This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/tfcGfm5inMTt9cfihgrBHcgLBeA.roa File: tfcGfm5inMTt9cfihgrBHcgLBeA.roa (raw, json) Hash identifier: wAYHYoqlbuhkIu13qc05BEwhuRgD+rXRGSKUOssyz4w= Subject key identifier: B5:F7:06:7E:6E:62:9C:C4:ED:F5:C7:E2:86:0A:C1:1D:C8:0B:05:E0 Certificate issuer: /CN=d36be6f075400d305a16dde690e25cbd94645cbe Certificate serial: 019B7EA46E560A31548FE2BCBAD138271177 Authority key identifier: D3:6B:E6:F0:75:40:0D:30:5A:16:DD:E6:90:E2:5C:BD:94:64:5C:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02vm8HVADTBaFt3mkOJcvZRkXL4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/tfcGfm5inMTt9cfihgrBHcgLBeA.roa Signing time: Fri 02 Jan 2026 12:17:43 +0000 ROA not before: Fri 02 Jan 2026 12:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213330 IP address blocks: 2001:678:d20::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/02vm8HVADTBaFt3mkOJcvZRkXL4.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/02vm8HVADTBaFt3mkOJcvZRkXL4.mft rsync://rpki.ripe.net/repository/DEFAULT/02vm8HVADTBaFt3mkOJcvZRkXL4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:6e:56:0a:31:54:8f:e2:bc:ba:d1:38:27:11:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d36be6f075400d305a16dde690e25cbd94645cbe Validity Not Before: Jan 2 12:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b5f7067e6e629cc4edf5c7e2860ac11dc80b05e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:63:1c:f7:cc:50:18:ba:3f:59:c4:f3:fe:d8: a4:91:64:9c:5e:30:f9:35:5f:72:e7:18:a1:51:8c: 96:fb:98:0d:32:53:93:a9:89:5a:66:95:e7:6d:ca: 35:b1:09:a7:54:75:66:5f:e9:b7:cb:3a:4a:5b:09: 7f:f1:73:cb:61:63:f4:37:b6:b7:2e:26:cc:c3:d0: eb:4c:e3:d4:8b:58:4f:64:5d:0a:09:88:f2:55:3a: 17:e1:8a:3e:df:6f:cd:90:fd:f3:93:a8:c6:09:0a: 9f:d5:b0:eb:7c:5c:6b:d0:61:8a:2a:2a:34:fb:00: 69:c7:59:32:dc:c1:e7:87:e7:8c:a5:73:cd:83:35: 92:3d:66:10:45:36:f7:d4:99:dc:9a:e3:f4:7a:0a: 6e:56:52:ca:56:bd:57:e0:eb:aa:84:08:b6:3b:b0: ae:27:bb:c4:45:58:0d:4c:f6:11:b8:bf:c0:b6:cb: 88:37:80:84:3f:82:74:8c:d6:16:5d:03:83:1f:1f: 49:4f:da:0e:82:51:95:bf:c6:99:f0:e5:d8:04:42: d8:6f:37:82:c8:06:50:f6:d0:dd:e6:1f:cb:46:12: 2a:75:23:0b:23:63:0a:0e:1f:3b:53:98:63:b9:90: 4b:41:3b:a8:2f:fb:dc:fb:c0:37:3f:1e:64:bc:ea: 77:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:F7:06:7E:6E:62:9C:C4:ED:F5:C7:E2:86:0A:C1:1D:C8:0B:05:E0 X509v3 Authority Key Identifier: keyid:D3:6B:E6:F0:75:40:0D:30:5A:16:DD:E6:90:E2:5C:BD:94:64:5C:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02vm8HVADTBaFt3mkOJcvZRkXL4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/tfcGfm5inMTt9cfihgrBHcgLBeA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/02vm8HVADTBaFt3mkOJcvZRkXL4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:d20::/48 