAQVlSEjLWUYjBXgSDvIbuA/NQOF aVVCxTIaACZ1n7zoYwC2LeNV18SSnQfDYHmKTyAwlaPk9ovH7VDu8dMXadnNRvoS WcWOr0VuTn42vJUkycyaaYdKJtt49xcKrNn7G6i2ffa4RB2PZZnt1w/AVZE3Qkaw 41LtFb4eCIbXDd1T7fsXeVxHM3W9pjA178Wrow8KgD/2nl47pmwyYXRsBYIElnUY wKeNgsfBIyBvCUoeHBqHrS+hyGHz0w92iabeKoCH3PZ78sZ1dNr9E32wUQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEybE/IZpWbyF3w1+Ugv6lNnStneMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvVEpzVDhobWxadklYZkRYNVNDX3FVMmRLMmQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXKAAq MA0GCSqGSIb3DQEBCwUAA4IBAQAJVzaMCV3APvfevy+8//fcsX/e1WU05O0msx6X 8vAh4FN/vzcE+98/jIiVFPufVxAXmoTidOl8yie47TGvMU3E5e7JENvX/XJ/X7p4 hbFM8xFqdppVVv6NAZ329MEDGpo5L0qAJEgtFeb+wK4LLSIqYcXDkdkBv1h1YICH 3TwzGCjZZe6ziPklrENr7v59WVjfwqvWm2XXulnxrHtk4AQzAg6aiqkRQ9DDba0k d1SXZU7pftC5LJY3grqldRnV4DWrB8C3cNjmaJ6fb7KxwDw4O03votyrEUB+Pw0H oZE/xf8iEAtR8Shm0GhZqmO3f/DZ9fmsel84IfvBwXtSv42q -----END CERTIFICATE-----Generated at Fri Jan 2 12:03:10 2026 by rpki-client