This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/tFPfs4xpIocrr9F_alsNUwh6dNs.roa File: tFPfs4xpIocrr9F_alsNUwh6dNs.roa (raw, json) Hash identifier: EmNlyy0F+FzqmqEZRdQGTBdexRs7cZ0YpJygNUDJNHc= Subject key identifier: B4:53:DF:B3:8C:69:22:87:2B:AF:D1:7F:6A:5B:0D:53:08:7A:74:DB Certificate issuer: /CN=9a7004fdbc1d9e3a3c1e7e06591aca4b94b6c2f8 Certificate serial: 019B7BA33DBD3E0AFB3D7E47EA03F3DD1AEB Authority key identifier: 9A:70:04:FD:BC:1D:9E:3A:3C:1E:7E:06:59:1A:CA:4B:94:B6:C2:F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/tFPfs4xpIocrr9F_alsNUwh6dNs.roa Signing time: Thu 01 Jan 2026 22:17:34 +0000 ROA not before: Thu 01 Jan 2026 22:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8745 IP address blocks: 85.209.188.0/22 maxlen: 22 195.96.224.0/19 maxlen: 19 213.191.192.0/19 maxlen: 19 213.191.221.0/24 maxlen: 24 2a01:8880::/32 maxlen: 32 2a01:8880:8000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.crl rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.mft rsync://rpki.ripe.net/repository/DEFAULT/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:3d:bd:3e:0a:fb:3d:7e:47:ea:03:f3:dd:1a:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a7004fdbc1d9e3a3c1e7e06591aca4b94b6c2f8 Validity Not Before: Jan 1 22:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b453dfb38c6922872bafd17f6a5b0d53087a74db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:6e:78:2f:f5:25:ad:12:7c:bd:94:2f:59:a1: 54:2e:74:3b:ec:ce:97:4f:1e:a6:c5:6a:c0:28:a9: e8:88:ba:04:45:c9:b7:f3:4e:7f:4c:ad:89:59:a0: 73:2c:3b:92:c6:ad:cf:f3:fc:a7:0b:d5:a5:6d:d6: c4:19:8a:4f:89:02:d6:18:c0:57:95:5b:54:62:57: 85:09:1f:ec:91:eb:26:60:ad:48:8a:c4:d5:e6:09: 60:75:c6:19:aa:63:9a:62:c0:64:3b:9b:2c:14:6b: 22:37:02:c9:3a:f4:2f:8f:7c:1d:b6:1a:47:b7:33: 5f:68:e0:e7:e2:73:db:68:c0:9f:11:96:9b:c5:e1: 15:cb:e3:8a:c9:48:21:12:51:a3:2e:06:d2:ea:f1: aa:47:14:00:8a:0e:57:58:d1:67:9f:76:37:1f:64: d2:4c:b6:cf:8d:3d:48:91:b5:d1:ba:ac:81:40:d9: 2d:a0:c4:86:07:03:f4:06:cb:88:db:c5:8f:26:01: 36:72:7b:cf:16:04:eb:05:25:3c:33:ab:79:d4:19: 7f:52:bd:b8:3f:01:04:65:3b:0e:b9:a7:04:95:a9: 72:75:00:b2:83:16:c6:85:d2:e7:f0:c9:f4:ed:15: ab:b5:7b:e6:c5:11:d6:31:f5:11:3b:a7:d0:00:d1: ad:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:53:DF:B3:8C:69:22:87:2B:AF:D1:7F:6A:5B:0D:53:08:7A:74:DB X509v3 Authority Key Identifier: keyid:9A:70:04:FD:BC:1D:9E:3A:3C:1E:7E:06:59:1A:CA:4B:94:B6:C2:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/tFPfs4xpIocrr9F_alsNUwh6dNs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/fca81d-38a5-4c32-b163-b7fa393db1d1/1/mnAE_bwdnjo8Hn4GWRrKS5S2wvg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.209.188.0/22 