This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XpZ5Lgqrcb8hh-ESR5GkV2cLlYk.roa File: XpZ5Lgqrcb8hh-ESR5GkV2cLlYk.roa (raw, json) Hash identifier: gjwnOftX6s/jpe8bXicWK/CMaY8kCk+g+/5+gZ8Raxk= Subject key identifier: 5E:96:79:2E:0A:AB:71:BF:21:87:E1:12:47:91:A4:57:67:0B:95:89 Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Certificate serial: 019B7E37A801CA821366D4524D8BE8244AA8 Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XpZ5Lgqrcb8hh-ESR5GkV2cLlYk.roa Signing time: Fri 02 Jan 2026 10:18:55 +0000 ROA not before: Fri 02 Jan 2026 10:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211306 IP address blocks: 77.36.56.0/24 maxlen: 24 77.232.216.0/23 maxlen: 23 77.232.218.0/24 maxlen: 24 91.200.132.0/24 maxlen: 24 91.231.227.0/24 maxlen: 24 91.232.55.0/24 maxlen: 24 91.237.49.0/24 maxlen: 24 91.237.193.0/24 maxlen: 24 91.238.38.0/24 maxlen: 24 91.239.225.0/24 maxlen: 24 93.120.44.0/23 maxlen: 23 176.96.92.0/24 maxlen: 24 176.116.230.0/23 maxlen: 23 178.159.146.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:a8:01:ca:82:13:66:d4:52:4d:8b:e8:24:4a:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Validity Not Before: Jan 2 10:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5e96792e0aab71bf2187e1124791a457670b9589 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:3b:ae:17:cf:42:dd:53:a0:b0:b4:6c:94:36: 32:1b:99:de:ca:5b:31:2e:bc:4d:10:a7:54:c6:8a: 92:cd:cd:3c:b8:71:47:97:7f:ff:05:84:96:16:ba: 63:7e:91:a7:b7:1f:bd:26:df:1d:3f:53:1f:01:63: 25:ec:83:fb:dd:9a:3b:1c:68:93:12:fb:30:b3:76: 50:3c:4b:54:97:fa:eb:0b:b2:56:46:15:21:55:02: 37:aa:11:8a:84:3b:e6:80:a3:11:61:2a:a6:2f:34: 47:c8:cf:6b:27:69:e0:41:24:35:37:7d:19:9e:d1: a3:3f:1e:ea:26:86:5a:fa:57:1a:47:3c:25:32:bd: 82:aa:25:e7:b3:18:e9:b2:7b:b4:0a:3c:a7:2a:0c: 32:49:52:85:41:fd:fa:fe:f3:9e:34:b1:99:8e:ec: c7:2c:df:a8:06:8c:e8:33:a6:f9:05:f7:6b:07:b8: 3d:5c:51:71:35:6e:78:00:3a:84:0a:ea:de:ce:62: 87:ff:11:d2:0a:ed:87:00:b5:49:fd:e6:bd:f2:d0: 28:4b:c4:72:aa:78:f4:ad:7f:0e:ef:89:47:50:81: b6:30:80:5b:aa:f4:33:c5:49:3c:fe:cf:e9:53:05: 6a:4b:56:42:97:0c:b2:b3:9c:c5:34:59:8f:7a:37: 0c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:96:79:2E:0A:AB:71:BF:21:87:E1:12:47:91:A4:57:67:0B:95:89 X509v3 Authority Key Identifier: keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XpZ5Lgqrcb8hh-ESR5GkV2cLlYk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.36.56.0/24 77.232.216.0-77.232.218.255 91.200.132.0/24 