This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/Tfh5V-7MWdfuy6m967xqktKUyBw.roa File: Tfh5V-7MWdfuy6m967xqktKUyBw.roa (raw, json) Hash identifier: YvccI7yiUVaBcoWWw5IFctLUStvOuXyF2y42wakvR7w= Subject key identifier: 4D:F8:79:57:EE:CC:59:D7:EE:CB:A9:BD:EB:BC:6A:92:D2:94:C8:1C Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2 Certificate serial: 019B79105F1B9A53C0FDBB3FB3ACBB0EAB9C Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/Tfh5V-7MWdfuy6m967xqktKUyBw.roa Signing time: Thu 01 Jan 2026 10:17:54 +0000 ROA not before: Thu 01 Jan 2026 10:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206050 IP address blocks: 31.210.54.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:5f:1b:9a:53:c0:fd:bb:3f:b3:ac:bb:0e:ab:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2 Validity Not Before: Jan 1 10:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4df87957eecc59d7eecba9bdebbc6a92d294c81c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:5b:0d:6a:bf:8d:f2:c8:f6:18:90:8c:45:84: b8:a1:68:94:5d:05:a3:f9:81:c4:d7:31:35:5f:2b: c1:7f:b0:76:33:b3:18:6f:a0:1f:b0:03:6b:bf:3e: 1c:47:17:19:6f:39:66:fe:54:e8:b1:05:56:2f:64: c5:5e:63:f8:d6:f0:13:34:3f:57:5b:09:3b:c6:41: 7e:30:90:1d:2b:fb:7f:e1:ce:eb:93:d7:16:d5:a6: cd:d0:9c:b0:45:de:1f:dd:ef:d8:36:fa:30:da:4b: c1:a6:1b:b1:28:18:a2:21:ad:2b:29:e1:91:70:90: d5:ae:f2:c0:4c:85:dc:d9:36:1b:da:eb:29:e3:35: c9:73:89:8b:3c:08:b6:66:25:b7:59:fc:b8:e6:e7: 43:11:8f:03:84:c7:cf:ac:f0:b8:51:1c:17:43:b2: 83:77:ce:73:43:f2:3c:4b:03:bc:56:1e:6c:6c:27: 93:00:ac:df:09:76:59:1e:d1:51:cb:75:ba:ab:58: 39:78:2a:20:d3:c3:b8:71:a1:d7:ee:a7:cb:7b:ef: e4:db:4a:a0:bf:41:3e:0d:68:8a:ad:1a:f6:de:4d: 0f:07:c5:af:99:e4:6d:6b:04:71:14:eb:ae:71:0f: 59:29:ec:6e:31:af:6e:0f:ab:9f:c4:c0:2b:90:b2: fc:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:F8:79:57:EE:CC:59:D7:EE:CB:A9:BD:EB:BC:6A:92:D2:94:C8:1C X509v3 Authority Key Identifier: keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/Tfh5V-7MWdfuy6m967xqktKUyBw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.210.54.0/24 Signature Algorithm: sha256WithRSAEncryption 50:72:04:d3:d7:95:54:8b:b7:9b:74:4d:91:9b:25:b6:18:87: 5c:98:fa:64:cd:a7:6d:0c:0d:76:be:df:8f:6d:98:9e:7a:e0: c4:e6:19:33:ed:12:77:89:f5:94:7d:41:e9:83:00:a8:e7:80: c5:7f:39:cc:14:4f:25:03:7d:d4:c0:6f:44:2d:67:1b:69:96: 75:f4:6a:11:94:e0:aa:86:ea:9c:a8:ee:b4:5c:3c:2a:99:65: 0d:bd:4e:37:0a:a9:5a:2c:9e:19:0e:cb:b9:90:8d:65:26:c3: 93:a2:a6:86:74:a0:68:5d:4c:42:c5:07:dd:ba:4c:6b:cc:b3: 7d:77:b2:79:32:49:c5:29:a7:c8:28:a7:97:2a:ce:a8:02:d1: 9d:1f:30:4d:1a:e5:34:c7:f8:57:db:5e:b1:25:27:7f:2f:6c: 9d:c1:4e:9f:ef:cd:22:70:61:85:a8:63:7a:e0:dc:3a:f1:5e: 5f:7e:dc:47:e1:6e:f6:46:d9:c8:ec:38:77:b3:fb:27:26:40: cb:81:31:e2:16:48:a7:76:fe:9c:bb:1c:1e:b3:db:96:25:1e: ee:c1:df:fb:57:b9:f0:37:a9:92:73:81:85:b3:8d:84:ac:bc: 7c:4b:be:b0:70:f1:7d:86:57:ad:26:ca:75:af:00:30:a9:16: 8d:15:ee:e2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EF8bmlPA/bs/s6y7DqucMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx OTJjYTIwHhcNMjYwMTAxMTAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZGY4Nzk1N2VlY2M1OWQ3ZWVjYmE5YmRlYmJjNmE5MmQyOTRjODFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1sNar+N8sj2GJCMRYS4oWiUXQWj +YHE1zE1XyvBf7B2M7MYb6AfsANrvz4cRxcZbzlm/lTosQVWL2TFXmP41vATND9X Wwk7xkF+MJAdK/t/4c7rk9cW1abN0JywRd4f3e/YNvow2kvBphuxKBiiIa0rKeGR cJDVrvLATIXc2TYb2usp4zXJc4mLPAi2ZiW3Wfy45udDEY8DhMfPrPC4URwXQ7KD d85zQ/I8SwO8Vh5sbCeTAKzfCXZZHtFRy3W6q1g5eCog08O4caHX7qfLe+/k20qg v0E+DWiKrRr23k0PB8WvmeRtawRxFOuucQ9ZKexuMa9uD6ufxMArkLL8VwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFE34eVfuzFnX7supveu8apLSlMgcMB8GA1UdIwQY MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt NGUxOThmMGE2MDEzLzEvVGZoNVYtN01XZGZ1eTZtOTY3eHFrdEtVeUJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9I2MA0G CSqGSIb3DQEBCwUAA4IBAQBQcgTT15VUi7ebdE2RmyW2GIdcmPpkzadtDA12vt+P bZieeuDE5hkz7RJ3ifWUfUHpgwCo54DFfznMFE8lA33UwG9ELWcbaZZ19GoRlOCq huqcqO60XDwqmWUNvU43CqlaLJ4ZDsu5kI1lJsOToqaGdKBoXUxCxQfdukxrzLN9 d7J5MknFKafIKKeXKs6oAtGdHzBNGuU0x/hX216xJSd/L2ydwU6f780icGGFqGN6 4Nw68V5fftxH4W72RtnI7Dh3s/snJkDLgTHiFkindv6cuxwes9uWJR7uwd/7V7nw N6mSc4GFs42ErLx8S76wcPF9hletJsp1rwAwqRaNFe7i -----END CERTIFICATE-----Generated at Wed Jan 21 13:33:53 2026 by rpki-client