This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/TKh_I82_-kkJKpfPp0F_3Aj8TYE.roa File: TKh_I82_-kkJKpfPp0F_3Aj8TYE.roa (raw, json) Hash identifier: TTD8G35YelDUPVGOuIJGta0ZaAQ7u3Rr5oFH1+U9Uyo= Subject key identifier: 4C:A8:7F:23:CD:BF:FA:49:09:2A:97:CF:A7:41:7F:DC:08:FC:4D:81 Certificate issuer: /CN=108af9e9c5652b35844b2e5d4b537e9fcd4452f3 Certificate serial: 019B7EA6DC174CC2FD880D4B09DF94152E85 Authority key identifier: 10:8A:F9:E9:C5:65:2B:35:84:4B:2E:5D:4B:53:7E:9F:CD:44:52:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIr56cVlKzWESy5dS1N-n81EUvM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/TKh_I82_-kkJKpfPp0F_3Aj8TYE.roa Signing time: Fri 02 Jan 2026 12:20:23 +0000 ROA not before: Fri 02 Jan 2026 12:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211790 IP address blocks: 91.201.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/EIr56cVlKzWESy5dS1N-n81EUvM.crl rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/EIr56cVlKzWESy5dS1N-n81EUvM.mft rsync://rpki.ripe.net/repository/DEFAULT/EIr56cVlKzWESy5dS1N-n81EUvM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:dc:17:4c:c2:fd:88:0d:4b:09:df:94:15:2e:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=108af9e9c5652b35844b2e5d4b537e9fcd4452f3 Validity Not Before: Jan 2 12:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4ca87f23cdbffa49092a97cfa7417fdc08fc4d81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:02:f1:a9:16:8a:2a:40:9f:2d:5a:77:70:c8: 95:5d:7f:4c:e3:e4:f8:86:08:01:39:96:8b:d6:46: de:f4:af:02:63:ca:f6:34:38:6f:ab:f7:6b:fe:6d: 7a:67:37:55:4a:bc:ee:5c:c5:9a:06:1d:fc:d9:a0: 62:16:bb:8b:a0:4c:a7:6a:e2:9b:3d:46:22:c9:98: aa:47:e5:f0:ef:bd:f6:f3:7a:aa:3e:74:37:30:1b: 66:dd:7d:ac:47:2a:77:40:1c:92:63:fc:50:c6:a3: 6b:a3:be:16:a7:50:1b:fa:c0:e6:6a:13:71:f8:41: 1b:a5:29:b7:c8:cf:d3:62:c6:61:d8:e3:dc:d3:38: ed:5b:8e:f1:7d:9d:70:be:e1:37:ff:07:dd:d5:d8: 57:e0:bd:f8:dc:1c:dd:d8:90:ce:2b:7c:08:0c:18: 5f:e5:b6:1a:c7:53:7e:28:71:e7:c8:ea:2d:1e:1b: ae:39:b8:d2:1d:55:6e:8f:6e:24:ee:9e:a1:51:0b: 21:9d:55:a9:e4:be:d4:93:52:1d:8d:73:d6:71:c9: 1b:83:da:50:92:2c:c0:1f:82:49:4a:0c:2a:91:6b: 3d:73:23:7c:8f:45:d3:cc:84:bd:98:57:bf:a8:05: de:db:ef:77:d3:06:79:2a:4a:78:aa:0b:aa:50:d8: 51:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:A8:7F:23:CD:BF:FA:49:09:2A:97:CF:A7:41:7F:DC:08:FC:4D:81 X509v3 Authority Key Identifier: keyid:10:8A:F9:E9:C5:65:2B:35:84:4B:2E:5D:4B:53:7E:9F:CD:44:52:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIr56cVlKzWESy5dS1N-n81EUvM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/TKh_I82_-kkJKpfPp0F_3Aj8TYE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/e02a6c-ac2e-47c7-8b82-de2f6ea020ba/1/EIr56cVlKzWESy5dS1N-n81EUvM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.201.200.0/24 