This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/tzNhQBxVbG84fhnHI6FFgXnV1Ig.roa File: tzNhQBxVbG84fhnHI6FFgXnV1Ig.roa (raw, json) Hash identifier: UFTyL6yRgFc0Xt2kdYNbyJU576nNW6IhohuerTzQsDE= Subject key identifier: B7:33:61:40:1C:55:6C:6F:38:7E:19:C7:23:A1:45:81:79:D5:D4:88 Certificate issuer: /CN=688e713b07c79f97b47e9f0321768b09488b7a03 Certificate serial: 019B7F83D7E5A508D1B3BD528FA01B82BB6E Authority key identifier: 68:8E:71:3B:07:C7:9F:97:B4:7E:9F:03:21:76:8B:09:48:8B:7A:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aI5xOwfHn5e0fp8DIXaLCUiLegM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/tzNhQBxVbG84fhnHI6FFgXnV1Ig.roa Signing time: Fri 02 Jan 2026 16:21:45 +0000 ROA not before: Fri 02 Jan 2026 16:21:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50171 IP address blocks: 91.216.0.0/24 maxlen: 24 176.57.192.0/21 maxlen: 21 193.104.160.0/24 maxlen: 24 2a00:f680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/aI5xOwfHn5e0fp8DIXaLCUiLegM.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/aI5xOwfHn5e0fp8DIXaLCUiLegM.mft rsync://rpki.ripe.net/repository/DEFAULT/aI5xOwfHn5e0fp8DIXaLCUiLegM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:d7:e5:a5:08:d1:b3:bd:52:8f:a0:1b:82:bb:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=688e713b07c79f97b47e9f0321768b09488b7a03 Validity Not Before: Jan 2 16:21:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b73361401c556c6f387e19c723a1458179d5d488 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e8:af:08:94:79:b7:86:b1:5c:e9:39:5a:04: 40:72:17:b2:f3:7b:ed:d0:e3:9b:87:eb:35:3d:4f: 2d:05:89:1e:80:c3:b5:b9:01:a4:62:a1:77:c2:3d: 6d:57:df:6f:b1:40:e2:74:cd:75:6a:d6:b2:1c:5d: 33:2d:33:c2:0f:96:fd:dd:88:96:c7:90:15:3e:8d: 71:be:51:d3:72:74:4e:74:f4:93:10:c3:c7:81:51: ca:ca:87:43:af:04:f8:75:4f:f1:39:82:45:0a:36: 03:f7:65:bf:cc:23:da:0e:b8:f0:4a:ec:b2:76:32: 4d:03:b2:73:ff:ad:af:8b:b1:30:a1:86:89:07:88: 58:2f:cf:6c:bf:5f:f8:c3:04:25:55:d0:29:4c:52: 94:c5:54:5c:76:7c:48:d1:3e:54:6e:38:b4:97:ed: 55:18:5b:1c:f3:cd:b1:27:ba:56:d1:b4:15:ab:15: 0f:a4:8b:0d:17:af:28:7f:65:28:e2:c8:07:a7:f1: 36:c4:8d:38:5b:10:18:5f:0f:9c:29:c3:a5:9c:5d: 41:19:29:5f:29:d5:b5:60:ef:d3:b8:5d:9a:96:95: 33:4b:f8:57:33:35:2a:c1:c8:ee:a2:90:05:73:37: 51:6c:53:0b:07:88:55:55:b2:d7:56:83:db:85:0d: 81:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:33:61:40:1C:55:6C:6F:38:7E:19:C7:23:A1:45:81:79:D5:D4:88 X509v3 Authority Key Identifier: keyid:68:8E:71:3B:07:C7:9F:97:B4:7E:9F:03:21:76:8B:09:48:8B:7A:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aI5xOwfHn5e0fp8DIXaLCUiLegM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/tzNhQBxVbG84fhnHI6FFgXnV1Ig.