This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/xaFYB9Z2Erc-fREk_pDSJqz_vjU.roa File: xaFYB9Z2Erc-fREk_pDSJqz_vjU.roa (raw, json) Hash identifier: PD/YbANQupr5zYAFp72kktOtRa9bbOhTbu5miLL+NIQ= Subject key identifier: C5:A1:58:07:D6:76:12:B7:3E:7D:11:24:FE:90:D2:26:AC:FF:BE:35 Certificate issuer: /CN=66104e4f7d9f38d8e22a2d32be019031930c1a47 Certificate serial: 019B7758B05FB2E7B8F9B5D05ABAB8D954C6 Authority key identifier: 66:10:4E:4F:7D:9F:38:D8:E2:2A:2D:32:BE:01:90:31:93:0C:1A:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/xaFYB9Z2Erc-fREk_pDSJqz_vjU.roa Signing time: Thu 01 Jan 2026 02:17:39 +0000 ROA not before: Thu 01 Jan 2026 02:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3281 IP address blocks: 92.63.91.0/24 maxlen: 24 185.129.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:b0:5f:b2:e7:b8:f9:b5:d0:5a:ba:b8:d9:54:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66104e4f7d9f38d8e22a2d32be019031930c1a47 Validity Not Before: Jan 1 02:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c5a15807d67612b73e7d1124fe90d226acffbe35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:67:70:43:3d:1f:0a:3e:e1:a7:fb:36:aa:22: 34:e5:ab:40:b0:e4:69:37:16:1f:27:97:d5:8e:8b: 2e:f0:7d:e5:7d:58:42:4a:ba:c5:3c:9f:11:91:14: 65:d3:24:8d:ed:67:75:be:ef:ab:0a:cc:74:f3:2e: 39:ea:60:bc:47:31:7a:41:07:67:1b:6f:81:da:c9: dd:11:10:00:30:48:a4:89:6a:29:01:1e:a9:e7:4c: 03:34:86:ec:db:4a:88:49:c8:2d:a3:68:d1:49:4a: f4:2d:e3:96:f1:e5:f0:c2:3a:ed:ff:ff:0e:91:41: 1e:7f:f6:53:72:8c:44:14:52:1c:dc:3d:60:cb:b2: ad:e0:5d:e1:2d:a0:da:20:ef:ed:99:e7:41:25:e6: 7c:c8:a7:01:57:1f:43:b4:fc:9e:76:18:8d:60:96: ef:74:09:a2:18:b4:32:c8:68:5b:f2:3a:c2:9a:17: 00:4e:0b:45:9d:3a:f6:3e:49:de:48:6a:e2:1e:c0: a2:da:bc:93:85:2f:59:0b:f7:51:e5:43:27:21:93: fd:34:94:a6:35:99:4b:7d:ba:71:b8:ab:dd:70:7b: 26:4a:61:e0:80:44:cf:73:cd:57:fb:d6:b0:02:3d: b9:db:cd:a3:fa:e5:7c:d6:bf:26:2a:b6:46:27:1e: 55:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:A1:58:07:D6:76:12:B7:3E:7D:11:24:FE:90:D2:26:AC:FF:BE:35 X509v3 Authority Key Identifier: keyid:66:10:4E:4F:7D:9F:38:D8:E2:2A:2D:32:BE:01:90:31:93:0C:1A:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/xaFYB9Z2Erc-fREk_pDSJqz_vjU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.63.91.0/24 185.129.151.0/24 Signature Algorithm: sha256WithRSAEncryption 