This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/TY2edwLnnLqH5l1j4TBXgICCA8k.roa File: TY2edwLnnLqH5l1j4TBXgICCA8k.roa (raw, json) Hash identifier: VYYAHhSRkyTo4Cm2JG0elCOvcEdrtRIUUl7ZbUK1FNs= Subject key identifier: 4D:8D:9E:77:02:E7:9C:BA:87:E6:5D:63:E1:30:57:80:80:82:03:C9 Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Certificate serial: 019B7E37A1E538222A14A558D763AC9DF8EE Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/TY2edwLnnLqH5l1j4TBXgICCA8k.roa Signing time: Fri 02 Jan 2026 10:18:53 +0000 ROA not before: Fri 02 Jan 2026 10:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205655 IP address blocks: 31.135.6.0/24 maxlen: 24 91.224.40.0/24 maxlen: 24 176.103.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:a1:e5:38:22:2a:14:a5:58:d7:63:ac:9d:f8:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Validity Not Before: Jan 2 10:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d8d9e7702e79cba87e65d63e1305780808203c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:bb:c5:ae:6c:05:23:e7:bb:d5:18:94:cb:c7: cf:42:2a:a1:fd:6c:16:70:81:95:70:5c:86:0f:2f: 3b:04:ee:9b:1e:36:1d:4c:24:34:15:40:52:83:a6: bb:74:21:4e:2b:a7:50:3a:c4:46:74:61:f5:7e:9d: 0a:b1:f9:8f:37:99:fc:70:56:00:78:dc:73:21:7c: ce:97:d0:80:2a:58:c0:f5:b7:75:9b:e1:90:3c:2c: 0f:99:cf:14:de:7f:33:2a:97:dc:08:6a:95:db:86: 3a:12:7f:ae:bf:1b:23:73:54:1a:7f:46:7a:46:6e: d7:39:21:a0:ac:8f:b3:10:f0:36:bc:a8:7f:2b:80: db:67:fb:05:1f:67:c8:57:8d:2c:f5:dd:1f:2e:bb: e8:62:f4:ea:0f:fa:42:91:98:90:82:00:48:90:a8: ab:09:94:e4:c2:c6:54:6a:b1:e8:8a:20:8f:76:87: c5:c1:63:89:b1:8a:35:93:2d:00:61:aa:37:5a:93: 5f:e1:d5:b2:7f:81:fb:88:0e:20:24:74:a4:9a:97: 3d:9a:e1:43:86:e6:3b:05:19:c7:1d:06:97:a4:81: ce:e0:c3:fd:0d:a2:4c:5a:ac:e3:ba:1f:da:76:3e: 17:2f:5a:fa:02:c5:2d:16:15:ec:23:56:b6:44:bc: 91:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:8D:9E:77:02:E7:9C:BA:87:E6:5D:63:E1:30:57:80:80:82:03:C9 X509v3 Authority Key Identifier: keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/TY2edwLnnLqH5l1j4TBXgICCA8k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.135.6.0/24 91.224.40.0/24 176.103.120.0/24 Signature Algorithm: sha256WithRSAEncryption 92:9a:4c:78:f7:2a:96:f5:31:6b:fd:ff:95:50:25:f2:93:09: 0f:88:01:d7:6c:46:e3:d0:39:ee:fa:a9:93:ab:0b:3c:f9:0c: ec:1c:e3:a0:2b:72:a0:2f:d9:d0:4b:49:e6:6a:48:33:ee:2a: 51:8d:24:a9:54:55:c1:24:73:d3:2e:ed:9d:7f:a1:56:d6:c5: 2d:8d:c3:9d:5b:c0:7f:dd:2d:e0:26:02:7d:79:75:a6:c8:59: e2:5c:7e:22:57:69:00:42:92:eb:71:41:a9:f8:6f:4d:1f:ce: 99:a6:6d:71:a1:19:c1:4e:19:51:23:71:ad:bc:ba:a8:d2:67: 66:97:b3:4a:19:60:d0:90:07:78:3c:04:7d:03:94:71:37:3b: df:c0:31:2e:06:bb:16:14:13:a5:92:df:99:b1:58:b7:cb:3b: d6:f7:14:d6:12:dc:c0:7d:5e:19:0e:b3:47:2c:04:63:c7:f5: 08:d3:5f:95:aa:04:d9:f0:51:1e:4f:aa:0e:d6:b4:8c:a7:1e: f0:cc:ea:60:15:0e:5a:80:fa:23:c5:f2:85:55:39:16:dc:6a: 29:42:48:67:eb:32:00:aa:19:5d:36:1c:42:1b:ae:f7:0a:bb: 1d:ed:d2:1b:7f:5a:1c:f7:49:dd:f2:f3:36:de:4a:31:eb:80: 7c:1f:75:3e -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+N6HlOCIqFKVY12OsnfjuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy MjRkYWEwHhcNMjYwMTAyMTAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDhkOWU3NzAyZTc5Y2JhODdlNjVkNjNlMTMwNTc4MDgwODIwM2M5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17vFrmwFI+e71RiUy8fPQiqh/WwW cIGVcFyGDy87BO6bHjYdTCQ0FUBSg6a7dCFOK6dQOsRGdGH1fp0KsfmPN5n8cFYA eNxzIXzOl9CAKljA9bd1m+GQPCwPmc8U3n8zKpfcCGqV24Y6En+uvxsjc1Qaf0Z6 Rm7XOSGgrI+zEPA2vKh/K4DbZ/sFH2fIV40s9d0fLrvoYvTqD/pCkZiQggBIkKir CZTkwsZUarHoiiCPdofFwWOJsYo1ky0AYao3WpNf4dWyf4H7iA4gJHSkmpc9muFD huY7BRnHHQaXpIHO4MP9DaJMWqzjuh/adj4XL1r6AsUtFhXsI1a2RLyRWQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFE2NnncC55y6h+ZdY+EwV4CAggPJMB8GA1UdIwQY MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt ZGMwNmRkODA1OTYwLzEvVFkyZWR3TG5uTHFINWwxajRUQlhnSUNDQThrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4cGAwQA W+AoAwQAsGd4MA0GCSqGSIb3DQEBCwUAA4IBAQCSmkx49yqW9TFr/f+VUCXykwkP iAHXbEbj0Dnu+qmTqws8+QzsHOOgK3KgL9nQS0nmakgz7ipRjSSpVFXBJHPTLu2d f6FW1sUtjcOdW8B/3S3gJgJ9eXWmyFniXH4iV2kAQpLrcUGp+G9NH86Zpm1xoRnB ThlRI3GtvLqo0mdml7NKGWDQkAd4PAR9A5RxNzvfwDEuBrsWFBOlkt+ZsVi3yzvW 9xTWEtzAfV4ZDrNHLARjx/UI01+VqgTZ8FEeT6oO1rSMpx7wzOpgFQ5agPojxfKF VTkW3GopQkhn6zIAqhldNhxCG673Crsd7dIbf1oc90nd8vM23kox64B8H3U+ -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:59 2026 by rpki-client