This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/tSpDrZGtdp0mH1aXKivR6nDrhuY.roa File: tSpDrZGtdp0mH1aXKivR6nDrhuY.roa (raw, json) Hash identifier: xkSEr+C7WhhCLocSo1zhSLhZi6gcFYi1jnV4sR3gnUE= Subject key identifier: B5:2A:43:AD:91:AD:76:9D:26:1F:56:97:2A:2B:D1:EA:70:EB:86:E6 Certificate issuer: /CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907 Certificate serial: 019B7F836C927815CDFBC9C9DCDE99C21065 Authority key identifier: 74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/tSpDrZGtdp0mH1aXKivR6nDrhuY.roa Signing time: Fri 02 Jan 2026 16:21:18 +0000 ROA not before: Fri 02 Jan 2026 16:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208672 IP address blocks: 45.90.136.0/22 maxlen: 24 2a0d:4080::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.mft rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:6c:92:78:15:cd:fb:c9:c9:dc:de:99:c2:10:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=74e43f9e5ae3f6eafb5068ae88f18c29e4435907 Validity Not Before: Jan 2 16:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b52a43ad91ad769d261f56972a2bd1ea70eb86e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:4c:bc:46:f8:06:c7:22:26:31:36:3e:b2:b3: 26:52:ed:e2:36:21:92:bb:d0:be:4f:84:a0:bb:e8: 18:71:6c:60:13:a1:21:ed:99:1c:a3:c8:32:71:88: 7b:45:3c:60:79:66:e5:56:44:ee:92:bc:fd:cf:8d: b2:96:4f:c6:5a:42:61:7d:07:e7:90:ad:fd:26:7a: b2:cd:c8:56:78:ee:5d:7b:90:6f:7b:42:cb:32:b9: df:40:4c:9f:e4:5c:13:eb:89:ee:cd:f4:29:2a:b8: c5:2b:7b:12:40:e4:e0:6f:05:6d:51:9d:2c:e0:72: 2b:97:42:61:c6:ca:58:71:6a:d4:dd:e2:36:33:2f: c2:d6:e9:18:01:e1:2d:81:75:85:62:c4:f6:fd:a2: 09:e5:aa:d2:07:c5:93:ba:1e:ea:71:48:35:80:f5: 91:16:e0:16:7d:e5:cd:81:af:97:d8:3e:ef:2c:e5: 11:6b:4f:f0:85:99:5f:ca:a2:58:04:a1:8c:ef:7c: e8:c1:4c:c1:9f:89:1b:e9:d1:18:7a:a9:b6:b9:06: 88:e9:c9:8e:11:56:f9:9a:db:64:08:2c:76:6f:a1: ff:3c:25:21:9e:21:fd:da:56:89:a2:fd:bf:b6:de: 90:19:45:80:22:bf:45:09:54:e0:df:92:be:c9:0b: 59:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:2A:43:AD:91:AD:76:9D:26:1F:56:97:2A:2B:D1:EA:70:EB:86:E6 X509v3 Authority Key Identifier: keyid:74:E4:3F:9E:5A:E3:F6:EA:FB:50:68:AE:88:F1:8C:29:E4:43:59:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/tSpDrZGtdp0mH1aXKivR6nDrhuY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/da33ae-16cc-4c9a-bf9c-717998aa3cff/1/dOQ_nlrj9ur7UGiuiPGMKeRDWQc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.136.0/22 IPv6: 2a0d:4080::/29 