This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/tuHT2dEbGHjnKbIj5B7A7SzfIdQ.roa File: tuHT2dEbGHjnKbIj5B7A7SzfIdQ.roa (raw, json) Hash identifier: Q0+MdAPGMZoJ36JQC3VmRpgFrOBMqh93iBgxmBCVguQ= Subject key identifier: B6:E1:D3:D9:D1:1B:18:78:E7:29:B2:23:E4:1E:C0:ED:2C:DF:21:D4 Certificate issuer: /CN=496b0058971d2993a57a5b1cb6cdff5d2eb44e3f Certificate serial: 019B7F837B3D466D859F02FFFEA6ACB13868 Authority key identifier: 49:6B:00:58:97:1D:29:93:A5:7A:5B:1C:B6:CD:FF:5D:2E:B4:4E:3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/tuHT2dEbGHjnKbIj5B7A7SzfIdQ.roa Signing time: Fri 02 Jan 2026 16:21:21 +0000 ROA not before: Fri 02 Jan 2026 16:21:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59472 IP address blocks: 5.152.160.0/21 maxlen: 24 185.94.68.0/22 maxlen: 24 2a01:8f40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/SWsAWJcdKZOlelscts3_XS60Tj8.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/SWsAWJcdKZOlelscts3_XS60Tj8.mft rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:7b:3d:46:6d:85:9f:02:ff:fe:a6:ac:b1:38:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=496b0058971d2993a57a5b1cb6cdff5d2eb44e3f Validity Not Before: Jan 2 16:21:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b6e1d3d9d11b1878e729b223e41ec0ed2cdf21d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:cd:43:37:e9:cc:e9:ab:77:ce:9c:02:d2:b2: 96:a4:d9:16:a1:ff:9a:81:57:27:aa:e8:b9:45:d6: 28:c4:2c:3a:4e:33:5c:e9:eb:4f:f1:04:c4:64:b5: fb:14:fa:b9:9f:50:e6:2a:c3:53:2d:ff:ba:1b:30: e9:26:11:63:6f:d9:d6:95:46:22:a8:49:b9:b8:27: 69:1a:fb:b0:f6:72:13:dc:67:c8:52:17:aa:6f:8c: 42:ce:9c:e0:5e:53:b9:cd:d4:c9:4b:a4:5e:71:ca: 3d:45:46:e8:50:ba:e7:da:43:ed:e8:b2:36:a6:f8: b1:02:cb:c8:9f:f9:13:a9:ce:fa:3d:bf:e0:6f:b1: 6d:95:1f:66:66:51:86:c9:34:04:52:72:da:13:b4: 79:86:fb:cd:67:1b:9a:59:cb:d6:26:5a:53:33:b0: 91:e5:f1:e3:a1:3c:be:99:c2:a8:c7:ab:04:a6:03: ab:b0:70:88:34:3a:66:77:5a:04:b2:ec:3c:e2:94: 75:53:51:18:c5:74:a0:10:3d:3e:d0:cb:71:93:83: ad:36:50:e7:69:1e:bf:09:d9:af:cf:a8:d9:d7:46: 53:0e:e6:b8:61:83:69:8c:42:a8:e7:8a:ad:e3:96: 7f:9d:9c:78:c0:e6:f3:58:12:73:4f:c1:30:8e:64: 7a:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:E1:D3:D9:D1:1B:18:78:E7:29:B2:23:E4:1E:C0:ED:2C:DF:21:D4 X509v3 Authority Key Identifier: keyid:49:6B:00:58:97:1D:29:93:A5:7A:5B:1C:B6:CD:FF:5D:2E:B4:4E:3F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/tuHT2dEbGHjnKbIj5B7A7SzfIdQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/SWsAWJcdKZOlelscts3_XS60Tj8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.152.160.0/21 185.94.68.0/22 IPv6: 