This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/tbigIKA5Us9H6nUaIP3JOMug_tk.roa File: tbigIKA5Us9H6nUaIP3JOMug_tk.roa (raw, json) Hash identifier: 50U00koAhHzQzJNs6FgIRsjT8Tds+II01YYff1TsZRw= Subject key identifier: B5:B8:A0:20:A0:39:52:CF:47:EA:75:1A:20:FD:C9:38:CB:A0:FE:D9 Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Certificate serial: 019B7F14B5847C9BC946C5593F8EC1874C9F Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/tbigIKA5Us9H6nUaIP3JOMug_tk.roa Signing time: Fri 02 Jan 2026 14:20:21 +0000 ROA not before: Fri 02 Jan 2026 14:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 54040 IP address blocks: 2001:668:121::/48 maxlen: 48 2001:668:122::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:b5:84:7c:9b:c9:46:c5:59:3f:8e:c1:87:4c:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171 Validity Not Before: Jan 2 14:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b5b8a020a03952cf47ea751a20fdc938cba0fed9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f3:21:f6:c3:4b:79:df:b6:47:37:5c:66:28: 75:7b:b9:c4:de:e4:01:c3:df:8b:a0:e0:78:22:34: e0:b9:8f:71:91:1c:8c:e5:92:cb:aa:5e:79:ca:c1: e3:97:65:0b:a5:c0:d3:90:9c:41:88:63:24:c8:44: 8f:f7:ec:a0:ba:d7:5e:3b:e7:14:7e:f5:17:3f:71: a8:cf:f0:3c:24:80:0d:c4:c7:62:d8:d7:d2:50:b8: ed:33:6a:f4:84:e3:71:14:4e:df:48:f0:d4:2e:8b: fa:0a:a0:e9:fc:a1:65:c0:dc:62:e3:27:de:ac:1d: a8:51:89:6c:a2:c7:1f:ea:a4:76:89:a9:3d:b5:0a: 5c:03:e9:f1:15:4f:93:a1:e3:dc:43:2a:69:33:86: a3:44:8b:74:47:3c:18:43:af:01:38:d8:27:46:5d: ff:0f:28:fa:8b:5e:88:f2:86:48:23:38:a6:c7:ed: bf:02:40:62:4f:4e:55:b2:e4:46:c3:66:ac:b5:f3: af:35:80:15:d0:55:c9:4d:28:e8:eb:57:7e:98:98: c0:4b:54:d2:45:be:7f:f0:de:f3:4a:30:ae:95:f2: 65:b0:0d:66:1e:ba:b4:ec:0d:b7:aa:a4:82:6a:04: ea:3d:51:77:8d:fa:a9:a4:78:70:d4:01:0e:4d:0e: 0e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:B8:A0:20:A0:39:52:CF:47:EA:75:1A:20:FD:C9:38:CB:A0:FE:D9 X509v3 Authority Key Identifier: keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/tbigIKA5Us9H6nUaIP3JOMug_tk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:668:121::-2001:668:122:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 9b:aa:6a:b1:28:78:4c:5b:c5:1d:05:9a:09:4d:51:a1:f4:ce: 9b:65:b8:3e:a4:18:c2:fe:9e:41:92:80:04:e9:31:3c:3a:ec: 4a:c3:81:e0:bf:00:39:2e:5b:06:4b:cd:f9:43:9b:82:99:26: 65:dc:18:a8:ea:ee:0a:a0:d6:e4:cf:92:26:b6:f4:53:05:49: c0:da:d0:fe:c1:69:e9:06:cc:12:f7:1f:e9:ab:dc:eb:aa:34: d3:85:59:9b:98:d2:a0:69:bc:a6:b4:d2:d3:4e:40:6a:37:75: 26:fe:98:11:72:8a:7d:aa:de:8b:e6:6c:d0:41:0f:2a:87:a8: f7:7d:10:68:c0:e4:56:e4:f1:a2:88:bc:39:59:9c:6a:f8:bb: 63:50:04:90:01:34:92:7d:cc:5f:f4:70:a1:d1:78:73:37:8c: ef:9e:f5:93:42:1f:72:6a:2f:44:84:c0:be:5c:0e:75:35:b0: 40:41:7b:bc:42:68:62:ef:04:19:d1:96:10:27:f6:19:ed:29: 25:a3:69:d8:e7:cf:7e:65:12:9b:54:25:87:5b:93:97:60:27: b2:1a:40:77:41:bc:95:ea:2c:9c:93:0e:0c:cb:14:d4:fe:18: a5:16:bb:25:2e:94:53:d7:9f:16:5c:41:5d:89:da:0a:f6:4c: 44:90:93:fa -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt/FLWEfJvJRsVZP47Bh0yfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0 NmQxNzEwHhcNMjYwMTAyMTQyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNWI4YTAyMGEwMzk1MmNmNDdlYTc1MWEyMGZkYzkzOGNiYTBmZWQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvMh9sNLed+2RzdcZih1e7nE3uQB w9+LoOB4IjTguY9xkRyM5ZLLql55ysHjl2ULpcDTkJxBiGMkyESP9+ygutdeO+cU fvUXP3Goz/A8JIANxMdi2NfSULjtM2r0hONxFE7fSPDULov6CqDp/KFlwNxi4yfe rB2oUYlsoscf6qR2iak9tQpcA+nxFU+ToePcQyppM4ajRIt0RzwYQ68BONgnRl3/ Dyj6i16I8oZIIzimx+2/AkBiT05VsuRGw2astfOvNYAV0FXJTSjo61d+mJjAS1TS Rb5/8N7zSjCulfJlsA1mHrq07A23qqSCagTqPVF3jfqppHhw1AEOTQ4OqQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFLW4oCCgOVLPR+p1GiD9yTjLoP7ZMB8GA1UdIwQY MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt MGNmMTA5M2Q0NTQ4LzEvdGJpZ0lLQTVVczlINm5VYUlQM0pPTXVnX3RrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4 LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAgAQZo ASEDBwAgAQZoASIwDQYJKoZIhvcNAQELBQADggEBAJuqarEoeExbxR0FmglNUaH0 zptluD6kGML+nkGSgATpMTw67ErDgeC/ADkuWwZLzflDm4KZJmXcGKjq7gqg1uTP kia29FMFScDa0P7BaekGzBL3H+mr3OuqNNOFWZuY0qBpvKa00tNOQGo3dSb+mBFy in2q3ovmbNBBDyqHqPd9EGjA5Fbk8aKIvDlZnGr4u2NQBJABNJJ9zF/0cKHReHM3 jO+e9ZNCH3JqL0SEwL5cDnU1sEBBe7xCaGLvBBnRlhAn9hntKSWjadjnz35lEptU JYdbk5dgJ7IaQHdBvJXqLJyTDgzLFNT+GKUWuyUulFPXnxZcQV2J2gr2TESQk/o= -----END CERTIFICATE-----Generated at Tue Jan 20 23:49:49 2026 by rpki-client