Signature Algorithm: sha256WithRSAEncryption 46:1d:f1:78:c8:93:1f:10:00:4f:d5:a8:71:54:f7:f3:ce:34: fc:12:6f:59:6b:56:cc:60:7b:ad:a1:cc:33:7e:17:64:57:60: bb:8d:82:0f:4c:0c:93:8a:61:72:19:e3:c1:09:59:f9:c4:48: 2e:d8:3a:5f:b3:94:38:a0:78:8e:b2:87:a4:fb:82:00:78:37: c2:38:9b:0c:38:98:b9:19:c6:8d:2e:6c:58:d5:c9:98:7b:8d: 22:7d:7a:98:d1:fb:a1:5c:c0:5d:a6:5f:a7:78:37:61:fe:f5: e1:7a:51:b7:af:de:73:c6:8a:38:30:ca:53:a2:06:17:95:72: dc:2d:b5:7c:cb:06:bf:95:a2:3f:3d:c0:46:d8:9c:1b:0b:13: 1a:73:39:1a:8e:17:ed:0d:b5:e4:e7:cf:8d:6a:7e:cd:d9:e2: 15:67:4a:4f:ff:55:fe:06:4b:3d:a6:69:ea:69:dc:b6:f6:f1: eb:5e:c3:0d:72:fb:36:c7:93:d3:1e:41:57:5b:3f:ea:1d:3b: ed:6a:f6:c2:89:c8:3a:22:83:6b:49:1b:36:28:c6:07:da:6d: 7e:ad:f3:fb:10:f3:87:71:ec:a7:b1:f4:42:be:2e:6d:8c:9c: ff:85:dd:b8:b6:cf:51:9a:e8:4d:61:3c:b0:e0:ea:3f:f2:6e: d3:19:c5:65 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+ptwXTML9iA1LCd+UFS6FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwOGFmOWU5YzU2NTJiMzU4NDRiMmU1ZDRiNTM3ZTlmY2Q0 NDUyZjMwHhcNMjYwMTAyMTIyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Y2E4N2YyM2NkYmZmYTQ5MDkyYTk3Y2ZhNzQxN2ZkYzA4ZmM0ZDgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQLxqRaKKkCfLVp3cMiVXX9M4+T4 hggBOZaL1kbe9K8CY8r2NDhvq/dr/m16ZzdVSrzuXMWaBh382aBiFruLoEynauKb PUYiyZiqR+Xw773283qqPnQ3MBtm3X2sRyp3QBySY/xQxqNro74Wp1Ab+sDmahNx +EEbpSm3yM/TYsZh2OPc0zjtW47xfZ1wvuE3/wfd1dhX4L343Bzd2JDOK3wIDBhf 5bYax1N+KHHnyOotHhuuObjSHVVuj24k7p6hUQshnVWp5L7Uk1IdjXPWcckbg9pQ kizAH4JJSgwqkWs9cyN8j0XTzIS9mFe/qAXe2+930wZ5Kkp4qguqUNhRtwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEyofyPNv/pJCSqXz6dBf9wI/E2BMB8GA1UdIwQY MBaAFBCK+enFZSs1hEsuXUtTfp/NRFLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUlyNTZjVmxLeldFU3k1ZFMxTi1uODFFVXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9lMDJhNmMtYWMyZS00N2M3LThiODIt ZGUyZjZlYTAyMGJhLzEvVEtoX0k4Ml8ta2tKS3BmUHAwRl8zQWo4VFlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9lMDJhNmMtYWMyZS00N2M3LThiODItZGUyZjZlYTAyMGJh LzEvRUlyNTZjVmxLeldFU3k1ZFMxTi1uODFFVXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8nIMA0G CSqGSIb3DQEBCwUAA4IBAQBGHfF4yJMfEABP1ahxVPfzzjT8Em9Za1bMYHutocwz fhdkV2C7jYIPTAyTimFyGePBCVn5xEgu2Dpfs5Q4oHiOsoek+4IAeDfCOJsMOJi5 GcaNLmxY1cmYe40ifXqY0fuhXMBdpl+neDdh/vXhelG3r95zxoo4MMpTogYXlXLc LbV8ywa/laI/PcBG2JwbCxMaczkajhftDbXk58+Nan7N2eIVZ0pP/1X+Bks9pmnq ady29vHrXsMNcvs2x5PTHkFXWz/qHTvtavbCicg6IoNrSRs2KMYH2m1+rfP7EPOH ceynsfRCvi5tjJz/hd24ts9RmuhNYTyw4Oo/8m7TGcVl -----END CERTIFICATE-----Generated at Mon Feb 9 19:38:27 2026 by rpki-client