This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/TIBIPgd0Nln-DuzUf3r64T4_MDg.roa File: TIBIPgd0Nln-DuzUf3r64T4_MDg.roa (raw, json) Hash identifier: Wc4+19rN5KfObjYjXDD+w/Qt81kPFgbecT9pFJ34v+M= Subject key identifier: 4C:80:48:3E:07:74:36:59:FE:0E:EC:D4:7F:7A:FA:E1:3E:3F:30:38 Certificate issuer: /CN=3b413164a13c24ca77847774a6eb57105ee7809f Certificate serial: 019B77595A23AE58EC7664D4BE25A3799C56 Authority key identifier: 3B:41:31:64:A1:3C:24:CA:77:84:77:74:A6:EB:57:10:5E:E7:80:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/TIBIPgd0Nln-DuzUf3r64T4_MDg.roa Signing time: Thu 01 Jan 2026 02:18:23 +0000 ROA not before: Thu 01 Jan 2026 02:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61129 IP address blocks: 185.67.156.0/24 maxlen: 24 185.67.157.0/24 maxlen: 24 185.67.158.0/24 maxlen: 24 185.67.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/O0ExZKE8JMp3hHd0putXEF7ngJ8.crl rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/O0ExZKE8JMp3hHd0putXEF7ngJ8.mft rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:5a:23:ae:58:ec:76:64:d4:be:25:a3:79:9c:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b413164a13c24ca77847774a6eb57105ee7809f Validity Not Before: Jan 1 02:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4c80483e07743659fe0eecd47f7afae13e3f3038 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:a3:96:4c:ec:20:12:4b:11:5d:d1:ec:fb:48: 69:3d:99:4d:ab:79:79:f7:65:69:12:25:97:dd:e9: 45:16:6b:8a:20:ca:59:31:82:a1:9e:bc:71:77:af: d3:73:22:70:3c:28:65:6f:80:47:e5:6d:c3:65:8c: 86:a5:02:e4:50:85:c1:20:79:17:e4:21:0c:ce:9f: d2:e3:7b:03:33:98:ab:14:81:a3:f4:28:2a:64:ca: 14:66:04:ba:13:04:67:d9:46:4d:7f:c1:1b:62:fa: fb:fd:1f:55:cc:a2:02:a2:a5:e1:e4:e9:81:ce:22: d9:16:46:bd:7c:23:73:7d:5c:0b:98:43:56:b9:f2: 12:2a:e8:9b:8a:80:30:03:79:bc:15:aa:13:37:d1: 9a:6d:47:e6:9c:b0:eb:fa:0b:66:8c:03:94:dd:bd: bd:73:a3:fa:20:c4:05:b6:bc:a4:8d:d3:29:03:29: e0:0e:b0:6f:ec:90:8e:c6:4e:ff:0a:41:19:44:11: ee:a8:3c:be:f3:8d:7c:b2:1d:38:7a:8d:83:c0:c4: 08:53:e3:99:e6:fe:24:83:77:b0:d1:49:d2:28:2a: da:1f:f3:52:94:2f:23:17:dd:d6:92:5e:4b:80:1f: 27:d1:54:d7:9c:88:93:61:da:c9:70:d5:4a:e0:75: ff:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:80:48:3E:07:74:36:59:FE:0E:EC:D4:7F:7A:FA:E1:3E:3F:30:38 X509v3 Authority Key Identifier: keyid:3B:41:31:64:A1:3C:24:CA:77:84:77:74:A6:EB:57:10:5E:E7:80:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0ExZKE8JMp3hHd0putXEF7ngJ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/TIBIPgd0Nln-DuzUf3r64T4_MDg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/9aa058-384c-4234-b492-c68d7f9c7818/1/O0ExZKE8JMp3hHd0putXEF7ngJ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.67.156.0/22 