This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/tVehCQA-0IdFUBojRkGxC6ziJ8Q.roa File: tVehCQA-0IdFUBojRkGxC6ziJ8Q.roa (raw, json) Hash identifier: w4l/5QNspHBtCuymre4LSN3BUOt0TxFzN4DS6VDcIh4= Subject key identifier: B5:57:A1:09:00:3E:D0:87:45:50:1A:23:46:41:B1:0B:AC:E2:27:C4 Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc Certificate serial: 019B78A37926C16727AE62EA2FAD473028E2 Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/tVehCQA-0IdFUBojRkGxC6ziJ8Q.roa Signing time: Thu 01 Jan 2026 08:18:57 +0000 ROA not before: Thu 01 Jan 2026 08:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 52000 IP address blocks: 146.255.188.0/24 maxlen: 24 2a11:c880::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.mft rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:79:26:c1:67:27:ae:62:ea:2f:ad:47:30:28:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc Validity Not Before: Jan 1 08:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b557a109003ed08745501a234641b10bace227c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:70:9f:fb:17:81:6a:69:e4:97:ea:0d:a7:05: 62:29:12:3a:66:88:e0:26:4f:76:2d:53:8f:7e:ec: 43:04:ee:b9:95:d0:97:81:17:e8:9a:31:d7:a9:a1: 2e:81:3b:14:73:96:0e:6f:60:6d:7a:2a:ea:dc:05: 51:d5:dc:9c:c8:f1:1f:0c:c7:7b:a7:f9:23:d9:55: aa:44:93:93:d9:a8:e6:01:ae:0f:83:78:cc:4d:68: 6d:a9:8c:4a:5b:38:5a:ac:70:9f:6c:8c:53:61:b7: 15:10:b5:61:bd:5c:91:ab:35:6c:45:7b:58:11:34: 72:05:d3:25:a4:65:6a:12:e8:f5:96:90:f9:99:a8: 7d:a4:8e:33:b2:48:fb:2e:35:fe:2d:f4:34:54:9b: 67:1d:02:03:c5:0e:05:ea:25:73:5b:ce:5b:1e:62: 40:d2:8c:e1:b0:2b:e3:5f:7e:95:f6:04:da:6f:b6: 8c:8c:36:1f:20:73:11:9d:d9:f5:26:39:c5:41:98: 43:80:a8:75:a2:c2:8c:d0:68:96:49:95:f1:23:ff: 37:9c:a8:e0:fc:6a:df:7b:5e:b2:f7:83:5d:79:8a: b9:7f:b7:c9:72:12:eb:66:d9:83:98:6f:36:60:14: 6f:fc:ea:53:a3:54:61:c2:8d:75:e8:a2:a9:91:bf: 48:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:57:A1:09:00:3E:D0:87:45:50:1A:23:46:41:B1:0B:AC:E2:27:C4 X509v3 Authority Key Identifier: keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/tVehCQA-0IdFUBojRkGxC6ziJ8Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.255.188.0/24 IPv6: 2a11:c880::/29 Signature Algorithm: sha256WithRSAEncryption 24:13:82:01:27:b6:b0:fe:b4:6d:51:a3:8b:01:71:b2:ff:78: 09:f6:81:e9:65:73:e3:af:c1:d9:4b:56:85:5d:82:01:59:df: d6:6a:90:16:02:c9:a0:21:68:25:90:d2:a9:9c:de:ba:a1:68: 34:d9:ab:30:c8:1f:71:0f:fb:fb:c2:d9:de:83:e2:4e:10:a7: 4a:87:bc:2f:14:98:fd:74:64:f7:ed:78:24:5e:58:cd:67:14: 4d:20:e2:18:63:8b:5f:83:89:ad:9a:58:e3:c8:ad:d7:84:eb: 72:12:d2:8e:6d:77:ea:08:9d:d9:ff:30:c5:d6:fa:41:c9:7e: 7c:52:ce:24:0f:90:d0:89:1d:ad:c8:fd:3c:e6:f1:2d:4d:9f: de:29:33:9b:3a:b3:00:27:62:17:4d:56:bc:5d:43:25:3c:16: 4f:e9:40:23:98:a0:e1:09:c7:10:85:a3:28:03:97:e0:8e:1b: a9:7b:f5:f4:43:12:d9:c9:08:67:c3:06:71:83:76:bf:cb:46: f8:1e:f6:28:44:32:6c:82:35:3b:c4:6b:c1:22:6c:da:b3:b1: aa:82:b1:cb:9c:b0:b1:ca:03:18:30:39:30:78:46:02:31:45: 33:9d:83:92:99:4d:72:95:04:27:1e:79:bc:1c:fe:8b:0d:44: e4:69:88:1c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4o3kmwWcnrmLqL61HMCjiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh MTQ3YmMwHhcNMjYwMTAxMDgxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNTU3YTEwOTAwM2VkMDg3NDU1MDFhMjM0NjQxYjEwYmFjZTIyN2M0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHCf+xeBamnkl+oNpwViKRI6Zojg Jk92LVOPfuxDBO65ldCXgRfomjHXqaEugTsUc5YOb2Bteirq3AVR1dycyPEfDMd7 p/kj2VWqRJOT2ajmAa4Pg3jMTWhtqYxKWzharHCfbIxTYbcVELVhvVyRqzVsRXtY ETRyBdMlpGVqEuj1lpD5mah9pI4zskj7LjX+LfQ0VJtnHQIDxQ4F6iVzW85bHmJA 0ozhsCvjX36V9gTab7aMjDYfIHMRndn1JjnFQZhDgKh1osKM0GiWSZXxI/83nKjg /Grfe16y94NdeYq5f7fJchLrZtmDmG82YBRv/OpTo1Rhwo116KKpkb9IuQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLVXoQkAPtCHRVAaI0ZBsQus4ifEMB8GA1UdIwQY MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt ZDg3MjEzNzU2NDRhLzEvdFZlaENRQS0wSWRGVUJvalJrR3hDNnppSjhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkv+8MA0E AgACMAcDBQMqEciAMA0GCSqGSIb3DQEBCwUAA4IBAQAkE4IBJ7aw/rRtUaOLAXGy /3gJ9oHpZXPjr8HZS1aFXYIBWd/WapAWAsmgIWglkNKpnN66oWg02aswyB9xD/v7 wtneg+JOEKdKh7wvFJj9dGT37XgkXljNZxRNIOIYY4tfg4mtmljjyK3XhOtyEtKO bXfqCJ3Z/zDF1vpByX58Us4kD5DQiR2tyP085vEtTZ/eKTObOrMAJ2IXTVa8XUMl PBZP6UAjmKDhCccQhaMoA5fgjhupe/X0QxLZyQhnwwZxg3a/y0b4HvYoRDJsgjU7 xGvBImzas7GqgrHLnLCxygMYMDkweEYCMUUznYOSmU1ylQQnHnm8HP6LDUTkaYgc -----END CERTIFICATE-----Generated at Fri Jan 9 00:00:51 2026 by rpki-client