This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/tLzYTCMgcEaSpA6pqJ49xM0mJhg.roa File: tLzYTCMgcEaSpA6pqJ49xM0mJhg.roa (raw, json) Hash identifier: v1AukhZWCgWLe1okLFBBNkZmMt/d4/1gGQHfd9186v8= Subject key identifier: B4:BC:D8:4C:23:20:70:46:92:A4:0E:A9:A8:9E:3D:C4:CD:26:26:18 Certificate issuer: /CN=65c293380bc41f52d9131585a8580038f92f5dcc Certificate serial: 019B7E381B3875A89025DF812EBA4AF4A3CD Authority key identifier: 65:C2:93:38:0B:C4:1F:52:D9:13:15:85:A8:58:00:38:F9:2F:5D:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZcKTOAvEH1LZExWFqFgAOPkvXcw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/tLzYTCMgcEaSpA6pqJ49xM0mJhg.roa Signing time: Fri 02 Jan 2026 10:19:24 +0000 ROA not before: Fri 02 Jan 2026 10:19:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 680 IP address blocks: 139.174.0.0/16 maxlen: 16 192.109.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/ZcKTOAvEH1LZExWFqFgAOPkvXcw.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/ZcKTOAvEH1LZExWFqFgAOPkvXcw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZcKTOAvEH1LZExWFqFgAOPkvXcw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:1b:38:75:a8:90:25:df:81:2e:ba:4a:f4:a3:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65c293380bc41f52d9131585a8580038f92f5dcc Validity Not Before: Jan 2 10:19:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b4bcd84c2320704692a40ea9a89e3dc4cd262618 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:77:19:aa:39:62:63:c5:ad:0b:a5:ea:db:39: 4b:86:a5:da:3b:ee:99:8f:aa:51:66:fd:1e:9d:89: 0d:15:b7:90:76:b7:75:40:2d:ed:73:ef:c9:2a:c3: 1d:58:bf:dd:b1:0e:f0:ef:05:75:92:66:a3:b2:71: 38:01:20:1d:11:56:4f:a8:dc:2c:c8:95:ad:fc:f8: 3d:42:a7:41:cc:b1:d7:cf:6c:ac:64:15:79:a5:40: fc:57:44:4c:73:96:ab:44:e0:31:47:e2:f4:8d:01: a6:42:34:38:8c:f5:8d:8a:4b:53:2d:cb:45:52:aa: 89:d3:0f:f6:93:42:2c:29:b2:b2:70:50:c1:a1:81: e5:30:b2:6e:ab:86:9a:2c:7e:26:8c:bf:e5:ae:f1: af:c3:d2:1e:26:e1:8c:7a:4e:e8:c4:2b:5d:95:37: 98:5e:d1:73:a4:c1:d3:10:c0:a0:af:8c:bf:d0:31: 7b:71:44:10:09:be:cf:03:d3:55:4e:e1:1f:b1:9c: 5c:c3:87:63:08:b2:53:20:33:c8:7b:91:e7:9d:fd: 06:85:ab:9e:13:a2:53:6a:66:2d:60:16:4c:2a:3f: 5e:2c:19:2b:4f:c3:74:e8:db:fd:07:20:c8:60:8a: f4:5b:97:40:aa:2c:63:01:b8:93:da:6b:4e:66:2f: ff:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:BC:D8:4C:23:20:70:46:92:A4:0E:A9:A8:9E:3D:C4:CD:26:26:18 X509v3 Authority Key Identifier: keyid:65:C2:93:38:0B:C4:1F:52:D9:13:15:85:A8:58:00:38:F9:2F:5D:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZcKTOAvEH1LZExWFqFgAOPkvXcw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/tLzYTCMgcEaSpA6pqJ49xM0mJhg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b170fb-a1be-4bd9-adb6-fe6dc17583e3/1/ZcKTOAvEH1LZExWFqFgAOPkvXcw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.174.0.0/16 192.109.175.