This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/TgC9SfoTorK7vBYwI8VYhLdYsAI.roa File: TgC9SfoTorK7vBYwI8VYhLdYsAI.roa (raw, json) Hash identifier: cX6b1ElbfxY+vtUnnUoBWdanxCq7AgtL2UTTxProihY= Subject key identifier: 4E:00:BD:49:FA:13:A2:B2:BB:BC:16:30:23:C5:58:84:B7:58:B0:02 Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f Certificate serial: 019B02FDDB4097541B33ABBE1CD9D4794AEB Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/TgC9SfoTorK7vBYwI8VYhLdYsAI.roa Signing time: Tue 09 Dec 2025 12:02:29 +0000 ROA not before: Tue 09 Dec 2025 12:02:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214019 IP address blocks: 79.174.3.0/24 maxlen: 24 185.231.234.0/24 maxlen: 24 2a13:e3c3::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.mft rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 00:50:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:fd:db:40:97:54:1b:33:ab:be:1c:d9:d4:79:4a:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f Validity Not Before: Dec 9 12:02:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4e00bd49fa13a2b2bbbc163023c55884b758b002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1b:32:ee:44:35:fa:3f:c3:3c:5a:dd:39:30: 2c:5f:0f:9b:c3:c1:7a:10:87:2d:9e:57:fe:6f:dc: 3a:91:aa:5b:91:f8:6d:67:8f:64:2b:95:25:bc:9a: 20:bb:37:80:c8:ce:e2:7c:b9:3f:5b:3d:dd:62:03: 60:e7:f0:74:da:15:71:e9:7d:36:33:36:02:42:09: d1:cd:fc:c7:98:fa:72:69:79:51:b1:30:9d:8c:c7: b7:11:64:8b:db:bd:05:0b:78:37:6a:b8:26:89:16: 4f:78:58:b9:4b:10:d4:4d:12:79:c3:9d:ce:e2:a9: e9:4a:d3:15:81:77:2a:29:01:5c:94:bf:98:ed:9b: b9:88:aa:9e:ce:80:e7:05:7b:91:ee:de:75:e6:3a: 6e:9d:d7:69:58:2b:ed:dd:fa:38:d2:df:ca:6d:6c: be:b4:32:3e:99:0c:30:d4:64:60:68:2e:7b:43:14: ef:ec:5f:a4:66:70:19:8e:10:b9:50:9c:ee:3c:95: f6:7e:29:e5:80:a4:ff:ea:76:63:0e:0b:26:e0:54: 32:56:87:96:fb:ff:ef:13:0a:4a:f9:ce:8c:36:6c: ac:61:0b:66:5e:11:4b:38:b4:46:9e:4c:8b:b5:47: f4:ae:68:5f:56:0a:8e:5b:e0:1f:c2:45:43:83:cd: 0f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:00:BD:49:FA:13:A2:B2:BB:BC:16:30:23:C5:58:84:B7:58:B0:02 X509v3 Authority Key Identifier: keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/TgC9SfoTorK7vBYwI8VYhLdYsAI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.174.3.0/24 185.231.234.0/24 IPv6: 2a13:e3c3::/32 Signature Algorithm: sha256WithRSAEncryption c8:78:34:eb:01:54:d5:cf:46:96:c5:e5:8d:43:33:af:38:3e: 6e:6e:ab:2d:f5:79:85:d8:44:b0:7b:34:a5:76:25:cc:34:92: 55:29:2a:94:ae:27:0f:63:b7:8c:12:3b:94:5b:e8:34:9f:7f: ad:0d:42:ba:67:3b:c3:6a:48:fe:06:73:39:73:ae:69:50:98: 29:d4:de:67:11:d7:fb:6d:e7:ec:55:46:93:2d:e3:99:89:c5: 52:b6:30:3d:7d:8e:1e:e6:9a:49:39:3e:3f:99:92:f8:ed:cd: 70:d3:69:98:aa:a4:7e:9c:ca:1d:3a:da:26:78:f1:0b:7f:83: b3:12:4b:15:fe:7e:79:d5:e8:9c:35:25:86:31:7c:8b:60:5c: 80:8c:72:ad:d3:e8:6c:9b:13:c7:1f:46:08:9f:f7:21:f0:7d: bd:9e:22:8e:00:a8:7c:01:18:49:c5:7e:78:c0:fd:de:76:fa: 74:75:38:d9:6b:b2:2e:68:6c:7b:63:5c:36:7e:13:bc:99:c2: 33:46:aa:09:a3:58:26:9b:b7:8f:08:34:3c:da:5b:fd:f4:d6: 85:37:ff:a0:dc:2f:e4:8f:b9:c2:8a:89:0d:e5:95:11:e9:89: b6:b2:8b:16:6d:46:40:7a:e1:47:ec:d6:a3:33:23:12:6b:5d: 10:57:eb:1a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZsC/dtAl1QbM6u+HNnUeUrrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1 Y2I4NGYwHhcNMjUxMjA5MTIwMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZTAwYmQ0OWZhMTNhMmIyYmJiYzE2MzAyM2M1NTg4NGI3NThiMDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxsy7kQ1+j/DPFrdOTAsXw+bw8F6 EIctnlf+b9w6kapbkfhtZ49kK5UlvJoguzeAyM7ifLk/Wz3dYgNg5/B02hVx6X02 MzYCQgnRzfzHmPpyaXlRsTCdjMe3EWSL270FC3g3argmiRZPeFi5SxDUTRJ5w53O 4qnpStMVgXcqKQFclL+Y7Zu5iKqezoDnBXuR7t515jpunddpWCvt3fo40t/KbWy+ tDI+mQww1GRgaC57QxTv7F+kZnAZjhC5UJzuPJX2finlgKT/6nZjDgsm4FQyVoeW +//vEwpK+c6MNmysYQtmXhFLOLRGnkyLtUf0rmhfVgqOW+AfwkVDg80P6QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFE4AvUn6E6Kyu7wWMCPFWIS3WLACMB8GA1UdIwQY MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It ZjZiY2NmMWU1MzFmLzEvVGdDOVNmb1Rvcks3dkJZd0k4VlloTGRZc0FJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAT64DAwQA uefqMA0EAgACMAcDBQAqE+PDMA0GCSqGSIb3DQEBCwUAA4IBAQDIeDTrAVTVz0aW xeWNQzOvOD5ubqst9XmF2ESwezSldiXMNJJVKSqUricPY7eMEjuUW+g0n3+tDUK6 ZzvDakj+BnM5c65pUJgp1N5nEdf7befsVUaTLeOZicVStjA9fY4e5ppJOT4/mZL4 7c1w02mYqqR+nModOtomePELf4OzEksV/n551eicNSWGMXyLYFyAjHKt0+hsmxPH H0YIn/ch8H29niKOAKh8ARhJxX54wP3edvp0dTjZa7IuaGx7Y1w2fhO8mcIzRqoJ o1gmm7ePCDQ82lv99NaFN/+g3C/kj7nCiokN5ZUR6Ym2sosWbUZAeuFH7NajMyMS a10QV+sa -----END CERTIFICATE-----Generated at Sat Dec 13 08:17:11 2025 by rpki-client