This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/tfKI27h4y6Yqd_bp6Jq3Mvuha5U.roa File: tfKI27h4y6Yqd_bp6Jq3Mvuha5U.roa (raw, json) Hash identifier: nvsIEu3C8vbMw8Dq30qS8gfgwYf/q4CpFRCeTjasyyY= Subject key identifier: B5:F2:88:DB:B8:78:CB:A6:2A:77:F6:E9:E8:9A:B7:32:FB:A1:6B:95 Certificate issuer: /CN=827313247c486fe434833c09087a00a900301840 Certificate serial: 019B76EB61B537A74526456FFEEB87541E70 Authority key identifier: 82:73:13:24:7C:48:6F:E4:34:83:3C:09:08:7A:00:A9:00:30:18:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/tfKI27h4y6Yqd_bp6Jq3Mvuha5U.roa Signing time: Thu 01 Jan 2026 00:18:16 +0000 ROA not before: Thu 01 Jan 2026 00:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198040 IP address blocks: 91.233.204.0/23 maxlen: 23 176.103.160.0/21 maxlen: 21 2001:678:e1c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.mft rsync://rpki.ripe.net/repository/DEFAULT/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:61:b5:37:a7:45:26:45:6f:fe:eb:87:54:1e:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=827313247c486fe434833c09087a00a900301840 Validity Not Before: Jan 1 00:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b5f288dbb878cba62a77f6e9e89ab732fba16b95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a3:24:0b:29:cb:08:29:de:d8:5b:58:a7:68: 22:2f:55:87:b0:25:26:35:ca:ca:59:ae:af:57:79: a2:93:83:67:81:87:8b:12:00:a1:59:6d:68:33:a4: ca:6e:d2:d1:7a:4a:0b:ac:7f:47:2b:69:cb:35:bf: 45:0d:56:1c:f5:7e:97:fd:33:94:62:a0:ab:54:44: 79:64:4b:47:ea:e8:3c:07:6e:38:4a:a1:b4:23:59: f0:e1:87:41:5e:0c:24:4b:48:60:4f:ed:a9:0e:32: d6:71:0c:4d:c7:fc:95:2e:a1:20:1d:11:ef:04:8c: ed:73:1f:cb:c2:eb:e4:0d:4e:c1:a9:91:ac:80:2e: a5:eb:cd:c1:e3:7a:db:dd:79:b6:65:b1:db:a5:28: 4e:6a:ef:5a:8d:28:be:fe:5e:cb:6d:54:f7:a6:cb: ca:aa:ef:16:9b:c8:f3:71:c1:10:3b:1c:7a:55:55: 57:99:71:b9:c4:d8:b8:8d:4d:ce:0b:6b:59:52:36: 54:50:88:22:0d:6b:0b:cd:b8:2c:75:5b:da:fb:70: b4:da:fb:82:ff:d0:a5:66:51:b2:8c:8a:8d:1f:bd: 7b:a3:b3:33:2a:d7:be:39:a4:be:96:fb:d9:9e:2e: 75:bd:0e:8b:2a:24:ab:8d:97:f5:9d:08:a2:8e:a2: a8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:F2:88:DB:B8:78:CB:A6:2A:77:F6:E9:E8:9A:B7:32:FB:A1:6B:95 X509v3 Authority Key Identifier: keyid:82:73:13:24:7C:48:6F:E4:34:83:3C:09:08:7A:00:A9:00:30:18:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/tfKI27h4y6Yqd_bp6Jq3Mvuha5U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.233.204.0/23 176.103.160.0/21 IPv6: 2001:678:e1c::/48 Signature Algorithm: sha256WithRSAEncryption 