This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/totemjld6kSUSAOsfxrB5I4cA20.roa File: totemjld6kSUSAOsfxrB5I4cA20.roa (raw, json) Hash identifier: kkFG6tpw3ltBlQqcrCwhTlI44EpzS3lf+yVUh05dYgM= Subject key identifier: B6:8B:5E:9A:39:5D:EA:44:94:48:03:AC:7F:1A:C1:E4:8E:1C:03:6D Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Certificate serial: 019B7E3798639092B6EE050E78BCFE2B670D Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/totemjld6kSUSAOsfxrB5I4cA20.roa Signing time: Fri 02 Jan 2026 10:18:51 +0000 ROA not before: Fri 02 Jan 2026 10:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2856 IP address blocks: 37.97.112.0/22 maxlen: 24 81.161.52.0/22 maxlen: 24 94.232.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:98:63:90:92:b6:ee:05:0e:78:bc:fe:2b:67:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Validity Not Before: Jan 2 10:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b68b5e9a395dea44944803ac7f1ac1e48e1c036d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d4:7f:05:f4:d2:71:0b:dc:cd:bd:74:20:0b: ad:d9:34:2e:9e:04:02:dd:3c:e3:38:6b:26:6b:08: bb:01:1f:d6:48:09:f9:93:61:70:a8:7c:f6:cd:77: 4d:0a:cc:f5:17:0b:8d:b3:b9:1c:f6:ee:a2:a5:84: 12:a0:0c:59:bc:4a:53:b9:27:17:4d:a0:db:ee:f8: 5d:02:38:e5:91:e5:1a:c7:c1:c8:0f:c1:ef:61:df: 4a:7a:31:9b:ee:6f:95:6e:b2:85:da:7e:0e:8d:90: a7:96:66:39:46:f0:13:77:d6:f9:77:08:a7:35:25: 8f:98:a6:99:a5:09:a4:ed:cf:b4:31:88:c8:c2:ce: 80:63:cc:8c:76:8b:4d:2a:63:3a:a8:0e:77:aa:da: 2d:ba:42:ac:ae:2e:47:87:0f:f0:09:77:0e:e8:f5: f3:cf:23:1c:e5:63:ee:6c:6b:21:ea:c4:d0:51:d2: 98:e3:a9:25:93:c6:87:40:14:31:07:ac:12:79:78: 22:b6:13:38:f2:c3:38:89:01:1d:c1:81:84:59:b1: ea:88:4f:a6:2d:0f:5b:f2:10:b3:03:cc:3f:7f:36: 7c:50:46:9e:e4:a0:e4:b5:81:80:ab:f3:23:aa:01: 79:5a:89:39:02:34:15:c9:e0:2d:7c:56:bc:ed:ec: 8c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:8B:5E:9A:39:5D:EA:44:94:48:03:AC:7F:1A:C1:E4:8E:1C:03:6D X509v3 Authority Key Identifier: keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/totemjld6kSUSAOsfxrB5I4cA20.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.97.112.0/22 81.161.52.0/22 94.232.100.0/22 Signature Algorithm: sha256WithRSAEncryption 72:66:df:f4:b7:ad:42:2a:f0:75:0e:e9:19:c2:8c:b9:d9:e7: c9:40:24:8e:06:02:cc:ad:d1:47:0f:0c:d1:13:3d:0e:34:a6: bd:9f:f3:54:b0:47:99:5a:e4:4f:cf:7b:bf:3c:18:20:aa:86: b3:78:0f:7d:ef:83:99:93:9d:11:1b:20:f4:21:e0:ee:79:d7: 09:21:8a:78:df:ad:87:f2:bb:f1:27:e5:05:74:9c:53:f2:d0: 2a:f9:96:5b:21:b9:29:a1:44:52:13:c4:6d:92:5a:f8:af:fc: e2:a1:d2:15:7b:b0:32:a2:9e:43:ae:00:70:4b:29:6b:fb:8b: b1:f7:48:54:d9:a6:3b:b1:30:f5:3c:a7:f9:a8:53:03:a7:ba: ad:60:9e:6f:a7:8f:cc:b4:48:41:cc:e5:3e:3d:f8:d7:2f:52: 4f:8a:e4:0f:a2:8d:c3:5b:79:17:69:ad:61:0d:30:48:ce:0b: ac:82:66:c7:6a:92:02:e0:67:07:8d:73:14:b3:18:01:3a:ab: ae:47:3f:30:3c:96:b9:c9:30:8b:18:e2:4b:63:72:73:c2:09: 6a:ba:90:11:54:f8:df:bf:7c:ff:ed:ef:8b:ea:d8:b6:78:67: 05:2c:30:06:b6:df:fc:a2:b2:35:b2:f9:17:bd:ed:50:a5:03: fd:0e:d1:b4 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+N5hjkJK27gUOeLz+K2cNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy MjRkYWEwHhcNMjYwMTAyMTAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjhiNWU5YTM5NWRlYTQ0OTQ0ODAzYWM3ZjFhYzFlNDhlMWMwMzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudR/BfTScQvczb10IAut2TQungQC 3TzjOGsmawi7AR/WSAn5k2FwqHz2zXdNCsz1FwuNs7kc9u6ipYQSoAxZvEpTuScX TaDb7vhdAjjlkeUax8HID8HvYd9KejGb7m+VbrKF2n4OjZCnlmY5RvATd9b5dwin NSWPmKaZpQmk7c+0MYjIws6AY8yMdotNKmM6qA53qtotukKsri5Hhw/wCXcO6PXz zyMc5WPubGsh6sTQUdKY46klk8aHQBQxB6wSeXgithM48sM4iQEdwYGEWbHqiE+m LQ9b8hCzA8w/fzZ8UEae5KDktYGAq/MjqgF5Wok5AjQVyeAtfFa87eyMHwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFLaLXpo5XepElEgDrH8aweSOHANtMB8GA1UdIwQY MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt ZGMwNmRkODA1OTYwLzEvdG90ZW1qbGQ2a1NVU0FPc2Z4ckI1STRjQTIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJWFwAwQC UaE0AwQCXuhkMA0GCSqGSIb3DQEBCwUAA4IBAQByZt/0t61CKvB1DukZwoy52efJ QCSOBgLMrdFHDwzREz0ONKa9n/NUsEeZWuRPz3u/PBggqoazeA9974OZk50RGyD0 IeDuedcJIYp4362H8rvxJ+UFdJxT8tAq+ZZbIbkpoURSE8Rtklr4r/ziodIVe7Ay op5DrgBwSylr+4ux90hU2aY7sTD1PKf5qFMDp7qtYJ5vp4/MtEhBzOU+PfjXL1JP iuQPoo3DW3kXaa1hDTBIzgusgmbHapIC4GcHjXMUsxgBOquuRz8wPJa5yTCLGOJL Y3JzwglqupARVPjfv3z/7e+L6ti2eGcFLDAGtt/8orI1svkXve1QpQP9DtG0 -----END CERTIFICATE-----Generated at Thu Jan 8 17:33:03 2026 by rpki-client