This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/XCzfh62vqtaLoBLmnf7KwpKjJEA.roa File: XCzfh62vqtaLoBLmnf7KwpKjJEA.roa (raw, json) Hash identifier: KTbdtDtJvNQ824N7s/PkrhI3vieli+GuTfSDO92U57s= Subject key identifier: 5C:2C:DF:87:AD:AF:AA:D6:8B:A0:12:E6:9D:FE:CA:C2:92:A3:24:40 Certificate issuer: /CN=78988b2081d9942203d22248acd805db3a13dcc5 Certificate serial: 019B79ECD24F4F65D3D4B3ED911595D1A9D8 Authority key identifier: 78:98:8B:20:81:D9:94:22:03:D2:22:48:AC:D8:05:DB:3A:13:DC:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/XCzfh62vqtaLoBLmnf7KwpKjJEA.roa Signing time: Thu 01 Jan 2026 14:18:42 +0000 ROA not before: Thu 01 Jan 2026 14:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206293 IP address blocks: 91.195.140.0/23 maxlen: 23 91.198.163.0/24 maxlen: 24 185.20.188.0/22 maxlen: 22 194.6.226.0/24 maxlen: 24 194.9.10.0/23 maxlen: 23 195.62.44.0/23 maxlen: 23 2a00:4fa0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.crl rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.mft rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d2:4f:4f:65:d3:d4:b3:ed:91:15:95:d1:a9:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=78988b2081d9942203d22248acd805db3a13dcc5 Validity Not Before: Jan 1 14:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5c2cdf87adafaad68ba012e69dfecac292a32440 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:12:25:7e:70:f5:05:6f:55:75:62:47:c7:b8: ca:e4:a9:de:2b:e5:8e:62:b5:cf:27:8c:ee:59:94: 27:19:32:e3:44:9c:1b:b2:6e:74:d2:ac:6f:1c:47: 0c:84:46:c3:24:8b:2f:2d:30:ff:c0:98:bc:fb:c2: 79:36:4e:72:1b:79:80:5c:1f:ff:82:c9:cc:a1:51: ee:fd:0d:07:a4:da:e0:99:37:09:a8:df:7c:c5:74: 50:bf:98:eb:be:3a:7d:3a:43:c0:a5:63:b8:65:60: 3b:0f:eb:ac:c8:d7:c1:bf:99:e9:99:11:d0:56:a0: aa:78:eb:19:c8:59:1d:89:35:be:cf:b6:08:fb:0d: 26:ca:83:30:20:36:71:9f:e8:3f:b9:1b:33:f4:16: e1:f3:11:4a:36:73:7e:ba:95:e1:f6:59:9c:5d:73: 4b:4c:6e:b2:0a:6d:0b:b2:7e:e9:a4:59:e1:ec:d3: 29:5a:83:5b:3f:00:e4:c9:38:7d:cb:6d:fc:d4:17: 62:21:40:c6:01:8a:23:b7:15:e3:ed:6c:19:59:d5: 82:ff:84:c1:8b:c6:2d:fe:3f:3a:c5:68:88:da:00: a3:0d:56:71:8e:f0:f4:86:46:09:5b:e0:a8:7d:5e: c1:1a:cd:b2:e5:4f:c0:10:25:2e:36:5e:14:e7:1c: 95:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:2C:DF:87:AD:AF:AA:D6:8B:A0:12:E6:9D:FE:CA:C2:92:A3:24:40 X509v3 Authority Key Identifier: keyid:78:98:8B:20:81:D9:94:22:03:D2:22:48:AC:D8:05:DB:3A:13:DC:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/XCzfh62vqtaLoBLmnf7KwpKjJEA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.195.140.0/23 91.198.163.0/24 185.20.188.0/22 194.6.226.0/24 194.9.10.0/23 195.62.44.0/23 IPv6: 