This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/tlAQgGMhDgT__rhJHf56aqlul7E.roa File: tlAQgGMhDgT__rhJHf56aqlul7E.roa (raw, json) Hash identifier: BWDoEWyH3pvyZXWpW+PEd6Elxpc6FH99ZQRpTprPKtE= Subject key identifier: B6:50:10:80:63:21:0E:04:FF:FE:B8:49:1D:FE:7A:6A:A9:6E:97:B1 Certificate issuer: /CN=b2df00f38cced92197993076cb3685bf32bc5e69 Certificate serial: 019B7F15B1BF1CC3BE1A9AD2D54A2B666FAB Authority key identifier: B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/tlAQgGMhDgT__rhJHf56aqlul7E.roa Signing time: Fri 02 Jan 2026 14:21:26 +0000 ROA not before: Fri 02 Jan 2026 14:21:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57111 IP address blocks: 185.103.112.0/22 maxlen: 24 185.199.24.0/22 maxlen: 24 185.204.132.0/22 maxlen: 24 2a0a:9440::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.mft rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:b1:bf:1c:c3:be:1a:9a:d2:d5:4a:2b:66:6f:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b2df00f38cced92197993076cb3685bf32bc5e69 Validity Not Before: Jan 2 14:21:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b650108063210e04fffeb8491dfe7a6aa96e97b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:6e:65:d3:9d:3b:d1:3c:6e:f9:30:12:7b:c7: 57:b8:77:05:b5:24:30:ad:4a:1d:57:4a:f8:63:89: 7a:8e:73:bb:fc:e4:7c:f8:97:fa:0a:09:9b:c4:12: 0e:da:c3:9d:71:b5:41:ef:0b:e9:9c:c5:7f:f6:85: b0:60:95:eb:c1:f2:04:09:bc:b3:fc:fb:26:44:86: 20:af:84:a2:b1:75:6f:d7:35:d8:a2:ba:75:4c:07: 4d:67:0b:b0:5e:f7:b7:b8:f4:7a:a4:b1:4f:f4:08: a4:10:fd:45:87:7d:1d:6e:1b:d7:3c:e3:2f:33:1a: 17:17:ef:3d:21:62:2e:ea:e0:fe:a3:70:b0:77:9c: f9:5a:1b:41:36:22:a5:85:1f:ff:02:55:49:13:53: 52:ab:98:d1:1d:e7:6f:19:4a:d5:30:b1:4a:f6:2d: ad:5f:91:41:d8:0f:38:5f:98:5f:69:36:66:72:81: c1:68:b1:76:d7:51:fd:eb:05:20:ed:07:1c:32:26: 5e:63:2a:b6:c0:51:a5:8d:98:0d:5f:e9:fe:d3:a1: e2:26:82:5e:a5:77:2f:7c:28:5a:1c:2f:d9:cd:bd: db:1c:f7:c6:b5:85:7a:2b:13:9c:d9:53:58:bd:15: 27:70:f3:e8:ef:60:23:91:6a:aa:3d:de:c4:9f:37: 5e:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:50:10:80:63:21:0E:04:FF:FE:B8:49:1D:FE:7A:6A:A9:6E:97:B1 X509v3 Authority Key Identifier: keyid:B2:DF:00:F3:8C:CE:D9:21:97:99:30:76:CB:36:85:BF:32:BC:5E:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/st8A84zO2SGXmTB2yzaFvzK8Xmk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/tlAQgGMhDgT__rhJHf56aqlul7E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/706fa8-52a2-4ed2-a2e1-04e4e4dc5fba/1/st8A84zO2SGXmTB2yzaFvzK8Xmk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.103.112.0/22 