This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tlghKI1hug3w1Vn3mY8-TRwHvyM.roa File: tlghKI1hug3w1Vn3mY8-TRwHvyM.roa (raw, json) Hash identifier: 6SDpu3HmXsvFN7j0J4OgAxM8GrLPzifIsTaLSJMzqa0= Subject key identifier: B6:58:21:28:8D:61:BA:0D:F0:D5:59:F7:99:8F:3E:4D:1C:07:BF:23 Certificate issuer: /CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f Certificate serial: 019AB67AD9081D74473A98552903DA398D44 Authority key identifier: B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tlghKI1hug3w1Vn3mY8-TRwHvyM.roa Signing time: Mon 24 Nov 2025 15:28:15 +0000 ROA not before: Mon 24 Nov 2025 15:28:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 43851 IP address blocks: 2001:67c:3e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.mft rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:7a:d9:08:1d:74:47:3a:98:55:29:03:da:39:8d:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f Validity Not Before: Nov 24 15:28:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=b65821288d61ba0df0d559f7998f3e4d1c07bf23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:dd:a1:53:bd:5c:fd:2e:ee:ff:f4:5e:a7:c9: 60:c2:99:e2:d6:e0:cb:a7:2c:49:21:0b:75:5e:5b: 9f:11:53:51:9b:ac:e5:0a:30:bf:81:69:fa:cb:15: f8:52:b1:36:89:af:a2:b0:72:0b:d0:b6:ec:da:52: 49:a0:2d:f4:0e:10:d2:98:ad:c3:8a:8c:77:a8:6e: 77:25:92:85:70:d7:a7:48:b5:a0:8a:db:26:b0:eb: 99:23:b1:86:fd:8b:d3:db:f2:18:3f:38:4a:c6:08: 7f:b4:4d:ed:50:b3:7b:b6:0e:a1:18:bf:b8:cc:28: 5f:f7:84:1b:3e:b5:13:1c:cd:e0:b1:2d:80:ef:b1: 9d:04:90:46:5e:24:3e:ce:58:5a:57:ee:80:9e:fe: f2:70:21:f0:6b:ab:67:2a:d4:f5:d3:36:ba:7a:71: a5:fc:21:48:6f:73:1b:ef:ef:df:30:bf:b5:2c:8c: b7:78:c8:ae:6f:fb:4f:6b:13:01:23:fc:28:44:86: 49:40:07:dc:e1:38:e9:3b:08:7b:8e:ab:78:a6:97: ef:5d:42:dd:4e:64:23:62:6e:04:a2:fe:e4:17:4a: dd:7d:d6:d5:9c:c7:8f:56:d2:83:e6:f7:25:12:35: 06:f6:9a:0d:53:c9:7e:fb:15:95:2b:f3:88:4f:f4: 71:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:58:21:28:8D:61:BA:0D:F0:D5:59:F7:99:8F:3E:4D:1C:07:BF:23 X509v3 Authority Key Identifier: keyid:B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tlghKI1hug3w1Vn3mY8-TRwHvyM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:3e0::/48 Signature Algorithm: sha256WithRSAEncryption 5c:63:16:eb:f8:16:2b:7e:34:f1:5e:42:89:bc:07:12:60:a5: fb:37:bf:af:58:eb:e5:6f:2d:47:55:67:d0:23:71:15:e4:7e: 65:5f:44:9e:06:b0:fd:d1:2e:f8:69:6f:4c:78:c0:1b:a9:c7: f6:95:88:ae:6f:f3:6d:ee:28:9b:44:77:4b:70:c5:1f:87:42: 17:c1:da:32:db:f5:26:e5:bd:95:31:b7:bb:fe:98:a8:23:63: d4:7f:70:28:ce:db:5c:3f:7b:8c:63:4c:e6:2a:de:7b:4f:a6: 93:cb:9e:bf:b5:e9:ee:d8:0c:38:4b:31:f5:62:8e:2a:95:f3: 2c:f2:04:86:ec:38:82:6d:05:21:af:36:61:40:4c:31:5a:0b: 9f:4d:f5:7b:4c:5a:10:53:1f:e6:4c:da:e6:77:c8:9c:1a:9f: 9b:97:90:2b:37:d1:51:e8:95:3a:d7:86:06:ad:7b:11:91:df: fa:9a:3f:d1:7a:6d:47:80:03:be:9e:4f:88:14:62:8c:3f:d0: f1:77:7c:0f:02:c3:94:c2:1a:7a:6f:7c:66:18:80:fd:72:1c: ef:5c:86:31:f8:84:02:4b:1e:7a:d0:09:9e:ca:94:3a:8d:d0: a8:e3:23:8f:f3:91:64:a3:30:5c:87:96:40:88:75:5c:0a:40: 34:b7:93:44 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZq2etkIHXRHOphVKQPaOY1EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1ZjBmODM4YWZiYzEzMjI2ODA1NDRlZDFjOWM1YTJiMDk5 NjVkOWYwHhcNMjUxMTI0MTUyODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjU4MjEyODhkNjFiYTBkZjBkNTU5Zjc5OThmM2U0ZDFjMDdiZjIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd2hU71c/S7u//Rep8lgwpni1uDL pyxJIQt1XlufEVNRm6zlCjC/gWn6yxX4UrE2ia+isHIL0Lbs2lJJoC30DhDSmK3D iox3qG53JZKFcNenSLWgitsmsOuZI7GG/YvT2/IYPzhKxgh/tE3tULN7tg6hGL+4 zChf94QbPrUTHM3gsS2A77GdBJBGXiQ+zlhaV+6Anv7ycCHwa6tnKtT10za6enGl /CFIb3Mb7+/fML+1LIy3eMiub/tPaxMBI/woRIZJQAfc4TjpOwh7jqt4ppfvXULd TmQjYm4Eov7kF0rdfdbVnMePVtKD5vclEjUG9poNU8l++xWVK/OIT/Rx3QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFLZYISiNYboN8NVZ95mPPk0cB78jMB8GA1UdIwQY MBaAFLXw+DivvBMiaAVE7RycWisJll2fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEt YTUyZGM5YzIyMDdjLzEvdGxnaEtJMWh1ZzN3MVZuM21ZOC1UUndIdnlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEtYTUyZGM5YzIyMDdj LzEvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAPg MA0GCSqGSIb3DQEBCwUAA4IBAQBcYxbr+BYrfjTxXkKJvAcSYKX7N7+vWOvlby1H VWfQI3EV5H5lX0SeBrD90S74aW9MeMAbqcf2lYiub/Nt7iibRHdLcMUfh0IXwdoy 2/Um5b2VMbe7/pioI2PUf3AozttcP3uMY0zmKt57T6aTy56/tenu2Aw4SzH1Yo4q lfMs8gSG7DiCbQUhrzZhQEwxWgufTfV7TFoQUx/mTNrmd8icGp+bl5ArN9FR6JU6 14YGrXsRkd/6mj/Rem1HgAO+nk+IFGKMP9Dxd3wPAsOUwhp6b3xmGID9chzvXIYx +IQCSx560AmeypQ6jdCo4yOP85FkozBch5ZAiHVcCkA0t5NE -----END CERTIFICATE-----Generated at Thu Dec 4 07:32:15 2025 by rpki-client