91.231.227.0/24 91.232.55.0/24 91.237.49.0/24 91.237.193.0/24 91.238.38.0/24 91.239.225.0/24 93.120.44.0/23 176.96.92.0/24 176.116.230.0/23 178.159.146.0/24 Signature Algorithm: sha256WithRSAEncryption 50:9c:50:40:d2:df:dd:78:5f:e0:92:4f:6d:72:a3:70:18:9c: 01:65:ac:0a:61:6c:88:31:23:50:2c:f9:d8:2a:8a:5c:4e:1a: b8:16:c7:e4:0b:2f:c5:8e:03:4f:0a:1b:59:45:91:98:22:d7: 22:5e:51:0c:60:02:55:c9:d8:f3:5b:72:64:36:ea:7b:d4:cb: 69:12:48:ad:60:95:d0:f8:a9:30:de:3b:be:ac:bc:e9:a2:7f: 51:ed:c2:bb:28:52:e5:a3:ce:65:93:4f:81:9a:5d:82:cd:14: 24:f3:97:74:d0:7a:02:fb:53:8f:41:09:04:fd:59:63:d7:fc: b7:21:88:a1:82:20:1f:59:8f:31:ef:1d:22:9b:31:64:e0:ca: a1:da:da:ac:dd:4c:c0:c8:7f:cd:ae:6f:ed:df:ae:da:42:0f: c4:f3:36:d7:e4:ec:2e:d8:ee:50:a6:15:d6:c4:98:0a:9a:ad: 90:66:e7:6f:17:95:d8:d9:db:b9:03:6f:2a:9c:f4:3b:4c:96: 94:a8:ec:e3:a9:80:40:65:58:7a:eb:99:a9:86:77:67:4a:fd: 3f:55:0e:2c:f4:39:5e:cc:a6:78:c1:7c:5a:cf:58:e2:fe:4b: 41:c3:e0:b1:dd:c4:e1:15:f0:c8:4c:9d:6b:e4:83:b1:d4:4a: cd:b0:b3:c2 -----BEGIN CERTIFICATE----- MIIFTTCCBDWgAwIBAgISAZt+N6gByoITZtRSTYvoJEqoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy MjRkYWEwHhcNMjYwMTAyMTAxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZTk2NzkyZTBhYWI3MWJmMjE4N2UxMTI0NzkxYTQ1NzY3MGI5NTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDuuF89C3VOgsLRslDYyG5neylsx LrxNEKdUxoqSzc08uHFHl3//BYSWFrpjfpGntx+9Jt8dP1MfAWMl7IP73Zo7HGiT Evsws3ZQPEtUl/rrC7JWRhUhVQI3qhGKhDvmgKMRYSqmLzRHyM9rJ2ngQSQ1N30Z ntGjPx7qJoZa+lcaRzwlMr2CqiXnsxjpsnu0CjynKgwySVKFQf36/vOeNLGZjuzH LN+oBozoM6b5BfdrB7g9XFFxNW54ADqECurezmKH/xHSCu2HALVJ/ea98tAoS8Ry qnj0rX8O74lHUIG2MIBbqvQzxUk8/s/pUwVqS1ZClwyys5zFNFmPejcMEQIDAQAB o4ICWTCCAlUwHQYDVR0OBBYEFF6WeS4Kq3G/IYfhEkeRpFdnC5WJMB8GA1UdIwQY MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt ZGMwNmRkODA1OTYwLzEvWHBaNUxncXJjYjhoaC1FU1I1R2tWMmNMbFlrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQATSQ4MAwD BANN6NgDBABN6NoDBABbyIQDBABb5+MDBABb6DcDBABb7TEDBABb7cEDBABb7iYD BABb7+EDBAFdeCwDBACwYFwDBAGwdOYDBACyn5IwDQYJKoZIhvcNAQELBQADggEB AFCcUEDS3914X+CST21yo3AYnAFlrAphbIgxI1As+dgqilxOGrgWx+QLL8WOA08K G1lFkZgi1yJeUQxgAlXJ2PNbcmQ26nvUy2kSSK1gldD4qTDeO76svOmif1Htwrso UuWjzmWTT4GaXYLNFCTzl3TQegL7U49BCQT9WWPX/LchiKGCIB9ZjzHvHSKbMWTg yqHa2qzdTMDIf82ub+3frtpCD8TzNtfk7C7Y7lCmFdbEmAqarZBm528XldjZ27kD byqc9DtMlpSo7OOpgEBlWHrrmamGd2dK/T9VDiz0OV7MpnjBfFrPWOL+S0HD4LHd xOEV8MhMnWvkg7HUSs2ws8I= -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:52 2026 by rpki-client