This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/ba4da6-1d1e-4878-876e-a85399db60bf/1/twrQ972oI9ZzJB5lNnpdx6DecVA.roa File: twrQ972oI9ZzJB5lNnpdx6DecVA.roa (raw, json) Hash identifier: R4HcQNJ+RCE6vVMBKIPOjPzd/TdNdxhTx9KPeq1FVRs= Subject key identifier: B7:0A:D0:F7:BD:A8:23:D6:73:24:1E:65:36:7A:5D:C7:A0:DE:71:50 Certificate issuer: /CN=8e9b1fe312f009f208ea8a2b7320cea765dd518b Certificate serial: 019B7B3638123EE53017689A6F1ED4F3B9F0 Authority key identifier: 8E:9B:1F:E3:12:F0:09:F2:08:EA:8A:2B:73:20:CE:A7:65:DD:51:8B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jpsf4xLwCfII6oorcyDOp2XdUYs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/ba4da6-1d1e-4878-876e-a85399db60bf/1/twrQ972oI9ZzJB5lNnpdx6DecVA.roa Signing time: Thu 01 Jan 2026 20:18:29 +0000 ROA not before: Thu 01 Jan 2026 20:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198968 IP address blocks: 164.138.208.0/22 maxlen: 22 164.138.212.0/23 maxlen: 23 164.138.214.0/24 maxlen: 24 164.138.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/ba4da6-1d1e-4878-876e-a85399db60bf/1/jpsf4xLwCfII6oorcyDOp2XdUYs.crl rsync://rpki.ripe.net/repository/DEFAULT/32/ba4da6-1d1e-4878-876e-a85399db60bf/1/jpsf4xLwCfII6oorcyDOp2XdUYs.mft rsync://rpki.ripe.net/repository/DEFAULT/jpsf4xLwCfII6oorcyDOp2XdUYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:38:12:3e:e5:30:17:68:9a:6f:1e:d4:f3:b9:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e9b1fe312f009f208ea8a2b7320cea765dd518b Validity Not Before: Jan 1 20:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b70ad0f7bda823d673241e65367a5dc7a0de7150 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:3d:6b:51:7c:12:1b:7d:2e:8c:71:07:32:91: 8d:9c:29:73:48:94:90:1e:13:cd:a3:b6:79:11:90: 75:b2:37:a1:cf:1e:10:da:5b:20:3a:fd:c9:bb:74: 40:32:63:c2:65:67:2f:55:07:0f:e4:a7:2f:87:f3: f6:f9:c6:72:7a:7a:40:d7:d7:4f:0a:98:b8:63:e5: fd:01:6f:3a:d4:f7:4a:d3:55:de:79:75:1d:5e:91: da:18:67:40:c9:e2:e9:77:ca:a1:a8:6f:70:ba:cb: a3:c9:01:fc:88:f5:54:d0:93:89:b4:e0:ae:42:56: f7:87:77:88:6d:cb:4b:ea:43:0f:05:b8:dc:39:9f: b9:b3:ad:e6:a0:ee:f2:e8:e3:58:b0:02:67:fb:48: d2:d3:9c:7d:44:4e:56:b7:24:fe:f9:13:b3:7c:93: 63:0a:a0:23:e3:d2:69:25:e2:2b:0a:aa:9b:af:d8: 21:3d:28:9d:bd:68:2f:f3:18:50:b3:21:69:a6:f8: fe:08:b3:7f:5b:7b:0e:4b:13:5d:e9:c3:42:5c:01: d9:31:f0:b1:9b:ef:ad:bc:28:3d:35:4a:ca:f9:39: bc:79:82:89:49:1f:42:0a:99:ed:82:55:46:f5:6e: d6:c3:81:a4:9e:08:e7:ba:21:8d:77:ff:b5:55:a0: 34:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:0A:D0:F7:BD:A8:23:D6:73:24:1E:65:36:7A:5D:C7:A0:DE:71:50 X509v3 Authority Key Identifier: keyid:8E:9B:1F:E3:12:F0:09:F2:08:EA:8A:2B:73:20:CE:A7:65:DD:51:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jpsf4xLwCfII6oorcyDOp2XdUYs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/ba4da6-1d1e-4878-876e-a85399db60bf/1/twrQ972oI9ZzJB5lNnpdx6DecVA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/32/ba4da6-1d1e-4878-876e-a85399db60bf/1/jpsf4xLwCfII6oorcyDOp2XdUYs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 164.138.208.0/21 Signature Algorithm: sha256WithRSAEncryption 43:95:19:da:17:0e:2e:ac:ec:76:c1:b4:3a:61:ae:87:ee:a3: 56:06:e7:de:2d:ec:2b:dc:f8:4f:4d:b3:26:83:fd:3b:ad:7e: be:32:30:ad:07:e5:6a:9b:2c:cb:cc:0f:be:3c:77:33:35:68: 4f:ef:df:56:87:fa:bd:82:96:83:ed:ff:60:4f:c9:99:b8:67: d6:99:e2:40:61:a2:7f:45:e8:9a:c6:94:36:f0:de:9c:b8:87: 6d:b8:e2:de:24:78:1e:e0:83:60:94:d5:3a:29:fa:6a:0b:95: 2b:b5:9d:04:07:e2:50:51:7d:4f:23:f5:08:77:7c:f1:ce:de: a4:dc:50:69:84:50:a3:f8:f0:f6:6b:d9:aa:32:83:12:fc:40: da:88:c9:18:8e:9a:dd:b6:a7:4d:dc:b8:d3:50:dc:77:48:fa: 1f:84:a8:00:48:77:39:c3:36:7b:7a:e5:19:9e:92:86:49:f8: a3:d1:ae:ac:66:32:87:30:76:98:42:eb:87:f3:9c:fc:da:4d: fc:cd:6e:96:b3:67:cf:1a:00:2d:e2:f2:77:d7:b4:cf:1c:1e: e5:d3:1f:82:05:a4:9e:71:d1:f5:2e:3a:69:31:3a:62:c3:10: 3d:ec:ae:5c:46:eb:87:b3:3d:ff:67:86:39:28:5d:0a:e7:03: 0e:67:11:2e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NjgSPuUwF2iabx7U87nwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlOWIxZmUzMTJmMDA5ZjIwOGVhOGEyYjczMjBjZWE3NjVk ZDUxOGIwHhcNMjYwMTAxMjAxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNzBhZDBmN2JkYTgyM2Q2NzMyNDFlNjUzNjdhNWRjN2EwZGU3MTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz1rUXwSG30ujHEHMpGNnClzSJSQ HhPNo7Z5EZB1sjehzx4Q2lsgOv3Ju3RAMmPCZWcvVQcP5Kcvh/P2+cZyenpA19dP Cpi4Y+X9AW861PdK01XeeXUdXpHaGGdAyeLpd8qhqG9wusujyQH8iPVU0JOJtOCu Qlb3h3eIbctL6kMPBbjcOZ+5s63moO7y6ONYsAJn+0jS05x9RE5WtyT++ROzfJNj CqAj49JpJeIrCqqbr9ghPSidvWgv8xhQsyFppvj+CLN/W3sOSxNd6cNCXAHZMfCx m++tvCg9NUrK+Tm8eYKJSR9CCpntglVG9W7Ww4GkngjnuiGNd/+1VaA0xwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLcK0Pe9qCPWcyQeZTZ6Xceg3nFQMB8GA1UdIwQY MBaAFI6bH+MS8AnyCOqKK3Mgzqdl3VGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvanBzZjR4THdDZklJNm9vcmN5RE9wMlhkVVlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iYTRkYTYtMWQxZS00ODc4LTg3NmUt YTg1Mzk5ZGI2MGJmLzEvdHdyUTk3Mm9JOVp6SkI1bE5ucGR4NkRlY1ZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMi9iYTRkYTYtMWQxZS00ODc4LTg3NmUtYTg1Mzk5ZGI2MGJm LzEvanBzZjR4THdDZklJNm9vcmN5RE9wMlhkVVlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDpIrQMA0G CSqGSIb3DQEBCwUAA4IBAQBDlRnaFw4urOx2wbQ6Ya6H7qNWBufeLewr3PhPTbMm g/07rX6+MjCtB+VqmyzLzA++PHczNWhP799Wh/q9gpaD7f9gT8mZuGfWmeJAYaJ/ ReiaxpQ28N6cuIdtuOLeJHge4INglNU6KfpqC5UrtZ0EB+JQUX1PI/UId3zxzt6k 3FBphFCj+PD2a9mqMoMS/EDaiMkYjprdtqdN3LjTUNx3SPofhKgASHc5wzZ7euUZ npKGSfij0a6sZjKHMHaYQuuH85z82k38zW6Ws2fPGgAt4vJ317TPHB7l0x+CBaSe cdH1LjppMTpiwxA97K5cRuuHsz3/Z4Y5KF0K5wMOZxEu -----END CERTIFICATE-----Generated at Sun Jan 18 10:45:38 2026 by rpki-client