Signature Algorithm: sha256WithRSAEncryption 63:31:5f:48:3a:69:b1:95:cc:35:a1:3a:16:e0:4f:02:0b:57: cd:0c:a2:f4:df:6e:7c:2e:61:c5:39:6f:76:97:93:db:1f:6d: ab:83:6f:74:61:39:bf:7a:ab:95:85:9a:84:f6:83:4c:00:59: 23:41:13:dd:d1:bf:27:2d:b7:d2:68:2c:b4:66:74:3c:c0:91: 66:56:96:85:76:b2:59:2c:40:67:75:46:1c:4c:a9:6a:ab:4d: 8a:2e:0f:4b:65:10:29:20:5d:7a:e8:c0:81:88:a9:f5:94:48: a9:2a:ae:f3:d8:33:37:e5:c9:cd:a2:22:76:89:b8:58:7a:b4: b3:fc:7b:a2:a1:fb:65:8d:e7:94:02:44:ae:c2:cf:7a:dd:70: 65:b9:ad:2c:ab:78:4e:f9:fe:e2:b4:7d:38:b6:ff:f3:a2:2f: e8:9a:83:d2:b6:2f:58:45:fb:8a:2b:06:b9:cb:41:89:85:95: 63:f7:b8:68:27:93:81:4d:c2:ed:f2:32:fd:5d:69:3d:1e:69: 56:d6:98:5f:66:14:e1:cf:da:05:21:59:6e:3c:6e:41:56:f0: bb:b4:90:1b:14:23:f6:7a:3e:93:e7:25:1a:c7:0e:de:db:64: 1f:3e:95:c4:52:b9:ba:7f:5c:56:08:67:a8:c1:9f:9e:94:2b: 50:62:10:4f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WVojrljsdmTUviWjeZxWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNDEzMTY0YTEzYzI0Y2E3Nzg0Nzc3NGE2ZWI1NzEwNWVl NzgwOWYwHhcNMjYwMTAxMDIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YzgwNDgzZTA3NzQzNjU5ZmUwZWVjZDQ3ZjdhZmFlMTNlM2YzMDM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKOWTOwgEksRXdHs+0hpPZlNq3l5 92VpEiWX3elFFmuKIMpZMYKhnrxxd6/TcyJwPChlb4BH5W3DZYyGpQLkUIXBIHkX 5CEMzp/S43sDM5irFIGj9CgqZMoUZgS6EwRn2UZNf8EbYvr7/R9VzKICoqXh5OmB ziLZFka9fCNzfVwLmENWufISKuibioAwA3m8FaoTN9GabUfmnLDr+gtmjAOU3b29 c6P6IMQFtrykjdMpAyngDrBv7JCOxk7/CkEZRBHuqDy+8418sh04eo2DwMQIU+OZ 5v4kg3ew0UnSKCraH/NSlC8jF93Wkl5LgB8n0VTXnIiTYdrJcNVK4HX/uwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEyASD4HdDZZ/g7s1H96+uE+PzA4MB8GA1UdIwQY MBaAFDtBMWShPCTKd4R3dKbrVxBe54CfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzBFeFpLRThKTXAzaEhkMHB1dFhFRjduZ0o4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85YWEwNTgtMzg0Yy00MjM0LWI0OTIt YzY4ZDdmOWM3ODE4LzEvVElCSVBnZDBObG4tRHV6VWYzcjY0VDRfTURnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS85YWEwNTgtMzg0Yy00MjM0LWI0OTItYzY4ZDdmOWM3ODE4 LzEvTzBFeFpLRThKTXAzaEhkMHB1dFhFRjduZ0o4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUOcMA0G CSqGSIb3DQEBCwUAA4IBAQBjMV9IOmmxlcw1oToW4E8CC1fNDKL03258LmHFOW92 l5PbH22rg290YTm/equVhZqE9oNMAFkjQRPd0b8nLbfSaCy0ZnQ8wJFmVpaFdrJZ LEBndUYcTKlqq02KLg9LZRApIF166MCBiKn1lEipKq7z2DM35cnNoiJ2ibhYerSz /HuioftljeeUAkSuws963XBlua0sq3hO+f7itH04tv/zoi/omoPSti9YRfuKKwa5 y0GJhZVj97hoJ5OBTcLt8jL9XWk9HmlW1phfZhThz9oFIVluPG5BVvC7tJAbFCP2 ej6T5yUaxw7e22QfPpXEUrm6f1xWCGeowZ+elCtQYhBP -----END CERTIFICATE-----Generated at Mon Feb 9 20:46:25 2026 by rpki-client