This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/TFtf2NIqdktnRTqhAXxHkpSqkAU.roa File: TFtf2NIqdktnRTqhAXxHkpSqkAU.roa (raw, json) Hash identifier: xn8CqB/eY3ljqeq1p5G7DRPChWKP25DHyYudCu/HYqI= Subject key identifier: 4C:5B:5F:D8:D2:2A:76:4B:67:45:3A:A1:01:7C:47:92:94:AA:90:05 Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb Certificate serial: 019C31F4803CD0F9F56C8C989367E4C368E8 Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/TFtf2NIqdktnRTqhAXxHkpSqkAU.roa Signing time: Fri 06 Feb 2026 07:57:13 +0000 ROA not before: Fri 06 Feb 2026 07:57:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216192 IP address blocks: 85.159.89.0/24 maxlen: 24 188.125.161.0/24 maxlen: 24 188.125.165.0/24 maxlen: 24 188.125.167.0/24 maxlen: 24 188.125.174.0/24 maxlen: 24 194.177.14.0/24 maxlen: 24 2a13:f6c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.mft rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:31:f4:80:3c:d0:f9:f5:6c:8c:98:93:67:e4:c3:68:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb Validity Not Before: Feb 6 07:57:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4c5b5fd8d22a764b67453aa1017c479294aa9005 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:16:9b:b1:b2:0c:1b:8a:09:b0:9e:40:4a:2a: 52:5a:d5:4c:72:db:e4:27:ed:d1:09:42:72:02:61: cf:90:6d:6e:07:46:58:4e:cc:e8:56:c8:74:cf:bb: 5c:e5:9d:7e:ef:bf:d9:2d:48:65:7a:9d:96:a5:ce: fc:ef:3b:39:7c:12:c2:7d:98:d1:66:31:06:4b:d5: fb:54:96:ab:80:41:e9:0d:c2:a1:43:fc:97:cb:9d: f5:ef:f4:09:92:76:a8:5b:3b:da:da:3e:ba:ea:db: 23:48:89:ff:39:b9:0a:a9:73:2a:6b:86:a6:1c:73: 0c:72:d8:47:f8:4b:fc:f0:72:51:39:be:a8:43:ad: 7e:68:bd:12:72:4d:47:1c:2e:fb:06:1a:35:1c:f5: 9f:33:bf:a7:cc:a5:a1:15:2b:90:f5:b5:74:e7:45: ad:f7:c1:81:cf:a0:75:86:d9:5c:d6:da:ea:65:14: eb:02:a2:f8:a9:9c:1a:80:ab:c2:dc:7a:7c:64:09: 76:bc:29:52:56:d5:93:ff:b7:ea:fb:79:93:2d:7e: 07:e1:85:e9:d6:d1:6d:50:be:4b:b7:22:13:48:e8: b1:4a:1d:4f:36:35:f0:b0:9c:a7:34:b5:d0:16:de: 4b:03:d3:6e:07:67:46:78:32:f1:d0:c8:28:db:b9: ef:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:5B:5F:D8:D2:2A:76:4B:67:45:3A:A1:01:7C:47:92:94:AA:90:05 X509v3 Authority Key Identifier: keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/TFtf2NIqdktnRTqhAXxHkpSqkAU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.159.89.0/24 188.125.161.0/24 188.125.165.0/24 188.125.167.0/24 188.125.174.0/24 194.177.14.0/24 IPv6: 2a13:f6c0::/29 Signature Algorithm: sha256WithRSAEncryption 53:5c:10:de:b6:7f:ca:b9:00:90:48:95:f8:33:c6:55:3d:94: 50:fe:40:da:e1:9a:d8:24:54:1e:a3:7c:8f:f3:7c:cb:e5:f8: 56:f9:38:39:9d:87:0a:c6:dd:7c:50:dc:f6:a9:1b:2f:71:9c: 3f:f0:4b:3b:a8:49:5d:93:5f:5d:d1:6c:ee:e3:88:70:3b:61: d1:33:d6:64:a2:9c:74:ce:1f:72:ca:e7:6e:43:98:dc:d2:17: b6:96:d5:cf:2e:30:76:23:d8:7e:31:97:03:cc:92:7e:ee:f1: ef:d8:bf:48:19:a4:2e:5b:45:af:52:bc:e5:a8:a6:b7:cf:25: 31:57:44:a9:62:13:5f:d7:56:d8:54:3d:67:f6:ba:0c:31:da: cb:b7:0f:92:5f:27:0c:96:87:be:2e:d6:93:98:09:10:98:2f: b4:ed:09:b7:73:81:1c:14:c0:22:ac:bf:3a:06:d1:f0:e2:41: 18:09:ab:53:4c:a9:6e:e6:3d:c1:d1:81:da:0d:20:f5:76:d5: 00:46:af:c6:a0:8c:36:be:43:22:0d:11:ce:ea:11:88:23:e4: f4:b3:c1:d6:8e:47:e7:09:f8:67:4f:2e:8e:ce:fb:73:5d:39: d4:b4:99:4c:1d:1a:7b:7d:1f:bd:e4:6a:5d:ec:97:8e:ff:86: 66:24:d0:86 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZwx9IA80Pn1bIyYk2fkw2joMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw YTdkZGIwHhcNMjYwMjA2MDc1NzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YzViNWZkOGQyMmE3NjRiNjc0NTNhYTEwMTdjNDc5Mjk0YWE5MDA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhabsbIMG4oJsJ5ASipSWtVMctvk J+3RCUJyAmHPkG1uB0ZYTszoVsh0z7tc5Z1+77/ZLUhlep2Wpc787zs5fBLCfZjR ZjEGS9X7VJargEHpDcKhQ/yXy5317/QJknaoWzva2j666tsjSIn/ObkKqXMqa4am HHMMcthH+Ev88HJROb6oQ61+aL0Sck1HHC77Bho1HPWfM7+nzKWhFSuQ9bV050Wt 98GBz6B1htlc1trqZRTrAqL4qZwagKvC3Hp8ZAl2vClSVtWT/7fq+3mTLX4H4YXp 1tFtUL5LtyITSOixSh1PNjXwsJynNLXQFt5LA9NuB2dGeDLx0Mgo27nvxwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFExbX9jSKnZLZ0U6oQF8R5KUqpAFMB8GA1UdIwQY MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt MDRhYzE3ODgxYWE5LzEvVEZ0ZjJOSXFka3RuUlRxaEFYeEhrcFNxa0FVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5 LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAVZ9ZAwQA vH2hAwQAvH2lAwQAvH2nAwQAvH2uAwQAwrEOMA0EAgACMAcDBQMqE/bAMA0GCSqG SIb3DQEBCwUAA4IBAQBTXBDetn/KuQCQSJX4M8ZVPZRQ/kDa4ZrYJFQeo3yP83zL 5fhW+Tg5nYcKxt18UNz2qRsvcZw/8Es7qEldk19d0Wzu44hwO2HRM9Zkopx0zh9y yuduQ5jc0he2ltXPLjB2I9h+MZcDzJJ+7vHv2L9IGaQuW0WvUrzlqKa3zyUxV0Sp YhNf11bYVD1n9roMMdrLtw+SXycMloe+LtaTmAkQmC+07Qm3c4EcFMAirL86BtHw 4kEYCatTTKlu5j3B0YHaDSD1dtUARq/GoIw2vkMiDRHO6hGII+T0s8HWjkfnCfhn Ty6OzvtzXTnUtJlMHRp7fR+95Gpd7JeO/4ZmJNCG -----END CERTIFICATE-----Generated at Tue Feb 10 10:14:44 2026 by rpki-client