2a00:4fa0::/29 Signature Algorithm: sha256WithRSAEncryption 52:f4:f4:4c:46:ff:b8:49:39:c4:74:24:f0:fd:53:23:86:24: 7f:56:6f:a6:9a:34:92:e4:d5:d9:c3:18:0e:03:8f:d5:e4:81: c2:8b:21:78:ab:fb:6e:0f:60:e9:3a:ea:c0:6e:3b:11:b4:38: be:cf:f6:b1:51:34:d1:d7:6b:93:2f:53:77:57:0f:b6:f1:44: 43:95:43:d8:d7:b3:65:60:68:ca:1d:54:cb:30:b3:52:f4:71: 88:17:d9:4a:04:d1:d5:a0:46:02:30:b5:83:6e:5e:5e:ba:bc: e3:f9:52:55:37:65:ed:61:3f:bc:8d:4d:e8:3b:fb:2e:41:1d: 41:f8:72:39:c5:73:3b:c9:c7:3c:a3:ed:8d:3f:dc:d9:62:3e: 84:7a:6c:e4:f2:56:ef:fb:2f:0e:e3:c1:3d:81:ad:a5:81:3b: 13:e0:48:ed:f6:7a:29:06:65:dd:14:93:6e:a2:5b:67:2d:99: 27:4a:20:d5:35:5c:7d:e1:56:0f:b7:7b:c8:fb:e3:f2:50:b9: fc:59:18:e6:34:de:fd:f8:af:73:48:76:5a:c7:dd:9c:b5:e9: f7:b5:10:83:fb:60:0d:0e:cb:2c:44:34:af:b1:f6:e7:84:ed: da:52:9e:4f:34:a6:59:f5:a4:ed:56:fc:15:9b:bc:b0:24:35: 20:dc:aa:5b -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt57NJPT2XT1LPtkRWV0anYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4OTg4YjIwODFkOTk0MjIwM2QyMjI0OGFjZDgwNWRiM2Ex M2RjYzUwHhcNMjYwMTAxMTQxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YzJjZGY4N2FkYWZhYWQ2OGJhMDEyZTY5ZGZlY2FjMjkyYTMyNDQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBIlfnD1BW9VdWJHx7jK5KneK+WO YrXPJ4zuWZQnGTLjRJwbsm500qxvHEcMhEbDJIsvLTD/wJi8+8J5Nk5yG3mAXB// gsnMoVHu/Q0HpNrgmTcJqN98xXRQv5jrvjp9OkPApWO4ZWA7D+usyNfBv5npmRHQ VqCqeOsZyFkdiTW+z7YI+w0myoMwIDZxn+g/uRsz9Bbh8xFKNnN+upXh9lmcXXNL TG6yCm0Lsn7ppFnh7NMpWoNbPwDkyTh9y2381BdiIUDGAYojtxXj7WwZWdWC/4TB i8Yt/j86xWiI2gCjDVZxjvD0hkYJW+CofV7BGs2y5U/AECUuNl4U5xyVkQIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFFws34etr6rWi6AS5p3+ysKSoyRAMB8GA1UdIwQY MBaAFHiYiyCB2ZQiA9IiSKzYBds6E9zFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZUppTElJSFpsQ0lEMGlKSXJOZ0Yyem9UM01VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YzI5YzEtMTk0YS00MTBkLThjNzYt YmJkMDFkNDI1MDg0LzEvWEN6Zmg2MnZxdGFMb0JMbW5mN0t3cEtqSkVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC81YzI5YzEtMTk0YS00MTBkLThjNzYtYmJkMDFkNDI1MDg0 LzEvZUppTElJSFpsQ0lEMGlKSXJOZ0Yyem9UM01VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBW8OMAwQA W8ajAwQCuRS8AwQAwgbiAwQBwgkKAwQBwz4sMA0EAgACMAcDBQMqAE+gMA0GCSqG SIb3DQEBCwUAA4IBAQBS9PRMRv+4STnEdCTw/VMjhiR/Vm+mmjSS5NXZwxgOA4/V 5IHCiyF4q/tuD2DpOurAbjsRtDi+z/axUTTR12uTL1N3Vw+28URDlUPY17NlYGjK HVTLMLNS9HGIF9lKBNHVoEYCMLWDbl5eurzj+VJVN2XtYT+8jU3oO/suQR1B+HI5 xXM7ycc8o+2NP9zZYj6Eemzk8lbv+y8O48E9ga2lgTsT4Ejt9nopBmXdFJNuoltn LZknSiDVNVx94VYPt3vI++PyULn8WRjmNN79+K9zSHZax92cten3tRCD+2ANDsss RDSvsfbnhO3aUp5PNKZZ9aTtVvwVm7ywJDUg3Kpb -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:25 2026 by rpki-client