This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/TSGYTkuRtKWAPNYB5i9msrLqQvM.roa File: TSGYTkuRtKWAPNYB5i9msrLqQvM.roa (raw, json) Hash identifier: db3DeF8DAU9YgWeZA84z6SD+HkiS1G0KP7PA4MoGHGc= Subject key identifier: 4D:21:98:4E:4B:91:B4:A5:80:3C:D6:01:E6:2F:66:B2:B2:EA:42:F3 Certificate issuer: /CN=d5a085eb95ad55fb3a6b247e9678112a14d81926 Certificate serial: 019B7E38F708790153AC5FE1B84B51BD664B Authority key identifier: D5:A0:85:EB:95:AD:55:FB:3A:6B:24:7E:96:78:11:2A:14:D8:19:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/TSGYTkuRtKWAPNYB5i9msrLqQvM.roa Signing time: Fri 02 Jan 2026 10:20:20 +0000 ROA not before: Fri 02 Jan 2026 10:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212876 IP address blocks: 185.166.108.0/22 maxlen: 22 2a0c:f880::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/1aCF65WtVfs6ayR-lngRKhTYGSY.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/1aCF65WtVfs6ayR-lngRKhTYGSY.mft rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f7:08:79:01:53:ac:5f:e1:b8:4b:51:bd:66:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5a085eb95ad55fb3a6b247e9678112a14d81926 Validity Not Before: Jan 2 10:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d21984e4b91b4a5803cd601e62f66b2b2ea42f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:99:e3:f5:15:85:2d:a0:d5:3f:79:22:c0:f5: d7:a6:2c:d3:a6:c9:0d:a5:a7:60:15:ab:af:f5:f7: fa:04:5f:12:7b:5d:5d:8b:f7:64:24:a0:c2:e6:5a: bb:2d:fc:5e:20:b7:48:39:1e:69:e7:fc:c3:78:3a: 49:ed:a9:63:91:fe:af:8f:d0:8d:af:54:cb:f1:1b: 28:27:a5:ef:48:64:74:bb:c0:e0:41:64:c3:2d:9c: 2f:58:8a:e1:66:dc:d2:06:26:77:8d:d8:ca:fe:1b: 72:d1:9a:cc:55:da:64:af:b9:77:95:f0:36:61:60: 29:14:b3:3e:63:fc:40:98:c3:69:61:ce:c7:16:b3: 1b:38:5c:1b:fc:64:04:84:9c:b9:df:8f:49:b9:ca: 43:06:b8:5c:41:01:3d:bf:2f:91:4a:72:71:d0:23: bf:4a:19:70:60:92:a3:a4:73:7e:dc:c4:82:57:e1: 40:94:71:b1:c2:23:c2:81:79:e9:1a:d3:32:ef:1a: 72:7b:b7:ed:87:9d:1a:9c:90:c0:9c:eb:df:9d:27: 51:c1:63:61:52:c4:79:4f:79:f7:b7:0b:a9:c9:ca: 60:b1:37:cc:81:55:b6:20:9c:7f:33:9b:f8:ee:64: 68:b1:75:7a:6e:f9:88:fe:02:45:02:ae:60:f4:f0: 22:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:21:98:4E:4B:91:B4:A5:80:3C:D6:01:E6:2F:66:B2:B2:EA:42:F3 X509v3 Authority Key Identifier: keyid:D5:A0:85:EB:95:AD:55:FB:3A:6B:24:7E:96:78:11:2A:14:D8:19:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aCF65WtVfs6ayR-lngRKhTYGSY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/TSGYTkuRtKWAPNYB5i9msrLqQvM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/94558a-2803-44c2-a772-f94adc1bbd90/1/1aCF65WtVfs6ayR-lngRKhTYGSY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.166.108.0/22 