This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/XZdZ3QdqZkyYtFe6KuyRNBgkaUk.roa File: XZdZ3QdqZkyYtFe6KuyRNBgkaUk.roa (raw, json) Hash identifier: WFUH9QQhsuK7yi+HSNyW0FR+h8Iicrop+bexARdD/MU= Subject key identifier: 5D:97:59:DD:07:6A:66:4C:98:B4:57:BA:2A:EC:91:34:18:24:69:49 Certificate issuer: /CN=1d87f30274951cadfb5b737e1333c73d64b04256 Certificate serial: 019B76EB9BAC2FEE0F91FF845F01C5B11AB3 Authority key identifier: 1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/XZdZ3QdqZkyYtFe6KuyRNBgkaUk.roa Signing time: Thu 01 Jan 2026 00:18:30 +0000 ROA not before: Thu 01 Jan 2026 00:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49964 IP address blocks: 91.220.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.crl rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.mft rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:9b:ac:2f:ee:0f:91:ff:84:5f:01:c5:b1:1a:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d87f30274951cadfb5b737e1333c73d64b04256 Validity Not Before: Jan 1 00:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5d9759dd076a664c98b457ba2aec913418246949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a0:4a:a3:1b:17:d4:12:2b:ba:06:89:3f:58: cb:4b:35:b2:50:e6:16:06:46:ef:c4:8d:74:75:9f: 97:d3:dd:ae:3d:1e:e6:83:31:aa:e9:33:5e:61:6f: 8f:b2:96:13:0c:80:fb:80:be:94:20:fe:64:06:13: 20:01:f4:c9:93:d4:e4:eb:34:41:b8:f9:94:08:6a: cb:4a:af:ba:53:b2:30:ac:69:a0:55:e3:eb:df:3c: cb:47:45:69:3b:b6:c3:c3:16:90:75:76:16:b1:db: 73:05:7a:07:7c:6a:46:cf:35:a2:1b:4c:e5:24:25: 9c:fe:01:8f:ff:23:79:26:67:a0:0b:c1:e6:04:10: 86:98:86:08:08:69:80:bc:51:76:70:19:42:16:b9: 6a:70:a5:98:30:86:d4:54:4a:4b:08:f7:fc:29:7c: 34:80:8b:5c:18:b5:b6:a0:55:87:b7:63:c7:c8:b7: 81:93:93:41:79:55:20:ca:7f:b5:ad:c2:25:79:f0: 0e:93:43:86:39:61:e9:73:f3:a8:7d:57:0f:8b:44: 33:fa:1f:28:53:51:35:c7:d6:a7:35:4d:5d:92:30: 26:d0:09:f7:d0:f6:8f:70:03:6c:e4:75:32:43:b7: 15:21:cc:26:41:a6:b9:b8:6b:b2:b2:31:e3:5f:b8: bc:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:97:59:DD:07:6A:66:4C:98:B4:57:BA:2A:EC:91:34:18:24:69:49 X509v3 Authority Key Identifier: keyid:1D:87:F3:02:74:95:1C:AD:FB:5B:73:7E:13:33:C7:3D:64:B0:42:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYfzAnSVHK37W3N-EzPHPWSwQlY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/XZdZ3QdqZkyYtFe6KuyRNBgkaUk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/2485f5-df3e-4dba-810e-fe440111d807/1/HYfzAnSVHK37W3N-EzPHPWSwQlY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.111.0/24 Signature