17:e1:7c:59:dc:47:f4:5f:59:65:6c:39:16:92:c4:24:90:ab: bb:c8:f0:19:9b:4c:21:87:32:9b:88:9b:42:8e:91:f7:d3:05: ea:c2:22:08:17:f0:97:15:2d:ee:a6:20:03:0a:e1:72:85:5c: ba:3f:2c:b1:02:0f:9e:b0:17:e7:c1:38:0c:e8:1b:1c:34:7e: 1c:87:af:d4:0e:33:2e:b6:6b:f2:6b:e9:a9:72:3b:17:9c:0e: d2:ae:6e:4c:02:36:87:5a:63:d6:99:5c:52:9b:00:52:ab:b7: 53:cc:56:45:35:80:f9:46:9a:03:c3:15:e3:27:5e:ca:b4:44: 6c:55:1c:72:c4:66:16:40:ec:c8:02:cd:94:ca:f0:58:04:bd: 89:ad:ec:47:8d:3a:af:77:ef:d9:90:ee:18:ff:6d:42:de:f3: fc:c5:ad:85:85:72:0f:93:dc:36:96:b8:6d:30:23:4a:88:13: d2:db:5f:6f:2a:18:72:b3:c9:65:11:f0:52:e2:c4:15:8e:60: 09:df:f2:af:d5:65:a7:01:bf:c9:f7:0f:e4:e1:0f:4e:c3:09: f0:de:23:38:b8:2e:72:85:3e:89:f6:db:9e:0d:99:ba:89:e6: d6:6c:6a:61:0f:bc:ea:6f:d2:fd:c9:6a:d7:3b:fd:70:41:ae: b9:8d:d6:ba -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3WLBfsue4+bXQWrq42VTGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MTA0ZTRmN2Q5ZjM4ZDhlMjJhMmQzMmJlMDE5MDMxOTMw YzFhNDcwHhcNMjYwMTAxMDIxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNWExNTgwN2Q2NzYxMmI3M2U3ZDExMjRmZTkwZDIyNmFjZmZiZTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mdwQz0fCj7hp/s2qiI05atAsORp NxYfJ5fVjosu8H3lfVhCSrrFPJ8RkRRl0ySN7Wd1vu+rCsx08y456mC8RzF6QQdn G2+B2sndERAAMEikiWopAR6p50wDNIbs20qIScgto2jRSUr0LeOW8eXwwjrt//8O kUEef/ZTcoxEFFIc3D1gy7Kt4F3hLaDaIO/tmedBJeZ8yKcBVx9DtPyedhiNYJbv dAmiGLQyyGhb8jrCmhcATgtFnTr2PkneSGriHsCi2ryThS9ZC/dR5UMnIZP9NJSm NZlLfbpxuKvdcHsmSmHggETPc81X+9awAj25282j+uV81r8mKrZGJx5VJQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMWhWAfWdhK3Pn0RJP6Q0ias/741MB8GA1UdIwQY MBaAFGYQTk99nzjY4iotMr4BkDGTDBpHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84MmQyMjItMjIwMi00NWYyLWI5MDQt NDc0NzJlZDNiZWNiLzEveGFGWUI5WjJFcmMtZlJFa19wRFNKcXpfdmpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS84MmQyMjItMjIwMi00NWYyLWI5MDQtNDc0NzJlZDNiZWNi LzEvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXD9bAwQA uYGXMA0GCSqGSIb3DQEBCwUAA4IBAQAX4XxZ3Ef0X1llbDkWksQkkKu7yPAZm0wh hzKbiJtCjpH30wXqwiIIF/CXFS3upiADCuFyhVy6PyyxAg+esBfnwTgM6BscNH4c h6/UDjMutmvya+mpcjsXnA7Srm5MAjaHWmPWmVxSmwBSq7dTzFZFNYD5RpoDwxXj J17KtERsVRxyxGYWQOzIAs2UyvBYBL2JrexHjTqvd+/ZkO4Y/21C3vP8xa2FhXIP k9w2lrhtMCNKiBPS219vKhhys8llEfBS4sQVjmAJ3/Kv1WWnAb/J9w/k4Q9Owwnw 3iM4uC5yhT6J9tueDZm6iebWbGphD7zqb9L9yWrXO/1wQa65jda6 -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:37 2026 by rpki-client