This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/rTCIQuB8b5-23Fe16EFzxOkFAo0.roa File: rTCIQuB8b5-23Fe16EFzxOkFAo0.roa (raw, json) Hash identifier: 85dTReYxmMkhMzb7ZnE2kpCceaZUsUjOdsiOl8VJLKg= Subject key identifier: AD:30:88:42:E0:7C:6F:9F:B6:DC:57:B5:E8:41:73:C4:E9:05:02:8D Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad Certificate serial: 019BBC4D92A6FBEC45BE61163B7BB4776513 Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/rTCIQuB8b5-23Fe16EFzxOkFAo0.roa Signing time: Wed 14 Jan 2026 11:39:19 +0000 ROA not before: Wed 14 Jan 2026 11:39:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39900 IP address blocks: 72.56.52.0/24 maxlen: 24 72.56.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:bc:4d:92:a6:fb:ec:45:be:61:16:3b:7b:b4:77:65:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad Validity Not Before: Jan 14 11:39:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad308842e07c6f9fb6dc57b5e84173c4e905028d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:3e:1c:ce:3f:7e:bf:b2:ee:a7:2c:21:10:3d: 03:6d:d1:e0:4c:e4:f0:77:0a:4a:27:e0:65:22:ea: e7:c6:0e:42:6e:40:95:12:25:a8:01:e2:72:1d:83: d3:76:dd:31:9e:ef:0c:9a:98:5b:92:f9:e5:d8:e5: 98:3f:f0:63:17:ed:da:27:d8:d2:7f:16:ee:22:27: 69:d1:74:8a:dd:61:6b:6c:3e:0e:2d:3a:48:d8:f5: 87:78:b5:22:f8:f3:99:9b:f4:db:2e:07:cf:b6:eb: 78:d9:43:5e:f3:2b:d3:eb:70:dd:a6:35:04:73:7d: d9:28:9a:ff:04:3d:bf:2e:91:0e:07:2e:c7:6a:a6: 0c:72:0d:61:fc:56:67:fb:cf:a8:f6:77:ef:d9:4a: 34:ee:79:58:65:0e:d5:a8:45:ef:ab:ff:b9:52:17: 4e:78:b1:db:65:58:b4:f0:1a:14:13:b7:5c:9a:ba: 0d:49:f0:a3:ce:f9:24:9b:12:e4:e6:59:27:a6:a6: 28:29:27:43:b0:d9:a9:5b:8d:14:c4:8d:a3:95:52: 2b:74:64:cc:3a:be:d0:4f:53:5c:c9:54:d5:98:e0: ff:91:95:8e:47:2a:f9:11:57:c5:70:17:12:9a:48: 32:41:a7:42:24:86:8f:23:2e:5e:f1:e6:e4:0c:94: cd:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:30:88:42:E0:7C:6F:9F:B6:DC:57:B5:E8:41:73:C4:E9:05:02:8D X509v3 Authority Key Identifier: keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/rTCIQuB8b5-23Fe16EFzxOkFAo0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 72.56.52.0/23 Signature Algorithm: sha256WithRSAEncryption 2c:90:2a:18:a0:d8:d8:36:61:5c:28:1a:e5:0f:bd:ed:fc:55: 88:ca:22:ba:1f:78:ba:82:4d:c4:92:db:27:64:76:5b:7d:7d: a0:bc:76:32:ed:2b:a4:1b:9c:5f:08:b3:79:d2:41:5e:b9:40: 64:b8:08:3a:a7:ee:6e:3e:f4:68:8d:41:24:e9:09:5f:44:55: df:50:ff:1a:c4:75:2d:42:fb:9a:0a:be:8a:1c:a1:85:9c:b9: af:4c:ba:9a:64:55:14:58:50:7f:5d:3d:17:fd:60:41:35:f4: 8e:bd:77:d1:98:e4:5d:56:80:e0:17:e7:a3:16:11:17:3d:bb: 14:3e:86:0b:32:30:45:ea:cf:39:69:12:53:3e:6c:7a:ff:07: 04:c7:34:38:59:de:7f:1c:13:f2:fb:74:fa:e7:a2:b4:8a:a1: 3a:5a:07:5e:10:7f:00:fd:76:60:24:11:e5:e5:dd:01:72:f1: 42:0b:17:5c:b9:4f:d7:83:6f:7d:b2:e3:1b:39:91:df:9d:0d: 91:e4:8b:0e:6e:87:56:b2:de:db:2f:7c:39:d5:c1:ff:fb:06: 61:4f:c0:0e:a0:f5:88:4b:a3:10:89:e8:48:2e:05:92:34:79: e1:84:a0:3e:1f:18:f6:68:f6:1c:29:ff:bd:f6:2b:bf:06:31: ed:0b:e7:1f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZu8TZKm++xFvmEWO3u0d2UTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0 MjVjYWQwHhcNMjYwMTE0MTEzOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDMwODg0MmUwN2M2ZjlmYjZkYzU3YjVlODQxNzNjNGU5MDUwMjhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2T4czj9+v7LupywhED0DbdHgTOTw dwpKJ+BlIurnxg5CbkCVEiWoAeJyHYPTdt0xnu8Mmphbkvnl2OWYP/BjF+3aJ9jS fxbuIidp0XSK3WFrbD4OLTpI2PWHeLUi+POZm/TbLgfPtut42UNe8yvT63DdpjUE c33ZKJr/BD2/LpEOBy7HaqYMcg1h/FZn+8+o9nfv2Uo07nlYZQ7VqEXvq/+5UhdO eLHbZVi08BoUE7dcmroNSfCjzvkkmxLk5lknpqYoKSdDsNmpW40UxI2jlVIrdGTM Or7QT1NcyVTVmOD/kZWORyr5EVfFcBcSmkgyQadCJIaPIy5e8ebkDJTNnwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFK0wiELgfG+fttxXtehBc8TpBQKNMB8GA1UdIwQY MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt ZTg3MWIyMTc5MGRlLzEvclRDSVF1QjhiNS0yM0ZlMTZFRnp4T2tGQW8wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBSDg0MA0G CSqGSIb3DQEBCwUAA4IBAQAskCoYoNjYNmFcKBrlD73t/FWIyiK6H3i6gk3Ektsn ZHZbfX2gvHYy7SukG5xfCLN50kFeuUBkuAg6p+5uPvRojUEk6QlfRFXfUP8axHUt QvuaCr6KHKGFnLmvTLqaZFUUWFB/XT0X/WBBNfSOvXfRmORdVoDgF+ejFhEXPbsU PoYLMjBF6s85aRJTPmx6/wcExzQ4Wd5/HBPy+3T656K0iqE6WgdeEH8A/XZgJBHl 5d0BcvFCCxdcuU/Xg299suMbOZHfnQ2R5IsObodWst7bL3w51cH/+wZhT8AOoPWI S6MQiehILgWSNHnhhKA+Hxj2aPYcKf+99iu/BjHtC+cf -----END CERTIFICATE-----Generated at Mon Jan 19 23:36:35 2026 by rpki-client