This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2ffeff-6b0b-40c8-87ec-1f1642507193/1/TjUAHrNX6D8KKFwZiePYTV0m3bk.roa File: TjUAHrNX6D8KKFwZiePYTV0m3bk.roa (raw, json) Hash identifier: 61/mGPF5yOHT2ppU4Jvr6b/vuT6FmCh4sw4OsDecTfo= Subject key identifier: 4E:35:00:1E:B3:57:E8:3F:0A:28:5C:19:89:E3:D8:4D:5D:26:DD:B9 Certificate issuer: /CN=ffb9a5f328cc306527cc4c474bdc4b13a746a1a8 Certificate serial: 019C1E780EEB42E5B1B48A2CD6977F4CFE59 Authority key identifier: FF:B9:A5:F3:28:CC:30:65:27:CC:4C:47:4B:DC:4B:13:A7:46:A1:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_7ml8yjMMGUnzExHS9xLE6dGoag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/2ffeff-6b0b-40c8-87ec-1f1642507193/1/TjUAHrNX6D8KKFwZiePYTV0m3bk.roa Signing time: Mon 02 Feb 2026 13:08:30 +0000 ROA not before: Mon 02 Feb 2026 13:08:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203636 IP address blocks: 2a04:cac0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/2ffeff-6b0b-40c8-87ec-1f1642507193/1/_7ml8yjMMGUnzExHS9xLE6dGoag.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/2ffeff-6b0b-40c8-87ec-1f1642507193/1/_7ml8yjMMGUnzExHS9xLE6dGoag.mft rsync://rpki.ripe.net/repository/DEFAULT/_7ml8yjMMGUnzExHS9xLE6dGoag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Feb 2026 18:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:1e:78:0e:eb:42:e5:b1:b4:8a:2c:d6:97:7f:4c:fe:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffb9a5f328cc306527cc4c474bdc4b13a746a1a8 Validity Not Before: Feb 2 13:08:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4e35001eb357e83f0a285c1989e3d84d5d26ddb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:e7:c7:88:6c:75:84:a3:da:3c:df:05:6d:b4: 68:ef:3d:a7:99:02:62:b0:88:3e:17:df:88:a9:96: e9:f6:f3:e0:ba:88:a0:5d:c0:b8:e3:78:d1:66:e6: 81:ef:13:f1:4a:8d:bd:f3:f9:65:9d:f2:c4:d1:ec: 90:45:d8:53:bb:8e:ff:ff:d1:53:3d:7e:90:9c:24: b3:c0:88:50:ea:73:e0:12:b0:c7:09:21:a1:bf:ec: 9f:ec:30:8c:59:0e:6d:5c:cf:e3:d6:a9:df:a1:8c: b7:e9:5e:0f:c9:49:e0:54:70:82:b9:58:d2:38:af: dd:4a:41:ae:02:a7:d0:62:4d:bb:e7:fc:5d:b3:1f: bb:68:ce:13:c7:9f:ae:15:e3:b9:50:34:0e:96:69: 08:67:54:9f:fa:df:8d:13:c2:32:cf:da:1c:62:23: 22:52:04:5a:d0:eb:5c:a5:5f:df:7d:6d:41:f9:b6: bf:5e:88:a8:3c:78:b6:83:6b:61:6e:96:ea:6d:94: c7:4f:70:35:78:dd:cc:ba:39:25:01:d1:24:57:c6: 2e:84:04:6d:d5:10:15:59:69:4c:24:d6:cd:c6:1a: 1e:ce:e9:e2:b3:02:c5:a3:60:a6:a4:cd:cc:85:56: 9b:6a:e9:8f:df:f5:d6:03:e0:bc:0e:74:66:8c:7d: 26:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:35:00:1E:B3:57:E8:3F:0A:28:5C:19:89:E3:D8:4D:5D:26:DD:B9 X509v3 Authority Key Identifier: keyid:FF:B9:A5:F3:28:CC:30:65:27:CC:4C:47:4B:DC:4B:13:A7:46:A1:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_7ml8yjMMGUnzExHS9xLE6dGoag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2ffeff-6b0b-40c8-87ec-1f1642507193/1/TjUAHrNX6D8KKFwZiePYTV0m3bk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2ffeff-6b0b-40c8-87ec-1f1642507193/1/_7ml8yjMMGUnzExHS9xLE6dGoag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:cac0::/32 Signature Algorithm: sha256WithRSAEncryption 27:85:02:a5:88:ee:39:29:f2:02:e0:1d:cb:ee:b2:7d:35:6b: 4b:e4:b2:49:d0:e1:9b:20:e4:fb:1a:07:28:6a:16:6b:fa:81: 04:84:b3:ab:04:88:33:8c:72:8c:be:6d:ea:fe:d0:3f:a1:74: cf:a4:2a:b0:c4:3f:92:a8:c5:83:d4:0a:20:16:a6:f4:28:ee: 77:1c:a4:a2:4f:a1:e7:68:a7:51:ba:79:66:c6:2f:02:19:8e: 06:52:09:44:6a:3c:79:4f:92:2e:9b:99:86:07:46:bc:96:3a: 08:f9:1b:9e:f1:33:49:b6:5f:22:c3:cf:0f:fd:0c:07:ef:cb: 43:78:c0:3f:c0:40:db:ff:c0:dd:72:cd:4c:12:4e:7f:d6:6f: ea:82:13:6d:c6:cd:a9:5d:e6:ed:64:fa:33:b3:73:1f:8f:1f: 93:4c:73:87:6b:e9:2c:93:bd:70:a4:41:ac:ba:58:91:a4:e6: f9:cc:17:d7:3b:3f:e8:38:0a:49:02:39:0f:d7:f7:2c:fb:ee: 34:3d:3b:36:95:77:e4:bc:6b:2e:36:28:8f:da:82:d2:a7:08: 52:ca:a2:b6:81:b1:a6:99:b6:d5:13:7a:f9:a2:f9:ef:87:2d: d1:72:0b:e8:e8:93:33:b0:28:e7:cf:e3:2e:f6:6f:20:33:30: f9:7b:96:9b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZweeA7rQuWxtIos1pd/TP5ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmYjlhNWYzMjhjYzMwNjUyN2NjNGM0NzRiZGM0YjEzYTc0 NmExYTgwHhcNMjYwMjAyMTMwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZTM1MDAxZWIzNTdlODNmMGEyODVjMTk4OWUzZDg0ZDVkMjZkZGI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+fHiGx1hKPaPN8FbbRo7z2nmQJi sIg+F9+IqZbp9vPguoigXcC443jRZuaB7xPxSo298/llnfLE0eyQRdhTu47//9FT PX6QnCSzwIhQ6nPgErDHCSGhv+yf7DCMWQ5tXM/j1qnfoYy36V4PyUngVHCCuVjS OK/dSkGuAqfQYk275/xdsx+7aM4Tx5+uFeO5UDQOlmkIZ1Sf+t+NE8Iyz9ocYiMi UgRa0OtcpV/ffW1B+ba/XoioPHi2g2thbpbqbZTHT3A1eN3MujklAdEkV8YuhARt 1RAVWWlMJNbNxhoezuniswLFo2CmpM3MhVabaumP3/XWA+C8DnRmjH0mhwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFE41AB6zV+g/CihcGYnj2E1dJt25MB8GA1UdIwQY MBaAFP+5pfMozDBlJ8xMR0vcSxOnRqGoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzdtbDh5ak1NR1VuekV4SFM5eExFNmRHb2FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yZmZlZmYtNmIwYi00MGM4LTg3ZWMt MWYxNjQyNTA3MTkzLzEvVGpVQUhyTlg2RDhLS0Z3WmllUFlUVjBtM2JrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC8yZmZlZmYtNmIwYi00MGM4LTg3ZWMtMWYxNjQyNTA3MTkz LzEvXzdtbDh5ak1NR1VuekV4SFM5eExFNmRHb2FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgTKwDAN BgkqhkiG9w0BAQsFAAOCAQEAJ4UCpYjuOSnyAuAdy+6yfTVrS+SySdDhmyDk+xoH KGoWa/qBBISzqwSIM4xyjL5t6v7QP6F0z6QqsMQ/kqjFg9QKIBam9Cjudxykok+h 52inUbp5ZsYvAhmOBlIJRGo8eU+SLpuZhgdGvJY6CPkbnvEzSbZfIsPPD/0MB+/L Q3jAP8BA2//A3XLNTBJOf9Zv6oITbcbNqV3m7WT6M7NzH48fk0xzh2vpLJO9cKRB rLpYkaTm+cwX1zs/6DgKSQI5D9f3LPvuND07NpV35LxrLjYoj9qC0qcIUsqitoGx ppm21RN6+aL574ct0XIL6OiTM7Ao58/jLvZvIDMw+XuWmw== -----END CERTIFICATE-----Generated at Thu Feb 5 01:49:42 2026 by rpki-client