2a01:8f40::/32 Signature Algorithm: sha256WithRSAEncryption 5a:7e:92:f1:28:54:65:ef:ba:8f:2f:b7:ba:c7:e7:23:31:32: 3d:7c:e1:0d:ad:89:c4:03:19:7a:d5:9f:6d:1d:75:b9:03:2a: aa:f3:b1:22:cf:72:0d:96:c1:77:e0:9f:86:49:8e:1b:58:46: ab:a1:b8:38:ae:9d:95:d2:22:31:7d:b5:33:78:d1:cd:44:0f: 89:87:11:e0:d6:fa:46:a6:71:a0:a6:74:27:36:d7:77:10:c2: 50:16:42:b1:20:8c:5d:2c:8e:f9:99:9d:18:28:4f:04:2a:4b: 42:9f:14:cc:00:a8:7b:8f:df:c6:bc:c6:d0:5e:ea:b4:5c:45: ba:a4:ce:3a:89:b3:9e:a6:c6:eb:fc:cc:d5:da:2b:58:38:1c: 8c:ea:ac:26:15:1a:c8:ce:4f:ea:3d:2b:80:11:4f:4e:6a:c3: c6:6d:bc:fe:47:61:ac:fc:6b:b4:4b:4f:cb:d4:02:5e:07:53: 30:3b:06:d8:b4:b3:0a:db:94:f6:e0:ef:05:31:24:73:54:f4: f5:6f:00:56:02:2a:c5:6c:16:fe:e7:0f:f7:98:24:1f:ba:13: 26:ab:86:7d:f7:ad:e2:ad:ce:2b:54:29:c1:15:fb:e7:55:cf: 8d:c8:38:e9:2c:96:18:59:65:04:97:aa:86:05:91:a5:51:32: ed:a3:d8:14 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/g3s9Rm2FnwL//qassThoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5NmIwMDU4OTcxZDI5OTNhNTdhNWIxY2I2Y2RmZjVkMmVi NDRlM2YwHhcNMjYwMTAyMTYyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNmUxZDNkOWQxMWIxODc4ZTcyOWIyMjNlNDFlYzBlZDJjZGYyMWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM1DN+nM6at3zpwC0rKWpNkWof+a gVcnqui5RdYoxCw6TjNc6etP8QTEZLX7FPq5n1DmKsNTLf+6GzDpJhFjb9nWlUYi qEm5uCdpGvuw9nIT3GfIUheqb4xCzpzgXlO5zdTJS6Recco9RUboULrn2kPt6LI2 pvixAsvIn/kTqc76Pb/gb7FtlR9mZlGGyTQEUnLaE7R5hvvNZxuaWcvWJlpTM7CR 5fHjoTy+mcKox6sEpgOrsHCINDpmd1oEsuw84pR1U1EYxXSgED0+0Mtxk4OtNlDn aR6/Cdmvz6jZ10ZTDua4YYNpjEKo54qt45Z/nZx4wObzWBJzT8EwjmR6SQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLbh09nRGxh45ymyI+QewO0s3yHUMB8GA1UdIwQY MBaAFElrAFiXHSmTpXpbHLbN/10utE4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1dzQVdKY2RLWk9sZWxzY3RzM19YUzYwVGo4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9kNTVkYzEtNzYwNC00YzhkLWExYjQt MzlmOGUyYjQ2NzVkLzEvdHVIVDJkRWJHSGpuS2JJajVCN0E3U3pmSWRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9kNTVkYzEtNzYwNC00YzhkLWExYjQtMzlmOGUyYjQ2NzVk LzEvU1dzQVdKY2RLWk9sZWxzY3RzM19YUzYwVGo4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBZigAwQC uV5EMA0EAgACMAcDBQAqAY9AMA0GCSqGSIb3DQEBCwUAA4IBAQBafpLxKFRl77qP L7e6x+cjMTI9fOENrYnEAxl61Z9tHXW5Ayqq87Eiz3INlsF34J+GSY4bWEarobg4 rp2V0iIxfbUzeNHNRA+JhxHg1vpGpnGgpnQnNtd3EMJQFkKxIIxdLI75mZ0YKE8E KktCnxTMAKh7j9/GvMbQXuq0XEW6pM46ibOepsbr/MzV2itYOByM6qwmFRrIzk/q PSuAEU9OasPGbbz+R2Gs/Gu0S0/L1AJeB1MwOwbYtLMK25T24O8FMSRzVPT1bwBW AirFbBb+5w/3mCQfuhMmq4Z9963irc4rVCnBFfvnVc+NyDjpLJYYWWUEl6qGBZGl UTLto9gU -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:34 2026 by rpki-client