This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/TPKf2qD4i-4IdBxXDHtHhbra3Z8.roa File: TPKf2qD4i-4IdBxXDHtHhbra3Z8.roa (raw, json) Hash identifier: Ou38d9YgwvDf1E/nrULkauiqCrk3iW5MuZKzQKIUoZA= Subject key identifier: 4C:F2:9F:DA:A0:F8:8B:EE:08:74:1C:57:0C:7B:47:85:BA:DA:DD:9F Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019B7DCB79535AAF6AAE22CD5E5EF9C59104 Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/TPKf2qD4i-4IdBxXDHtHhbra3Z8.roa Signing time: Fri 02 Jan 2026 08:20:45 +0000 ROA not before: Fri 02 Jan 2026 08:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203359 IP address blocks: 2a0d:e247::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:79:53:5a:af:6a:ae:22:cd:5e:5e:f9:c5:91:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Jan 2 08:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4cf29fdaa0f88bee08741c570c7b4785badadd9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e0:1d:31:2a:8a:8c:26:ac:1a:42:d9:c0:33: da:19:40:06:52:4c:33:d5:f2:f5:4f:c4:c4:f1:56: 06:b4:8e:53:82:83:6d:14:15:91:57:c5:62:ce:9c: 94:c4:2e:71:66:7b:1c:30:d2:01:d5:86:bf:36:18: 26:bd:09:c0:8b:b3:2d:3b:ac:25:28:6b:62:90:78: 96:49:76:8b:3c:a1:66:b7:3a:ab:27:dc:1c:d9:c6: 2d:c1:66:45:59:2e:4f:68:2d:1f:f9:2c:f6:f3:16: ae:5c:60:1d:5d:02:a7:31:cd:7c:81:2a:3f:9d:a0: 15:8b:37:5c:1e:3c:e5:a9:27:b1:96:62:12:df:04: b1:a8:9a:63:99:32:a2:f1:25:e6:99:8c:db:37:eb: 3f:51:63:1f:15:86:00:95:4b:91:b9:07:0f:c7:87: 70:57:56:e8:f2:16:db:6f:86:e1:6e:0a:8b:79:34: 09:59:83:09:2c:a4:9a:83:16:cd:04:b4:6d:57:e2: ca:0b:1d:31:80:57:61:8f:4d:8e:9a:1c:0a:a9:2f: fd:cc:37:ac:17:2c:ed:19:19:ad:a0:fd:0e:3a:12: db:9f:02:82:19:c0:7b:8e:c4:30:bf:d2:a6:c4:c7: 62:3d:80:fc:25:d3:83:bb:16:0e:7b:1a:b6:d5:a8: 2c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:F2:9F:DA:A0:F8:8B:EE:08:74:1C:57:0C:7B:47:85:BA:DA:DD:9F X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/TPKf2qD4i-4IdBxXDHtHhbra3Z8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:e247::/32 Signature Algorithm: sha256WithRSAEncryption 2a:29:de:55:6a:1b:51:13:61:32:93:b4:13:92:03:9a:93:c9: 87:d4:01:67:6f:d4:a2:c4:36:30:63:af:6f:1d:ea:59:f8:84: ac:75:54:40:07:b3:38:2a:ca:88:a5:d3:b4:fb:2a:7b:eb:45: 63:68:22:e3:c1:6e:1d:6f:03:87:24:7b:fd:e3:d7:6b:7d:a0: 53:e1:67:49:86:b8:e7:36:47:53:c6:4b:f6:f6:93:9d:1d:63: ca:d5:a1:9e:7e:74:f3:05:dc:ff:31:c9:46:f1:05:9c:0a:3b: 9e:b6:d7:0b:56:14:5b:be:70:94:56:d6:d3:f6:aa:e8:1d:0d: 3a:c9:0d:0a:3c:c0:ff:97:cf:5a:f4:ba:7e:b2:f9:b8:eb:83: 21:90:75:a4:51:6f:da:a5:d6:67:25:19:66:ac:30:62:cb:70: 84:e2:c7:a5:bc:a9:9f:c0:e9:8b:46:58:b7:c9:f0:09:ac:57: 85:d6:4b:4f:e0:45:b0:70:2b:4a:2c:9b:d9:49:d6:7b:96:df: b3:21:eb:f9:70:26:42:63:3b:3f:78:b4:09:d2:7a:81:96:65: 30:d3:35:bf:0e:81:dc:eb:d8:2f:a0:a8:8d:fb:ec:9e:14:3c: 59:4b:87:b4:b4:5a:ae:51:75:a2:a3:fe:57:f4:da:28:8a:90: 6d:dc:fd:06 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9y3lTWq9qriLNXl75xZEEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjYwMTAyMDgyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Y2YyOWZkYWEwZjg4YmVlMDg3NDFjNTcwYzdiNDc4NWJhZGFkZDlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueAdMSqKjCasGkLZwDPaGUAGUkwz 1fL1T8TE8VYGtI5TgoNtFBWRV8VizpyUxC5xZnscMNIB1Ya/NhgmvQnAi7MtO6wl KGtikHiWSXaLPKFmtzqrJ9wc2cYtwWZFWS5PaC0f+Sz28xauXGAdXQKnMc18gSo/ naAVizdcHjzlqSexlmIS3wSxqJpjmTKi8SXmmYzbN+s/UWMfFYYAlUuRuQcPx4dw V1bo8hbbb4bhbgqLeTQJWYMJLKSagxbNBLRtV+LKCx0xgFdhj02OmhwKqS/9zDes FyztGRmtoP0OOhLbnwKCGcB7jsQwv9KmxMdiPYD8JdODuxYOexq21ags6QIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFEzyn9qg+IvuCHQcVwx7R4W62t2fMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvVFBLZjJxRDRpLTRJZEJ4WERIdEhoYnJhM1o4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3iRzAN BgkqhkiG9w0BAQsFAAOCAQEAKineVWobURNhMpO0E5IDmpPJh9QBZ2/UosQ2MGOv bx3qWfiErHVUQAezOCrKiKXTtPsqe+tFY2gi48FuHW8DhyR7/ePXa32gU+FnSYa4 5zZHU8ZL9vaTnR1jytWhnn508wXc/zHJRvEFnAo7nrbXC1YUW75wlFbW0/aq6B0N OskNCjzA/5fPWvS6frL5uOuDIZB1pFFv2qXWZyUZZqwwYstwhOLHpbypn8Dpi0ZY t8nwCaxXhdZLT+BFsHArSiyb2UnWe5bfsyHr+XAmQmM7P3i0CdJ6gZZlMNM1vw6B 3OvYL6CojfvsnhQ8WUuHtLRarlF1oqP+V/TaKIqQbdz9Bg== -----END CERTIFICATE-----Generated at Tue Jan 20 04:28:21 2026 by rpki-client