IPv6: 2a0c:f880::/29 Signature Algorithm: sha256WithRSAEncryption 14:de:6c:b8:e7:c9:ac:03:48:44:af:4d:eb:98:11:42:e9:67: 36:78:db:bc:91:e8:b3:4c:f9:3e:4a:4f:20:ad:01:28:ca:a1: 10:be:be:30:42:eb:e4:aa:d5:40:42:6b:05:b0:4f:da:87:03: e6:20:c1:9e:d2:ab:30:0c:65:c3:ae:ec:75:f9:23:18:34:33: 0b:02:fd:f9:a8:86:37:75:aa:1c:93:a1:66:f3:a3:6c:3d:5b: 94:3f:c6:6f:d2:cc:16:6b:00:65:28:47:96:5f:fa:28:6f:26: 9d:4a:4e:ac:05:e5:6b:31:6a:a4:82:f1:0b:c5:99:14:5a:8f: 98:05:71:c1:54:d8:2e:68:68:74:98:3b:3c:ad:e1:09:c2:42: 34:37:34:18:a5:9c:81:7f:e8:7e:8d:90:55:88:85:73:f0:98: 6c:7a:2d:0b:ce:01:ec:be:85:1b:d2:21:e2:f9:73:4e:02:ed: ef:a5:7a:cb:0a:df:3d:6e:e8:53:31:73:f6:f2:46:ad:04:c0: fe:55:4d:32:0a:64:62:73:d9:20:ce:e5:20:cd:df:e5:9c:23: e7:34:58:c1:e4:3e:45:b0:49:9e:a0:e4:49:6f:69:37:90:c6: 5f:84:c4:49:0c:b1:b5:65:a6:d6:5f:09:0b:9b:13:34:40:36: 78:95:05:1c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OPcIeQFTrF/huEtRvWZLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YTA4NWViOTVhZDU1ZmIzYTZiMjQ3ZTk2NzgxMTJhMTRk ODE5MjYwHhcNMjYwMTAyMTAyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDIxOTg0ZTRiOTFiNGE1ODAzY2Q2MDFlNjJmNjZiMmIyZWE0MmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJnj9RWFLaDVP3kiwPXXpizTpskN padgFauv9ff6BF8Se11di/dkJKDC5lq7LfxeILdIOR5p5/zDeDpJ7aljkf6vj9CN r1TL8RsoJ6XvSGR0u8DgQWTDLZwvWIrhZtzSBiZ3jdjK/hty0ZrMVdpkr7l3lfA2 YWApFLM+Y/xAmMNpYc7HFrMbOFwb/GQEhJy5349JucpDBrhcQQE9vy+RSnJx0CO/ ShlwYJKjpHN+3MSCV+FAlHGxwiPCgXnpGtMy7xpye7fth50anJDAnOvfnSdRwWNh UsR5T3n3twupycpgsTfMgVW2IJx/M5v47mRosXV6bvmI/gJFAq5g9PAi2wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFE0hmE5LkbSlgDzWAeYvZrKy6kLzMB8GA1UdIwQY MBaAFNWgheuVrVX7OmskfpZ4ESoU2BkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWFDRjY1V3RWZnM2YXlSLWxuZ1JLaFRZR1NZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi85NDU1OGEtMjgwMy00NGMyLWE3NzIt Zjk0YWRjMWJiZDkwLzEvVFNHWVRrdVJ0S1dBUE5ZQjVpOW1zckxxUXZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi85NDU1OGEtMjgwMy00NGMyLWE3NzItZjk0YWRjMWJiZDkw LzEvMWFDRjY1V3RWZnM2YXlSLWxuZ1JLaFRZR1NZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaZsMA0E AgACMAcDBQMqDPiAMA0GCSqGSIb3DQEBCwUAA4IBAQAU3my458msA0hEr03rmBFC 6Wc2eNu8keizTPk+Sk8grQEoyqEQvr4wQuvkqtVAQmsFsE/ahwPmIMGe0qswDGXD rux1+SMYNDMLAv35qIY3daock6Fm86NsPVuUP8Zv0swWawBlKEeWX/oobyadSk6s BeVrMWqkgvELxZkUWo+YBXHBVNguaGh0mDs8reEJwkI0NzQYpZyBf+h+jZBViIVz 8Jhsei0LzgHsvoUb0iHi+XNOAu3vpXrLCt89buhTMXP28katBMD+VU0yCmRic9kg zuUgzd/lnCPnNFjB5D5FsEmeoORJb2k3kMZfhMRJDLG1ZabWXwkLmxM0QDZ4lQUc -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:38 2026 by rpki-client