Algorithm: sha256WithRSAEncryption 02:13:53:aa:3e:cb:3d:c2:4c:3c:e1:8f:27:47:35:71:09:93: 41:dd:14:ad:35:d2:f4:41:00:e8:db:f9:98:c8:b9:70:85:73: f8:ea:f6:cc:ea:ad:a3:38:f5:2d:58:aa:a8:6c:b0:94:e4:40: bf:4e:13:12:45:b4:ee:38:53:7e:bb:21:b1:69:11:a3:42:a2: ba:22:b9:aa:2f:c4:e2:34:7a:a6:d5:83:df:97:65:8e:92:0a: ae:9e:66:85:fa:aa:64:fc:19:42:36:25:1f:36:e7:f8:3c:d6: 78:14:ec:3c:46:32:c9:4a:3a:0c:0a:4b:ab:2f:16:52:56:ff: c1:ee:d6:16:60:c2:f1:4d:91:0d:ec:3c:b5:26:ef:74:58:ec: bd:31:c0:71:07:4b:2c:ba:a6:f8:19:d2:a2:e3:d0:60:36:35: 75:82:a5:2c:42:07:ed:7d:91:62:ef:21:4c:4c:86:dd:04:e5: d0:8e:29:dc:35:9d:05:eb:20:90:3b:4f:8e:97:8a:47:ae:3d: 5c:ed:18:b2:6c:fd:5d:e4:95:14:9e:93:6e:ad:22:a4:cf:ed: fa:15:86:0e:69:5e:60:6f:21:0a:ac:7e:cc:83:34:73:de:d8: 46:4e:66:e9:4f:a6:da:2a:c0:e3:10:bb:e2:d9:a4:c4:d0:87: 72:1a:72:e6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt265usL+4Pkf+EXwHFsRqzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkODdmMzAyNzQ5NTFjYWRmYjViNzM3ZTEzMzNjNzNkNjRi MDQyNTYwHhcNMjYwMTAxMDAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ZDk3NTlkZDA3NmE2NjRjOThiNDU3YmEyYWVjOTEzNDE4MjQ2OTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaBKoxsX1BIrugaJP1jLSzWyUOYW BkbvxI10dZ+X092uPR7mgzGq6TNeYW+PspYTDID7gL6UIP5kBhMgAfTJk9Tk6zRB uPmUCGrLSq+6U7IwrGmgVePr3zzLR0VpO7bDwxaQdXYWsdtzBXoHfGpGzzWiG0zl JCWc/gGP/yN5JmegC8HmBBCGmIYICGmAvFF2cBlCFrlqcKWYMIbUVEpLCPf8KXw0 gItcGLW2oFWHt2PHyLeBk5NBeVUgyn+1rcIlefAOk0OGOWHpc/OofVcPi0Qz+h8o U1E1x9anNU1dkjAm0An30PaPcANs5HUyQ7cVIcwmQaa5uGuysjHjX7i8iwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFF2XWd0HamZMmLRXuirskTQYJGlJMB8GA1UdIwQY MBaAFB2H8wJ0lRyt+1tzfhMzxz1ksEJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFlmekFuU1ZISzM3VzNOLUV6UEhQV1N3UWxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8yNDg1ZjUtZGYzZS00ZGJhLTgxMGUt ZmU0NDAxMTFkODA3LzEvWFpkWjNRZHFaa3lZdEZlNkt1eVJOQmdrYVVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8yNDg1ZjUtZGYzZS00ZGJhLTgxMGUtZmU0NDAxMTFkODA3 LzEvSFlmekFuU1ZISzM3VzNOLUV6UEhQV1N3UWxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xvMA0G CSqGSIb3DQEBCwUAA4IBAQACE1OqPss9wkw84Y8nRzVxCZNB3RStNdL0QQDo2/mY yLlwhXP46vbM6q2jOPUtWKqobLCU5EC/ThMSRbTuOFN+uyGxaRGjQqK6IrmqL8Ti NHqm1YPfl2WOkgqunmaF+qpk/BlCNiUfNuf4PNZ4FOw8RjLJSjoMCkurLxZSVv/B 7tYWYMLxTZEN7Dy1Ju90WOy9McBxB0ssuqb4GdKi49BgNjV1gqUsQgftfZFi7yFM TIbdBOXQjincNZ0F6yCQO0+Ol4pHrj1c7RiybP1d5JUUnpNurSKkz+36FYYOaV5g byEKrH7MgzRz3thGTmbpT6baKsDjELvi2aTE0IdyGnLm -----END CERTIFICATE-----Generated at Tue Feb 10 02:35:58 2026 by rpki-client