This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/tQUf77NTQrBxw1fcSdCVANHeaJc.roa File: tQUf77NTQrBxw1fcSdCVANHeaJc.roa (raw, json) Hash identifier: CFQEHCkhPkChPEYjQ/kOlbiTx1FtdSWfctFe9uQ1V1o= Subject key identifier: B5:05:1F:EF:B3:53:42:B0:71:C3:57:DC:49:D0:95:00:D1:DE:68:97 Certificate issuer: /CN=38b59daedd43cc9575ac35953e3f396e21bb6d80 Certificate serial: 019B797F00A00622BCD4A303B537C8BA9BDF Authority key identifier: 38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/tQUf77NTQrBxw1fcSdCVANHeaJc.roa Signing time: Thu 01 Jan 2026 12:18:44 +0000 ROA not before: Thu 01 Jan 2026 12:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41290 IP address blocks: 45.147.40.0/24 maxlen: 24 2a0f:c800::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.crl rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.mft rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:00:a0:06:22:bc:d4:a3:03:b5:37:c8:ba:9b:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38b59daedd43cc9575ac35953e3f396e21bb6d80 Validity Not Before: Jan 1 12:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b5051fefb35342b071c357dc49d09500d1de6897 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:aa:cd:95:cd:13:58:ed:3d:07:71:77:8b:7c: f0:70:c9:35:60:94:90:2f:b2:92:02:a9:ad:71:74: 03:e6:00:ec:af:5c:bd:c6:be:98:c0:b2:87:fb:fb: 4d:f3:3a:b7:6f:a2:86:a2:59:c2:b3:94:4e:b2:4a: ae:84:6c:89:89:ae:c8:c7:c5:8a:87:d7:3f:33:46: a6:ea:02:9c:d6:5c:1b:25:ac:90:d1:0f:a5:ac:c2: 82:c6:5e:4c:f8:1a:e8:6b:27:ca:62:72:fe:31:38: 17:dc:01:0d:88:aa:9e:8d:d5:bf:c6:1f:58:d6:14: 8e:f1:4e:35:32:04:bf:81:80:c1:9d:75:eb:b8:df: a5:fe:fc:0a:97:d5:47:9a:6c:1e:ae:a9:da:73:ae: cf:2f:1c:86:bd:12:00:84:1b:ff:91:bb:fc:35:3d: 5b:35:07:36:17:3a:e3:39:eb:48:20:59:ba:88:8a: 22:45:98:4f:18:23:66:0b:c1:97:2f:98:da:2f:2f: 60:9a:cc:95:9f:94:a5:27:ec:c4:d5:90:ab:67:99: 28:6e:24:1e:71:2e:b9:34:00:c8:09:f0:fb:73:f7: 1a:eb:dc:99:e1:f0:98:de:25:7c:26:e0:30:4f:94: 2e:ac:ef:bd:17:de:03:7d:db:5a:86:6f:94:11:fc: c5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:05:1F:EF:B3:53:42:B0:71:C3:57:DC:49:D0:95:00:D1:DE:68:97 X509v3 Authority Key Identifier: keyid:38:B5:9D:AE:DD:43:CC:95:75:AC:35:95:3E:3F:39:6E:21:BB:6D:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLWdrt1DzJV1rDWVPj85biG7bYA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/tQUf77NTQrBxw1fcSdCVANHeaJc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/433127-e2cf-41a1-9913-7a0f72cbb2d5/1/OLWdrt1DzJV1rDWVPj85biG7bYA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.147.40.0/24 