This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/TSA9_mRNRuRYDdx_oFZQNX5hiDg.roa File: TSA9_mRNRuRYDdx_oFZQNX5hiDg.roa (raw, json) Hash identifier: iAxIOtXzdqV57+iEGBcweVrKjsaQ0L7Z8go1sdgrc8w= Subject key identifier: 4D:20:3D:FE:64:4D:46:E4:58:0D:DC:7F:A0:56:50:35:7E:61:88:38 Certificate issuer: /CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd Certificate serial: 019B7AC7F13038AD3B3BC2B450721465D9C9 Authority key identifier: BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/TSA9_mRNRuRYDdx_oFZQNX5hiDg.roa Signing time: Thu 01 Jan 2026 18:18:02 +0000 ROA not before: Thu 01 Jan 2026 18:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 45.81.117.0/24 maxlen: 24 45.81.118.0/24 maxlen: 24 45.85.240.0/24 maxlen: 24 45.85.241.0/24 maxlen: 24 45.85.243.0/24 maxlen: 24 45.145.216.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.mft rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:f1:30:38:ad:3b:3b:c2:b4:50:72:14:65:d9:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdb83e99bf7254f948057a5e981be6fa5c2054dd Validity Not Before: Jan 1 18:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4d203dfe644d46e4580ddc7fa05650357e618838 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:e3:95:27:5d:b3:7e:ec:14:16:26:3a:5f:b9: b8:56:ef:a2:a4:39:30:fe:de:06:7b:e4:c3:8d:87: 3d:60:c0:60:52:ea:36:5e:79:7e:1c:02:b4:d4:50: d1:83:28:e4:fc:90:5b:f4:21:05:6d:ba:34:c9:d4: cd:7a:42:d6:d8:5b:f1:3d:bd:a9:4a:fa:d6:54:49: 8e:92:c9:4a:f6:3d:b3:b0:be:0e:c1:93:df:34:65: ed:bb:37:90:10:41:d0:cc:17:24:1a:0e:d2:f1:b6: ec:3f:0e:cf:c3:38:1b:78:85:34:05:d6:a8:93:08: bb:99:a2:96:d8:57:06:94:9e:bf:68:aa:f3:66:f9: da:13:00:14:9b:b6:8f:cc:3b:71:85:3d:a4:53:dd: 6c:0b:f2:64:07:49:21:5b:d7:8e:51:45:50:45:04: d2:82:49:8c:24:63:08:08:60:4e:de:bb:7a:f4:cb: 6d:35:12:23:41:0b:6c:97:38:d2:c7:6c:f0:66:77: d1:03:ec:b4:26:4b:89:85:db:59:d5:3c:de:00:32: fc:bc:79:5b:a4:df:bd:25:49:f1:8b:42:55:c9:09: 96:2b:5e:0f:50:c9:9d:c0:a8:f1:08:9d:82:a9:7c: 17:3d:e5:96:4b:36:97:5e:5a:b8:89:5e:e6:9f:86: 0c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:20:3D:FE:64:4D:46:E4:58:0D:DC:7F:A0:56:50:35:7E:61:88:38 X509v3 Authority Key Identifier: keyid:BD:B8:3E:99:BF:72:54:F9:48:05:7A:5E:98:1B:E6:FA:5C:20:54:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbg-mb9yVPlIBXpemBvm-lwgVN0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/TSA9_mRNRuRYDdx_oFZQNX5hiDg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5e205a-ec0a-4fee-aef1-e495aaa0cac0/1/vbg-mb9yVPlIBXpemBvm-lwgVN0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.81.117.0-45.81.118.255 45.85.240.0/23 45.85.243.0/24 45.145.216.