This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TgnolmKgh_fxfWFM9dt4s8GLdlw.roa File: TgnolmKgh_fxfWFM9dt4s8GLdlw.roa (raw, json) Hash identifier: a9UfI/za9y+OfVQ0MQ2YPVS9aLJ6Cw8bMxX6uWU6Mr4= Subject key identifier: 4E:09:E8:96:62:A0:87:F7:F1:7D:61:4C:F5:DB:78:B3:C1:8B:76:5C Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B316DFE1AA2763C113B50D4E4F92B7465 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TgnolmKgh_fxfWFM9dt4s8GLdlw.roa Signing time: Thu 18 Dec 2025 12:27:30 +0000 ROA not before: Thu 18 Dec 2025 12:27:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 42831 IP address blocks: 82.153.66.0/24 maxlen: 24 109.176.165.0/24 maxlen: 24 213.218.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:6d:fe:1a:a2:76:3c:11:3b:50:d4:e4:f9:2b:74:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Dec 18 12:27:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=4e09e89662a087f7f17d614cf5db78b3c18b765c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:03:95:9b:9e:c6:e8:25:d6:b4:7c:d0:27:43: 7c:80:c5:b9:84:cb:d4:b4:71:46:85:5e:22:53:db: 11:da:78:e8:32:7d:61:11:e5:b4:73:7c:47:dc:7c: ca:f9:a8:1c:cf:2c:2f:f2:b2:c0:48:ae:ab:a2:41: 5c:10:26:91:ed:b0:22:06:3a:ee:69:ff:d7:d5:95: a4:4c:ac:5e:3e:24:f5:ad:dc:91:a6:d5:26:7d:50: 5d:fd:f9:70:8f:8b:2f:c7:33:24:85:a8:18:89:89: 59:71:82:3b:46:58:25:1f:a8:df:d1:e3:b0:d5:34: 48:0e:99:fd:13:b0:f8:ea:39:3e:8b:da:82:06:e0: e0:3b:b2:b0:32:fe:20:fa:f7:b7:c2:29:6b:3c:cb: 50:ee:88:f7:34:5a:79:23:0e:6a:fa:bd:c6:3b:93: 37:ef:20:5d:b4:ef:6f:5c:40:bd:15:d3:55:18:28: d1:ed:91:cb:89:50:77:36:2b:f0:1d:9a:26:dc:f8: 4b:68:ed:f0:3d:29:a0:74:35:21:a9:cf:64:a6:74: 08:dd:89:94:ae:76:2a:6c:c9:77:b8:19:7a:e4:c2: 41:5a:d9:c0:21:f0:81:28:98:d8:77:b2:27:e6:32: fe:f6:d9:ae:ab:d5:c3:44:cd:6e:68:b2:01:c5:57: a6:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:09:E8:96:62:A0:87:F7:F1:7D:61:4C:F5:DB:78:B3:C1:8B:76:5C X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TgnolmKgh_fxfWFM9dt4s8GLdlw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.153.66.0/24 109.176.165.0/24 213.218.213.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:01:f8:df:26:f0:05:2b:97:69:78:02:a0:91:3c:33:3e:14: 46:ce:71:af:b9:fd:60:43:4e:32:b8:7f:ec:37:f3:e7:3f:47: c1:84:b2:1d:d0:c9:07:46:9e:7f:be:12:a8:f7:26:67:9e:cc: 73:97:5b:e7:28:4b:21:20:fe:db:41:c0:5d:fd:28:96:b5:8d: b3:61:d3:0d:47:2d:8b:4e:db:21:cd:c9:1c:92:34:b9:98:c4: 80:99:ba:c1:ac:5d:20:96:70:e5:2e:23:e4:04:e7:e4:d1:78: ee:d6:90:67:b1:42:ca:d9:f4:38:88:df:e9:09:9a:93:b7:40: 9f:8c:35:3b:f5:c6:f3:e6:84:05:2d:b7:33:29:b3:22:89:ec: 3b:2f:03:20:99:19:30:cb:7c:27:5a:ee:3a:42:0f:92:33:18: dd:2a:a2:54:90:d0:5e:3c:51:12:dd:15:56:18:c6:dc:2e:e6: af:47:26:55:08:b9:b8:d3:df:b6:46:99:bd:36:40:a7:d6:68: 22:33:83:64:91:86:a4:aa:01:e9:ba:e4:a1:e8:20:df:b2:d9: cd:a8:55:b6:6c:d6:df:f1:6d:99:5a:4a:4a:b8:fb:48:13:8c: 70:9b:56:30:42:ae:e8:b9:a2:f3:b2:1b:c2:0a:99:69:a9:75: d1:fc:d1:36 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZsxbf4aonY8ETtQ1OT5K3RlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjUxMjE4MTIyNzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZTA5ZTg5NjYyYTA4N2Y3ZjE3ZDYxNGNmNWRiNzhiM2MxOGI3NjVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QOVm57G6CXWtHzQJ0N8gMW5hMvU tHFGhV4iU9sR2njoMn1hEeW0c3xH3HzK+agczywv8rLASK6rokFcECaR7bAiBjru af/X1ZWkTKxePiT1rdyRptUmfVBd/flwj4svxzMkhagYiYlZcYI7RlglH6jf0eOw 1TRIDpn9E7D46jk+i9qCBuDgO7KwMv4g+ve3wilrPMtQ7oj3NFp5Iw5q+r3GO5M3 7yBdtO9vXEC9FdNVGCjR7ZHLiVB3NivwHZom3PhLaO3wPSmgdDUhqc9kpnQI3YmU rnYqbMl3uBl65MJBWtnAIfCBKJjYd7In5jL+9tmuq9XDRM1uaLIBxVemfQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFE4J6JZioIf38X1hTPXbeLPBi3ZcMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvVGdub2xtS2doX2Z4ZldGTTlkdDRzOEdMZGx3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUplCAwQA bbClAwQA1drVMA0GCSqGSIb3DQEBCwUAA4IBAQCOAfjfJvAFK5dpeAKgkTwzPhRG znGvuf1gQ04yuH/sN/PnP0fBhLId0MkHRp5/vhKo9yZnnsxzl1vnKEshIP7bQcBd /SiWtY2zYdMNRy2LTtshzckckjS5mMSAmbrBrF0glnDlLiPkBOfk0Xju1pBnsULK 2fQ4iN/pCZqTt0CfjDU79cbz5oQFLbczKbMiiew7LwMgmRkwy3wnWu46Qg+SMxjd KqJUkNBePFES3RVWGMbcLuavRyZVCLm409+2Rpm9NkCn1mgiM4NkkYakqgHpuuSh 6CDfstnNqFW2bNbf8W2ZWkpKuPtIE4xwm1YwQq7ouaLzshvCCplpqXXR/NE2 -----END CERTIFICATE-----Generated at Fri Dec 19 12:02:29 2025 by rpki-client