This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tF_dWeXosgf_cEdTZXL7BpMYudQ.roa File: tF_dWeXosgf_cEdTZXL7BpMYudQ.roa (raw, json) Hash identifier: jHB6WeytxEkemIJjz6vCVCALxk1t21/5M24ex0QRkJI= Subject key identifier: B4:5F:DD:59:E5:E8:B2:07:FF:70:47:53:65:72:FB:06:93:18:B9:D4 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D4DC99B58458C1570D7D1EA927C12 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tF_dWeXosgf_cEdTZXL7BpMYudQ.roa Signing time: Fri 02 Jan 2026 06:20:25 +0000 ROA not before: Fri 02 Jan 2026 06:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197854 IP address blocks: 45.130.200.0/24 maxlen: 24 2a10:7401::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:4d:c9:9b:58:45:8c:15:70:d7:d1:ea:92:7c:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b45fdd59e5e8b207ff7047536572fb069318b9d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:82:e0:4c:ea:8b:6c:89:0b:e7:97:78:73:e3:32: 85:f5:4c:18:88:7f:36:90:df:92:3d:73:d3:3a:07: ac:fd:82:a3:b6:94:a0:e6:22:0b:80:19:56:22:54: 47:d3:42:17:92:8f:95:a2:bf:f0:78:29:fa:f6:29: d0:30:13:d7:96:d3:24:19:58:0c:dc:de:0b:1b:d3: fa:a4:f4:37:25:7f:f5:40:31:65:e2:0d:f7:50:46: 7e:36:9f:34:b8:b4:e7:3f:54:11:66:53:c8:7c:1b: 59:1d:36:7c:97:e2:d1:a5:16:9e:23:6f:c7:76:6c: d9:ca:9b:96:37:ec:ed:4c:02:4d:19:6e:7d:1c:a2: d0:f0:a5:22:3d:31:cf:50:80:13:70:a9:24:ea:1c: c2:ad:08:a8:c7:98:03:c3:88:b4:d4:79:34:bb:bc: 9f:57:8e:94:d0:87:be:53:27:18:99:21:6e:a0:ec: 03:a8:20:1f:09:ef:6a:6f:68:20:f5:53:49:ff:60: d3:8f:d9:98:24:d6:bc:16:13:4c:1d:e7:a2:43:ab: 83:7d:96:67:d1:8d:2f:c0:ad:b3:37:88:9e:14:c9: 97:34:d0:68:e9:55:a1:e8:77:c5:b9:47:b8:4c:cb: 66:03:ba:7d:4d:f4:ce:9d:64:64:12:68:cf:ce:c0: 2d:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:5F:DD:59:E5:E8:B2:07:FF:70:47:53:65:72:FB:06:93:18:B9:D4 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tF_dWeXosgf_cEdTZXL7BpMYudQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.130.200.0/24 IPv6: 2a10:7401::/32 Signature Algorithm: sha256WithRSAEncryption 39:bc:0f:b8:0d:ce:a3:1e:9f:08:bc:cf:42:ab:7d:17:0b:49: a9:86:70:cb:07:fa:6b:1e:dc:b4:9f:6d:76:3e:f4:df:07:6e: b0:5c:25:e4:ec:fa:6d:19:9f:f1:26:f7:27:b4:40:ec:33:b7: ae:55:42:6a:74:15:31:38:bf:d5:2d:c9:df:05:e5:02:9f:b0: e0:a5:89:53:74:eb:2f:9a:1c:64:fb:1c:d6:d3:ba:7d:c5:56: d6:40:b2:17:fd:ad:d8:7a:e0:9b:8f:75:f3:96:63:44:e4:7e: 50:20:41:b0:27:54:c9:e3:ad:71:71:6a:ed:7e:ac:9e:77:45: 5d:8f:44:ae:cd:fb:c3:38:92:84:b0:4e:c5:4a:1d:10:cb:7f: 1c:27:3f:36:d7:ea:6e:7a:b5:da:a6:53:cd:e1:11:de:e9:74: 01:ac:84:3b:f7:30:e3:bc:03:01:19:06:20:0e:cf:98:be:88: 50:f7:7b:f2:73:c4:b2:b8:fc:f2:12:08:c0:6c:e7:df:fb:14: 06:4e:cd:95:2d:1a:65:2f:56:55:f3:f2:f6:53:83:a5:29:74: bf:38:27:d4:18:a2:d5:2a:3b:3e:27:f3:d0:ef:1c:c6:c7:98: 5e:16:8a:be:ee:19:2f:88:2c:19:51:0f:74:b3:6b:ce:89:3d: 3e:b8:7d:00 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XU3Jm1hFjBVw19HqknwSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNDVmZGQ1OWU1ZThiMjA3ZmY3MDQ3NTM2NTcyZmIwNjkzMThiOWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguBM6otsiQvnl3hz4zKF9UwYiH82 kN+SPXPTOges/YKjtpSg5iILgBlWIlRH00IXko+Vor/weCn69inQMBPXltMkGVgM 3N4LG9P6pPQ3JX/1QDFl4g33UEZ+Np80uLTnP1QRZlPIfBtZHTZ8l+LRpRaeI2/H dmzZypuWN+ztTAJNGW59HKLQ8KUiPTHPUIATcKkk6hzCrQiox5gDw4i01Hk0u7yf V46U0Ie+UycYmSFuoOwDqCAfCe9qb2gg9VNJ/2DTj9mYJNa8FhNMHeeiQ6uDfZZn 0Y0vwK2zN4ieFMmXNNBo6VWh6HfFuUe4TMtmA7p9TfTOnWRkEmjPzsAtAQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLRf3Vnl6LIH/3BHU2Vy+waTGLnUMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvdEZfZFdlWG9zZ2ZfY0VkVFpYTDdCcE1ZdWRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALYLIMA0E AgACMAcDBQAqEHQBMA0GCSqGSIb3DQEBCwUAA4IBAQA5vA+4Dc6jHp8IvM9Cq30X C0mphnDLB/prHty0n212PvTfB26wXCXk7PptGZ/xJvcntEDsM7euVUJqdBUxOL/V LcnfBeUCn7DgpYlTdOsvmhxk+xzW07p9xVbWQLIX/a3YeuCbj3XzlmNE5H5QIEGw J1TJ461xcWrtfqyed0Vdj0SuzfvDOJKEsE7FSh0Qy38cJz821+puerXaplPN4RHe 6XQBrIQ79zDjvAMBGQYgDs+YvohQ93vyc8SyuPzyEgjAbOff+xQGTs2VLRplL1ZV 8/L2U4OlKXS/OCfUGKLVKjs+J/PQ7xzGx5heFoq+7hkviCwZUQ90s2vOiT0+uH0A -----END CERTIFICATE-----Generated at Mon Jan 19 19:56:38 2026 by rpki-client