Signature Algorithm: sha256WithRSAEncryption 90:94:8b:d2:c1:a7:93:62:d5:b8:d9:3e:cc:70:42:21:d1:7a: 0f:2f:77:d3:4e:53:4b:41:9e:d7:4f:f2:6f:6b:69:f7:ea:87: 98:0c:ad:c2:e3:a8:39:61:67:d8:cf:3b:2e:e2:49:4b:87:81: 46:e8:f6:5f:cb:1e:13:af:b6:dd:2f:e4:0e:a9:fe:9c:c9:04: 7c:a7:22:fc:a6:cd:12:2a:bb:df:b9:e1:da:7e:f6:00:9e:73: b7:91:54:a7:a6:03:e9:8b:26:ae:80:06:81:9a:75:5b:4e:8b: 83:9d:2a:8e:e3:3d:f5:60:bc:2d:ad:80:ee:af:23:75:41:4e: e2:73:e4:f9:1c:4b:40:8c:9d:af:e6:18:11:80:7e:32:38:bf: 52:94:64:5e:82:b3:ee:20:dd:56:b5:b7:96:98:91:b5:df:b6: c9:3f:41:e5:a4:74:2c:21:5b:aa:f6:36:c9:d1:28:a4:a5:e3: fd:6c:c7:8c:44:ac:24:51:d8:aa:c2:29:81:6c:b2:d2:74:6a: 41:1e:5a:19:27:8d:4b:9b:72:ec:fe:f2:91:8e:83:50:15:f3: 6e:08:f8:fb:9b:fc:26:88:c3:c7:8b:c6:7f:7b:db:da:10:bd: 4f:5d:ec:11:71:5e:76:83:dc:e3:46:2f:94:84:00:d0:39:88: af:22:88:2a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pG5WCjFUj+K8utE4JxF3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNmJlNmYwNzU0MDBkMzA1YTE2ZGRlNjkwZTI1Y2JkOTQ2 NDVjYmUwHhcNMjYwMTAyMTIxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNWY3MDY3ZTZlNjI5Y2M0ZWRmNWM3ZTI4NjBhYzExZGM4MGIwNWUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGMc98xQGLo/WcTz/tikkWScXjD5 NV9y5xihUYyW+5gNMlOTqYlaZpXnbco1sQmnVHVmX+m3yzpKWwl/8XPLYWP0N7a3 LibMw9DrTOPUi1hPZF0KCYjyVToX4Yo+32/NkP3zk6jGCQqf1bDrfFxr0GGKKio0 +wBpx1ky3MHnh+eMpXPNgzWSPWYQRTb31JncmuP0egpuVlLKVr1X4OuqhAi2O7Cu J7vERVgNTPYRuL/AtsuIN4CEP4J0jNYWXQODHx9JT9oOglGVv8aZ8OXYBELYbzeC yAZQ9tDd5h/LRhIqdSMLI2MKDh87U5hjuZBLQTuoL/vc+8A3Px5kvOp3KwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFLX3Bn5uYpzE7fXH4oYKwR3ICwXgMB8GA1UdIwQY MBaAFNNr5vB1QA0wWhbd5pDiXL2UZFy+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJ2bThIVkFEVEJhRnQzbWtPSmN2WlJrWEw0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wZmRlMzgtZTliOS00YjY5LWI0MTQt MzBjMWM1YTA4MGQ5LzEvdGZjR2ZtNWluTVR0OWNmaWhnckJIY2dMQmVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8wZmRlMzgtZTliOS00YjY5LWI0MTQtMzBjMWM1YTA4MGQ5 LzEvMDJ2bThIVkFEVEJhRnQzbWtPSmN2WlJrWEw0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA0g MA0GCSqGSIb3DQEBCwUAA4IBAQCQlIvSwaeTYtW42T7McEIh0XoPL3fTTlNLQZ7X T/Jva2n36oeYDK3C46g5YWfYzzsu4klLh4FG6PZfyx4Tr7bdL+QOqf6cyQR8pyL8 ps0SKrvfueHafvYAnnO3kVSnpgPpiyaugAaBmnVbTouDnSqO4z31YLwtrYDuryN1 QU7ic+T5HEtAjJ2v5hgRgH4yOL9SlGRegrPuIN1WtbeWmJG137bJP0HlpHQsIVuq 9jbJ0SikpeP9bMeMRKwkUdiqwimBbLLSdGpBHloZJ41Lm3Ls/vKRjoNQFfNuCPj7 m/wmiMPHi8Z/e9vaEL1PXewRcV52g9zjRi+UhADQOYivIogq -----END CERTIFICATE-----Generated at Mon Feb 9 20:59:32 2026 by rpki-client