This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/tszARLbMXBEIxwdiymgQ3NHG6Wg.roa File: tszARLbMXBEIxwdiymgQ3NHG6Wg.roa (raw, json) Hash identifier: jAFxokkoCog3haWB8r0ULaLqiqrv63FYz7hJiW/N96w= Subject key identifier: B6:CC:C0:44:B6:CC:5C:11:08:C7:07:62:CA:68:10:DC:D1:C6:E9:68 Certificate issuer: /CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104 Certificate serial: 019B7AC89311C0AEF331ECD61887AA1E8E8A Authority key identifier: 52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/tszARLbMXBEIxwdiymgQ3NHG6Wg.roa Signing time: Thu 01 Jan 2026 18:18:43 +0000 ROA not before: Thu 01 Jan 2026 18:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47258 IP address blocks: 94.143.48.0/21 maxlen: 24 185.51.124.0/22 maxlen: 24 2a04:be20::/30 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:93:11:c0:ae:f3:31:ec:d6:18:87:aa:1e:8e:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104 Validity Not Before: Jan 1 18:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b6ccc044b6cc5c1108c70762ca6810dcd1c6e968 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7b:35:ea:e9:6f:fe:bd:f0:6f:6f:96:e1:60: d5:ea:0e:9b:0c:03:44:45:a9:4d:0f:e8:60:1c:79: d7:65:f8:3e:1a:1e:ad:40:28:08:c2:9d:e5:3a:ee: f0:e0:72:18:a9:48:42:d3:5b:23:b8:c7:e1:58:25: 5b:03:7f:1b:8d:17:07:53:c0:c9:cd:06:71:4d:3f: 59:be:77:af:c5:8c:6d:78:7e:3a:79:33:8e:ca:ad: d9:84:93:30:ca:41:26:34:20:ac:64:5d:ac:86:6c: e1:fb:61:e3:19:ba:18:e8:72:e7:55:64:3d:0f:38: 75:1a:32:14:88:00:d1:6d:77:f3:92:ba:0c:db:08: 06:bb:c5:5f:29:c3:31:41:b6:2d:2b:22:d4:25:2a: 3a:5c:d6:06:44:72:73:ce:4d:f0:df:9d:a4:c3:d6: 79:36:9f:ee:40:62:3e:ff:03:fd:fa:68:ce:75:5b: f6:41:c3:ab:bd:01:e9:cb:8e:12:6b:4a:b3:39:f9: c9:80:60:4e:66:04:c5:2b:f1:58:21:dd:3a:b9:a2: 91:ce:bb:d4:5a:e1:64:5b:78:60:76:e5:0b:b1:e6: a6:4d:6c:41:13:2b:b9:3d:a3:27:da:1b:de:e7:3d: 6a:22:77:44:4b:e2:ba:8b:53:e8:5e:21:91:02:77: 4f:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:CC:C0:44:B6:CC:5C:11:08:C7:07:62:CA:68:10:DC:D1:C6:E9:68 X509v3 Authority Key Identifier: keyid:52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/tszARLbMXBEIxwdiymgQ3NHG6Wg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.143.48.0/21 185.51.124.0/22 IPv6: 2a04:be20::/30 Signature Algorithm: sha256WithRSAEncryption d4:eb:87:6c:00:a7:f0:e4:87:4a:5d:7b:44:7b:b9:65:56:55: b4:af:af:fa:f8:a0:c5:8d:13:95:97:29:e9:7e:85:69:02:f6: 7d:d3:ce:d3:9e:06:a5:04:ca:f2:fa:77:69:da:e9:f5:9c:47: 02:f2:79:dc:fe:de:e9:56:02:eb:ba:58:c2:f1:79:df:08:a8: 81:dd:3a:9f:9e:a4:f6:85:40:dc:c7:e4:be:41:c5:9d:99:e0: 14:fe:a1:e9:b8:83:0f:71:98:f1:7d:a3:fb:01:92:e9:7a:ff: bf:50:ca:01:03:27:4a:d7:66:24:9a:d1:69:8d:72:5f:7f:18: f3:48:cf:f7:22:5b:2e:af:64:29:aa:af:35:36:89:86:18:83: dd:96:31:b2:95:be:96:90:15:7a:82:a6:83:3a:1d:4c:e1:02: 43:8d:b3:83:de:4d:ad:02:c2:fe:8d:90:05:16:95:8d:e9:ef: e0:dd:b5:55:90:d5:fd:19:ce:30:e1:2e:91:78:cf:29:68:82: be:ea:0d:ef:19:8b:dd:8f:b1:58:80:c7:ab:d7:87:0b:23:14: ee:c2:ff:34:fa:7f:52:6c:87:86:85:3d:54:6a:52:2f:e8:d3: 85:e1:07:de:ad:37:7d:41:ab:61:1d:aa:41:80:df:9d:5b:d1: af:70:55:90 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6yJMRwK7zMezWGIeqHo6KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyODliNmE4YmZhYWM1YzhjMDlhNDhjMDQyODE5ZGZjNWVh NDUxMDQwHhcNMjYwMTAxMTgxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNmNjYzA0NGI2Y2M1YzExMDhjNzA3NjJjYTY4MTBkY2QxYzZlOTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3s16ulv/r3wb2+W4WDV6g6bDANE RalND+hgHHnXZfg+Gh6tQCgIwp3lOu7w4HIYqUhC01sjuMfhWCVbA38bjRcHU8DJ zQZxTT9ZvnevxYxteH46eTOOyq3ZhJMwykEmNCCsZF2shmzh+2HjGboY6HLnVWQ9 Dzh1GjIUiADRbXfzkroM2wgGu8VfKcMxQbYtKyLUJSo6XNYGRHJzzk3w352kw9Z5 Np/uQGI+/wP9+mjOdVv2QcOrvQHpy44Sa0qzOfnJgGBOZgTFK/FYId06uaKRzrvU WuFkW3hgduULseamTWxBEyu5PaMn2hve5z1qIndES+K6i1PoXiGRAndP9QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLbMwES2zFwRCMcHYspoENzRxuloMB8GA1UdIwQY MBaAFFKJtqi/qsXIwJpIwEKBnfxepFEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMt YjJkYTk3N2U0MDdkLzEvdHN6QVJMYk1YQkVJeHdkaXltZ1EzTkhHNldnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMtYjJkYTk3N2U0MDdk LzEvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo8wAwQC uTN8MA0EAgACMAcDBQIqBL4gMA0GCSqGSIb3DQEBCwUAA4IBAQDU64dsAKfw5IdK XXtEe7llVlW0r6/6+KDFjROVlynpfoVpAvZ9087TngalBMry+ndp2un1nEcC8nnc /t7pVgLruljC8XnfCKiB3TqfnqT2hUDcx+S+QcWdmeAU/qHpuIMPcZjxfaP7AZLp ev+/UMoBAydK12YkmtFpjXJffxjzSM/3Ilsur2Qpqq81NomGGIPdljGylb6WkBV6 gqaDOh1M4QJDjbOD3k2tAsL+jZAFFpWN6e/g3bVVkNX9Gc4w4S6ReM8paIK+6g3v GYvdj7FYgMer14cLIxTuwv80+n9SbIeGhT1UalIv6NOF4QferTd9QathHapBgN+d W9GvcFWQ -----END CERTIFICATE-----Generated at Mon Jan 19 08:04:30 2026 by rpki-client