57:99:2e:3b:f1:0a:2e:b0:07:5b:ab:1b:2f:60:44:c5:4d:dc: 37:6b:2d:5e:58:4f:cf:ef:87:2b:42:02:ca:b1:a8:2b:8e:c8: aa:28:cf:c7:20:6c:5c:d3:d3:cc:f1:5e:46:d8:ed:5f:de:89: 86:09:fb:42:74:6f:f3:65:b6:07:5a:01:e2:d9:21:81:67:3a: f9:66:1d:44:ef:db:60:6c:3a:11:fb:7a:ea:90:c5:34:b3:3e: 3d:84:b9:18:93:7d:86:5f:e2:d5:37:cb:fc:29:59:07:28:07: 02:a2:58:3f:37:b5:21:1c:22:a2:2a:23:15:0d:9e:61:49:5a: 47:6c:d7:a0:56:c0:86:ac:d8:92:4e:bb:d4:83:fd:49:42:97: d0:11:0b:6b:59:6f:e7:5a:94:c0:ea:dd:84:3d:cc:a1:d6:e0: f4:04:da:56:cd:d7:94:b1:19:04:ee:8f:4b:d8:9d:e9:85:43: 06:98:e5:fc:76:0d:d5:e6:6f:b9:61:ae:a2:c5:19:7c:e6:8f: fa:cc:23:70:e3:b2:d4:0c:78:b1:55:39:82:40:b8:08:08:ce: a4:e3:1c:16:37:0a:58:48:50:43:5e:76:f6:02:7f:32:72:61: dc:18:2d:ed:e5:8e:16:13:a0:ff:f3:c9:c3:7d:b2:89:c2:6c: 4a:b4:da:6e -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt262G1N6dFJkVv/uuHVB5wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNzMxMzI0N2M0ODZmZTQzNDgzM2MwOTA4N2EwMGE5MDAz MDE4NDAwHhcNMjYwMTAxMDAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNWYyODhkYmI4NzhjYmE2MmE3N2Y2ZTllODlhYjczMmZiYTE2Yjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqMkCynLCCne2FtYp2giL1WHsCUm NcrKWa6vV3mik4NngYeLEgChWW1oM6TKbtLRekoLrH9HK2nLNb9FDVYc9X6X/TOU YqCrVER5ZEtH6ug8B244SqG0I1nw4YdBXgwkS0hgT+2pDjLWcQxNx/yVLqEgHRHv BIztcx/LwuvkDU7BqZGsgC6l683B43rb3Xm2ZbHbpShOau9ajSi+/l7LbVT3psvK qu8Wm8jzccEQOxx6VVVXmXG5xNi4jU3OC2tZUjZUUIgiDWsLzbgsdVva+3C02vuC /9ClZlGyjIqNH717o7MzKte+OaS+lvvZni51vQ6LKiSrjZf1nQiijqKoXwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFLXyiNu4eMumKnf26eiatzL7oWuVMB8GA1UdIwQY MBaAFIJzEyR8SG/kNIM8CQh6AKkAMBhAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ25NVEpIeEliLVEwZ3p3SkNIb0FxUUF3R0VBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC84NWIwNDMtMzZkOC00MTM2LTk4MzUt OGQ0NzcyNTk4MzliLzEvdGZLSTI3aDR5NllxZF9icDZKcTNNdnVoYTVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC84NWIwNDMtMzZkOC00MTM2LTk4MzUtOGQ0NzcyNTk4Mzli LzEvZ25NVEpIeEliLVEwZ3p3SkNIb0FxUUF3R0VBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW+nMAwQD sGegMA8EAgACMAkDBwAgAQZ4DhwwDQYJKoZIhvcNAQELBQADggEBAFeZLjvxCi6w B1urGy9gRMVN3DdrLV5YT8/vhytCAsqxqCuOyKooz8cgbFzT08zxXkbY7V/eiYYJ +0J0b/NltgdaAeLZIYFnOvlmHUTv22BsOhH7euqQxTSzPj2EuRiTfYZf4tU3y/wp WQcoBwKiWD83tSEcIqIqIxUNnmFJWkds16BWwIas2JJOu9SD/UlCl9ARC2tZb+da lMDq3YQ9zKHW4PQE2lbN15SxGQTuj0vYnemFQwaY5fx2DdXmb7lhrqLFGXzmj/rM I3DjstQMeLFVOYJAuAgIzqTjHBY3ClhIUENedvYCfzJyYdwYLe3ljhYToP/zycN9 sonCbEq02m4= -----END CERTIFICATE-----Generated at Mon Feb 9 20:02:51 2026 by rpki-client