This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/vTMh511etiFvcrFgOc8osFAj20k.roa File: vTMh511etiFvcrFgOc8osFAj20k.roa (raw, json) Hash identifier: zYAKiZl5Pt4+Z6dGLckMtfWleUNqzrb2ZA+AUoeT05Q= Subject key identifier: BD:33:21:E7:5D:5E:B6:21:6F:72:B1:60:39:CF:28:B0:50:23:DB:49 Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b Certificate serial: 019B77C7757EF8329EBC3149665B57C45F2A Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/vTMh511etiFvcrFgOc8osFAj20k.roa Signing time: Thu 01 Jan 2026 04:18:39 +0000 ROA not before: Thu 01 Jan 2026 04:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43153 IP address blocks: 195.136.160.0/23 maxlen: 24 195.136.160.0/24 maxlen: 24 195.136.192.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:75:7e:f8:32:9e:bc:31:49:66:5b:57:c4:5f:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b Validity Not Before: Jan 1 04:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd3321e75d5eb6216f72b16039cf28b05023db49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:82:b9:3c:5a:df:44:39:9e:a3:a4:c3:8b:60: 8f:a6:d3:bf:22:f7:31:28:66:d0:68:70:e9:03:51: d7:e5:87:9d:1d:35:82:e3:06:05:4d:ab:80:19:d6: 76:bc:5f:fa:9a:2f:b0:fc:f2:a6:7e:bb:c8:7b:41: 42:0f:54:7d:bf:71:b0:a7:93:1b:71:ca:b6:3a:b2: 68:da:aa:07:0e:54:9e:52:2d:c9:38:90:8d:f0:0d: 34:fc:1a:89:d9:04:a2:d9:2d:f9:86:94:a6:31:c0: 8e:2f:83:53:a3:fe:92:98:e7:e3:14:52:07:a6:bd: 44:3e:e8:de:da:c9:e6:1f:f6:64:a1:1c:10:7a:ec: 23:44:9a:5d:40:67:34:bc:a0:89:e5:bf:ae:6b:e4: d1:de:61:9a:52:d7:25:ba:71:e8:86:10:e6:5f:85: cf:dd:f9:64:b8:ab:97:76:0a:c1:a5:b8:a0:ba:a4: c8:8d:6f:0c:44:4a:e9:26:ab:fd:b2:26:3b:68:69: f4:d1:c7:24:2e:5e:96:04:c6:b7:64:37:4d:1b:09: 06:0c:0c:24:e9:28:64:9f:82:67:75:f1:ef:d3:f9: 77:a3:52:83:c0:ba:96:51:fc:a8:d7:2c:2c:ae:cd: 2f:5b:97:e7:c9:2e:38:8f:94:3b:43:89:14:a5:bb: cc:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:33:21:E7:5D:5E:B6:21:6F:72:B1:60:39:CF:28:B0:50:23:DB:49 X509v3 Authority Key Identifier: keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/vTMh511etiFvcrFgOc8osFAj20k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.136.160.0/23 195.136.192.0/23 Signature Algorithm: sha256WithRSAEncryption 63:18:ef:f4:46:13:a0:93:5e:ec:81:08:53:e3:49:60:4a:a0: 06:97:e9:9b:fc:e6:c0:49:41:a0:98:dd:93:ef:93:77:9a:13: 6d:52:40:65:1c:03:ea:a4:0b:a5:49:1e:da:ea:b8:bc:ed:43: c5:ea:b4:42:ae:a2:fb:ef:98:c3:88:49:d0:18:09:9f:c8:5d: 97:45:4a:d6:10:81:b1:6c:20:ab:ad:32:40:91:79:74:0b:15: 34:ad:10:dd:bb:10:e1:21:87:db:25:45:f2:24:80:fa:e5:31: 7f:90:0c:55:97:f2:a2:ed:eb:04:56:00:58:32:5a:6c:a8:9f: d2:f7:95:11:1e:77:46:07:63:9e:db:c1:1c:7f:87:b4:c6:7c: 36:7c:2b:9b:82:79:ca:31:4b:18:92:f7:69:d1:53:8b:1d:0a: a1:48:7a:ff:84:73:bc:5f:98:7d:53:28:d1:0a:2f:cb:01:ed: e5:fd:85:b2:0d:32:73:be:2c:63:db:6b:7d:c5:98:c9:91:1f: b2:24:29:58:87:2e:45:ee:6d:da:d7:a1:ff:7b:bb:fb:e5:93: 84:a8:40:16:e6:47:7d:b9:98:16:6b:43:91:1e:1d:0c:d4:dd: bc:13:b5:15:ca:51:0a:35:b6:9e:e9:6b:f7:b2:74:87:3c:14: d0:2a:41:cf -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3x3V++DKevDFJZltXxF8qMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj MmQ3NmIwHhcNMjYwMTAxMDQxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDMzMjFlNzVkNWViNjIxNmY3MmIxNjAzOWNmMjhiMDUwMjNkYjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooK5PFrfRDmeo6TDi2CPptO/Ivcx KGbQaHDpA1HX5YedHTWC4wYFTauAGdZ2vF/6mi+w/PKmfrvIe0FCD1R9v3Gwp5Mb ccq2OrJo2qoHDlSeUi3JOJCN8A00/BqJ2QSi2S35hpSmMcCOL4NTo/6SmOfjFFIH pr1EPuje2snmH/ZkoRwQeuwjRJpdQGc0vKCJ5b+ua+TR3mGaUtclunHohhDmX4XP 3flkuKuXdgrBpbiguqTIjW8MRErpJqv9siY7aGn00cckLl6WBMa3ZDdNGwkGDAwk 6Shkn4JndfHv0/l3o1KDwLqWUfyo1ywsrs0vW5fnyS44j5Q7Q4kUpbvMGQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFL0zIeddXrYhb3KxYDnPKLBQI9tJMB8GA1UdIwQY MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt NTI3NjZiMjRiYWE0LzEvdlRNaDUxMWV0aUZ2Y3JGZ09jOG9zRkFqMjBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0 LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw4igAwQB w4jAMA0GCSqGSIb3DQEBCwUAA4IBAQBjGO/0RhOgk17sgQhT40lgSqAGl+mb/ObA SUGgmN2T75N3mhNtUkBlHAPqpAulSR7a6ri87UPF6rRCrqL775jDiEnQGAmfyF2X RUrWEIGxbCCrrTJAkXl0CxU0rRDduxDhIYfbJUXyJID65TF/kAxVl/Ki7esEVgBY MlpsqJ/S95URHndGB2Oe28Ecf4e0xnw2fCubgnnKMUsYkvdp0VOLHQqhSHr/hHO8 X5h9UyjRCi/LAe3l/YWyDTJzvixj22t9xZjJkR+yJClYhy5F7m3a16H/e7v75ZOE qEAW5kd9uZgWa0ORHh0M1N28E7UVylEKNbae6Wv3snSHPBTQKkHP -----END CERTIFICATE-----Generated at Mon Jan 26 20:24:51 2026 by rpki-client