Signature Algorithm: sha256WithRSAEncryption 2f:83:77:62:91:34:6b:ef:5b:08:ce:81:ec:d3:d9:fa:91:0a: 0e:93:4e:ef:59:2b:7b:00:f5:ad:6e:8d:fb:78:99:ef:08:6b: 91:57:53:b4:5c:3c:08:bd:c7:ed:c0:f9:9c:59:fe:5a:f4:07: ed:3d:a3:56:8e:61:ad:1f:38:1f:c0:fc:2d:e7:08:97:48:18: 9d:8e:7a:a1:f4:38:6f:40:7d:12:7a:99:33:54:f7:10:fb:46: c4:64:59:29:c0:31:5a:4a:66:1c:3c:63:bc:b6:72:0b:44:08: c6:bc:00:f4:19:7f:33:88:9a:ac:21:7d:6e:03:90:df:c6:57: 17:2e:1a:93:93:e8:00:7a:99:0e:c8:9d:f5:dc:bc:cd:07:70: 9a:c1:49:a8:6b:9a:52:fb:a7:55:c8:59:87:1f:bb:72:c6:01: 34:cd:78:d0:80:96:f7:7e:75:ef:ff:0b:01:42:d8:e4:46:5e: e1:82:20:2c:88:1f:0a:a5:b8:a8:59:af:d4:97:b1:48:d0:b0: ac:dc:aa:92:48:5b:71:2d:bb:b2:63:9d:fd:c9:93:3d:26:e5: 68:d7:2c:80:4a:f6:ba:ab:79:7f:a8:6f:1d:52:20:5c:2f:75: 03:11:94:a2:bc:4f:f7:11:e3:bf:d9:35:36:80:d2:75:a9:3a: bc:2d:87:9f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/g2ySeBXN+8nJ3N6ZwhBlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0ZTQzZjllNWFlM2Y2ZWFmYjUwNjhhZTg4ZjE4YzI5ZTQ0 MzU5MDcwHhcNMjYwMTAyMTYyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNTJhNDNhZDkxYWQ3NjlkMjYxZjU2OTcyYTJiZDFlYTcwZWI4NmU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ey8RvgGxyImMTY+srMmUu3iNiGS u9C+T4Sgu+gYcWxgE6Eh7Zkco8gycYh7RTxgeWblVkTukrz9z42ylk/GWkJhfQfn kK39JnqyzchWeO5de5Bve0LLMrnfQEyf5FwT64nuzfQpKrjFK3sSQOTgbwVtUZ0s 4HIrl0JhxspYcWrU3eI2My/C1ukYAeEtgXWFYsT2/aIJ5arSB8WTuh7qcUg1gPWR FuAWfeXNga+X2D7vLOURa0/whZlfyqJYBKGM73zowUzBn4kb6dEYeqm2uQaI6cmO EVb5mttkCCx2b6H/PCUhniH92laJov2/tt6QGUWAIr9FCVTg35K+yQtZGQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLUqQ62RrXadJh9Wlyor0epw64bmMB8GA1UdIwQY MBaAFHTkP55a4/bq+1BorojxjCnkQ1kHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMt NzE3OTk4YWEzY2ZmLzEvdFNwRHJaR3RkcDBtSDFhWEtpdlI2bkRyaHVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS9kYTMzYWUtMTZjYy00YzlhLWJmOWMtNzE3OTk4YWEzY2Zm LzEvZE9RX25scmo5dXI3VUdpdWlQR01LZVJEV1FjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVqIMA0E AgACMAcDBQMqDUCAMA0GCSqGSIb3DQEBCwUAA4IBAQAvg3dikTRr71sIzoHs09n6 kQoOk07vWSt7APWtbo37eJnvCGuRV1O0XDwIvcftwPmcWf5a9AftPaNWjmGtHzgf wPwt5wiXSBidjnqh9DhvQH0SepkzVPcQ+0bEZFkpwDFaSmYcPGO8tnILRAjGvAD0 GX8ziJqsIX1uA5DfxlcXLhqTk+gAepkOyJ313LzNB3CawUmoa5pS+6dVyFmHH7ty xgE0zXjQgJb3fnXv/wsBQtjkRl7hgiAsiB8KpbioWa/Ul7FI0LCs3KqSSFtxLbuy Y539yZM9JuVo1yyASva6q3l/qG8dUiBcL3UDEZSivE/3EeO/2TU2gNJ1qTq8LYef -----END CERTIFICATE-----Generated at Mon Jan 26 18:18:30 2026 by rpki-client