195.96.224.0/19 213.191.192.0/19 IPv6: 2a01:8880::/32 Signature Algorithm: sha256WithRSAEncryption 80:c8:8e:99:b0:43:a2:21:47:0a:6b:a6:3e:3b:9b:7b:67:7b: d9:d0:18:a1:91:a2:33:ef:1d:14:6b:1f:d8:e9:b8:b8:b0:4f: 3d:26:71:06:db:11:1c:3c:cf:73:48:fb:63:6c:6f:41:f0:9b: 59:1e:b2:93:0a:3a:e1:a6:71:f1:1c:d2:04:84:dd:b4:16:ad: e5:6e:2c:47:f1:ee:36:14:41:73:c5:d3:54:5f:34:9a:ae:d3: 8b:c0:bd:6f:f9:e0:fa:c0:97:f4:d2:a2:f2:60:33:9a:19:df: e6:81:03:b0:a6:b1:cf:99:52:99:ce:fd:fa:62:b9:40:0a:2a: 53:29:c8:77:f7:c0:30:7f:1d:78:4d:bf:ca:a9:72:7e:e6:86: a5:b6:28:78:c2:97:33:54:af:24:81:bd:2b:e6:d6:e1:0d:5b: dd:4a:0c:d8:2a:84:3a:ac:2e:b2:98:b7:e5:31:de:ce:53:ab: 2f:4f:19:3e:89:0b:d1:8e:15:a8:b2:c7:44:2f:6b:4e:bf:79: 15:55:9e:9e:11:7e:4f:be:f7:42:84:d2:83:31:bb:51:51:f3: c3:34:e7:51:6b:82:87:ac:4d:f7:97:de:52:44:00:67:2c:49: 56:7c:65:60:3a:68:f0:35:f0:ee:08:71:65:64:55:6d:61:04: c7:64:49:b5 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt7oz29Pgr7PX5H6gPz3RrrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhNzAwNGZkYmMxZDllM2EzYzFlN2UwNjU5MWFjYTRiOTRi NmMyZjgwHhcNMjYwMTAxMjIxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNDUzZGZiMzhjNjkyMjg3MmJhZmQxN2Y2YTViMGQ1MzA4N2E3NGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW54L/UlrRJ8vZQvWaFULnQ77M6X Tx6mxWrAKKnoiLoERcm3805/TK2JWaBzLDuSxq3P8/ynC9WlbdbEGYpPiQLWGMBX lVtUYleFCR/skesmYK1IisTV5glgdcYZqmOaYsBkO5ssFGsiNwLJOvQvj3wdthpH tzNfaODn4nPbaMCfEZabxeEVy+OKyUghElGjLgbS6vGqRxQAig5XWNFnn3Y3H2TS TLbPjT1IkbXRuqyBQNktoMSGBwP0BsuI28WPJgE2cnvPFgTrBSU8M6t51Bl/Ur24 PwEEZTsOuacElalydQCygxbGhdLn8Mn07RWrtXvmxRHWMfURO6fQANGtlQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFLRT37OMaSKHK6/Rf2pbDVMIenTbMB8GA1UdIwQY MBaAFJpwBP28HZ46PB5+BlkaykuUtsL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbW5BRV9id2Ruam84SG40R1dScktTNVMyd3ZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mY2E4MWQtMzhhNS00YzMyLWIxNjMt YjdmYTM5M2RiMWQxLzEvdEZQZnM0eHBJb2NycjlGX2Fsc05Vd2g2ZE5zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9mY2E4MWQtMzhhNS00YzMyLWIxNjMtYjdmYTM5M2RiMWQx LzEvbW5BRV9id2Ruam84SG40R1dScktTNVMyd3ZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVdG8AwQF w2DgAwQF1b/AMA0EAgACMAcDBQAqAYiAMA0GCSqGSIb3DQEBCwUAA4IBAQCAyI6Z sEOiIUcKa6Y+O5t7Z3vZ0BihkaIz7x0Uax/Y6bi4sE89JnEG2xEcPM9zSPtjbG9B 8JtZHrKTCjrhpnHxHNIEhN20Fq3lbixH8e42FEFzxdNUXzSartOLwL1v+eD6wJf0 0qLyYDOaGd/mgQOwprHPmVKZzv36YrlACipTKch398Awfx14Tb/KqXJ+5oaltih4 wpczVK8kgb0r5tbhDVvdSgzYKoQ6rC6ymLflMd7OU6svTxk+iQvRjhWossdEL2tO v3kVVZ6eEX5PvvdChNKDMbtRUfPDNOdRa4KHrE33l95SRABnLElWfGVgOmjwNfDu CHFlZFVtYQTHZEm1 -----END CERTIFICATE-----Generated at Tue Feb 10 02:26:14 2026 by rpki-client