This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xn7Zbj8Nzz2Wzk3NQx7-fplUcMI.roa File: Xn7Zbj8Nzz2Wzk3NQx7-fplUcMI.roa (raw, json) Hash identifier: X2AB2lBtAz13ufoMweU+IdiP1qx+/4Z4IH73oCauYmI= Subject key identifier: 5E:7E:D9:6E:3F:0D:CF:3D:96:CE:4D:CD:43:1E:FE:7E:99:54:70:C2 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A33315BBCB9034F10B362CD1D61365 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xn7Zbj8Nzz2Wzk3NQx7-fplUcMI.roa Signing time: Thu 01 Jan 2026 08:18:39 +0000 ROA not before: Thu 01 Jan 2026 08:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207083 IP address blocks: 2.59.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:33:15:bb:cb:90:34:f1:0b:36:2c:d1:d6:13:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e7ed96e3f0dcf3d96ce4dcd431efe7e995470c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e8:b4:9b:41:da:e0:a7:9e:83:1c:f3:8e:80: f8:04:19:a5:68:31:f6:f2:93:cd:f4:38:c0:56:1d: de:a0:0e:70:4b:34:6b:58:8b:fd:1f:bb:a6:3d:18: c1:3e:c4:a9:b9:23:4e:ae:e1:d7:be:62:eb:b1:90: f0:5e:10:be:53:cd:31:1b:50:92:58:00:6f:83:26: 18:b0:64:cb:e6:cc:c6:0a:c6:99:b4:70:76:f8:ee: c3:73:eb:98:4d:20:f2:7e:62:81:3e:cb:c8:e8:9f: de:63:94:77:c7:1f:92:19:a8:76:4e:c8:e9:02:d8: 37:75:a3:97:c7:73:26:e9:8b:51:47:cf:da:54:e7: dd:36:e7:c3:b7:2e:b8:cb:3e:65:89:f8:fe:2e:99: 22:45:3c:ec:b0:cd:18:ec:91:66:06:b6:36:d2:58: aa:3e:85:71:e9:b0:22:8d:a8:36:77:97:93:33:3f: 13:7e:03:e6:87:b7:0e:9b:4b:43:f3:44:a0:c9:93: 24:65:fb:99:0f:cd:6c:72:eb:9b:71:90:05:c4:d7: 6b:72:fd:79:66:a4:24:4b:29:77:fa:37:01:57:0b: 15:ba:fb:a9:4d:54:57:96:39:c3:eb:fe:31:2c:41: bc:dc:f7:bd:41:8a:ee:24:31:d0:d7:27:88:d9:85: 96:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:7E:D9:6E:3F:0D:CF:3D:96:CE:4D:CD:43:1E:FE:7E:99:54:70:C2 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xn7Zbj8Nzz2Wzk3NQx7-fplUcMI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.254.0/24 Signature Algorithm: sha256WithRSAEncryption 70:ae:8b:b3:26:37:66:da:0c:09:f3:67:67:e9:40:e6:24:9f: 3e:29:2e:18:28:e2:c2:bc:b1:b3:d2:74:c8:54:63:e5:75:59: b5:d6:d2:22:e5:a8:e4:20:a4:08:ed:e4:b7:d3:f6:28:4a:7d: 00:20:21:89:a4:b5:29:b6:fa:7c:0b:cd:fc:9c:36:4d:de:e3: de:a2:88:e8:b8:e9:eb:fd:a9:d4:e9:76:41:ed:23:2c:dc:8d: aa:d1:c2:96:ec:19:f5:fc:cb:49:d1:ce:7e:03:3a:79:c9:d7: 40:35:2f:4a:f8:a2:07:52:b0:a5:bf:32:a9:4a:e6:ea:80:e5: e3:50:1c:b6:c5:66:d7:17:19:e0:61:a4:bd:f7:50:5a:4b:4e: 96:98:e9:a0:fb:40:6b:e2:f9:76:1f:04:f1:ac:f5:27:5f:11: e0:63:07:af:07:40:57:de:56:c4:46:21:d3:00:17:94:70:2b: 05:2a:df:e3:ca:c0:28:24:4e:03:f1:3f:b9:cd:e8:54:d1:01: 6d:5a:10:96:1b:d6:24:48:48:11:05:2f:7f:38:70:a9:0f:fa: fe:18:1e:aa:a2:9f:cb:e6:8d:7a:6c:49:a7:ee:0a:1f:f9:77: 21:51:8e:aa:57:e4:7b:51:55:d7:61:0b:f5:ac:86:09:7d:3f: 5f:db:d9:c0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ozMVu8uQNPELNizR1hNlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTdlZDk2ZTNmMGRjZjNkOTZjZTRkY2Q0MzFlZmU3ZTk5NTQ3MGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwui0m0Ha4KeegxzzjoD4BBmlaDH2 8pPN9DjAVh3eoA5wSzRrWIv9H7umPRjBPsSpuSNOruHXvmLrsZDwXhC+U80xG1CS WABvgyYYsGTL5szGCsaZtHB2+O7Dc+uYTSDyfmKBPsvI6J/eY5R3xx+SGah2Tsjp Atg3daOXx3Mm6YtRR8/aVOfdNufDty64yz5lifj+LpkiRTzssM0Y7JFmBrY20liq PoVx6bAijag2d5eTMz8TfgPmh7cOm0tD80SgyZMkZfuZD81scuubcZAFxNdrcv15 ZqQkSyl3+jcBVwsVuvupTVRXljnD6/4xLEG83Pe9QYruJDHQ1yeI2YWWPQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF5+2W4/Dc89ls5NzUMe/n6ZVHDCMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvWG43WmJqOE56ejJXemszTlF4Ny1mcGxVY01JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjv+MA0G CSqGSIb3DQEBCwUAA4IBAQBwrouzJjdm2gwJ82dn6UDmJJ8+KS4YKOLCvLGz0nTI VGPldVm11tIi5ajkIKQI7eS30/YoSn0AICGJpLUptvp8C838nDZN3uPeoojouOnr /anU6XZB7SMs3I2q0cKW7Bn1/MtJ0c5+Azp5yddANS9K+KIHUrClvzKpSubqgOXj UBy2xWbXFxngYaS991BaS06WmOmg+0Br4vl2HwTxrPUnXxHgYwevB0BX3lbERiHT ABeUcCsFKt/jysAoJE4D8T+5zehU0QFtWhCWG9YkSEgRBS9/OHCpD/r+GB6qop/L 5o16bEmn7gof+XchUY6qV+R7UVXXYQv1rIYJfT9f29nA -----END CERTIFICATE-----Generated at Fri Jan 2 12:09:36 2026 by rpki-client