IPv6: 2a0f:c800::/29 Signature Algorithm: sha256WithRSAEncryption 3a:1e:ed:76:62:2d:ee:7f:26:dc:de:42:05:5d:f9:81:e8:66: f4:d0:b5:d7:fa:bd:d7:29:30:18:2d:7b:09:30:61:f5:d8:bc: f7:6b:90:13:cf:a1:06:79:d2:af:91:16:5c:18:1c:fc:0a:a1: 29:0b:89:42:9f:95:df:6f:92:4c:95:e1:5b:8b:a2:51:f1:b8: df:e2:aa:89:31:f8:46:31:ef:d9:7e:8c:17:8a:02:50:4f:df: 13:46:a3:80:22:73:17:a4:58:3c:93:50:62:b1:de:c5:f3:4b: 15:5d:ba:c1:4d:68:01:e4:09:2a:00:2e:66:0e:d9:bd:64:04: 1f:f2:30:c3:df:b4:c6:68:f0:2c:7d:c6:f4:26:19:55:91:92: 4c:da:9e:c1:ac:b2:84:e8:b7:55:32:69:63:5e:dc:19:eb:2f: b9:a0:b8:1d:ec:d7:8f:d8:ff:cb:fb:62:e6:1c:2a:0a:b3:3f: 6e:ed:26:7b:9f:26:c3:c9:ae:8b:f0:1c:d2:fd:6b:39:72:7e: 7d:df:a4:1f:b1:b3:71:ea:ce:a0:20:8e:5e:83:99:af:86:f2: ce:31:9d:eb:39:33:3e:4a:ef:dd:07:2c:bb:8b:33:82:c7:c7: fe:1a:52:05:f9:32:4a:4f:f6:a7:9e:bf:72:e1:fd:b7:66:bf: 59:73:23:62 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fwCgBiK81KMDtTfIupvfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4YjU5ZGFlZGQ0M2NjOTU3NWFjMzU5NTNlM2YzOTZlMjFi YjZkODAwHhcNMjYwMTAxMTIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNTA1MWZlZmIzNTM0MmIwNzFjMzU3ZGM0OWQwOTUwMGQxZGU2ODk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qrNlc0TWO09B3F3i3zwcMk1YJSQ L7KSAqmtcXQD5gDsr1y9xr6YwLKH+/tN8zq3b6KGolnCs5ROskquhGyJia7Ix8WK h9c/M0am6gKc1lwbJayQ0Q+lrMKCxl5M+BroayfKYnL+MTgX3AENiKqejdW/xh9Y 1hSO8U41MgS/gYDBnXXruN+l/vwKl9VHmmwerqnac67PLxyGvRIAhBv/kbv8NT1b NQc2FzrjOetIIFm6iIoiRZhPGCNmC8GXL5jaLy9gmsyVn5SlJ+zE1ZCrZ5kobiQe cS65NADICfD7c/ca69yZ4fCY3iV8JuAwT5QurO+9F94Dfdtahm+UEfzFKQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLUFH++zU0KwccNX3EnQlQDR3miXMB8GA1UdIwQY MBaAFDi1na7dQ8yVdaw1lT4/OW4hu22AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMt N2EwZjcyY2JiMmQ1LzEvdFFVZjc3TlRRckJ4dzFmY1NkQ1ZBTkhlYUpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC80MzMxMjctZTJjZi00MWExLTk5MTMtN2EwZjcyY2JiMmQ1 LzEvT0xXZHJ0MUR6SlYxckRXVlBqODViaUc3YllBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALZMoMA0E AgACMAcDBQMqD8gAMA0GCSqGSIb3DQEBCwUAA4IBAQA6Hu12Yi3ufybc3kIFXfmB 6Gb00LXX+r3XKTAYLXsJMGH12Lz3a5ATz6EGedKvkRZcGBz8CqEpC4lCn5Xfb5JM leFbi6JR8bjf4qqJMfhGMe/ZfowXigJQT98TRqOAInMXpFg8k1Bisd7F80sVXbrB TWgB5AkqAC5mDtm9ZAQf8jDD37TGaPAsfcb0JhlVkZJM2p7BrLKE6LdVMmljXtwZ 6y+5oLgd7NeP2P/L+2LmHCoKsz9u7SZ7nybDya6L8BzS/Ws5cn5936QfsbNx6s6g II5eg5mvhvLOMZ3rOTM+Su/dByy7izOCx8f+GlIF+TJKT/annr9y4f23Zr9ZcyNi -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:45 2026 by rpki-client