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:b4:f0:85:2d:7e:b1:51:9f:84:f2:28:e0:d3:30:d9:17:07: 5d:bd:b7:57:b3:d1:e2:bf:88:2f:22:27:a8:3b:90:77:5f:74: 6f:7d:5e:66:ae:32:0c:ad:41:c2:17:c7:c4:e2:87:14:74:4a: c5:08:b1:73:f6:12:fb:cd:f2:f2:c8:8d:e3:62:66:5d:4c:c9: 2d:be:7a:29:81:36:db:fa:ba:9f:0f:74:15:e6:19:12:9b:20: 09:2c:d8:06:f2:08:2e:46:8b:e9:b3:83:bc:c4:34:4e:6b:4f: 6b:9d:7b:8f:ab:d1:88:d2:fe:ee:17:0a:ca:44:b2:fb:87:e6: a9:9e:ea:53:9a:b2:8e:d7:07:3f:64:3a:e0:c4:80:1e:2f:90: 1d:46:b7:05:20:5a:71:e5:bf:83:1f:f7:28:ac:a0:98:b7:d8: a1:57:cd:0b:96:4e:57:08:61:ff:cc:18:79:30:48:04:84:c7: f3:92:2a:83:5d:99:0f:0b:1f:4b:e6:d8:60:59:6d:7c:28:b2: 31:ae:ff:6d:fd:6d:5d:83:29:eb:16:11:49:45:8e:f3:8d:23: 24:59:aa:f0:07:40:cc:86:56:f0:b1:eb:66:e1:51:1b:36:a6: 89:43:19:82:8b:40:4c:2d:82:0f:05:9e:74:f3:a4:ea:a0:57: bb:30:78:95 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt6x/EwOK07O8K0UHIUZdnJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkYjgzZTk5YmY3MjU0Zjk0ODA1N2E1ZTk4MWJlNmZhNWMy MDU0ZGQwHhcNMjYwMTAxMTgxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZDIwM2RmZTY0NGQ0NmU0NTgwZGRjN2ZhMDU2NTAzNTdlNjE4ODM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eOVJ12zfuwUFiY6X7m4Vu+ipDkw /t4Ge+TDjYc9YMBgUuo2Xnl+HAK01FDRgyjk/JBb9CEFbbo0ydTNekLW2FvxPb2p SvrWVEmOkslK9j2zsL4OwZPfNGXtuzeQEEHQzBckGg7S8bbsPw7PwzgbeIU0Bdao kwi7maKW2FcGlJ6/aKrzZvnaEwAUm7aPzDtxhT2kU91sC/JkB0khW9eOUUVQRQTS gkmMJGMICGBO3rt69MttNRIjQQtslzjSx2zwZnfRA+y0JkuJhdtZ1TzeADL8vHlb pN+9JUnxi0JVyQmWK14PUMmdwKjxCJ2CqXwXPeWWSzaXXlq4iV7mn4YMiQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFE0gPf5kTUbkWA3cf6BWUDV+YYg4MB8GA1UdIwQY MBaAFL24Ppm/clT5SAV6Xpgb5vpcIFTdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEt ZTQ5NWFhYTBjYWMwLzEvVFNBOV9tUk5SdVJZRGR4X29GWlFOWDVoaURnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81ZTIwNWEtZWMwYS00ZmVlLWFlZjEtZTQ5NWFhYTBjYWMw LzEvdmJnLW1iOXlWUGxJQlhwZW1Cdm0tbHdnVk4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtUXUD BAAtUXYDBAEtVfADBAAtVfMDBAAtkdgwDQYJKoZIhvcNAQELBQADggEBAI+08IUt frFRn4TyKODTMNkXB129t1ez0eK/iC8iJ6g7kHdfdG99XmauMgytQcIXx8TihxR0 SsUIsXP2EvvN8vLIjeNiZl1MyS2+eimBNtv6up8PdBXmGRKbIAks2AbyCC5Gi+mz g7zENE5rT2ude4+r0YjS/u4XCspEsvuH5qme6lOaso7XBz9kOuDEgB4vkB1GtwUg WnHlv4Mf9yisoJi32KFXzQuWTlcIYf/MGHkwSASEx/OSKoNdmQ8LH0vm2GBZbXwo sjGu/239bV2DKesWEUlFjvONIyRZqvAHQMyGVvCx62bhURs2polDGYKLQEwtgg8F nnTzpOqgV7sweJU= -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:36 2026 by rpki-client