This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/_XNB-uxfsS8Bg-aoGqYMaoc-YB4.roa File: _XNB-uxfsS8Bg-aoGqYMaoc-YB4.roa (raw, json) Hash identifier: +2E5bdIK9sFDQ0WQhkQrjROrGKFuw2mz7mQOzFxJQT0= Subject key identifier: FD:73:41:FA:EC:5F:B1:2F:01:83:E6:A8:1A:A6:0C:6A:87:3E:60:1E Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41 Certificate serial: 019B7E388AF2EA6D854FA771E085DD5E1E73 Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/_XNB-uxfsS8Bg-aoGqYMaoc-YB4.roa Signing time: Fri 02 Jan 2026 10:19:53 +0000 ROA not before: Fri 02 Jan 2026 10:19:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210646 IP address blocks: 89.25.24.0/24 maxlen: 24 89.25.119.0/24 maxlen: 24 213.145.105.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.mft rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:8a:f2:ea:6d:85:4f:a7:71:e0:85:dd:5e:1e:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41 Validity Not Before: Jan 2 10:19:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fd7341faec5fb12f0183e6a81aa60c6a873e601e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b5:e6:ce:a3:cd:b5:90:9c:cb:18:d1:8b:17: 23:c2:be:cc:30:50:71:9e:5c:3e:2f:ad:3b:fa:ef: 7b:c2:56:9b:2e:4f:2a:19:d6:0c:4b:14:24:03:9c: 5e:37:bf:19:79:ae:32:d2:12:f7:0c:73:de:ed:b8: 0d:b2:27:50:33:6f:d5:0f:95:a9:e9:ac:33:a1:62: d6:8e:47:ac:f7:42:c0:6b:4f:de:ad:f0:cc:fb:fa: af:87:5f:b1:5a:b1:d2:6b:44:1d:22:25:a5:99:ef: 60:be:46:d2:a8:43:a0:88:90:20:99:85:a6:fd:8a: 03:e0:89:4a:09:ea:d5:e8:9a:98:0b:d7:ff:db:eb: 89:07:32:54:ad:b4:11:92:e1:cc:1d:c3:d8:3e:11: 45:8b:16:57:e6:f0:78:05:8d:a2:60:39:93:2a:1a: 8a:31:d4:c2:12:66:03:cc:85:f6:dd:2c:df:8c:4a: 3f:d7:08:dc:90:3a:45:c9:16:fb:96:41:25:9b:cc: 29:b6:af:41:fb:53:91:c2:ad:cc:b3:da:f9:9b:85: 8a:03:dc:ac:fa:5c:22:cb:af:45:63:49:48:5f:7c: 35:cc:02:69:42:bf:b0:11:8f:ab:fc:59:f2:a9:6f: 73:f6:f7:03:37:3d:e5:7f:15:4a:20:93:75:1c:09: e1:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:73:41:FA:EC:5F:B1:2F:01:83:E6:A8:1A:A6:0C:6A:87:3E:60:1E X509v3 Authority Key Identifier: keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/_XNB-uxfsS8Bg-aoGqYMaoc-YB4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.25.24.0/24 89.25.119.0/24 213.145.105.0/24 Signature Algorithm: sha256WithRSAEncryption cd:53:16:36:c6:89:10:6a:19:6d:6c:aa:4d:3b:aa:a7:b4:cb: 77:03:78:ad:a5:ed:8e:57:5e:65:c9:61:7f:32:a6:11:2b:a2: 22:c9:2e:25:2a:ef:82:0e:d8:06:05:f5:64:cb:59:d0:8b:ed: 61:63:7a:83:8c:8a:16:bb:37:df:e7:cc:79:9b:22:04:8b:56: c9:66:25:ce:03:70:f3:6e:25:92:ae:83:33:b7:fc:9f:c9:aa: d9:35:f5:42:4a:a3:ac:0e:2c:13:c4:d3:46:3a:25:d6:3d:f7: d2:8d:a0:5f:47:74:e4:90:e7:64:86:83:9e:71:fe:15:ca:2c: ad:c8:5b:2d:6e:08:26:f3:ff:bd:b5:ee:a2:b4:9c:ab:2d:0b: 54:86:1b:de:75:1d:89:10:6f:d6:da:6c:9b:fc:1d:a6:60:60: b8:0f:43:35:78:26:aa:b3:8e:05:06:77:30:1c:ba:92:8b:b9: 3c:47:43:61:09:af:bd:70:1f:a3:fa:cc:c4:c8:98:5e:be:81: 1b:78:ac:c4:fc:18:89:e4:a0:d2:c6:2d:0b:95:57:ca:4e:b9: d5:0b:f0:f6:5c:7b:d2:76:f9:1e:12:78:74:3f:d3:2a:99:55: 76:39:63:06:35:18:9c:16:e3:ef:02:45:29:59:b5:de:7d:23: 5e:30:15:6f -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+OIry6m2FT6dx4IXdXh5zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw MWFiNDEwHhcNMjYwMTAyMTAxOTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZDczNDFmYWVjNWZiMTJmMDE4M2U2YTgxYWE2MGM2YTg3M2U2MDFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobXmzqPNtZCcyxjRixcjwr7MMFBx nlw+L607+u97wlabLk8qGdYMSxQkA5xeN78Zea4y0hL3DHPe7bgNsidQM2/VD5Wp 6awzoWLWjkes90LAa0/erfDM+/qvh1+xWrHSa0QdIiWlme9gvkbSqEOgiJAgmYWm /YoD4IlKCerV6JqYC9f/2+uJBzJUrbQRkuHMHcPYPhFFixZX5vB4BY2iYDmTKhqK MdTCEmYDzIX23SzfjEo/1wjckDpFyRb7lkElm8wptq9B+1ORwq3Ms9r5m4WKA9ys +lwiy69FY0lIX3w1zAJpQr+wEY+r/FnyqW9z9vcDNz3lfxVKIJN1HAnhvwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFP1zQfrsX7EvAYPmqBqmDGqHPmAeMB8GA1UdIwQY MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt Y2Y5ZGM1YmFhYTc5LzEvX1hOQi11eGZzUzhCZy1hb0dxWU1hb2MtWUI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5 LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWRkYAwQA WRl3AwQA1ZFpMA0GCSqGSIb3DQEBCwUAA4IBAQDNUxY2xokQahltbKpNO6qntMt3 A3itpe2OV15lyWF/MqYRK6IiyS4lKu+CDtgGBfVky1nQi+1hY3qDjIoWuzff58x5 myIEi1bJZiXOA3DzbiWSroMzt/yfyarZNfVCSqOsDiwTxNNGOiXWPffSjaBfR3Tk kOdkhoOecf4VyiytyFstbggm8/+9te6itJyrLQtUhhvedR2JEG/W2myb/B2mYGC4 D0M1eCaqs44FBncwHLqSi7k8R0NhCa+9cB+j+szEyJhevoEbeKzE/BiJ5KDSxi0L lVfKTrnVC/D2XHvSdvkeEnh0P9MqmVV2OWMGNRicFuPvAkUpWbXefSNeMBVv -----END CERTIFICATE-----Generated at Mon Jan 26 20:25:53 2026 by rpki-client