185.199.24.0/22 185.204.132.0/22 IPv6: 2a0a:9440::/29 Signature Algorithm: sha256WithRSAEncryption aa:4f:cb:40:e7:50:d7:4f:19:1f:f4:d8:91:bc:bf:48:41:67: 33:dd:84:b0:0c:6f:b8:ff:90:37:54:42:0d:54:da:1a:3a:8f: 7b:8a:89:ab:61:90:e4:b7:2c:22:a4:bb:67:c2:56:80:1c:87: ee:3b:be:b4:aa:19:56:93:9c:89:f4:fa:c1:63:43:41:6a:c0: 3e:f4:62:55:80:cf:c7:15:81:99:16:b5:34:16:f0:72:96:b4: 88:92:70:d7:86:51:6c:4c:84:4f:23:60:39:61:1f:3f:a2:a4: 4d:3b:e9:56:ee:f7:00:15:0e:57:85:19:1b:48:fe:0c:3b:93: d3:ff:89:db:c9:14:05:63:94:56:58:c7:c5:57:6a:78:27:00: 60:6c:85:9d:57:e9:ca:1a:63:62:55:cd:e8:2d:e1:c1:25:6c: d3:96:6e:d9:35:4c:e4:25:cb:05:2e:45:6a:49:ef:2a:33:79: 44:a4:1a:3c:76:97:b8:bc:75:7c:06:c1:31:7b:ac:5b:33:a8: a7:7e:eb:2d:a5:96:45:71:ac:92:94:46:ed:fb:d6:08:69:2e: 72:46:31:03:1a:ba:85:23:64:39:67:00:fc:62:06:ff:3d:6d: 45:e5:45:4c:a8:36:a3:5c:9b:1e:66:98:39:2f:02:16:82:26: 51:bb:29:ad -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/FbG/HMO+GprS1UorZm+rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyZGYwMGYzOGNjZWQ5MjE5Nzk5MzA3NmNiMzY4NWJmMzJi YzVlNjkwHhcNMjYwMTAyMTQyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNjUwMTA4MDYzMjEwZTA0ZmZmZWI4NDkxZGZlN2E2YWE5NmU5N2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm5l05070Txu+TASe8dXuHcFtSQw rUodV0r4Y4l6jnO7/OR8+Jf6CgmbxBIO2sOdcbVB7wvpnMV/9oWwYJXrwfIECbyz /PsmRIYgr4SisXVv1zXYorp1TAdNZwuwXve3uPR6pLFP9AikEP1Fh30dbhvXPOMv MxoXF+89IWIu6uD+o3Cwd5z5WhtBNiKlhR//AlVJE1NSq5jRHedvGUrVMLFK9i2t X5FB2A84X5hfaTZmcoHBaLF211H96wUg7QccMiZeYyq2wFGljZgNX+n+06HiJoJe pXcvfChaHC/Zzb3bHPfGtYV6KxOc2VNYvRUncPPo72AjkWqqPd7EnzdeAwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFLZQEIBjIQ4E//64SR3+emqpbpexMB8GA1UdIwQY MBaAFLLfAPOMztkhl5kwdss2hb8yvF5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEt MDRlNGU0ZGM1ZmJhLzEvdGxBUWdHTWhEZ1RfX3JoSkhmNTZhcWx1bDdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi83MDZmYTgtNTJhMi00ZWQyLWEyZTEtMDRlNGU0ZGM1ZmJh LzEvc3Q4QTg0ek8yU0dYbVRCMnl6YUZ2eks4WG1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWdwAwQC uccYAwQCucyEMA0EAgACMAcDBQMqCpRAMA0GCSqGSIb3DQEBCwUAA4IBAQCqT8tA 51DXTxkf9NiRvL9IQWcz3YSwDG+4/5A3VEINVNoaOo97iomrYZDktywipLtnwlaA HIfuO760qhlWk5yJ9PrBY0NBasA+9GJVgM/HFYGZFrU0FvBylrSIknDXhlFsTIRP I2A5YR8/oqRNO+lW7vcAFQ5XhRkbSP4MO5PT/4nbyRQFY5RWWMfFV2p4JwBgbIWd V+nKGmNiVc3oLeHBJWzTlm7ZNUzkJcsFLkVqSe8qM3lEpBo8dpe4vHV8BsExe6xb M6infustpZZFcaySlEbt+9YIaS5yRjEDGrqFI2Q5ZwD8Ygb/PW1F5UVMqDajXJse Zpg5LwIWgiZRuymt -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:19 2026 by rpki-client