This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/tK4p7XOY-9eMCfT41rNfDvMz8ZQ.roa File: tK4p7XOY-9eMCfT41rNfDvMz8ZQ.roa (raw, json) Hash identifier: +PzSpSLby2pKNdEalpx88bV8TrjpZ7AoJpGeiQ6ta/I= Subject key identifier: B4:AE:29:ED:73:98:FB:D7:8C:09:F4:F8:D6:B3:5F:0E:F3:33:F1:94 Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5 Certificate serial: 019B77C69AADF679AF5B275F74C757764539 Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/tK4p7XOY-9eMCfT41rNfDvMz8ZQ.roa Signing time: Thu 01 Jan 2026 04:17:43 +0000 ROA not before: Thu 01 Jan 2026 04:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34119 IP address blocks: 138.226.208.0/22 maxlen: 22 158.120.72.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 07:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:9a:ad:f6:79:af:5b:27:5f:74:c7:57:76:45:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5 Validity Not Before: Jan 1 04:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4ae29ed7398fbd78c09f4f8d6b35f0ef333f194 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:3a:73:35:50:54:6f:cd:55:53:9e:3a:f8:5f: 8b:78:86:91:3e:10:65:3c:1e:5f:15:47:7a:d2:38: bd:d0:49:ae:ef:94:c9:d3:c6:28:9c:dc:c9:65:e5: 74:3a:38:0d:d7:fc:15:c6:8c:33:c8:41:4c:d8:30: 11:93:bf:dc:c3:b5:36:23:3b:3d:f7:1e:63:e7:4a: d5:ec:c5:82:c7:d6:3b:37:c5:18:23:22:2f:13:a6: 43:f7:62:26:c1:bc:9c:cc:47:7f:b1:b8:ce:4c:62: 60:62:75:27:1e:bf:46:9a:a7:05:b1:bb:75:20:bd: dd:e4:8d:f6:ba:32:4a:78:5e:e5:1b:94:c1:bf:c6: 0e:99:ef:3a:5d:67:ed:1c:63:85:ef:76:0d:5b:58: e6:76:e2:10:b4:34:bc:ac:b3:cb:0c:85:46:60:3a: 2c:10:41:65:ec:12:c6:e5:65:14:ad:5e:aa:0a:dd: df:97:75:91:f3:c6:64:ff:d1:85:b2:dc:31:55:5c: df:f3:b5:42:a8:98:af:43:21:c5:80:52:aa:1d:b7: 7a:0f:25:d5:f6:c2:5e:d7:bb:3c:2b:b6:69:3d:96: 82:5b:59:81:e3:6f:1e:fb:4b:0d:3b:61:b7:47:ef: d8:75:85:cd:73:28:2b:0b:74:86:b1:51:ff:07:50: 35:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:AE:29:ED:73:98:FB:D7:8C:09:F4:F8:D6:B3:5F:0E:F3:33:F1:94 X509v3 Authority Key Identifier: keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/tK4p7XOY-9eMCfT41rNfDvMz8ZQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.226.208.0/22 158.120.72.0/23 Signature Algorithm: sha256WithRSAEncryption 23:62:d4:10:05:4c:f6:e9:f9:61:4a:58:b4:11:7e:bb:80:6d: 95:09:b4:9a:11:b0:e8:7d:44:cf:82:fa:d8:a5:1a:41:b9:b3: 37:97:06:d0:b3:3b:14:79:c2:08:04:a1:29:9d:13:68:2c:4c: d1:6c:d1:c6:b5:48:38:c4:b6:73:df:04:bc:41:ba:72:fc:03: c0:3e:60:94:0e:f1:59:25:5b:7e:17:10:e6:bc:8b:5d:93:db: 7c:a9:d5:49:37:e4:6b:3f:13:0b:4a:16:45:20:25:62:57:e3: e1:6f:2d:74:f6:e7:59:ff:fd:4b:8b:79:de:14:6b:08:d3:83: 27:e9:04:b4:61:00:92:41:35:0b:b4:c8:d7:32:8e:db:0f:ad: 83:4b:5e:87:3b:53:59:28:3b:af:a4:15:48:fd:6a:59:1e:d0: e4:69:06:cc:9f:b7:ee:22:6c:e1:ba:10:dd:5d:52:01:3b:b6: 01:32:c5:46:73:64:02:d3:c9:d8:73:c8:62:b6:fd:59:ec:cd: 01:93:a5:59:55:56:4d:e2:4d:bf:3b:ec:4a:12:2e:05:20:10: 85:aa:ad:2d:25:a8:d1:61:7c:eb:7c:7c:98:e3:d3:f6:cd:05: 81:c2:8f:2a:cc:e8:92:3f:c5:1e:19:5c:ca:27:08:b7:5a:0a: 9c:eb:b3:81 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xpqt9nmvWydfdMdXdkU5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1 ZmIwYjUwHhcNMjYwMTAxMDQxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGFlMjllZDczOThmYmQ3OGMwOWY0ZjhkNmIzNWYwZWYzMzNmMTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDpzNVBUb81VU546+F+LeIaRPhBl PB5fFUd60ji90Emu75TJ08YonNzJZeV0OjgN1/wVxowzyEFM2DARk7/cw7U2Izs9 9x5j50rV7MWCx9Y7N8UYIyIvE6ZD92ImwbyczEd/sbjOTGJgYnUnHr9GmqcFsbt1 IL3d5I32ujJKeF7lG5TBv8YOme86XWftHGOF73YNW1jmduIQtDS8rLPLDIVGYDos EEFl7BLG5WUUrV6qCt3fl3WR88Zk/9GFstwxVVzf87VCqJivQyHFgFKqHbd6DyXV 9sJe17s8K7ZpPZaCW1mB428e+0sNO2G3R+/YdYXNcygrC3SGsVH/B1A1eQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLSuKe1zmPvXjAn0+NazXw7zM/GUMB8GA1UdIwQY MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct NWUwZjRhYjgwOWJiLzEvdEs0cDdYT1ktOWVNQ2ZUNDFyTmZEdk16OFpRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCiuLQAwQB nnhIMA0GCSqGSIb3DQEBCwUAA4IBAQAjYtQQBUz26flhSli0EX67gG2VCbSaEbDo fUTPgvrYpRpBubM3lwbQszsUecIIBKEpnRNoLEzRbNHGtUg4xLZz3wS8Qbpy/APA PmCUDvFZJVt+FxDmvItdk9t8qdVJN+RrPxMLShZFICViV+Phby109udZ//1Li3ne FGsI04Mn6QS0YQCSQTULtMjXMo7bD62DS16HO1NZKDuvpBVI/WpZHtDkaQbMn7fu ImzhuhDdXVIBO7YBMsVGc2QC08nYc8hitv1Z7M0Bk6VZVVZN4k2/O+xKEi4FIBCF qq0tJajRYXzrfHyY49P2zQWBwo8qzOiSP8UeGVzKJwi3Wgqc67OB -----END CERTIFICATE-----Generated at Fri Jan 2 14:45:38 2026 by rpki-client