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0ebeb9-31a8-4550-8396-695f4a927610/1/aI5xOwfHn5e0fp8DIXaLCUiLegM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.216.0.0/24 176.57.192.0/21 193.104.160.0/24 IPv6: 2a00:f680::/32 Signature Algorithm: sha256WithRSAEncryption 68:0c:2d:dd:3a:69:83:27:b2:4d:1a:b1:bf:cc:eb:0f:9f:2a: 65:35:e1:09:80:80:b0:e1:9b:5b:d5:f1:0f:19:60:c6:83:d5: 6e:dd:3e:4e:62:69:a0:07:28:10:19:9a:a5:94:79:b7:79:be: a0:59:86:fb:99:72:c0:02:60:87:43:4f:fe:13:b0:39:b5:77: 78:4c:f2:04:4b:bd:41:ba:0c:45:73:0f:d8:a5:69:e9:57:1b: fc:04:1e:95:d1:5a:39:14:23:a6:cb:43:4a:06:be:40:0f:86: b5:64:20:4c:be:62:72:11:b4:52:68:08:e4:a1:84:d3:4a:6e: 76:f3:ab:ea:71:0c:0f:57:1d:49:81:80:56:6d:07:8e:29:7e: c6:f7:10:d3:d8:ad:c9:40:21:4c:95:50:04:61:45:5c:32:c7: d7:e7:19:77:a2:52:13:50:42:b7:84:77:49:fa:52:1c:89:2e: 6b:5a:40:b5:04:32:37:8c:bd:65:f2:62:a1:a6:d0:1c:86:90: 18:01:d8:c4:a8:60:ea:29:ac:52:7b:e4:4e:c6:d8:38:b1:38: b2:99:81:d9:21:1a:7c:4a:a4:4f:9f:47:50:ee:d3:bd:b5:4f: f5:da:62:9a:4a:2c:b5:a9:46:16:ee:14:f1:5f:06:0c:33:cb: 7c:42:9c:1e -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/g9flpQjRs71Sj6AbgrtuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4OGU3MTNiMDdjNzlmOTdiNDdlOWYwMzIxNzY4YjA5NDg4 YjdhMDMwHhcNMjYwMTAyMTYyMTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNzMzNjE0MDFjNTU2YzZmMzg3ZTE5YzcyM2ExNDU4MTc5ZDVkNDg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOivCJR5t4axXOk5WgRAchey83vt 0OObh+s1PU8tBYkegMO1uQGkYqF3wj1tV99vsUDidM11atayHF0zLTPCD5b93YiW x5AVPo1xvlHTcnROdPSTEMPHgVHKyodDrwT4dU/xOYJFCjYD92W/zCPaDrjwSuyy djJNA7Jz/62vi7EwoYaJB4hYL89sv1/4wwQlVdApTFKUxVRcdnxI0T5Ubji0l+1V GFsc882xJ7pW0bQVqxUPpIsNF68of2Uo4sgHp/E2xI04WxAYXw+cKcOlnF1BGSlf KdW1YO/TuF2alpUzS/hXMzUqwcjuopAFczdRbFMLB4hVVbLXVoPbhQ2BdwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFLczYUAcVWxvOH4ZxyOhRYF51dSIMB8GA1UdIwQY MBaAFGiOcTsHx5+XtH6fAyF2iwlIi3oDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUk1eE93ZkhuNWUwZnA4RElYYUxDVWlMZWdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wZWJlYjktMzFhOC00NTUwLTgzOTYt Njk1ZjRhOTI3NjEwLzEvdHpOaFFCeFZiRzg0ZmhuSEk2RkZnWG5WMUlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy8wZWJlYjktMzFhOC00NTUwLTgzOTYtNjk1ZjRhOTI3NjEw LzEvYUk1eE93ZkhuNWUwZnA4RElYYUxDVWlMZWdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9gAAwQD sDnAAwQAwWigMA0EAgACMAcDBQAqAPaAMA0GCSqGSIb3DQEBCwUAA4IBAQBoDC3d OmmDJ7JNGrG/zOsPnyplNeEJgICw4Ztb1fEPGWDGg9Vu3T5OYmmgBygQGZqllHm3 eb6gWYb7mXLAAmCHQ0/+E7A5tXd4TPIES71BugxFcw/YpWnpVxv8BB6V0Vo5FCOm y0NKBr5AD4a1ZCBMvmJyEbRSaAjkoYTTSm5286vqcQwPVx1JgYBWbQeOKX7G9xDT 2K3JQCFMlVAEYUVcMsfX5xl3olITUEK3hHdJ+lIciS5rWkC1BDI3jL1l8mKhptAc hpAYAdjEqGDqKaxSe+ROxtg4sTiymYHZIRp8SqRPn0dQ7tO9tU/12mKaSiy1qUYW 7hTxXwYMM8t8Qpwe -----END CERTIFICATE-----Generated at Tue Feb 10 01:24:23 2026 by rpki-client