This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/tnraOPm2wq2V9j6Hrmc8SV9avLQ.roa File: tnraOPm2wq2V9j6Hrmc8SV9avLQ.roa (raw, json) Hash identifier: 0L3Box8fqHKPp7PEt0nCwu/IlhVupcAp096tLCY3oh8= Subject key identifier: B6:7A:DA:38:F9:B6:C2:AD:95:F6:3E:87:AE:67:3C:49:5F:5A:BC:B4 Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c Certificate serial: 019B76EAED8A86E387939D70D4E1A23B50F8 Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/tnraOPm2wq2V9j6Hrmc8SV9avLQ.roa Signing time: Thu 01 Jan 2026 00:17:46 +0000 ROA not before: Thu 01 Jan 2026 00:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202656 IP address blocks: 138.124.21.0/24 maxlen: 24 138.124.22.0/24 maxlen: 24 138.124.23.0/24 maxlen: 24 138.124.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:ed:8a:86:e3:87:93:9d:70:d4:e1:a2:3b:50:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c Validity Not Before: Jan 1 00:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b67ada38f9b6c2ad95f63e87ae673c495f5abcb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:92:6a:51:d5:f5:54:a0:76:22:66:db:77:79: 7e:bb:d4:1f:0c:62:3c:64:a7:d7:13:97:84:c0:43: 17:7b:a0:6a:44:0c:ad:9b:92:0c:cd:d2:73:af:12: 58:f6:99:56:8a:a6:b5:1d:1e:1e:98:fe:52:5c:4d: 37:ff:c8:2b:03:19:ae:4b:2d:22:30:ff:13:b7:93: 4a:01:9c:63:50:64:13:56:56:af:0e:db:bf:6d:f2: 5d:a2:6b:9c:3d:fa:36:0b:fa:1a:d2:04:8a:88:a5: b0:12:e1:ef:e7:a0:aa:5f:85:4a:8f:45:7a:d1:8c: 39:6f:71:ad:d7:9a:20:26:08:0b:b5:e0:40:20:95: 3e:1e:1d:a9:b9:54:f0:4e:a5:f1:db:4b:67:21:e9: 4b:6f:a7:aa:b4:63:64:7d:6b:40:59:6b:7c:d6:0c: 38:94:58:33:21:e2:c0:3f:8f:b4:60:e7:2f:7d:95: 78:9b:9e:89:a2:e9:9c:ac:d6:6e:65:b0:01:42:95: c0:8e:d6:cc:01:10:1c:bd:66:9c:91:e4:26:37:03: 45:5f:7d:ea:13:23:42:ca:16:a1:0a:ef:e5:ac:7e: b3:8d:4c:b6:32:97:03:e2:29:fd:b7:67:68:07:e3: 82:ee:57:e9:a3:b0:6d:e2:ad:61:60:7e:24:70:b5: 0c:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:7A:DA:38:F9:B6:C2:AD:95:F6:3E:87:AE:67:3C:49:5F:5A:BC:B4 X509v3 Authority Key Identifier: keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/tnraOPm2wq2V9j6Hrmc8SV9avLQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.124.21.0-138.124.23.255 138.124.27.0/24 Signature Algorithm: sha256WithRSAEncryption 33:58:35:66:2d:6a:4a:c6:18:9e:0c:fd:0e:cb:78:a2:a5:e1: f5:65:4b:5b:71:32:66:cc:71:fe:55:3c:75:9c:d6:95:6e:d5: a0:57:05:0e:10:2a:a2:ab:72:d5:e0:03:a5:0d:8d:19:97:69: 59:b2:6f:b9:ee:81:18:11:d8:ca:25:28:30:f4:f4:4d:00:ef: d3:96:1c:2a:ab:05:a2:a8:11:ed:79:20:e4:d3:07:e8:4e:c3: 3a:fb:44:1f:1c:53:c5:63:5f:67:69:3d:d5:51:42:24:65:aa: 2d:35:e5:12:34:93:54:ae:2c:6c:ac:23:60:cd:74:27:7a:03: 8d:01:cf:9e:3f:26:16:87:f3:43:34:0f:64:05:8b:d6:e1:c4: 72:ab:76:1d:30:d9:a6:73:f3:47:aa:70:79:3e:37:39:49:c0: e1:40:ad:21:e4:aa:9f:f7:27:97:b1:f9:f6:fd:d9:92:27:48: e0:1a:c6:26:02:00:9c:e9:b5:9f:89:e3:6a:e9:e5:dd:7d:5d: 0e:e2:74:96:13:51:38:38:e5:32:64:22:78:e6:56:d8:fc:6f: a4:3a:c5:db:92:10:19:d5:68:63:74:2f:9e:71:bf:c9:c7:bb: db:ee:29:77:18:fc:af:99:e7:b9:d0:9e:be:5a:c3:d2:64:4f: 03:02:97:db -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt26u2KhuOHk51w1OGiO1D4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx N2U1MmMwHhcNMjYwMTAxMDAxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjdhZGEzOGY5YjZjMmFkOTVmNjNlODdhZTY3M2M0OTVmNWFiY2I0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZJqUdX1VKB2Imbbd3l+u9QfDGI8 ZKfXE5eEwEMXe6BqRAytm5IMzdJzrxJY9plWiqa1HR4emP5SXE03/8grAxmuSy0i MP8Tt5NKAZxjUGQTVlavDtu/bfJdomucPfo2C/oa0gSKiKWwEuHv56CqX4VKj0V6 0Yw5b3Gt15ogJggLteBAIJU+Hh2puVTwTqXx20tnIelLb6eqtGNkfWtAWWt81gw4 lFgzIeLAP4+0YOcvfZV4m56JoumcrNZuZbABQpXAjtbMARAcvWackeQmNwNFX33q EyNCyhahCu/lrH6zjUy2MpcD4in9t2doB+OC7lfpo7Bt4q1hYH4kcLUM1wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFLZ62jj5tsKtlfY+h65nPElfWry0MB8GA1UdIwQY MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt ZTAxZTk0MTI0Njc0LzEvdG5yYU9QbTJ3cTJWOWo2SHJtYzhTVjlhdkxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0 LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACKfBUD BAOKfBADBACKfBswDQYJKoZIhvcNAQELBQADggEBADNYNWYtakrGGJ4M/Q7LeKKl 4fVlS1txMmbMcf5VPHWc1pVu1aBXBQ4QKqKrctXgA6UNjRmXaVmyb7nugRgR2Mol KDD09E0A79OWHCqrBaKoEe15IOTTB+hOwzr7RB8cU8VjX2dpPdVRQiRlqi015RI0 k1SuLGysI2DNdCd6A40Bz54/JhaH80M0D2QFi9bhxHKrdh0w2aZz80eqcHk+NzlJ wOFArSHkqp/3J5ex+fb92ZInSOAaxiYCAJzptZ+J42rp5d19XQ7idJYTUTg45TJk InjmVtj8b6Q6xduSEBnVaGN0L55xv8nHu9vuKXcY/K+Z57nQnr5aw9JkTwMCl9s= -----END CERTIFICATE-----Generated at Mon Jan 19 23:22:06 2026 by rpki-client