This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/TLpIJfQniGra73O-5qt8n2SA0I0.roa File: TLpIJfQniGra73O-5qt8n2SA0I0.roa (raw, json) Hash identifier: XRHPwMQoeXewizaE1eY1DKfyaGXaWMKnjyeKdB0iGaU= Subject key identifier: 4C:BA:48:25:F4:27:88:6A:DA:EF:73:BE:E6:AB:7C:9F:64:80:D0:8D Certificate issuer: /CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579 Certificate serial: 019B7E38E724DEDF05512D0E0ED43BC7E724 Authority key identifier: FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/TLpIJfQniGra73O-5qt8n2SA0I0.roa Signing time: Fri 02 Jan 2026 10:20:16 +0000 ROA not before: Fri 02 Jan 2026 10:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25693 IP address blocks: 109.122.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.mft rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 10:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e7:24:de:df:05:51:2d:0e:0e:d4:3b:c7:e7:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579 Validity Not Before: Jan 2 10:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4cba4825f427886adaef73bee6ab7c9f6480d08d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d3:bb:c4:6a:a7:b5:04:08:04:b7:50:0e:56: a7:f2:b0:aa:e5:54:76:5b:6b:35:44:44:13:51:39: 10:42:92:02:ce:c2:10:eb:10:90:b1:2b:e5:52:a8: 37:15:7e:2c:9c:b4:5a:6d:cc:30:d7:2f:9a:c7:c1: b5:ed:99:89:25:7c:d6:00:ab:33:c0:95:c9:fc:7b: 90:e3:33:51:36:1d:1c:2a:3e:1b:e0:48:5f:6b:f1: e7:fe:88:ff:e9:ce:3b:a3:0c:38:c1:6d:29:76:9d: 53:71:4d:4d:79:e4:54:6b:e6:c9:13:e8:d9:ab:09: 66:3f:eb:60:01:12:68:62:67:c2:1a:34:2d:61:3f: f4:a9:9c:49:8b:73:c6:92:2e:7e:d8:fd:65:f5:8d: 10:2d:0b:a4:85:7a:ed:59:62:8e:a5:5d:07:7a:4d: 59:ff:62:37:cd:53:51:54:22:9f:73:35:76:77:33: 09:8e:04:d4:21:c4:b7:41:d7:71:be:d8:4c:6d:c1: 03:25:0a:4a:fe:d0:d2:ee:04:4a:cd:e5:85:b8:fb: 4c:44:69:4c:f0:9f:a6:a4:d2:c1:1a:9d:c4:66:2f: 4a:6b:2b:81:41:1c:90:8d:36:e8:81:32:0c:38:a4: 20:93:f1:3c:8b:0e:fb:38:a5:7f:72:67:63:45:4c: 63:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:BA:48:25:F4:27:88:6A:DA:EF:73:BE:E6:AB:7C:9F:64:80:D0:8D X509v3 Authority Key Identifier: keyid:FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/TLpIJfQniGra73O-5qt8n2SA0I0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.122.22.0/24 Signature Algorithm: sha256WithRSAEncryption 07:e6:52:74:f5:fa:8a:08:16:ae:89:18:dc:d9:7c:93:d4:bb: ba:50:b9:fa:7a:8f:7d:01:9d:e9:27:38:d8:34:02:71:d0:56: cd:b4:62:d8:a1:67:41:f8:e9:95:0f:63:3d:a2:fc:b2:eb:43: 7f:20:e1:39:20:5f:15:f3:b9:d8:9d:2e:09:bd:bf:06:91:a9: 85:bd:87:c3:45:b4:34:03:e8:fb:4c:69:56:80:12:a6:b3:1a: d9:f2:39:22:a0:3b:cb:0c:40:ae:c5:73:dc:ad:d9:be:a2:d6: c3:0e:7c:a3:cd:e1:d0:93:3d:2a:0a:cf:70:e9:6a:70:7b:ff: 3b:61:db:0c:b1:b2:af:4e:cb:47:01:41:db:ab:49:be:f7:3b: e1:31:a0:5e:ef:50:f0:38:c3:bc:e4:19:21:2f:1d:a4:93:e9: 7c:fb:f6:b0:08:b3:37:62:b0:cd:c6:db:62:e0:48:28:57:7d: 68:4a:1a:87:ee:ba:9e:39:7c:13:d3:26:3c:82:a4:12:09:05: 09:bf:10:16:90:d4:cb:f5:04:f5:26:c9:1c:82:5d:fe:6b:28: b9:cd:e7:62:be:7c:6a:3a:77:73:f7:52:c3:9f:dd:a9:18:0f: 4e:78:4e:e4:41:eb:9c:71:eb:8c:4b:d5:b3:3c:39:65:b1:e3: 3e:a3:fa:f8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OOck3t8FUS0ODtQ7x+ckMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmYTNlNTUxNDFjMWExZjlmMmUyODgxMWVkN2U3N2ZhZDM3 OGE1NzkwHhcNMjYwMTAyMTAyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Y2JhNDgyNWY0Mjc4ODZhZGFlZjczYmVlNmFiN2M5ZjY0ODBkMDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtO7xGqntQQIBLdQDlan8rCq5VR2 W2s1REQTUTkQQpICzsIQ6xCQsSvlUqg3FX4snLRabcww1y+ax8G17ZmJJXzWAKsz wJXJ/HuQ4zNRNh0cKj4b4Ehfa/Hn/oj/6c47oww4wW0pdp1TcU1NeeRUa+bJE+jZ qwlmP+tgARJoYmfCGjQtYT/0qZxJi3PGki5+2P1l9Y0QLQukhXrtWWKOpV0Hek1Z /2I3zVNRVCKfczV2dzMJjgTUIcS3QddxvthMbcEDJQpK/tDS7gRKzeWFuPtMRGlM 8J+mpNLBGp3EZi9KayuBQRyQjTbogTIMOKQgk/E8iw77OKV/cmdjRUxjIQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEy6SCX0J4hq2u9zvuarfJ9kgNCNMB8GA1UdIwQY MBaAFP+j5VFBwaH58uKIEe1+d/rTeKV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUt YTM5YWMyNTM5ZmM1LzEvVExwSUpmUW5pR3JhNzNPLTVxdDhuMlNBMEkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUtYTM5YWMyNTM5ZmM1 LzEvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXoWMA0G CSqGSIb3DQEBCwUAA4IBAQAH5lJ09fqKCBauiRjc2XyT1Lu6ULn6eo99AZ3pJzjY NAJx0FbNtGLYoWdB+OmVD2M9ovyy60N/IOE5IF8V87nYnS4Jvb8GkamFvYfDRbQ0 A+j7TGlWgBKmsxrZ8jkioDvLDECuxXPcrdm+otbDDnyjzeHQkz0qCs9w6Wpwe/87 YdsMsbKvTstHAUHbq0m+9zvhMaBe71DwOMO85BkhLx2kk+l8+/awCLM3YrDNxtti 4EgoV31oShqH7rqeOXwT0yY8gqQSCQUJvxAWkNTL9QT1Jskcgl3+ayi5zedivnxq Ondz91LDn92pGA9OeE7kQeucceuMS9WzPDllseM+o/r4 -----END CERTIFICATE-----Generated at Sun Jan 11 21:00:16 2026 by rpki-client