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:3d:fd:fd:1e:11:7f:73:db:6e:5a:59:d2:5c:ab:dd:36:f9: 36:4f:44:e0:7a:f2:60:0c:46:af:1f:d0:b1:19:d6:9f:93:23: a3:79:21:21:55:03:ee:c9:db:83:a1:93:c8:ac:2b:3d:68:ed: f0:66:6c:8e:e4:b7:22:99:36:6b:13:2f:6a:c0:04:b3:90:12: f7:22:ef:61:8f:0e:03:e3:0c:12:f7:86:79:ef:5b:b4:03:f5: 32:e6:84:c6:c7:c4:67:98:47:44:60:6b:5c:31:f9:75:bc:db: 5d:94:29:97:3e:b1:a4:a5:a0:d9:f4:a3:a9:f1:aa:22:c3:00: d6:14:67:f7:30:12:45:0a:6e:9b:0e:8e:89:2e:b8:be:51:d4: a1:c4:b9:03:75:3c:da:f1:06:36:86:e8:43:71:73:f1:b5:36: 66:a8:61:cc:71:d6:da:12:c2:30:71:04:0f:42:1c:6c:0e:68: e7:4f:d8:43:ab:a3:29:00:4b:8f:1d:8c:f4:72:c1:10:68:da: 7f:25:f9:c0:3e:ea:b1:09:98:11:6e:fc:a1:41:5d:4b:4f:b9: e9:79:2f:47:aa:26:5d:2b:f1:f6:7d:ee:ec:9e:e3:40:1e:13: 81:ac:62:04:25:76:e2:c7:fe:01:20:7a:98:95:26:d8:63:6e: c1:de:2e:fd -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt+OBs4daiQJd+BLrpK9KPNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1YzI5MzM4MGJjNDFmNTJkOTEzMTU4NWE4NTgwMDM4Zjky ZjVkY2MwHhcNMjYwMTAyMTAxOTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNGJjZDg0YzIzMjA3MDQ2OTJhNDBlYTlhODllM2RjNGNkMjYyNjE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHcZqjliY8WtC6Xq2zlLhqXaO+6Z j6pRZv0enYkNFbeQdrd1QC3tc+/JKsMdWL/dsQ7w7wV1kmajsnE4ASAdEVZPqNws yJWt/Pg9QqdBzLHXz2ysZBV5pUD8V0RMc5arROAxR+L0jQGmQjQ4jPWNiktTLctF UqqJ0w/2k0IsKbKycFDBoYHlMLJuq4aaLH4mjL/lrvGvw9IeJuGMek7oxCtdlTeY XtFzpMHTEMCgr4y/0DF7cUQQCb7PA9NVTuEfsZxcw4djCLJTIDPIe5Hnnf0Ghaue E6JTamYtYBZMKj9eLBkrT8N06Nv9ByDIYIr0W5dAqixjAbiT2mtOZi//HQIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFLS82EwjIHBGkqQOqaiePcTNJiYYMB8GA1UdIwQY MBaAFGXCkzgLxB9S2RMVhahYADj5L13MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmNLVE9BdkVIMUxaRXhXRnFGZ0FPUGt2WGN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iMTcwZmItYTFiZS00YmQ5LWFkYjYt ZmU2ZGMxNzU4M2UzLzEvdEx6WVRDTWdjRWFTcEE2cHFKNDl4TTBtSmhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9iMTcwZmItYTFiZS00YmQ5LWFkYjYtZmU2ZGMxNzU4M2Uz LzEvWmNLVE9BdkVIMUxaRXhXRnFGZ0FPUGt2WGN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAi64DBADA ba8wDQYJKoZIhvcNAQELBQADggEBAEo9/f0eEX9z225aWdJcq902+TZPROB68mAM Rq8f0LEZ1p+TI6N5ISFVA+7J24Ohk8isKz1o7fBmbI7ktyKZNmsTL2rABLOQEvci 72GPDgPjDBL3hnnvW7QD9TLmhMbHxGeYR0Rga1wx+XW8212UKZc+saSloNn0o6nx qiLDANYUZ/cwEkUKbpsOjokuuL5R1KHEuQN1PNrxBjaG6ENxc/G1NmaoYcxx1toS wjBxBA9CHGwOaOdP2EOroykAS48djPRywRBo2n8l+cA+6rEJmBFu/KFBXUtPuel5 L0eqJl0r8fZ97uye40AeE4GsYgQlduLH/gEgepiVJthjbsHeLv0= -----END CERTIFICATE-----Generated at Tue Jan 27 11:26:45 2026 by rpki-client